Hi did you get anywhere with this?
I'm trying really hard to get ec2.py to run with a boto profile
representing a role in which I have assigned to the instance. My motivation
is very much like yours in which I do not wish to have the creds set as
environment variables.
Thanks
On Saturday, January 28, 2017 at 12:11:12 AM UTC-6, Ronak Patel wrote:
>
> I wrote a quick ansible playbook to launch a simple ec2 instance but I
> think I have an issue on how I want to authenticate.
>
> What I don't want to do is set my aws access/secret keys as env variables
> since they expire each hour and I need to regenerate the
> `~/.aws/credentials` file via a script.
>
> Right now, my ansible playbook looks like this:
>
> --- # Launch ec2
> - name: Create ec2 instance
> hosts: local
> connection: local
> gather_facts: false
> vars:
> profile: profile_xxxx
> key_pair: usrxxx
> region: us-east-1
> subnet: subnet-38xxxxx
> security_groups: ['sg-e54xxxx', 'sg-bfcxxxx', 'sg-a9dxxx']
> image: ami-031xxx
> instance_type: t2.small
> num_instances: 1
> tag_name: ansibletest
> hdd_volumes:
> - device_name: /dev/sdf
> volume_size: 50
> delete_on_termination: true
> - device_name: /dev/sdh
> volume_size: 50
> delete_on_termination: true
> tasks:
> - name: launch ec2
> ec2:
> count: 1
> key_name: "{{ key_pair }}"
> profile: "{{ profile }}"
> group_id: "{{ security_groups }}"
> instance_type: "{{ instance_type }}"
> image: "{{ image }}"
> region: "{{ region }}"
> vpc_subnet_id: "{{ subnet }}"
> assign_public_ip: false
> volumes: "{{ hdd_volumes }}"
> instance_tags:
> Name: "{{ tag_name }}"
> ASV: "{{ tag_asv }}"
> CMDBEnvironment: "{{ tag_cmdbEnv }}"
> EID: "{{ tag_eid }}"
> OwnerContact: "{{ tag_eid }}"
> register: ec2
> - name: print ec2 vars
> debug: var=ec
>
> my hosts file is this:
>
> [local]
> localhost ansible_python_interpreter=/usr/local/bin/python2.7
>
> I run my playbook like this:
>
> ansible-playbook -i hosts launchec2.yml -vvv
>
> and then get this back:
>
> PLAYBOOK: launchec2.yml
> ********************************************************
> 1 plays in launchec2.yml
>
> PLAY [Create ec2 instance]
> *****************************************************
>
> TASK [launch ec2]
> **************************************************************
> task path: /Users/usrxxx/Desktop/cloud-jumper/Ansible/launchec2.yml:27
> Using module file
> /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ansible/modules/core/cloud/amazon/ec2.py
> <localhost> ESTABLISH LOCAL CONNECTION FOR USER: usrxxx
> <localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
> ~/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730 `" && echo
> ansible-tmp-1485527483.82-106272618422730="` echo
> ~/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730 `" ) && sleep 0'
> <localhost> PUT
> /var/folders/cx/_fdv7nkn6dz21798p_bn9dp9ln9sqc/T/tmpnk2rh5 TO
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py
> <localhost> PUT
> /var/folders/cx/_fdv7nkn6dz21798p_bn9dp9ln9sqc/T/tmpEpwenH TO
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args
> <localhost> EXEC /bin/sh -c 'chmod u+x
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args
> && sleep 0'
> <localhost> EXEC /bin/sh -c '/usr/bin/env python
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args;
> rm -rf
> "/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/" >
> /dev/null 2>&1 && sleep 0'
> fatal: [localhost]: FAILED! => {
> "changed": false,
> "failed": true,
> "invocation": {
> "module_name": "ec2"
> },
> "module_stderr": "usage: ec2.py [-h] [--list] [--host HOST]
> [--refresh-cache]\n [--profile BOTO_PROFILE]\nec2.py: error:
> unrecognized arguments:
> /Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args\n",
> "module_stdout": "",
> "msg": "MODULE FAILURE"
> }
> to retry, use: --limit
> @/Users/usrxxx/Desktop/cloud-jumper/Ansible/launchec2.retry
>
> PLAY RECAP
> *********************************************************************
> localhost : ok=0 changed=0 unreachable=0
> failed=1
>
>
> I noticed in the `ec2.py` file it says this:
>
> NOTE: This script assumes Ansible is being executed where the
> environment
> variables needed for Boto have already been set:
> export AWS_ACCESS_KEY_ID='AK123'
> export AWS_SECRET_ACCESS_KEY='abc123'
>
> This script also assumes there is an ec2.ini file alongside it. To
> specify a
> different path to ec2.ini, define the EC2_INI_PATH environment
> variable:
>
> export EC2_INI_PATH=/path/to/my_ec2.ini
>
> If you're using eucalyptus you need to set the above variables and
> you need to define:
>
> export EC2_URL=http://hostname_of_your_cc:port/services/Eucalyptus
>
> If you're using boto profiles (requires boto>=2.24.0) you can choose a
> profile
> using the --boto-profile command line argument (e.g. ec2.py
> --boto-profile prod) or using
> the AWS_PROFILE variable:
>
> AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml
>
>
> so I ran it like this:
>
> AWS_PROFILE=profile_xxxx ansible-playbook -i hosts launchec2.yml -vvv
>
>
> but still got the same results...
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/83f602e7-af74-46d9-bb8b-9b2bd542ea07%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
