As mentioned at Terraform Resource: Connection Error while executing apply
I changed my code to the the below
provisioner "remote-exec" {
connection {
type = "ssh"
host = aws_eip.nat-eip.public_ip
user = "ubuntu"
private_key = file("/id_rsa.pem")
}
inline = [
"chmod +x /tmp/start_node.sh",
"sudo sed -i -e 's/\r$//' /tmp/start_node.sh", # Remove the spurious CR characters.
"sudo /tmp/start_node.sh",
]
}
But I still get the same error
Error: Invalid function argument
on explorer.tf line 60, in resource "aws_instance" "explorer":
60: private_key = file("/id_rsa.pem")
Invalid value for "path" parameter: no file exists at /id_rsa.pem;
this function works only with files that are distributed as part of the
configuration source code, so if this file will be created by a resource in
this configuration you must instead obtain this result from an attribute of
that resource.
ls -la ooutput
total 156
drwxr-xr-x 10 CORP\mayuresh CORP\domain users 4096 Jan 12 14:29 .
drwxr-xr-x 16 CORP\mayuresh CORP\domain users 4096 Jan 10 13:10 ..
drwxr-xr-x 12 CORP\mayuresh CORP\domain users 4096 Jan 12 09:49 byoc-terraform
drwxr-xr-x 2 CORP\mayuresh CORP\domain users 4096 Jan 11 11:57 controllers
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 188 Jan 10 13:27 .env
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 1582 Jan 10 17:12 fetchUserData.js
drwxr-xr-x 9 CORP\mayuresh CORP\domain users 4096 Jan 12 13:14 .git
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 629 Jan 10 13:27 .gitignore
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 107 Dec 30 06:49 .gitmodules
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 1765 Jan 12 13:21 id_rsa.pem
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 1488 Jan 10 13:27 index.js
drwxr-xr-x 3 CORP\mayuresh CORP\domain users 4096 Jan 10 13:27 models
drwxr-xr-x 221 CORP\mayuresh CORP\domain users 12288 Jan 10 13:30 node_modules
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 1058 Jan 10 13:27 package.json
-rw-r--r-- 1 CORP\mayuresh CORP\domain users 78791 Jan 10 13:27 package-lock.json
drwxr-xr-x 2 CORP\mayuresh CORP\domain users 4096 Jan 10 13:27 routes
drwxr-xr-x 2 CORP\mayuresh CORP\domain users 4096 Jan 10 17:01 utils
drwxr-xr-x 2 CORP\mayuresh CORP\domain users 4096 Jan 10 13:27 VMCreationFiles```
Have you tried using the full path? Especially beneficial if you are using modules.
I.E:
private_key = file("${path.module}/id_rsa.pem")
Or I think even this will work
private_key = file("./id_rsa.pem")
I believe your existing code is looking for the file at the root of your filesystem.
Your path to the .pem is wrong. It looks like the file exists in your $HOME directory.
You can provide the absolute path of the id_rsa.pem file if that file is outside of path.module, path.root, path.cwd
To provide the absolute path
Fetch the full path of the file How to get full path of a file?
Paste the path in:
provisioner "remote-exec" {
connection {
type = "ssh"
host = aws_eip.nat-eip.public_ip
user = "ubuntu"
private_key = file("<Absolute path to .pem file e.g /home/ubuntu/id_rsa.pem>")
}
Related
I am using gcp vm machine instance N1-standard 8V-30GB and N1-standard 4V-15GB
os-Debian
version - Debian GNU/Linux 10(buster)
this issue i am facing from last 1 month.
public access permission denied is one of message i am seeing while trying to access from cloud shell
I had run command chmod 777 <home directory> earlier.
I've tried to reproduce your steps and was able to solve this issue.
Please have a look at my steps below:
create VM instances:
gcloud compute instances create instance-1 --zone=europe-west3-a --machine-type=e2-medium --image=ubuntu-1804-bionic-v20200701 --image-project=ubuntu-os-cloud
gcloud compute instances create instance-2 --zone=europe-west3-a --machine-type=e2-medium --image=ubuntu-1804-bionic-v20200701 --image-project=ubuntu-os-cloud
change permissions recursively on my home directory at the VM instance instance-1:
instance-1:~$ chmod -R 777 ~
instance-1:~$ ls -la
...
drwxrwxrwx 2 username username 4096 Jul 15 07:50 .ssh
create snapshot of the VM instance instance-1 boot disk:
gcloud compute disks snapshot instance-1 --snapshot-names instance-1-snapshot --zone=europe-west3-a
create a new disk with the snapshot:
gcloud compute disks create instance-1-snapshot-disk --zone=europe-west3-a --source-snapshot=instance-1-snapshot
attach created disk instance-1-snapshot-disk to the VM instance instance-2:
instance-2:~$ ls -l /dev/ | grep sd
brw-rw---- 1 root disk 8, 0 Jul 15 07:39 sda
brw-rw---- 1 root disk 8, 1 Jul 15 07:39 sda1
brw-rw---- 1 root disk 8, 14 Jul 15 07:39 sda14
brw-rw---- 1 root disk 8, 15 Jul 15 07:39 sda15
instance-2:~$ mount | grep sda
/dev/sda1 on / type ext4 (rw,relatime)
/dev/sda15 on /boot/efi type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
then
gcloud compute instances attach-disk instance-2 --disk=instance-1-snapshot-disk --zone=europe-west3-a
after that
instance-2:~$ ls -l /dev/ | grep sd
brw-rw---- 1 root disk 8, 0 Jul 15 07:39 sda
brw-rw---- 1 root disk 8, 1 Jul 15 07:39 sda1
brw-rw---- 1 root disk 8, 14 Jul 15 07:39 sda14
brw-rw---- 1 root disk 8, 15 Jul 15 07:39 sda15
brw-rw---- 1 root disk 8, 16 Jul 15 08:04 sdb
brw-rw---- 1 root disk 8, 17 Jul 15 08:04 sdb1
brw-rw---- 1 root disk 8, 30 Jul 15 08:04 sdb14
brw-rw---- 1 root disk 8, 31 Jul 15 08:04 sdb15
instance-2:~$ sudo mkdir /mnt/instance-1-snapshot-disk
instance-2:~$ sudo mount /dev/sdb1 /mnt/instance-1-snapshot-disk
instance-2:~$ ls -la /mnt/instance-1-snapshot-disk
total 104
drwxr-xr-x 23 root root 4096 Jul 15 07:56 .
drwxr-xr-x 3 root root 4096 Jul 15 08:05 ..
drwxr-xr-x 2 root root 4096 Jul 1 19:14 bin
drwxr-xr-x 4 root root 4096 Jul 1 19:19 boot
drwxr-xr-x 4 root root 4096 Jul 1 19:11 dev
drwxr-xr-x 93 root root 4096 Jul 15 07:55 etc
drwxr-xr-x 4 root root 4096 Jul 15 07:50 home
lrwxrwxrwx 1 root root 30 Jul 1 19:18 initrd.img -> boot/initrd.img-5.3.0-1030-gcp
lrwxrwxrwx 1 root root 30 Jul 1 19:18 initrd.img.old -> boot/initrd.img-5.3.0-1030-gcp
drwxr-xr-x 22 root root 4096 Jul 1 19:17 lib
drwxr-xr-x 2 root root 4096 Jul 1 19:01 lib64
drwx------ 2 root root 16384 Jul 1 19:13 lost+found
drwxr-xr-x 2 root root 4096 Jul 1 19:01 media
drwxr-xr-x 2 root root 4096 Jul 1 19:01 mnt
drwxr-xr-x 2 root root 4096 Jul 1 19:01 opt
drwxr-xr-x 2 root root 4096 Apr 24 2018 proc
drwx------ 3 root root 4096 Jul 15 07:36 root
drwxr-xr-x 4 root root 4096 Jul 1 19:19 run
drwxr-xr-x 2 root root 4096 Jul 1 19:17 sbin
drwxr-xr-x 6 root root 4096 Jul 15 07:36 snap
drwxr-xr-x 2 root root 4096 Jul 1 19:01 srv
drwxr-xr-x 2 root root 4096 Apr 24 2018 sys
drwxrwxrwt 7 root root 4096 Jul 15 07:56 tmp
drwxr-xr-x 10 root root 4096 Jul 1 19:01 usr
drwxr-xr-x 13 root root 4096 Jul 1 19:12 var
lrwxrwxrwx 1 root root 27 Jul 1 19:18 vmlinuz -> boot/vmlinuz-5.3.0-1030-gcp
lrwxrwxrwx 1 root root 27 Jul 1 19:18 vmlinuz.old -> boot/vmlinuz-5.3.0-1030-gcp
change permissions:
.ssh directory: 700 drwx------
public key (.pub file): 644 -rw-r--r--
private key (id_rsa): 600 -rw-------
lastly your home directory should not be writeable by the group or others: 755 drwxr-xr-x
instance-2:~$ chmod -R 755 /mnt/instance-1-snapshot-disk/home/username/
instance-2:~$ chmod -R 700 /mnt/instance-1-snapshot-disk/home/username/.ssh/
instance-2:~$ chmod 644 /mnt/instance-1-snapshot-disk/home/username/.ssh/authorized_keys
unmount the disk when you finish:
instance-2:~$ sudo umount /mnt/instance-1-snapshot-disk/
detach disk instance-1-snapshot-disk from the VM instance instance-2:
gcloud compute instances detach-disk instance-2 --disk=instance-1-snapshot-disk --zone=europe-west3-a
create a new instance from the repaired disk:
gcloud compute instances create instance-3 --zone=europe-west3-a --machine-type=e2-medium --disk=name=instance-1-snapshot-disk
check SSH connection to at the VM instance instance-1.
In addition, please have a look at the documentation Troubleshooting SSH section Inspect the VM instance without shutting it down to find more details.
From owner's account i tried to access instance-1 but owner is also not able to connect to the instance-1.
owner of project got this pop-up on ssh window
[1]: https://i.stack.imgur.com/y2fzC.jpg
I observe that in fresh new created instance if i add add some file like git clone repo, after that if i restart it then i am able to connect SSH again.
I'm trying to create a service using systemctl on my CentOS 7 server.
In /usr/lib/systemd/system I've this situation ...
[root#centos-4gb-hel1-1 system]# pwd
/usr/lib/systemd/system
[root#centos-4gb-hel1-1 system]# ls -la getUpdatesTelegram.sh
-rwxr-xr-x. 1 root root 116 Oct 24 22:32 getUpdatesTelegram.sh
[root#centos-4gb-hel1-1 system]# cat getUpdatesTelegram.sh
#!/bin/bash
while true ; do
/var/www/html/OpenProntoSoccorsi/TelegramBot/getUpdates_launcher.sh
sleep 5
done
[root#centos-4gb-hel1-1 system]#
If I try to execute
/var/www/html/OpenProntoSoccorsi/TelegramBot/getUpdates_launcher.sh
all works fine.
In /etc/systemd/system I've this ....
[root#centos-4gb-hel1-1 system]# cd /etc/systemd/system
[root#centos-4gb-hel1-1 system]# ls -la
total 40
drwxr-xr-x. 10 root root 4096 Oct 24 22:05 .
drwxr-xr-x. 4 root root 4096 Oct 18 22:41 ..
drwxr-xr-x. 2 root root 4096 Sep 24 12:31 basic.target.wants
lrwxrwxrwx. 1 root root 37 Sep 24 12:29 default.target -> /lib/systemd/system/multi-user.target
drwxr-xr-x. 2 root root 4096 Sep 24 12:26 default.target.wants
drwxr-xr-x. 2 root root 4096 Sep 24 12:27 dev-virtio\x2dports-org.qemu.guest_agent.0.device.wants
drwxr-xr-x. 2 root root 4096 Sep 24 12:26 getty.target.wants
drwxr-xr-x. 2 root root 4096 Sep 24 12:31 local-fs.target.wants
drwxr-xr-x. 2 root root 4096 Oct 24 22:32 multi-user.target.wants
drwxr-xr-x. 2 root root 4096 Sep 24 12:31 sysinit.target.wants
drwxr-xr-x. 2 root root 4096 Sep 24 12:26 system-update.target.wants
[root#centos-4gb-hel1-1 system]# cd multi-user.target.wants/
[root#centos-4gb-hel1-1 multi-user.target.wants]# ls -la
total 8
drwxr-xr-x. 2 root root 4096 Oct 24 22:32 .
drwxr-xr-x. 10 root root 4096 Oct 24 22:05 ..
lrwxrwxrwx. 1 root root 38 Sep 24 12:27 auditd.service -> /usr/lib/systemd/system/auditd.service
lrwxrwxrwx. 1 root root 37 Sep 24 12:31 brandbot.path -> /usr/lib/systemd/system/brandbot.path
lrwxrwxrwx. 1 root root 39 Sep 24 12:27 chronyd.service -> /usr/lib/systemd/system/chronyd.service
lrwxrwxrwx. 1 root root 44 Sep 24 12:33 cloud-config.service -> /usr/lib/systemd/system/cloud-config.service
lrwxrwxrwx. 1 root root 43 Sep 24 12:33 cloud-final.service -> /usr/lib/systemd/system/cloud-final.service
lrwxrwxrwx. 1 root root 48 Sep 24 12:33 cloud-init-local.service -> /usr/lib/systemd/system/cloud-init-local.service
lrwxrwxrwx. 1 root root 42 Sep 24 12:33 cloud-init.service -> /usr/lib/systemd/system/cloud-init.service
lrwxrwxrwx. 1 root root 37 Sep 24 12:26 crond.service -> /usr/lib/systemd/system/crond.service
lrwxrwxrwx. 1 root root 50 Oct 24 22:32 getUpdatesTelegram.service -> /usr/lib/systemd/system/getUpdatesTelegram.service
lrwxrwxrwx. 1 root root 42 Sep 24 12:27 irqbalance.service -> /usr/lib/systemd/system/irqbalance.service
lrwxrwxrwx. 1 root root 37 Sep 24 12:29 kdump.service -> /usr/lib/systemd/system/kdump.service
lrwxrwxrwx. 1 root root 40 Sep 24 12:26 remote-fs.target -> /usr/lib/systemd/system/remote-fs.target
lrwxrwxrwx. 1 root root 46 Sep 24 12:31 rhel-configure.service -> /usr/lib/systemd/system/rhel-configure.service
lrwxrwxrwx. 1 root root 39 Sep 24 12:26 rsyslog.service -> /usr/lib/systemd/system/rsyslog.service
lrwxrwxrwx. 1 root root 36 Sep 24 12:27 sshd.service -> /usr/lib/systemd/system/sshd.service
lrwxrwxrwx. 1 root root 37 Sep 24 12:26 tuned.service -> /usr/lib/systemd/system/tuned.service
[root#centos-4gb-hel1-1 multi-user.target.wants]# cat getUpdatesTelegram.service
[Service]
Type=simple
ExecStart=/bin/bash /bin/getUpdatesTelegram.sh
[Install]
WantedBy=multi-user.target
[root#centos-4gb-hel1-1 multi-user.target.wants]#
When I try to execute
systemctl enable getUpdatesTelegram.service
I obtain
...
...
getUpdatesTelegram.service loaded failed failed getUpdatesTelegram.service
...
...
The log I've is tthe follow ....
[root#centos-4gb-hel1-1 multi-user.target.wants]# journalctl -u getUpdatesTelegram.service
-- Logs begin at Fri 2018-10-19 20:09:02 CEST, end at Wed 2018-10-24 22:44:11 CEST. --
Oct 24 21:44:10 centos-4gb-hel1-1 systemd[1]: Started getUpdatesTelegram.service.
Oct 24 21:44:10 centos-4gb-hel1-1 systemd[1]: Starting getUpdatesTelegram.service...
Oct 24 21:44:10 centos-4gb-hel1-1 systemd[1]: getUpdatesTelegram.service: main process exited, code=exited, status=203/EXEC
Oct 24 21:44:10 centos-4gb-hel1-1 systemd[1]: Unit getUpdatesTelegram.service entered failed state.
Oct 24 21:44:10 centos-4gb-hel1-1 systemd[1]: getUpdatesTelegram.service failed.
Where I'm wrong?
Thank you in advance!
First, custom services should not be put in /usr/lib/systemd/system, but in /etc/systemd/system. Same goes with shell scripts, just put them into /usr/local/sbin or something.
The reason why this does not work is that the script path in your service file getUpdatesTelegram.service is wrong:
ExecStart=/bin/bash /bin/getUpdatesTelegram.sh
should really be
ExecStart=/bin/bash /usr/lib/systemd/system/getUpdatesTelegram.sh
(Though as I wrote, don't put shell scripts into /usr/lib/systemd/system)
As a Red Hat fork, CentOS tends to follow similar guidelines.
The Red Hat system administrator's guide offers this useful paragraph for your situation.
The solution proposed by Jakob is correct by the way.
I am launching an EC2 instance using Ansible and capturing an AMI image. I have verified that these dependencies get installed correctly on the instance. For example, this is what I get on the EC2 instance just before AMI imaging:
ubuntu#ip-1-2-3-4:/usr/local/bin$ ansible --version
ansible 1.4.4
-rwxr-xr-x 1 root root 5907 Jan 31 22:20 ansible
-rwxr-xr-x 1 root root 9269 Jan 31 22:20 ansible-doc
-rwxr-xr-x 1 root root 29163 Jan 31 22:20 ansible-galaxy
-rwxr-xr-x 1 root root 10419 Jan 31 22:20 ansible-playbook
-rwxr-xr-x 1 root root 6916 Jan 31 22:20 ansible-pull
-rwxr-xr-x 1 root root 714 Jan 31 22:19 aws
-rwxr-xr-x 1 root root 1408 Jan 31 22:19 aws.cmd
-rwxr-xr-x 1 root root 897 Jan 31 22:19 aws_completer
-rwxr-xr-x 1 root root 1860 Jan 31 22:19 aws_zsh_completer.sh
The problem is that once I capture an AMI and launch a new instance, I all files in /usr/local/bin are zero-byte files!
-rwxr-xr-x 1 root root 0 Jan 31 22:20 ansible
-rwxr-xr-x 1 root root 0 Jan 31 22:20 ansible-doc
-rwxr-xr-x 1 root root 0 Jan 31 22:20 ansible-galaxy
-rwxr-xr-x 1 root root 0 Jan 31 22:20 ansible-playbook
-rwxr-xr-x 1 root root 0 Jan 31 22:20 ansible-pull
-rwxr-xr-x 1 root root 0 Jan 31 22:19 aws
-rwxr-xr-x 1 root root 0 Jan 31 22:19 aws.cmd
-rwxr-xr-x 1 root root 0 Jan 31 22:19 aws_completer
-rwxr-xr-x 1 root root 0 Jan 31 22:19 aws_zsh_completer.sh
Why are these files being zero'ed out when I create a new instance from the AMI?
This was a problem with Ansible, not with AWS. Turns out there's a documentation bug in Ansible 1.4.4 where the ec2_ami module does not shut down and reboot the instance by default (the docs claim it does!). This causes all sorts of problems with file system integrity.
The fix is to include no_reboot: no in the Ansible task.
I followed all the steps indicated in the heroku site and each time I get the same error:
$ git push heroku master
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (8/8), done.
Writing objects: 100% (11/11), 4.12 KiB, done.
Total 11 (delta 0), reused 0 (delta 0)
! Push rejected, no Cedar-supported app detected
To git#heroku.com:glacial-mountain-3911.git
! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'git#heroku.com:glacial-mountain-3911.git'
I've looked for other solutions, some of them have a bit differences, but none of them have run :(
Here's the structure of my project:
drwxr-xr-x 9 marcpou staff 306 28 jul 22:07 .
drwxr-xr-x 17 marcpou staff 578 28 jul 00:52 ..
drwxr-xr-x 13 marcpou staff 442 28 jul 22:09 .git
-rw-r--r-- 1 marcpou staff 24 28 jul 01:05 .gitignore
-rw-r--r-- 1 marcpou staff 32 28 jul 00:57 Procfile
drwxr-xr-x 10 marcpou staff 340 28 jul 00:58 hellodjango
-rw-r--r-- 1 marcpou staff 254 28 jul 00:56 manage.py
-rw-r--r-- 1 marcpou staff 154 28 jul 22:08 requeriments.txt
drwxr-xr-x 6 marcpou staff 204 28 jul 00:56 venv
And the content of the requeriments.txt file
Django==1.5.1
distribute==0.6.34
dj-database-url==0.2.2
dj-static==0.0.5
django-toolbelt==0.0.1
gunicorn==17.5
psycopg2==2.5.1
static==0.4
wsgiref==0.1.2
And that's the content of the Procfile
web: gunicorn hellodjango.wsgi
I see that the file "hellodjango.wsgi" don't exist on my project. What should be the content? These are the files of my project.
-rw-r--r-- 1 marcpou staff 0 28 jul 00:56 __init__.py
-rw-r--r-- 1 marcpou staff 155 28 jul 00:57 __init__.pyc
-rw-r--r-- 1 marcpou staff 5869 28 jul 01:02 settings.py
-rw-r--r-- 1 marcpou staff 2876 28 jul 00:58 settings.pyc
-rw-r--r-- 1 marcpou staff 571 28 jul 00:56 urls.py
-rw-r--r-- 1 marcpou staff 293 28 jul 00:58 urls.pyc
-rw-r--r-- 1 marcpou staff 1557 28 jul 01:04 wsgi.py
-rw-r--r-- 1 marcpou staff 1059 28 jul 00:57 wsgi.pyc
The test the Push process on heroku, I've created an application, but I haven't edited anything, that means that I haven't set any database connection.
Does anybody have any idea? I suppose that the error is trivial, but I'm unable to see the error.
Thanks in advance!
I'm pretty sure that correct the spelling of requirements.txt will fix this. Then on to the next problem of adding the postgres db and PROMOTING it.
https://devcenter.heroku.com/articles/heroku-postgresql.
I am doing a django project with Sublime Text 2 on OSX-Lion. I have installed virtualenv, so my project is in "/Users/myname/Virtualenvs/"
I need to use a 'sudo' for each command (syncdb, runserver), can I change these rules whithout moving my project and is it normal ?
These are parameters after a "sudo python manage.py startproject"
Chmod infos :
drwxr-xr-x 17 root staff 578 10 jul 23:24 Platform
-rw-r--r-- 1 root staff 155648 10 jul 23:24 database.sqlite3
-rw-r--r-- 1 root staff 251 10 jul 23:09 manage.py
and in Platform :
drwxrwxr-x# 9 Nicolas staff 306 10 jul 23:13 Templates
-rw-r--r--# 1 Nicolas staff 0 4 jul 16:53 __init__.py
-rw-r--r--# 1 Nicolas staff 144 4 jul 16:54 __init__.pyc
-rw-rw-r--# 1 Nicolas staff 123 10 jul 23:13 admin.py
-rw-r--r-- 1 root staff 321 10 jul 23:24 admin.pyc
-rw-rw-r--# 1 Nicolas staff 1706 10 jul 23:13 models.py
-rw-r--r-- 1 root staff 2603 10 jul 23:22 models.pyc
-rw-r--r--# 1 Nicolas staff 5309 10 jul 23:06 settings.py
-rw-r--r-- 1 root staff 3058 10 jul 23:22 settings.pyc
-rw-r--r--# 1 Nicolas staff 639 10 jul 23:06 urls.py
-rw-r--r-- 1 root staff 784 10 jul 23:24 urls.pyc
-rw-rw-r--# 1 Nicolas staff 1895 10 jul 23:06 views.py
-rw-r--r-- 1 root staff 2745 10 jul 23:24 views.pyc
-rw-r--r--# 1 Nicolas staff 1138 10 jul 23:05 wsgi.py
-rw-r--r-- 1 root staff 1047 10 jul 23:24 wsgi.pyc
You'll need to change ownership of all the root-owned files to yourself, but otherwise there shouldn't be any need for sudo here.