Packer 出現問題:amazon-ebs: Timeout waiting for SSH
[英]Having problems with Packer: amazon-ebs: Timeout waiting for SSH
問題描述
我是 Packer 的新手,我正在嘗試使用 VPC 的專用網絡創建映像,但我不斷遇到錯誤*amazon-ebs: Timeout waiting for SSH.*
使用的 Packer 版本是1.3.4 ,私有子網可以通過公共子網和路由表訪問 NAT 網關。 但是由於問題無法到達實例,所以我也嘗試過使用其他參數,例如: ssh_interface和private_dns和associate_public_ip_address的值。 但即使是改變我也得到同樣的錯誤。
我正在使用的模板有下一個內容
"builders": [
{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "{{user `region`}}",
"source_ami": "{{user `source_ami`}}",
"instance_type": "{{user `instance_type`}}",
"iam_instance_profile": "{{user `role`}}",
"ssh_username": "{{user `ssh_username`}}",
"ssh_timeout": "15m",
"vpc_id": "{{user `vpc_id`}}",
"subnet_id": "{{user `subnet_id`}}",
"associate_public_ip_address": true,
"ami_name": "{{user `name`}}.{{isotime \"2006-01-02T150405Z\"}}",
"ami_description": "based on {{user `source_ami`}}",
"tags": {
"Name": "{{user `name`}}"
}]
在模板中我沒有定義安全組,但在 Packer 的日志中我看到它能夠創建一個臨時安全組,那么對端口 22 的訪問也應該可用
==> amazon-ebs: Pausing after run of step 'StepKeyPair'. Press enter to continue.
==> amazon-ebs: Creating temporary security group for this instance: packer_5
c6b3667-c41f-92bc-aa89-efc5f3a2d8a8
==> amazon-ebs: Authorizing access to port 22 from 0.0.0.0/0 in the temporary security group...
==> amazon-ebs: Pausing after run of step 'StepSecurityGroup'. Press enter to continue.
==> amazon-ebs: Pausing after run of step 'StepCleanupVolumes'. Press enter to continue.
==> amazon-ebs: Launching a source AWS instance...
但問題仍然存在。 模板中是否缺少某些內容? 或者我應該做些什么來生成AMI?
5 個解決方案
解決方案1
2 已采納 2019-03-01 16:31:54
您無法通過 NAT 網關訪問 ec2。 AWS 中的 NAT 網關用於提供從 VPC 而非 VPC 的 Internet 訪問。
您有多種選擇:
- Make packer 在具有公共 ip 的公共子網中啟動 ec2。 在 VPC 和路由表中正確配置了 IGW
- 在 AWS 中部署一個安全堡壘主機,並使用它從帶有打包程序的工作站跳轉到 ec2。 您需要使用自定義通信器在 packer.json 中配置一些內容。 這里的文檔https://www.packer.io/docs/templates/communicator.html#ssh
問候
解決方案2
1 2020-09-05 22:59:21
我面臨着同樣的問題。 我發現的問題是我的所有實例都在默認 VPC 中啟動。 即使我已經設置了 SG 和路由表以允許來自0.0.0.0/0 的入口 ssh 流量。 即使從控制台訪問仍然不舒服。 所以必須使用適當的互聯網網關、安全組和路由表創建自定義 VPC,我的最終構建器是這樣的。
"builders": [{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "us-******",
"source_ami": "ami-*********",
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": "packer-example {{timestamp}}",
"vpc_id": "{VPC id i had created}",
"subnet_id": "{Subnet i had created}",
"security_group_id": "sg with proper ingress port 22 rule enabled from 0.0.0.0"
}],
希望能解決您的問題並原諒我的詞匯量:)
解決方案3
0 2020-07-30 19:55:26
還有一種可能是打包程序無法找到登錄堡壘主機的密鑰並等待其他方法登錄。
使用 export PACKER_LOG=1 收集的日志如下。
==> amazon-ebs: Waiting for SSH to become available...
2020/07/30 12:19:22 packer: 2020/07/30 12:19:22 [DEBUG] TCP connection to SSH ip/port failed: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [publickey none], no supported methods remain
2020/07/30 12:19:27 packer: 2020/07/30 12:19:27 [DEBUG] TCP connection to SSH ip/port failed: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
2020/07/30 12:19:32 packer: 2020/07/30 12:19:32 [DEBUG] TCP connection to SSH ip/port failed: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
2020/07/30 12:19:37 packer: 2020/07/30 12:19:37 [DEBUG] TCP connection to SSH ip/port failed: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
2020/07/30 12:19:43 packer: 2020/07/30 12:19:43 [DEBUG] TCP connection to SSH ip/port failed: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
2020/07/30 12:19:48 packer: 2020/07/30 12:19:48 [DEBUG] TCP connection to SSH ip/port failed: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
此外,驗證ssh-add -l不應列出密鑰,然后我們知道加殼程序無法找到登錄密鑰。
在這種情況下,我們只需要使用ssh-add <path to your ssh keys> ,它應該可以解決問題。
解決方案4
0 2021-03-29 10:33:13
我遇到了同樣的問題,導致它的原因是使用加密的 AMI,而我明確指出“錯誤”。
"builders": [
{
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_type": "gp2",
"encrypted": true <-- I was setting it to 'false' while only 'true' works
}
],
...
}
],
解決方案5
0 2022-07-31 05:54:06
我有一個安全組(防火牆)設置,阻止了來自移動網絡的連接。 當我從受信任的(允許的)網絡連接時,它運行良好。
請注意以下步驟:
2022/07/31 05:58:15 packer-builder-amazon-ebs plugin: Using specified security groups: [sg-0123456789abcd sg-0123456789abce]
是否可以在Packer中從亞馬遜ebs支持的類型配置中創建HVM AMI?
[英]Is it possible to create HVM AMIs from an amazon ebs-backed type configuration in packer?
在使用 amazon aws 創建通用 docker 機器期間“等待 SSH 可用”
[英]'Waiting for SSH to be available' during creation of a generic docker machine with amazon aws
如果我丟失了 Amazon EC2 EBS 支持的實例的 SSH 密鑰該怎么辦?
[英]What to do if I lose my SSH key for an Amazon EC2 EBS backed instance?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.