Question 18243 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

Connecting to AWS EC2 with terraform and execute commands – Amazon Web Sevices

I’m new to infrastructure.
I’m trying to create an EC2 instance and execute commands using Terraform provisioners. However, when I apply the Terraform configuration, it times out.

$ ssh_keygen -f ./example -m PEM // this generate example.pub and example

provider "aws" {
  region = "us-west-2"
}

resource "aws_key_pair" "example" {
  key_name   = "keypair"
  public_key = file("./example.pub")
  tags = {
    Name = "Example Key Pair"
  }
}

resource "aws_instance" "web" {
  ami           = "ami-003634241a8fcdec0"
  instance_type = "t2.micro"
  key_name      = aws_key_pair.example.key_name
  tags = {
    Name = "Example EC2"
  }

  connection {
    type        = "ssh"
    host        = self.public_ip
    user        = "ubuntu"
    private_key = file("./example")
  }

  provisioner "file" {
    content     = "Hello World!"
    destination = "/home/ubuntu/example.txt"
  }

}
Tags:

2

Answers


  1. 0

    can you please add the following:

    provisioner "file" {
source      = "example.txt"              # terraform machine
destination = "/home/ubuntu/example.txt" # remote machine
}

    before:

    provisioner "file" {
    content     = "Hello World!"
    destination = "/home/ubuntu/example.txt"
  }

    where "example.txt" is an empty file available on your Terraform machine?

    Does it hangs as well?

    Login or Signup to reply.
  2. 0

    The direct problem here was (based on comments on the other answer) an incorrect security group configuration, which is a common cause of problems with provisioners and one of the reasons why Provisioners are a last resort.

    This seems to be an example of Passing data into virtual machines and other compute resources, in which case the documentation recommends against using provisioners and instead using the user_data or user_data_base64 arguments of aws_instance, which will pass data to the EC2 instance indirectly through the EC2 API, rather than directly over SSH. That avoids the need for any direct network connectivity between Terraform and the EC2 instance, so incorrect security group rules cannot prevent it from working.

    Exactly how to use that will depend on what software is installed in the AMI you have chosen here, but most standard Linux distribution AMIs use the software cloud-init to handle system configuration tasks such as handling the user_data argument. If you are using an AMI which has cloud-init installed then the following official tutorial shows how to use it:

    Provision Infrastructure with Cloud-Init

    When you create a generic compute resource in Terraform, your virtual machine (VM) may not have much capability because it is a "fresh" install and needs to be provisioned with the software you want to use. Manually installing the necessary software and its respective dependencies on each VM is time consuming and difficult to maintain at scale.

    cloud-init is a standard configuration support tool available on most Linux distributions and all major cloud providers. cloud-init allows you to pass a shell script to your instance that installs or configures the machine to your specifications.

    In this tutorial, you will create a Terraform instance with the user_data to deploy a Go web app and SSH key to the newly created device, allowing you to SSH into the machine without a password and start the app with that user.

    Read more…

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search