Geek Answers Handbook

Ansible Amazon EC2. Key pair does not exist

I would like to create and provide Amazon EC2 machines using Ansible. Now I get the following error:

fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "Instance creation failed => InvalidKeyPair.NotFound: The key pair '~/.keys/EC2-Kibi-Enterprise-Deployment.pem' does not exist"}

But there is a .pem key:

 $ ls -lh ~/.keys/EC2-Kibi-Enterprise-Deployment.pem -r-------- 1 sergey sergey 1.7K Apr 6 09:56 /home/sergey/.keys/EC2-Kibi-Enterprise-Deployment.pem

And it was created in the EU region (Ireland).

Here is my playbook:

 -- - name: Setup servers on Amazon EC2 machines hosts: localhost gather_facts: no tasks: - include_vars: group_vars/all/ec2_vars.yml ### Create Amazon EC2 instances - name: Amazon EC2 | Create instances ec2: count: "{{ count }}" key_name: "{{ key }}" region: "{{ region }}" zone: "{{ zone }}" group: "{{ group }}" instance_type: "{{ machine }}" image: "{{ image }}" wait: true wait_timeout: 500 #vpc_subnet_id: "{{ subnet }}" #assign_public_ip: yes register: ec2 - name: Amazon EC2 | Wait for SSH to come up wait_for: host: "{{ item.public_ip }}" port: 22 delay: 10 timeout: 60 state: started with_items: "{{ ec2.instances }}" - name: Amazon EC2 | Add hosts to the kibi_servers in-memory inventory group add_host: hostname={{ item.public_ip }} groupname=kibi_servers with_items: "{{ ec2.instances }}" ### END ### Provision roles - name: Amazon EC2 | Provision new instances hosts: kibi_servers become: yes roles: - common - java - elasticsearch - logstash - nginx - kibi - supervisor ### END

And my var file:

 count: 2 region: eu-west-1 zone: eu-west-1a group: default image: ami-d1ec01a6 machine: t2.medium subnet: subnet-3a2aa952 key: ~/.keys/EC2-Kibi-Enterprise-Deployment.pem

What is wrong with the .pem file?

+6
source share
3 answers

The key parameter for ec2 module searches for the name of the key pair that is already loaded into AWS, not the local key.

If you want Ansible to download the public key, you can use the ec2_key module .

So your game will look like this:

 -- - name: Setup servers on Amazon EC2 machines hosts: localhost gather_facts: no tasks: - include_vars: group_vars/all/ec2_vars.yml ### Create Amazon EC2 key pair - name: Amazon EC2 | Create Key Pair ec2_key: name: "{{ key_name }}" region: "{{ region }}" key_material: "{{ item }}" with_file: /path/to/public_key.id_rsa.pub ### Create Amazon EC2 instances - name: Amazon EC2 | Create instances ec2: count: "{{ count }}" key_name: "{{ key_name }}" ...
+10
source

Solution found. EC2 doesn't like it when you put the full path for the .pem key file.

So, I moved EC2-Kibi-Enterprise-Deployment.pem to ~/.ssh , added it to the authentication agent using ssh-add , using:

 ssh-add ~/.ssh/EC2-Kibi-Enterprise-Deployment.pem

And adjusted the key line in my var file to
key: EC2-Kibi-Enterprise-Deployment.pem

The same, if you use the CLI EC2 tools, do not specify the full path to the key file.
ec2-run-instances ami-d1ec01a6 -t t2.medium --region eu-west-1 --key EC2-Kibi-Enterprise-Deployment.pem

+2
source

Do not specify an extension for the key. Therefore, this key name should only be "EC2-Kibi-Enterprise-Deployment". At this stage, Ansible does not care if your key is located on your local computer. It checks to see if it exists in your AWS account. Go to the "EC2> Key Pair" section of your AWS account and you will see that the keys are listed without file extensions.

0
source

More articles:


All Articles