Something worth mentioning is this is being ran on top of a CIS lvl1
Hardened machine. I think I am doing something wrong or not in the right
steps to get the expected results, but then again I have not modified the
original packer .json file provided by amazon enough to break it.
On Monday, April 22, 2019 at 12:33:46 PM UTC-4, Zachary Estrella wrote:
>
> Here is the full logs that are relevant.
>
> ==> eks: Waiting for instance (i-02802c4ff2bc6eb91) to become ready...
> 2019/04/22 12:30:13 packer: 2019/04/22 12:30:13 [INFO] Not using winrm
> communicator, skipping get password...
> ==> eks: Using ssh communicator to connect: 18.232.50.43
> 2019/04/22 12:30:13 packer: 2019/04/22 12:30:13 [INFO] Waiting for SSH, up
> to timeout: 5m0s
> ==> eks: Waiting for SSH to become available...
> 2019/04/22 12:30:15 packer: 2019/04/22 12:30:15 [DEBUG] TCP connection to
> SSH ip/port failed: dial tcp 18.232.50.43:22: connect: connection refused
> 2019/04/22 12:30:20 packer: 2019/04/22 12:30:20 [INFO] Attempting SSH
> connection to 18.232.50.43:22...
> 2019/04/22 12:30:20 packer: 2019/04/22 12:30:20 [DEBUG] Config to
> &ssh.Config{SSHConfig:(*ssh.ClientConfig)(0xc0002be0d0), Connection:(func()
> (net.Conn, error))(0x1a02bc0), Pty:true, DisableAgentForwarding:false,
> HandshakeTimeout:0, UseSftp:false, KeepAliveInterval:5000000000,
> Timeout:0}...
> 2019/04/22 12:30:20 packer: 2019/04/22 12:30:20 [DEBUG] reconnecting to
> TCP connection for SSH
> 2019/04/22 12:30:20 packer: 2019/04/22 12:30:20 [DEBUG] handshaking with
> SSH
> 2019/04/22 12:30:20 packer: 2019/04/22 12:30:20 [DEBUG] handshake complete!
> 2019/04/22 12:30:20 packer: 2019/04/22 12:30:20 [DEBUG] Opening new ssh
> session
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] agent forwarding
> enabled
> ==> eks: Connected to SSH!
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 Running the provision hook
> 2019/04/22 12:30:21 [INFO] (telemetry) Starting provisioner shell
> ==> eks: Provisioning with shell script:
> /var/folders/h_/lz750kv55h7gm_fc8svh52nr1_gwwm/T/packer-shell643574894
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 Opening
> /var/folders/h_/lz750kv55h7gm_fc8svh52nr1_gwwm/T/packer-shell643574894 for
> reading
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] 72 bytes written
> for 'uploadData'
> 2019/04/22 12:30:21 [INFO] 72 bytes written for 'uploadData'
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] Opening new ssh
> session
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] Starting remote
> scp process: scp -vt /tmp
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] Started SCP
> session, beginning transfers...
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] Copying input data
> into temporary file so we can read the length
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] scp: Uploading
> script_6094.sh: perms=C0644 size=72
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] SCP session
> complete, closing stdin pipe.
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] Waiting for SSH
> session to complete.
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] scp stderr (length
> 30): Sink: C0644 72 script_6094.sh
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] Opening new ssh
> session
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] starting remote
> command: chmod 0755 /tmp/script_6094.sh
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] RPC endpoint:
> Communicator ended with: 0
> 2019/04/22 12:30:21 [INFO] RPC client: Communicator ended with: 0
> 2019/04/22 12:30:21 [INFO] RPC endpoint: Communicator ended with: 0
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] RPC client:
> Communicator ended with: 0
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] Opening new ssh
> session
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [DEBUG] starting remote
> command: chmod +x /tmp/script_6094.sh; PACKER_BUILDER_TYPE='amazon-ebs'
> PACKER_BUILD_NAME='eks' /tmp/script_6094.sh
> 2019/04/22 12:30:21 [INFO] 46 bytes written for 'stdout'
> 2019/04/22 12:30:21 [INFO] 0 bytes written for 'stderr'
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [ERROR] Remote command
> exited with '126': chmod +x /tmp/script_6094.sh;
> PACKER_BUILDER_TYPE='amazon-ebs' PACKER_BUILD_NAME='eks'
> /tmp/script_6094.sh
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] RPC endpoint:
> Communicator ended with: 126
> 2019/04/22 12:30:21 [INFO] RPC client: Communicator ended with: 126
> 2019/04/22 12:30:21 [INFO] RPC endpoint: Communicator ended with: 126
> eks: bash: /tmp/script_6094.sh: Permission denied
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] 46 bytes written
> for 'stdout'
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] 0 bytes written for
> 'stderr'
> 2019/04/22 12:30:21 packer: 2019/04/22 12:30:21 [INFO] RPC client:
> Communicator ended with: 126
> 2019/04/22 12:30:21 [INFO] (telemetry) ending shell
> ==> eks: Terminating the source AWS instance...
> ==> eks: Cleaning up any extra volumes...
> ==> eks: No volumes to clean up, skipping
> ==> eks: Deleting temporary security group...
> ==> eks: Deleting temporary keypair...
> 2019/04/22 12:30:53 [INFO] (telemetry) ending amazon-ebs
> 2019/04/22 12:30:53 ui error: Build 'eks' errored: Script exited with
> non-zero exit status: 126.Allowed exit codes are: [0]
> 2019/04/22 12:30:53 Builds completed. Waiting on interrupt barrier...
> Build 'eks' errored: Script exited with non-zero exit status: 126.Allowed
> exit codes are: [0]
>
> 2019/04/22 12:30:53 machine readable: error-count []string{"1"}
> 2019/04/22 12:30:53 ui error:
> ==> Some builds didn't complete successfully and had errors:
> 2019/04/22 12:30:53 machine readable: eks,error []string{"Script exited
> with non-zero exit status: 126.Allowed exit codes are: [0]"}
> ==> Some builds didn't complete successfully and had errors:
> 2019/04/22 12:30:53 ui error: --> eks: Script exited with non-zero exit
> status: 126.Allowed exit codes are: [0]
> ==> Builds finished but no artifacts were created.
> --> eks: Script exited with non-zero exit status: 126.Allowed exit codes
> are: [0]
>
> ==> Builds finished but no artifacts were created.
> 2019/04/22 12:30:53 [INFO] (telemetry) Finalizing.
> 2019/04/22 12:30:53 waiting for all plugin processes to complete...
> 2019/04/22 12:30:53 /usr/local/bin/packer: plugin process exited
> 2019/04/22 12:30:53 /usr/local/bin/packer: plugin process exited
> 2019/04/22 12:30:53 /usr/local/bin/packer: plugin process exited
> 2019/04/22 12:30:53 /usr/local/bin/packer: plugin process exited
> 2019/04/22 12:30:53 /usr/local/bin/packer: plugin process exited
>
> And these are my variables.
>
> {
> "variables": {
> "ami_name_prefix": "rhel76",
> "kubernetes_version": "1.12",
> "aws_region": "us-east-1",
> "ami_name": "amazon-eks-node-{{timestamp}}",
> "version_str": "{{ timestamp }}",
> "binary_bucket_name": "amazon-eks",
> "binary_bucket_region": "us-east-1",
> "binary_bucket_path": "1.12.7/2019-03-27/bin/linux/amd64",
> "docker_version": "18.06",
> "aws_subnet_id": "subnet-111111111",
> "creator": "DevOps",
> "instance_type": "m4.large",
> "source_ami_owners": "1111111111",
> "source_ami_regex": "rhel76-hardened*",
> "encrypted": "false",
> "kms_key_id": "",
> "cni_version": "v0.6.0",
> "cni_plugin_version": "v0.7.5",
> "aws_access_key_id": "{{env `AWS_ACCESS_KEY_ID`}}",
> "aws_secret_access_key": "{{env `AWS_SECRET_ACCESS_KEY`}}",
> "aws_session_token": "{{env `AWS_SESSION_TOKEN`}}"
> }
>
> On Monday, April 22, 2019 at 12:25:00 PM UTC-4, Rickard von Essen wrote:
>>
>> Could you rerun with PACKER_LOG=1 and supply the full output and what
>> variables you are using.
>>
>> On Mon, Apr 22, 2019, 17:19 Zachary Estrella <[email protected]> wrote:
>>
>>> Hello All,
>>>
>>> I am trying to use Amazon's provided packer scripts to create a base EKS
>>> ami. I am using this packer script here
>>> https://github.com/awslabs/amazon-eks-ami/blob/master/eks-worker-al2.json
>>> .
>>> One issue that I am running into is a permission denied error for scp.
>>> I am not too sure what I need to do to fix this though.
>>>
>>> ==> eks: Uploading ./files/ => /tmp/worker/
>>> 2019/04/22 10:53:01 packer: 2019/04/22 10:53:01 [DEBUG] Upload dir
>>> './files/' to '/tmp/worker/'
>>> 2019/04/22 10:53:01 packer: 2019/04/22 10:53:01 [DEBUG] Opening new ssh
>>> session
>>> 2019/04/22 10:53:01 packer: 2019/04/22 10:53:01 [DEBUG] Starting remote
>>> scp process: scp -rvt /tmp/worker/
>>> 2019/04/22 10:53:01 packer: 2019/04/22 10:53:01 [DEBUG] Started SCP
>>> session, beginning transfers...
>>> 2019/04/22 10:53:01 packer: 2019/04/22 10:53:01 [DEBUG] scp: Uploading
>>> kubelet-config-with-secret-polling.json: perms=C0644 size=779
>>> 2019/04/22 10:53:01 [INFO] (telemetry) ending file
>>> ==> eks: Terminating the source AWS instance...
>>> ==> eks: Cleaning up any extra volumes...
>>> ==> eks: No volumes to clean up, skipping
>>> ==> eks: Deleting temporary security group...
>>> ==> eks: Deleting temporary keypair...
>>> 2019/04/22 10:53:33 [INFO] (telemetry) ending amazon-ebs
>>> 2019/04/22 10:53:33 ui error: Build 'eks' errored: scp:
>>> /tmp/worker//kubelet-config-with-secret-polling.json: Permission denied
>>> 2019/04/22 10:53:33 Builds completed. Waiting on interrupt barrier...
>>> 2019/04/22 10:53:33 machine readable: error-count []string{"1"}
>>> Build 'eks' errored: scp:
>>> /tmp/worker//kubelet-config-with-secret-polling.json: Permission denied
>>>
>>> Is there any chance someone can help me solve this?
>>>
>>> --
>>> This mailing list is governed under the HashiCorp Community Guidelines -
>>> https://www.hashicorp.com/community-guidelines.html. Behavior in
>>> violation of those guidelines may result in your removal from this mailing
>>> list.
>>>
>>> GitHub Issues: https://github.com/mitchellh/packer/issues
>>> IRC: #packer-tool on Freenode
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "Packer" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/packer-tool/46e67e2f-7bfd-49c0-82c4-5ec1e4c8750e%40googlegroups.com
>>>
>>> <https://groups.google.com/d/msgid/packer-tool/46e67e2f-7bfd-49c0-82c4-5ec1e4c8750e%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/02e4100a-0099-4825-8c5b-e908b5635627%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
