2

I'm trying to make a start with ansible, specifically using an ansible playbook to deploy an ec2 instance, but I keep getting an error.

I have followed code found at this thread: Best way to launch aws ec2 instances with ansible

I have substituted in my own details to give me the following

hosts file:

[local]
localhost

[webserver]

create_instance.yml

---
  - name: Provision an EC2 Instance
    hosts: local
    connection: local
    gather_facts: False
    tags: provisioning
    # Necessary Variables for creating/provisioning the EC2 Instance
    vars:
      instance_type: t2.micro
      security_group: webserver # Change the security group name here
      image: ami-f95ef58a # Change the AMI, from which you want to launch     the server
      region: eu-west-1 # Change the Region
      keypair: MyKeyPair # Change the keypair name
      count: 1

      # Task that will be used to Launch/Create an EC2 Instance
        tasks:

    - name: Create a security group
      local_action: 
      module: ec2_group
      name: "{{ security_group }}"
      description: Security Group for webserver Servers
      region: "{{ region }}"
      rules:
        - proto: tcp
          type: ssh
          from_port: 22
          to_port: 22
          cidr_ip: 0.0.0.0/0
        - proto: tcp
          from_port: 80
          to_port: 80
          cidr_ip: 0.0.0.0/0
      rules_egress:
        - proto: all
          type: all
          cidr_ip: 0.0.0.0/0


  - name: Launch the new EC2 Instance
    local_action: ec2 
                  group={{ security_group }} 
                  instance_type={{ instance_type}} 
                  image={{ image }} 
                  wait=true 
                  region={{ region }} 
                  keypair={{ keypair }}
                  count={{count}}
    register: ec2

  - name: Add the newly created EC2 instance(s) to the local host group (located inside the directory)
    local_action: lineinfile 
                  dest="./hosts" 
                  regexp={{ item.public_ip }} 
                  insertafter="[webserver]" line={{ item.public_ip }}
    with_items: ec2.instances


  - name: Wait for SSH to come up
    local_action: wait_for 
                  host={{ item.public_ip }} 
                  port=22 
                  state=started
    with_items: ec2.instances

  - name: Add tag to Instance(s)
    local_action: ec2_tag resource={{ item.id }} region={{ region }} state=present
    with_items: ec2.instances
    args:
      tags:
        Name: webserver

I then create environment variables for my AWS keys as follows:

export AWS_ACCESS_KEY=my aws key
export AWS_SECRET_KEY=my aws secret key

When I run my code with sudo ansible-playbook -i hosts create_instance.yml I get the following error:

PLAY [localhost]     **************************************************************

TASK: [make one instance] *****************************************************
failed: [localhost] => {"failed": true}
msg: No handler was ready to authenticate. 1 handlers were checked.     ['HmacAuthV4Handler'] Check your credentials

FATAL: all hosts have already failed -- aborting

PLAY RECAP ********************************************************************
           to retry, use: --limit @/home/ubuntu/create_instance.retry

localhost                  : ok=0    changed=0    unreachable=0    failed=1

Can anyone suggest where I might be going wrong?

Community
  • 1
  • 1
Rjodo
  • 21
  • 2
  • Don't use sudo. The root user (presumably) doesn't have your environment variables loaded – ydaetskcoR May 13 '16 at 06:38
  • Thanks for the suggestion, still no luck though. Just to confirm that I'm setting the key pair correctly, should the 'keypair' variable in my yml file be set to the name as my key pair that is already uploaded to AWS? By this I mean the name of the key pair which I use to create new ec2 instances via the AWS console? That's what I've been currently using, but just want to check that it's correct. – Rjodo May 13 '16 at 15:51
  • It's not getting that far. It's failing because you don't have the aws aconnection variables set properly. If you use sudo then it won't load the variables you are exporting in your current shell. An alternative would be to specify `aws_access_key` and `aws_secret_key` vars in the playbook or in your inventory. – ydaetskcoR May 13 '16 at 16:03

1 Answers1

0

This error comes when your ansible host is not able to make connection with your AWS account. For that you need to make sure that access keys are correctly set and have the enough permissions to create an instance.

Ansible works on python and picks the python directory. So make sure you have awscli installed using pip not apt-get install awscli. Use sudo pip install awscli.

Specify your access keys in file ~/.aws/credentials.

Also make sure you have the updated version of boto and python installed. Refer this http://www.dowdandassociates.com/blog/content/howto-install-aws-cli-security-credentials/ . All the ways for configuring keys are mentioned here nicely.

Deepali Mittal
  • 996
  • 13
  • 20
  • Thanks. I followed your steps but I'm still having a problem. The error I'm getting is as follows....Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the remote directory. Consider changing the remote temp path in ansible.cfg to a path rooted in "/tmp". Failed command was: mkdir -p $HOME/.ansible/tmp/ansible-tmp-1463751636.36-33202375925080 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1463751636.36-33202375925080 && echo $HOME/.ansible/tmp/ansible-tmp-1463751636.36-33202375925080, exited with result 1 – Rjodo May 20 '16 at 13:48
  • Oh this means you don't have the permissions to create directory on your ansible box. Can you make sure the write permissions and ownership of the /.ansible/tmp/ directory created on $HOME ? And you are running this ansible playbook with same user ? – Deepali Mittal May 21 '16 at 06:00