我跟着這3個指南:創建EC2實例
- http://docs.ansible.com/ansible/guide_aws.html
- http://docs.ansible.com/ansible/ec2_module.html
- https://gist.github.com/tristanfisher/e5a306144a637dc739e7
,我寫了這Ansible發揮
---
- hosts: localhost
connection: local
gather_facts: false
tasks:
- include_vars: aws_credentials.yml
- name: Creating EC2 Ubuntu instance
ec2:
instance_type: t1.micro
image: ami-86e0ffe7
region: us-west-2
key_name: my-aws-key
zone: us-west-2a
vpc_subnet_id: subnet-04199d61
group_id: sg-cf6736aa
assign_public_ip: yes
count: 1
wait: true
volumes:
- device_name: /dev/sda1
volume_type: gp2
volume_size: 10
instance_tags:
Name: ansible-test
Project: test
Ansible: manageable
register: ec2
然後我運行ansible-playbook create-ec2.yml -v --private-key ~/.ssh/my-key --vault-password-file ~/.password/to_ansible_vault
和我得到此消息
PLAY [本地主機] ******** **************************************
任務[include_vars] **** ************************************************** ******
確定:[本地主機] => { 「ansible_facts」:{ 「ec2_access_key」: 「decrypted_acces_key_XXXXX」, 「ec2_secret_key」: 「decrypted_secret_key_XXXXX」}, 「改變」:假}
任務[創建EC2 Ubuntu實例] **************************************** ****
致命:[localhost]:失敗! => {「changed」:false,「failed」:true,「msg」:「沒有處理程序準備好進行身份驗證,1個處理程序已被檢查['HmacAuthV4Handler']檢查您的憑據」}
NO MORE HOSTS LEFT ************************************************** ***********
[警告]:無法創建重試文件'create-ec2.retry'。 [Errno 2]沒有這樣的文件或目錄:''
PLAY RECAP ******************************** *************************************
localhost:ok = 1 changed = 0 unreachable = 0失敗= 1
當我跑ansible-vault view aws_credentials.yml --vault-password-file ~/.password/to_ansible_vault我得到加密aws_credentials.yml的可讀的內容, 是這樣的:
---
ec2_access_key: "XXXXX"
ec2_secret_key: "XXXXX"
此外,當我用純aws_credentials .yml,它不起作用。只有當我導出我的憑證時,它才能正常工作。 有人可以幫助我,我如何編寫用於創建ec2實例與存儲在加密文件中的憑據的劇本?