There are two pipelines in gitlab --> build & deploy
In deploy pipeline I want to copy dist folder into my ec2 directory that's why I want to ssh into my ec2.
command I have put in yml file & settled variables also :
$ ssh -tt -i $Server_pem ubuntu#Server_IP
but when deploy pipeline it shows error :
ssh: Could not resolve hostname server_ip: Name or service not known
Ec2 Instance Details :
Ubuntu AMI
Using Public DNS / IP : ec2-XX-XXX-XX-XX.ap-south-1.compute.amazonaws.com
Instance can be accessed from outside ( configured security group for this)
GitLab Details :
I'm using Gitlab shared runners for this (Personal account) &
Added SHA (RSA) key in Server_pem file in variables for connection EC2
help me to solve this issue and if any other way I can copy my build please let me know.
Thank you in advance :)
Related
I try to connect to IoT Controllers via VPN.
The Controllers are already set up. I only need to establish a VPN to have remote access.
For that i installed OpenVPN in a AWS EC2 Instance.
To build the Connection between OpenVPN and the Clients, i need to create certificates & keys for the server and the clients.
The documentation says that i need to extract the easy-rsa 2 script bundle (ziped files) into the home directory of the OpenVPN: https://openvpn.net/community-resources/setting-up-your-own-certificate-authority-ca/
My question: How can i unzip a file from my local machine into the home directory of a cloud hosted VPN?
UPDATE
Currently i try via scp to transfer the zip to the openvpn instance.
scp -i ~\OpenVPNKeys.pem easy-rsa-old-master.zip openvpnas#34.249.227.33:/home/
But i get the following error:
scp: /home/easy-rsa-old-master.zip: Permission denied
When i try:
scp -i ~\OpenVPNKeys.pem easy-rsa-old-master.zip openvpnas#34.249.227.33
without specifying the directory it works. I get the message:
1 Datei(en) kopiert
But then i have no clue where the file is saved. Does anayone know where files will be saved automatically?
I am trying to connect to an EC2 instance from Jenkins via SSH. I always get failure in the end. I am storing the SSH key in a global credential.
This is the task and shell, using SSH agent plugin
This is how I store the key (the whole key has been pasted in)
If I am using SSH connection from my local PC, everything is fine. I am a newbie in Jenkins so this is very chaotic for me.
you need to use SSH plugin . download the plugin using Manage Jenkins and configure
the ec2 in SSH remote.
follow the steps in this link
https://www.thesunflowerlab.com/blog/jenkins-aws-ec2-instance-ssh/
I have a Kubernetes cluster on AWS(kops).I have nginx running as a loadbalancer in it,i have gitlab running as a node port in the cluster and gitlab is behind nginx. ( so gitlab is accessible using the nginx loadbalancer url/gitlab).
I have a bastion machine from where i run "git clone using SSH" to clone a repository ,but it fails. The public key was uploaded to the SSH keys section in Gitlab and i have the private key with me.
Eg: git clone git#aa82ee1b284b0464bb1353bd2fbccdd2-1957402345.ca-central-1.elb.amazonaws.com:root/automation.git
I have tried a number of ways, including generating the keys again, checking security groups of AWS, but no luck.
so is it even possible to connect to the gitlab service from outside through the nginx load balancer url via ssh- like we have in the command:
git#aa82ee1b284b0464bb1353bd2fbccdd2-1957402345.ca-central-1.elb.amazonaws.com:root/automation.git
I want to setup a self managed docker private registry on an EC2 instance without using AWS ECR/ECS services i.e. using the docker registry:2 container image and make it accessible to the development team so that they can push/pull docker images remotely.
The development team has windows laptop with "docker for windows" installed in it.
Please note:
The EC2 instance is hosted on private subnet.
I have already created a AWS-ALB with openssl self-signed certificate and attached it to the EC2 so that the server can be accessed over HTTPS Listener.
I have deployed docker registry using below command:
docker run -d -p 8080:5000 --restart=always --name registry registry:2
I think pre-routing of 443 to 8080 is done because when I hit the browser with
https:///v2/_catalog I get an output in json format.
Currently, the catalog is empty because there is no image pushed in the registry.
I expect this docker-registry hosted on AWS-EC2 instance to be accessible remotely i.e. from windows remote machine as well.
Any references/suggestions/steps to achieve my task would be really helpful.
Hoping for a quick resolution.
Thanks and Regards,
Rohan Shetty
I have resolved the issue by following the below steps:
added --insecure-registry parameter in the docker.service file
created a new directory "certs.d/my-domain-name" at path /etc/docker.
( Please note: Here domain name is the one at which docker-registry is to be accessed)
Placed the self-signed openssl certificate and key for the domain-name inside the above mentioned directory
restart docker
I am trying to deploy an application to an ec2 instace from s3 bucket . I created an instance with the required s3 permimssion and also a code deploy application with required ec2 permissions
When I try to deploy thought I get :
The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems. (Error code: HEALTH_CONSTRAINTS.
I shh into the ec2 instance to check the code deploy log and this is what I get in the :
2018-08-18 20:52:11 INFO [codedeploy-agent(2704)]: On Premises config file does not exist or not readable
2018-08-18 20:52:11 ERROR [codedeploy-agent(2704)]: booting child: error during start or run: Errno::ENETUNREACH - Network is unreachable - connect(2) - /usr/share/ruby/net/http.rb:878:in `initialize'
I tried changing the permissions , restarting the code deploy agent , creating a brand new codeDEploy application. Nothing seems to work.
In order for the agent to pick up commands from CodeDeploy, your host needs to have network access to the internet, which can be restricted by your EC2 security groups, VPC, configuration on your host, etc. To see if you have access, try pinging the CodeDeploy endpoint:
ping codedeploy.us-west-2.amazonaws.com
Though you should use the endpoint for the region your host is in - see here.
If you've configured the agent to use the proxy config, you may have to restart the agent like here.