multiple updates, trying to troubleshoot key issues for gerald and er…

…ic and kyle
NetDevAutomate · Mar 20, 2018 · 8aac458 · 8aac458
1 parent ff2f221
commit 8aac458
Show file tree

Hide file tree

Showing 6 changed files with 73 additions and 28 deletions.
diff --git a/docs/faq.md b/docs/faq.md
@@ -0,0 +1,43 @@
+# FAQ
+Frequently Asked Questions... or rather common problems that people have hit.
+
+## Problem: boto3 missing
+
+```
+fatal: [localhost]: FAILED! => {"attempts": 1, "changed": false, "msg": "Python modules \"botocore\" or \"boto3\" are missing, please install both"}
+```
+
+OR
+
+```
+fatal: [localhost]: FAILED! => {"attempts": 1, "changed": false, "msg": "boto is required for this module"}
+```
+
+Solution:
+```
+pip install boto boto3
+```
+
+
+## Problem: Unable to locate credentials
+
+```
+An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NoCredentialsError: Unable to locate credentials
+fatal: [localhost]: FAILED! => {"attempts": 1, "changed": false, "msg": "Failed to describe VPCs: Unable to locate credentials"}
+```
+
+Solution:
+Set your Access Key ID and Secret Access Key under ~/.aws/credentials
+
+```
+[root@centos ~]# cat ~/.aws/credentials
+[default]
+aws_access_key_id = ABCDEFGHIJKLMNOP
+aws_secret_access_key = ABCDEFGHIJKLMNOP/ABCDEFGHIJKLMNOP
+```
+
+## Problem: Not authorized for image
+
+```
+An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ClientError: An error occurred (AuthFailure) when calling the DescribeImageAttribute operation: Not authorized for image:ami-26ebbc5c
+```
diff --git a/provisioner/README.md b/provisioner/README.md
@@ -56,7 +56,14 @@ To provision the workshop onto AWS use the following directions:
 
         pip install boto boto3
 
-4. Create an [Access Key ID and Secret Access Key](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) (you should be using IAM and [not your AWS account directly](http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html)).  Save the ID and key for later.
+4. Set your Access Key ID and Secret Access Key from Step 2 under ~/.aws/credentials
+
+```
+[root@centos ~]# cat ~/.aws/credentials
+[default]
+aws_access_key_id = ABCDEFGHIJKLMNOP
+aws_secret_access_key = ABCDEFGHIJKLMNOP/ABCDEFGHIJKLMNOP
+```
 
 5. Install the `passlib` library
 
@@ -74,20 +81,19 @@ If you haven't done so already make sure you have the repo cloned to the machine
 1. Define the following variables in a file passed in using `-e @extra_vars.yml`
 
 ```yml
-ec2_key_name: username                # SSH key in AWS to put in all the instances
 ec2_region: us-east-1                 # region where the nodes will live
 ec2_az: us-east-1a                    # availability zone
-ec2_name_prefix: TRAINING-LAB         # name prefix for all the VMs
+ec2_name_prefix: TRAININGLAB         # name prefix for all the VMs
 admin_password: ansible
 ## Optional Variables
-localsecurity: false                   # skips firewalld installation and SE Linux when turned to false
+localsecurity: false                   # skips firewalld installation and SE Linux when false
 ```
 
 For an example, look at [sample-vars.yml](sample-vars.yml) for a list of all the knobs you can control.  You can use pre-existing AWS VPCs you already created.
 
 2. Run the playbook:
 
-        ansible-playbook provision_lab.yml -e @extra_vars.yml -e @users.yml
+        ansible-playbook provision_lab.yml -e @extra_vars.yml
 
 What does the provisioner take care of automatically?
 - AWS VPC creation (Amazon WebServices Virtual Private Cloud)
@@ -100,7 +106,7 @@ What does the provisioner take care of automatically?
 
 4. Check on the EC2 console and you should see instances being created like:
 
-        TRAINING-LAB-<student_username>-node1|2|3|haproxy|tower|control
+        TRAINING-LAB-<student_username>-node1|2|3|tower|control
 
 ## Accessing student documentation and slides
 

diff --git a/provisioner/aws-directions/AWSHELP.md b/provisioner/aws-directions/AWSHELP.md
@@ -1,5 +1,5 @@
 # AWS DIRECTIONS HELP
-These steps will walk you through where to create credentials (Access Key ID and Secret Access Key) on AWS to use for provisioning VMs with Ansible.
+These steps will walk you through where to create credentials (Access Key ID and Secret Access Key) on AWS to use for provisioning VMs with Ansible.  
 
 ## Login
 Login to the AWS Console on [https://aws.amazon.com/](https://aws.amazon.com/)
@@ -29,4 +29,10 @@ You need to create a new access key, only then will the necessary key and key ID
 
 You now have your Access Key ID and Secret Access Key!
 
+## AWS References
+
+- [Access Key ID and Secret Access Key](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html)
+- [managing-aws-access-keys.html(http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html).
+
+
 [Return to aws_lab_setup directions](../README.md)
diff --git a/provisioner/roles/connectivity_test/tasks/main.yml b/provisioner/roles/connectivity_test/tasks/main.yml
@@ -1,7 +1,7 @@
 - name: Wait 400 seconds, but only start checking after 30 seconds
   wait_for_connection:
     delay: 30
-    timeout: 600
+    timeout: 400
 
 # This wait_for_connection task can't be part of manage_ec2_instances
 # because you can't use groups with delegate_to, see:

diff --git a/provisioner/roles/manage_ec2_instances/defaults/main.yml b/provisioner/roles/manage_ec2_instances/defaults/main.yml
@@ -79,7 +79,3 @@ ec2_login_names:
   ubuntu14: ubuntu
   ubuntu16: ubuntu
   csr-byol: ec2-user
-
-# Backwards compatability
-types: "{{ ec2_lab_node_types }}"
-aws_key_name: "{{ ec2_key_name }}"
diff --git a/provisioner/roles/manage_ec2_instances/tasks/provision.yml b/provisioner/roles/manage_ec2_instances/tasks/provision.yml
@@ -180,15 +180,14 @@
     - networking
     - ec2_vpc_id2 is undefined
 
-- name: start ssh agent
-  raw: "eval `ssh-agent -s`"
+- name: enable ssh-agent
+  shell: eval $(ssh-agent)
 
 - name: Create ssh key pair for workshop {{ ec2_name_prefix }}
   ec2_key:
     name: "{{ ec2_name_prefix }}-key"
     region: "{{ ec2_region }}"
   register: create_key
-  when: ec2_key_name is undefined
 
 # - name: The key for for workshop {{ ec2_name_prefix }}
 #   debug:
@@ -211,17 +210,12 @@
   raw: ssh-add ./aws-private.pem
   when: create_key.changed
 
-- name: set keys for instance creation dynamically since key was not supplied by user
-  set_fact:
-    ec2_key_name: "{{ ec2_name_prefix }}-key"
-  when: ec2_key_name is undefined
-
 - name: debugging all variables for ec2 instance creation VPC-1
   debug:
     msg:
       - "ec2_name_prefix: {{ec2_name_prefix}}"
       - "ec2_vpc_id: {{ ec2_vpc_id }}"
-      - "ec2_key_name: {{ ec2_key_name }}"
+      - "{{ ec2_name_prefix }}-key: {{ ec2_name_prefix }}-key"
       - "ec2_security_group: {{ ec2_security_group }}"
       - "ec2_vpc_subnet_id: {{ ec2_vpc_subnet_id }}"
 
@@ -269,7 +263,7 @@
 - name: Create EC2 instances for ansible node (control node)
   ec2:
     assign_public_ip: yes
-    key_name: "{{ ec2_key_name }}"
+    key_name: "{{ ec2_name_prefix }}-key"
     group: "{{ ec2_security_group }}"
     instance_type: "{{ ec2_instance_types[ansible_node].size }}"
     image: "{{ ansible_control_node_ami.image_id }}"
@@ -320,7 +314,7 @@
 - name: Create EC2 instances for node1
   ec2:
     assign_public_ip: yes
-    key_name: "{{ ec2_key_name }}"
+    key_name: "{{ ec2_name_prefix }}-key"
     group: "{{ ec2_security_group }}"
     instance_type: "{{ ec2_instance_types[node1_node].size }}"
     image: "{{ node1_ami.image_id }}"
@@ -374,7 +368,7 @@
 - name: Create EC2 instances for node2
   ec2:
     assign_public_ip: yes
-    key_name: "{{ ec2_key_name }}"
+    key_name: "{{ ec2_name_prefix }}-key"
     group: "{{ ec2_security_group }}"
     instance_type: "{{ ec2_instance_types[node2_node].size }}"
     image: "{{ node2_ami.image_id }}"
@@ -428,7 +422,7 @@
 - name: Create EC2 instances for node3
   ec2:
     assign_public_ip: yes
-    key_name: "{{ ec2_key_name }}"
+    key_name: "{{ ec2_name_prefix }}-key"
     group: "{{ ec2_security_group }}"
     instance_type: "{{ ec2_instance_types[node3_node].size }}"
     image: "{{ node3_ami.image_id }}"
@@ -482,7 +476,7 @@
 - name: Create EC2 instances for rtr1 node (NETWORKING MODE)
   ec2:
     assign_public_ip: yes
-    key_name: "{{ ec2_key_name }}"
+    key_name: "{{ ec2_name_prefix }}-key"
     group: "{{ ec2_security_group }}"
     instance_type: "{{ ec2_instance_types[rtr1_node].size }}"
     image: "{{ rtr1_ami.image_id }}"
@@ -531,7 +525,7 @@
 - name: Create EC2 instances for rtr2 node in VPC-2 (NETWORKING MODE)
   ec2:
     assign_public_ip: yes
-    key_name: "{{ ec2_key_name }}"
+    key_name: "{{ ec2_name_prefix }}-key"
     group: "{{ ec2_security_group2 }}"
     instance_type: "{{ ec2_instance_types[rtr2_node].size }}"
     image: "{{ rtr2_ami.image_id }}"
@@ -580,7 +574,7 @@
 - name: Create EC2 instances for host1 node in VPC-2 (NETWORKING MODE)
   ec2:
     assign_public_ip: yes
-    key_name: "{{ ec2_key_name }}"
+    key_name: "{{ ec2_name_prefix }}-key"
     group: "{{ ec2_security_group2 }}"
     instance_type: "{{ ec2_instance_types[host1_node].size }}"
     image: "{{ host1_ami.image_id }}"