问题
When trying to execute a shell script throw provisioner "remote-exec" in terraform connection not establish
I'm using ami for ubuntu-xenial-16.04 so the user is ubuntu
This is the last code that I use to execute the shell script:
resource "aws_instance" "secondary_zone" {
count = 1
instance_type = "${var.ec2_instance_type}"
ami = "${data.aws_ami.latest-ubuntu.id}"
key_name = "${aws_key_pair.deployer.key_name}"
subnet_id = "${aws_subnet.secondary.id}"
vpc_security_group_ids = ["${aws_security_group.server.id}"]
associate_public_ip_address = true
provisioner "remote-exec" {
inline = ["${template_file.script.rendered}"]
}
connection {
type = "ssh"
user = "ubuntu"
private_key = "${file("~/.ssh/id_rsa")}"
}
}
This is what get in console:
aws_instance.secondary_zone (remote-exec): Connecting to remote host via SSH...
aws_instance.secondary_zone (remote-exec): Host: x.x.x.x
aws_instance.secondary_zone (remote-exec): User: ubuntu
aws_instance.secondary_zone (remote-exec): Password: false
aws_instance.secondary_zone (remote-exec): Private key: true
aws_instance.secondary_zone (remote-exec): SSH Agent: false
aws_instance.secondary_zone (remote-exec): Checking Host Key: false
Thank you for your help...
回答1:
As I mentioned, it was connecting problem in my case.
In addition template_file was deprecated so I change the code to:
resource "aws_instance" "secondary_zone" {
instance_type = "${var.ec2_instance_type}"
ami = "${data.aws_ami.latest-ubuntu.id}"
key_name = "${aws_key_pair.deployer.key_name}"
subnet_id = "${aws_subnet.secondary.id}"
vpc_security_group_ids = ["${aws_security_group.server.id}"]
associate_public_ip_address = true
connection {
type = "ssh"
user = "ubuntu"
private_key = "${file("~/.ssh/id_rsa")}"
timeout = "2m"
}
provisioner "file" {
source = "/server/script.sh"
destination = "/tmp/script.sh"
}
provisioner "remote-exec" {
inline = [
"chmod +x /tmp/script.sh",
"/tmp/script.sh args",
]
}
}
Also, I learned that the scrip.sh have to be formatted as LR
回答2:
If you're just trying to run some scripts to provision whichever ec2 nodes you create with Terraform, I would try setting the user-data parameter to reference your script. The user-data script is run automatically when the node initializes.
This will ensure that there are no lifecycle related issues with your deployment (such as EC2 node being created and the host not being available for the remote exec to succeed) and an overall cleaner experience.
An example of this can look like this:
resource "aws_instance" "secondary_zone" {
count = 1
instance_type = "${var.ec2_instance_type}"
ami = "${data.aws_ami.latest-ubuntu.id}"
key_name = "${aws_key_pair.deployer.key_name}"
subnet_id = "${aws_subnet.secondary.id}"
vpc_security_group_ids = ["${aws_security_group.server.id}"]
associate_public_ip_address = true
user_data = "${template_file.script.rendered}"
}
Hope this helps!
Further reading: TF docs Userdata examples
回答3:
I had the same issue. In your connection block try specifying the host.
connection {
type = "ssh"
user = "ubuntu"
private_key = "${file("~/.ssh/id_rsa")}"
host = self.public_ip
}
I also had to create a route & gateway and associate them to my vpc. I'm still learning terraform, but this worked for me.
resource "aws_internet_gateway" "test-env-gw" {
vpc_id = aws_vpc.test-env.id
}
resource "aws_route_table" "route-table-test-env" {
vpc_id = aws_vpc.test-env.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.test-env-gw.id
}
}
resource "aws_route_table_association" "subnet-association" {
subnet_id = aws_subnet.us-east-2a-public.id
route_table_id = aws_route_table.route-table-test-env.id
}
来源:https://stackoverflow.com/questions/55878755/terraform-fails-remote-exec-aws-ec2