4
  • Packer version: 1.6.6
  • My operating system: Ubuntu

I'm using Packer to create AMIs on AWS EC2. I understand that Packer uses a temporary SSH key pair to connect to a temporary EC2 instance that will become the AMI. Now I have seen in the AWS console, in Key pairs, that there are dozens of leftover key pairs, all named packer_$some-long-hexadecimal-id.

I know that I can manually delete these keys from the AWS console, but is there a way to tell Packer to automagically delete the temporary key pair on AWS when it is done?

For reference, this is my Packer file:

{
    "variables": {
        "aws_access_key": "",
        "aws_secret_key": "",
        "ami_name": "jenkins-linux-...",
        "ami_description": "Jenkins Linux (test)",
        "aws_region": "eu-central-1",
        "ssh_username": "ubuntu",
        "vpc_id": "vpc-...",
        "subnet_id": "subnet-...",
        "security_group_id": "sg-..."
    },
    "builders": [
        {
            "type": "amazon-ebs",
            "access_key": "{{user `aws_access_key`}}",
            "secret_key": "{{user `aws_secret_key`}}",
            "region": "{{user `aws_region`}}",
            "instance_type": "t2.micro",
            "force_deregister": "true",
            "force_delete_snapshot": "true",
            "ssh_username": "{{user `ssh_username`}}",
            "communicator": "ssh",
            "associate_public_ip_address": true,
            "subnet_id": "{{user `subnet_id`}}",
            "security_group_id": "{{user `security_group_id`}}",
            "ami_name": "{{user `ami_name`}}",
            "source_ami_filter": {
                "filters": {
                    "virtualization-type": "hvm",
                    "name": "ubuntu-minimal/images/hvm-ssd/ubuntu-focal-20.04-amd64-minimal-*",
                    "root-device-type": "ebs"
                },
                "owners": [
                    "679593333241"
                ],
                "most_recent": true
            },
            "run_tags": {
                "Name": "packer-build-linux-image-{{isotime \"2006-01-02\"}}",
                "Tool": "Packer",
                "Provisioner": "Ansible"
            },
            "launch_block_device_mappings": [
                {
                    "device_name": "/dev/sda1",
                    "volume_size": 20,
                    "volume_type": "gp2",
                    "delete_on_termination": true
                }
            ]
        }
    ],
    "provisioners": [
        {
            "type": "ansible",
            "playbook_file": "provisioners/ansible/ansible_playbook.yml",
            "ansible_env_vars": [
                "ANSIBLE_CONFIG=provisioners/ansible/ansible.cfg",
                "ANSIBLE_PIPELINING=True"
            ]
        }
    ]
}
Amedee Van Gasse
  • 7,280
  • 5
  • 55
  • 101
  • The packer [code](https://github.com/hashicorp/packer/blob/bee182e480a70bc5fc21779224b24838f77f4ad3/builder/osc/common/step_key_pair.go#L118) seems to delete the keypair. Do you see the "Deleting temporary keypair..." message? – jarmod Apr 15 '21 at 16:06
  • I see that message, yes. And my most recent keypair isn't in the list of 38 "packer_..." keypairs, so this may have been something from the past. I'm manually going to delete the keypairs and see if it happens again. – Amedee Van Gasse Apr 15 '21 at 21:36
  • Any chance they were created then the packer processing failed but packer did not subsequently clean up properly? If so, suggest that it's a bug in packer. – jarmod Apr 15 '21 at 23:25
  • That's definitely possible. – Amedee Van Gasse Apr 16 '21 at 08:56

0 Answers0