Hey Everyone,
I am currently attempting to create a custom platform within AWS Elastic
Beanstalk utilizing its built in feature of packer. With that, I am not
entirely sure which version of packer they are using currently.
I am not 100% sure if this is a packer question or an AWS question, but I
figured I would give it a shot.
My builder is "amazon-ebs" and I am using the "shell" provisioner. (I will
attach the view of my packer script below) The issue I am having is that
one of my scripts requires me to call out to s3. When it does, I get an
error specifying that I do not have the credentials to access S3.
I cannot show the full command that I use when executing but it looks
something like this:
eb platform create -ip <instance-profile-arn> --vpc.id <company-vpc>
--vpc.subnets <subnets>
The instance profile definitely has the permissions to access S3, but my
issue is that it does not seem to gain the credentials at all.
I guess I have 2 questions, if they can be answered.
1.
When the provisioner runs bash scripts, is the EC2 instance already up
and running? Or does this happen prior to the creation of the EC2 instance
and then everything is baked in upon startup?
2.
In the AWS Documentation, which I will include below, it specifies "When
you create a custom platform, you launch a single instance environment
without an EIP that runs Packer, which launches another instance to build
an image."
Is this instance that runs Packer possibly not getting the auth needed for
me to run my commands that I need? Or either of these instances for that
mater.
Here is my packer file
{
"variables": {
"aws_access_key": "{{env `AWS_PROFILE.aws_access_key_id`}}",
"aws_secret_key": "{{env `AWS_PROFILE.aws_secret_access_key`}}"
},
"builders": [{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "us-east-1",
"source_ami": "ami-e392eef5",
"instance_type": "t2.micro",
"ssh_username": "ec2-user",
"security_group_id": "sg-065e6d7c",
"subnet_id": "subnet-a70c3a8f",
"ami_name": "packer-example {{timestamp}}"
}],
"provisioners": [{
"type": "shell",
"execute_command": "{{.Vars}} sudo -E -S bash '{{.Path}}'",
"scripts": [
"1_Provisioner_Initialize_AMI.sh",
"2_Provisioner_Chapter1_Host_Configuration.sh",
"3_Provisioner_Chapter2_Host_Configuration.sh",
"4_Provisioner_Benchmark_Setup.sh",
"5_Provisioner_Splunk.sh",
"6_Provisioner_Qualys.sh",
"7_Provisioner_System_Restart.sh",
"8_Processor_Run_Benchmarks.sh"
],
"environment_vars": [
"DOCKER_CONTENT_TRUST=1"
]
}]
}
The output:
[1.0.8] I, [2017-08-08T20:46:29.191332+0000#30378] INFO -- Packer:
1502225189,,ui,say,==> amazon-ebs: Provisioning with shell script:
6_Provisioner_Qualys.sh
[1.0.8] I, [2017-08-08T20:46:29.315949+0000#30378] INFO -- Packer:
1502225189,,ui,message, amazon-ebs:
[1.0.8] I, [2017-08-08T20:46:29.908360+0000#30378] INFO -- Packer:
1502225189,,ui,message, amazon-ebs: fatal error: Unable to locate credentials
[1.0.8] I, [2017-08-08T20:46:29.964616+0000#30378] INFO -- Packer:
1502225189,,ui,message, amazon-ebs: error: open of
qualys-cloud-agent.x86_64.rpm failed: No such file or directory
[1.0.8] I, [2017-08-08T20:46:29.976566+0000#30378] INFO -- Packer:
1502225189,,ui,message, amazon-ebs: qualys-cloud-agent: unrecognized service
[1.0.8] I, [2017-08-08T20:46:30.303555+0000#30378] INFO -- Packer:
1502225190,,ui,message, ama
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to packer-tool+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/bbe0ecc5-cad3-4411-962c-baca8d8ec18d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
