Hi, I have another problem with this example. Seems that line: aws s3 cp --recursive s3://<s3-url>/azure_vpn_server_primary/quagga/ /etc/quagga/ is not executed as ROOT user so i have permission denied. Command is tryin to copy file to /etc/ which requires SUDO.
How can i achieve this? On Wednesday, March 13, 2019 at 12:52:04 PM UTC+1, Rickard von Essen wrote: > > In your example.sh script you overwrite AWS_ACCESS_KEY and > AWS_SECRET_ACCESS_KEY with argument 1 and 2 respectively, but you don't > pass any arguments so that clears them. > > It should work if you remove the 2nd and 3rd line from your script. > > On Wed, Mar 13, 2019 at 12:14 PM Deking <[email protected] <javascript:>> > wrote: > >> I want to achive following: >> >> 1. Create Linux VPN server image with Packer >> 2. Pull config files from S3 bucket and configure StrongSwan, BGPD, >> keepalive etc >> >> The troubles starts with pulling files from S3 bucket, where i need to >> set variable in order for bash script to connect to AWS and transfer the >> mentioned files. >> >> Here is packer code: >> >> { >> "variables": { >> "aws_access_key": "{{env `AWS_ACCESS_KEY_ID`}}", >> "aws_secret_key": "{{env `AWS_SECRET_ACCESS_KEY`}}", >> "aws_default_region": "{{env `AWS_DEFAULT_REGION`}}", >> "aws_source_ami": "{{env `AWS_SOURCE_AMI`}}", >> "aws_ssh_user": "{{env `AWS_SSH_USER`}}", >> "script_aws_access": "{{env `SCRIPT_AWS_ACCESS_KEY`}}", >> "script_aws_secret_access": "{{env >> `SCRIPT_AWS_SECRET_ACCESS_KEY`}}" >> }, >> "builders": [ >> { >> "type": "amazon-ebs", >> "access_key": "{{user `aws_access_key`}}", >> "secret_key": "{{user `aws_secret_key`}}", >> "region": "eu-west-1", >> "vpc_id": "vpc-0816d88cdecb1438a", >> "subnet_id": "subnet-07e30b1ad80f0c4a8", >> "security_group_id": "sg-098ff42f1bdaf7183", >> "associate_public_ip_address": "true", >> "instance_type": "t2.micro", >> "ami_name": "myLinuxPackerImage", >> "source_ami": "ami-0ff760d16d9497662", >> "ssh_username": "{{user `aws_ssh_user`}}" >> } >> ], >> >> "provisioners": [ >> { >> "type": "file", >> "source": "./welcome.txt", >> "destination": "/home/centos/" >> }, >> { >> "type": "shell", >> "inline":[ >> "ls -al /home/centos", >> "cat /home/centos/welcome.txt", >> "sleep 30", >> "sudo yum update -y" >> ] >> }, >> { >> "type": "shell", >> "script": "./example.sh", >> "environment_vars": [ >> "AWS_ACCESS_KEY={{user `script_aws_access`}}", >> "AWS_SECRET_ACCESS_KEY={{user `script_aws_secret_access`}}" >> ], >> "pause_before": "10s" >> } >> ] >> } >> >> >> Environment variables: >> >> export AWS_ACCESS_KEY_ID="mykey" >> export AWS_SECRET_ACCESS_KEY="mysecret" >> export AWS_DEFAULT_REGION="eu-west-1" >> export AWS_SOURCE_AMI="ami-0ff760d16d9497662" >> export AWS_SSH_USER="centos" >> export SCRIPT_AWS_ACCESS_KEY="my-SCRIPT-key" >> export SCRIPT_AWS_SECRET_ACCESS_KEY="my-secret-SCRIPT-key" >> >> Actual bash script (example.sh) for provisioner: >> >> #!/bin/bash >> AWS_ACCESS_KEY=${1} >> AWS_SECRET_ACCESS_KEY=${2} >> sudo yum install epel-release -y >> sudo yum install nano wget htop telnet strongswan quagga >> iptables-services iptables python-pip -y >> sudo systemctl stop firewalld && systemctl disable firewalld >> sudo systemctl enable iptables && systemctl start iptables >> sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc >> sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl= >> https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc"; >> >> > /etc/yum.repos.d/azure-cli.repo' >> sudo yum install azure-cli -y >> sudo yum update -y && easy_install pip >> sudo pip install awscli >> sudo yum install keepalived -y && sudo systemctl enable keepalived >> sudo useradd keepalived_script >> export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY >> export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY >> export AWS_DEFAULT_REGION=eu-west-1 >> >> # Copy BGPD files >> >> aws s3 cp --recursive s3://<s3-url>/azure_vpn_server_primary/quagga/ >> /etc/quagga/ >> >> #Copy StrongSwan files >> >> aws s3 cp --recursive >> s3://<s3-url>/azure_vpn_server_primary/strongswan/ /etc/strongswan/ >> >> # In Azure, the instance should have IP Forwarding enabled on its >> network interface >> >> # Copy keepalived files >> >> aws s3 cp --recursive >> s3://<s3-url>/azure_vpn_server_primary/keepalived/ /etc/keepalived/ >> >> ERROR: >> >> amazon-ebs: Created symlink from >> /etc/systemd/system/multi-user.target.wants/keepalived.service to >> /usr/lib/systemd/system/keepalived.service. >> amazon-ebs: fatal error: An error occurred >> (AuthorizationHeaderMalformed) when calling the ListObjectsV2 operation: >> The authorization header is malformed; a non-empty Access Key (AKID) must >> be provided in the credential. >> amazon-ebs: fatal error: An error occurred >> (AuthorizationHeaderMalformed) when calling the ListObjectsV2 operation: >> The authorization header is malformed; a non-empty Access Key (AKID) must >> be provided in the credential. >> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/packer/issues >> IRC: #packer-tool on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Packer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/packer-tool/3dc4d12a-4988-49e3-9e10-dcad5bac6f29%40googlegroups.com >> >> <https://groups.google.com/d/msgid/packer-tool/3dc4d12a-4988-49e3-9e10-dcad5bac6f29%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/66924015-b4b9-4179-a08b-0f86d3e965cc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
