Terraform SSH connection to AWS EC2

The instances are created via Terraform, but Terraform can only used existing key pairs. First thing is to create the key pair as explained in the AWS documentation1.

NOTE: However, if you are not familiar with Terraform, please go through the following blogs before this blog

  1. Basic example of creating AWS EC2 with Terraform
  2. Creating AWS S3 bucket with Terraform

Connect to the EC2 instance, the most important thing is key value pair which is create in the time of the EC2 instance is created. But this is not currently possible in the Terraform. Therefore we need to create the mykey first.

For example

aws ec2 create-key-pair --key-name mykey --query 'KeyMaterial' --output text > ~/.aws/mykey.pem

If you are connecting from the Linux or Mac, because need read permission.

chmod 400  ~/.aws/mykey.pem

To display

aws ec2 describe-key-pairs --key-name mykey

To retrieve the public key from the pem file (Optional)

ssh-keygen -y -f ~/.aws/mykey.pem

Before the access via SSH you have to enable the SSH in the default security group of you VPC where you created the instance:

Let's create a example Ansible host as follows, in the resource.tf

resource "aws_instance" "ansible-host" {
  ami = "${lookup(var.amis, "ubuntu-server")}"
  instance_type = "t2.micro"
  tags = {
      "Name"="${var.instance_names[0]}"
      "training"="${var.training_name}"
  }
  key_name="mykey"

 
  provisioner "remote-exec" {
    inline = [
        "sudo apt-add-repository ppa:ansible/ansible -y",
        "sudo apt-get update",
        "sudo apt-get install ansible -y"
    ]

    connection {
        type = "ssh"
        user = "ubuntu"
        private_key = "${file("/Users/ojitha/.aws/mykey.pem")}"
    }
  }
}

As shown in the above line# 11, we can create and run the ansible installation. For that you need a ssh connection with the private key line# 18.

Here is the providers.tf file

provider "aws" {
  region = "${var.my_region}"
}

terraform {
    required_version =  ">= 0.11.13"
    backend "s3" {
        bucket = "ojitha"
        key = "test/ansible_training"
        region = "ap-southeast-2"
        encrypt = "true"
    }
}

Here the variables.tf file which output the public dns ip to connect to the ansible host via SSH.

variable "instance_names" {
  type = "list"
  description = "tags for the instances 0,1,2"
}

variable "amis" {
  type = "map"
  description = "all the instances are from this ami"
}

variable "my_region" {
  type = "string"
  description = "always my region is this"
}

variable "training_name" {
    type="string"
}

output "ansible_public_ip" {
  value = "${aws_instance.ansible-host.public_dns}"
}

The terraform.tfvars file is here

amis = {
    "ubuntu-server" = "ami-001dae151248753a2"
}

my_region = "ap-southeast-2"

instance_names = ["ansible-host"]

training_name = "..."

You can find the public dns ip as output when you run the terraform apply. Now use the following command to connect to the ansible host via SSH node.

ssh -i ~/.aws/mykey.pem ubuntu@<public dns ip of the ansible-host>

  1. Create, Display, and Delete Amazon EC2 Key Pairs 

Comments

Post a Comment

commented your blog

Popular posts from this blog

How To: GitHub projects in Spring Tool Suite

Image
The first step is sign up in the GitHub and create a  new project. For example I’ve created a new project Spring3part7 in the GitHub. Before add the projects you need to configure STS for GitHub access. For example, you need to add configuration as shown in the following picture Git local repository also important Now you are ready to pull the project from the GitHub, in the STS import menu select the following Now type the project name and click the ‘Search’ as shown in the following. However, when you select the found project click ‘Finish’ nothing will change in the STS interface. Now you are going to create real project. Here I am going to create simple utility project. This template project need to be created inside the imported GitHub project You have to give the same project name of the GitHub project as shown in the following project Now your project is ready to push. Before that you need to add ignore flag to all the folders and files except pom...
Continue »

Spring 3 Part 7: Spring with Databases

Image
This is the 7 th part of the Spring 3 Series . Create MySQL 5.6 database ‘payroll’, CREATE DATABASE payroll; Next create a user for example, user ‘ojitha’ CREATE USER 'ojitha'@'localhost' IDENTIFIED BY 'ojitha'; Need to grant the ‘payroll’ access to user ‘ojitha’ as shown in the following. GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON payroll.* TO 'ojitha'@'localhost'; You can download freeware of TOAD for MySQL from here . Let create a first table, that contains all the states in Australia. You can create a table using visually using the icon given directly below the Tables tab in the Object Explorer as shown in the above diagram. CREATE TABLE payroll.STATE ( CODE CHAR(3) ASCII COMMENT 'State code', STATE VARCHAR(30), PRIMARY KEY (CODE) ) ENGINE = InnoDB COMMENT = 'Australian states' ROW_FORMAT = DEFAULT; In the my sql console you can the newly added table using the following command SHOW ...
Continue »

Parse the namespace based XML using Python

In this blog, I am considering how to parser and modify the xml file using python. For example, I need to parser the following xml 1 (slightly modified for this blog) and need to write the modified xml to out.xml file. Here the country.xml <?xml version="1.0"?> <actors xmlns:fictional="http://characters.example.com" xmlns="http://people.example.com"> <actor type='T1'> <name>John Cleese</name> <fictional:character>Lancelot</fictional:character> <fictional:character>Archie Leach</fictional:character> </actor> <actor type='T2'> <name>Eric Idle</name> <fictional:character>Sir Robin</fictional:character> <fictional:character>Gunther</fictional:character> <fictional:character>Commander Clement</fictional:character> </actor> </actors> In ...
Continue »