在使用Packer.io创建基本AMI时遇到困难。SSH超时

Question

我试图按照these的指示使用Packer.io构建一个基本的AWS映像。但这对我不起作用。

下面是我的模板文件：

{
  "variables": {
    "aws_access_key": "",
    "aws_secret_key": ""
  },
  "builders": [{
    "type": "amazon-ebs",
    "access_key": "{{user `aws_access_key`}}",
    "secret_key": "{{user `aws_secret_key`}}",
    "region": "us-east-1",
    "source_ami": "ami-146e2a7c",
    "instance_type": "t2.micro",
    "ssh_username": "ubuntu",
    "ami_name": "packer-example {{timestamp}}",

    # The following 2 lines don't appear in the tutorial.
    # But I had to add them because it said this source AMI
    # must be launched inside a VPC.
    "vpc_id": "vpc-98765432",
    "subnet_id": "subnet-12345678"
  }]
}

您会注意到，通过在底部添加两行代码(对于VPC和子网)，我不得不偏离指令。这是因为我一直收到以下错误：

==> amazon-ebs: Error launching source instance: The specified instance type 
                can only be used in a VPC. A subnet ID or network interface
                ID is required to carry out the request. 
                (VPCResourceNotSpecified)

VPC和Subnet是我必须手工创建的临时程序。但我为什么要这么做？为什么packer不创建这些，然后像我看到的那样删除它们--它创建了一个临时安全组和密钥对？

此外，即使在我添加了这两行之后，它也无法创建AMI，因为它获得了SSH超时。为什么？在这个VPC中，我没有遇到手动SSHing到其他实例的麻烦。临时封隔器实例具有InstanceState=Running、StatusChecks=2/2和SecurityGroup，允许来自世界各地的SSH。

请参见下面packer命令的调试输出：

$ packer build -debug -var 'aws_access_key=MY_ACCESS_KEY' -var 'aws_secret_key=MY_SECRET_KEY' packer_config_basic.json
Debug mode enabled. Builds will not be parallelized.
amazon-ebs output will be in this color.

==> amazon-ebs: Inspecting the source AMI...
==> amazon-ebs: Pausing after run of step 'StepSourceAMIInfo'. Press enter to continue.
==> amazon-ebs: Creating temporary keypair: packer 99999999-8888-7777-6666-555555555555
    amazon-ebs: Saving key for debug purposes: ec2_amazon-ebs.pem
==> amazon-ebs: Pausing after run of step 'StepKeyPair'. Press enter to continue.
==> amazon-ebs: Creating temporary security group for this instance...
==> amazon-ebs: Authorizing SSH access on the temporary security group...
==> amazon-ebs: Pausing after run of step 'StepSecurityGroup'. Press enter to continue.
==> amazon-ebs: Launching a source AWS instance...
    amazon-ebs: Instance ID: i-12345678
==> amazon-ebs: Waiting for instance (i-12345678) to become ready...
    amazon-ebs: Private IP: 10.0.2.204
==> amazon-ebs: Pausing after run of step 'StepRunSourceInstance'. Press enter to continue.
==> amazon-ebs: Waiting for SSH to become available...
==> amazon-ebs: Timeout waiting for SSH.
==> amazon-ebs: Pausing before cleanup of step 'StepRunSourceInstance'. Press enter to continue.
==> amazon-ebs: Terminating the source AWS instance...
==> amazon-ebs: Pausing before cleanup of step 'StepSecurityGroup'. Press enter to continue.
==> amazon-ebs: Deleting temporary security group...
==> amazon-ebs: Pausing before cleanup of step 'StepKeyPair'. Press enter to continue.
==> amazon-ebs: Deleting temporary keypair...
==> amazon-ebs: Pausing before cleanup of step 'StepSourceAMIInfo'. Press enter to continue.
Build 'amazon-ebs' errored: Timeout waiting for SSH.

==> Some builds didn't complete successfully and had errors:
--> amazon-ebs: Timeout waiting for SSH.

==> Builds finished but no artifacts were created.

Answer 1

1. 您使用的是t2.micro实例类型，它只能在VPC环境中运行(参见T2 Instances)。
2. 由于您在VPC中，默认情况下，所有流量都在防火墙后面，因此您需要设置一个安全组，以允许您的IP访问该实例上的SSH端口。

更简单的方法是使用m3.medium实例类型，这有点昂贵，但是它运行一切都更快，您根本不需要设置VPC/Security。

Answer 2

确保:1)将instance网关(活动的，而不是黑洞)附加到默认的vpc上，我们将在其中启动实例，2)并检查路由表，网络网关的路由(当前的，不旧的)是存在的。