Using knife ec2 plugin to create VM in VPC private subnet

后端 未结 1 1108
予麋鹿
予麋鹿 2021-02-04 04:47

Although I\'ve written a fair amount of chef, I\'m fairly new to both AWS/VPC and administrating network traffic (especially a bastion host).

Using the knife ec2 plugin,

相关标签:
1条回答
  • 2021-02-04 05:04

    I finally resolved this. I was missing the username when specifying my gateway. I originally thought that the --ssh-user argument would be used for both the gateway AND the VM I'm attempting to bootstrap. This was incorrect, username must be specified for both.

    knife ec2 server create \
        --flavor t1.micro \
        --identity-file <ssh_private_key> \
        --image ami-3fec7956 \
        --security-group-ids sg-9721e1f8 \
        --subnet subnet-e4764d88 \
        --ssh-user ubuntu \
        --server-connect-attribute private_ip_address \
        --ssh-port 22 \
        --ssh-gateway ubuntu@<gateway_public_dns_hostname (route 53)> \
        --tags isVPC=true,os=ubuntu-12.04,subnet_type=public-build-1c \
        --node-name <VM_NAME>
    

    Just the line containing the update (notice the ubuntu@ in front):

        --ssh-gateway ubuntu@<gateway_public_dns_hostname (route 53)>
    

    I have now gone through and locked my bastion host back down, including removal of /home/ubuntu/.ssh/identity, as storing the private key on the bastion host was really bugging me.

    FYI: When setting up a bastion host, the "out of the box" configuration of sshd will work when using the Amazon Linux AMI image. Also, some of the arguments above are optional, such as --ssh-port.

    0 讨论(0)
提交回复
热议问题