【发布时间】:2017-06-01 12:48:41
【问题描述】:
我正在尝试使用打包器为亚马逊 ebs 构建一个黄金映像。 我在 AWS AMI 控制台上创建了一个用户来获取 access_key 和 secret_key。 当我将这些值放入 application-server.json 并启动打包命令时:
packer build -only=amazon-ebs application-server.json
我收到一个错误提示
查询 AMI 时出错:AuthFailure:凭据必须正好有 5 个斜线分隔的元素,例如keyid/date/region/service/term,得到 'my_key'
状态码:401,请求ID:d8e8359a-dfa4-47da-bf05-81c957849a6c
我在这里用 my_key 替换了真正的密钥。
如何拆分密钥? 我应该在启动打包命令之前手动创建一个实例吗?
更新#1: 应用服务器.json
{
"variables": {
"PACKER_OS_FLAVOUR": "ubuntu",
"PACKER_BOX_NAME": "ubuntu-14.04.4-server-amd64",
"AWS_ACCESS_KEY_ID": "{{env `AWS_ACCESS_KEY_ID`}}",
"AWS_SECRET_ACCESS_KEY": "{{env `AWS_SECRET_ACCESS_KEY`}}",
"DIGITALOCEAN_API_TOKEN": "{{env `DIGITALOCEAN_API_TOKEN`}}"
},
"builders": [
{
"type": "virtualbox-iso",
"boot_command": [
"<esc><wait>",
"<esc><wait>",
"<enter><wait>",
"/install/vmlinuz<wait>",
" auto<wait>",
" console-setup/ask_detect=false<wait>",
" console-setup/layoutcode=us<wait>",
" console-setup/modelcode=pc105<wait>",
" debconf/frontend=noninteractive<wait>",
" debian-installer=en_US<wait>",
" fb=false<wait>",
" initrd=/install/initrd.gz<wait>",
" kbd-chooser/method=us<wait>",
" keyboard-configuration/layout=USA<wait>",
" keyboard-configuration/variant=USA<wait>",
" locale=en_US<wait>",
" netcfg/get_domain=vm<wait>",
" netcfg/get_hostname=vagrant<wait>",
" noapic<wait>",
" preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg<wait>",
" -- <wait>",
"<enter><wait>"
],
"boot_wait": "10s",
"headless": false,
"disk_size": 10140,
"guest_additions_path": "VBoxGuestAdditions_{{.Version}}.iso",
"guest_os_type": "Ubuntu_64",
"http_directory": "http",
"iso_checksum": "07e4bb5569814eab41fafac882ba127893e3ff0bdb7ec931c9b2d040e3e94e7a",
"iso_checksum_type": "sha256",
"iso_url": "http://releases.ubuntu.com/trusty/{{ user `PACKER_BOX_NAME` }}.iso",
"shutdown_command": "echo 'vagrant'|sudo -S shutdown -P now",
"ssh_password": "vagrant",
"ssh_port": 22,
"ssh_username": "vagrant",
"ssh_wait_timeout": "10000s",
"type": "virtualbox-iso",
"vm_name": "{{ user `PACKER_BOX_NAME` }}",
"vboxmanage": [
["modifyvm", "{{.Name}}", "--memory", "1024"],
["modifyvm", "{{.Name}}", "--cpus", "2"]
],
"virtualbox_version_file": ".vbox_version"
},
{
"type": "amazon-ebs",
"access_key": "AKIAJEXAMPEXAMPEXAMP ",
"secret_key": "ExAMpleExAmpLEExAMPlEExAMPlEexAmpLEExaMPL",
"region": "us-east-1",
"source_ami": "ami-10b68a78",
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": "packer-app-server {{timestamp}}"
},
{
"type": "googlecompute",
"account_file": "account.json",
"project_id": "devops-intro-project",
"source_image": "ubuntu-1404-trusty-v20150316",
"zone": "us-central1-a",
"image_name": "application-ubuntu-1404-{{timestamp}}",
"machine_type": "n1-standard-1",
"ssh_username": "ubuntu"
},
{
"type": "digitalocean",
"api_token": "{{ user `DIGITALOCEAN_API_TOKEN` }}",
"image": "ubuntu-14-04-x64",
"region": "tor1",
"size": "512mb",
"droplet_name": "udacity-devops",
"private_networking": true
}
],
"provisioners": [
{
"type": "shell",
"execute_command": "echo 'vagrant'|{{.Vars}} sudo -S -E bash '{{.Path}}'",
"scripts": [
"scripts/update.sh"
]
},
{
"type": "shell",
"only": ["virtualbox-iso"],
"execute_command": "echo 'vagrant'|sudo -S -E bash '{{.Path}}'",
"scripts": [
"scripts/virtualbox.sh",
"scripts/vagrant.sh"
]
},
{
"type": "shell",
"execute_command": "echo 'vagrant'|sudo -S -E bash '{{.Path}}'",
"scripts": [
"scripts/application.sh",
"scripts/cleanup.sh"
]
}
],
"post-processors": [
[
{
"type": "vagrant",
"except": ["googlecompute", "digitalocean"],
"compression_level": "9",
"output": "{{.Provider}}/{{ user `PACKER_BOX_NAME` }}-appserver_{{.Provider}}.box"
}
]
]
}
更新 #2: 最后一个问题是 access_key 中的空白区域。难以置信。
现在我明白了
amazon-ebs:清理密钥对时出错。请手动删除密钥: 构建“amazon-ebs”出错:创建临时密钥对时出错: UnauthorizedOperation:您无权执行此操作 手术。状态码:403,请求ID: ee8cd02a-bdd8-4987-a798-00dc1f94e8e7
【问题讨论】:
标签: amazon-web-services amazon-ec2 devops packer