General discussion about Chef

[chef] Re: Re: Re: Re: Re: Re: Re: chef-metal AWS Profile


Chronological Thread 
  • From: Douglas Garstang < >
  • To:
  • Subject: [chef] Re: Re: Re: Re: Re: Re: Re: chef-metal AWS Profile
  • Date: Tue, 14 Oct 2014 11:06:05 -0700
I removed all references to AWS environment vars from my login scripts, and opened a new session. Tried again fresh.

With both:
export CHEF_DRIVER=aws:fog:test:
export CHEF_DRIVER=aws:fog:test:us-east-1

and the same config files as above, still fails with same error.

Doug

On Tue, Oct 14, 2014 at 11:01 AM, Douglas Garstang < " target="_blank"> > wrote:
John,

I had that initially (because the AWS CLI requires it) but removed the profile prefix when someone suggested it in this thread.

Latest attempt:

~/.aws/config:
[profile prod]
aws_access_key_id = xxx
aws_secret_access_key = xxx
region = us-east-1

[profile test]
aws_access_key_id = xxx
aws_secret_access_key = xxx
region = us-east-1

simple.rb:
require 'chef_metal'
machine 'mario' do
  tag 'itsa_me'
  converge true
end

and...
export CHEF_DRIVER=fog:AWS:test

Ran again with:
chef-client -z simple.rb

Got the same error again:

RuntimeError
------------
No AWS profile specified!  Are you missing something in the Chef config or ~/.aws/config?

:(

Tried with:
export CHEF_DRIVER=fog:AWS:test:us-east-1

Same error again.

Doug



On Tue, Oct 14, 2014 at 10:53 AM, John Ewart < " target="_blank"> > wrote:
Per a previous email, it looks like your AWS config file has section headers that don't match the parser. It looks like you removed the word "profile" from your ~/.aws/config file. It will look for [profile XXX] or use the one marked [default] if you don't specify a profile. 

It should look like the following:

[profile test]
...

[profile prod]
...


And then with_driver 'fog:AWS:test' or export CHEF_DRIVER="fog:AWS:test:us-east-1" should work. 

-John


On Tue, Oct 14, 2014 at 10:45 AM, Douglas Garstang < " target="_blank"> > wrote:
And... a puts compute_options shows only this:

{:provider=>"AWS", :region=>""}

Really confused. :(

Doug.

On Tue, Oct 14, 2014 at 10:43 AM, Douglas Garstang < " target="_blank"> > wrote:
And, I also just tried this...

with_machine_options :bootstrap_options => {
  :flavor_id => 'm3.medium',
  :key_name => 'ec2-default',
  :groups => ['slice-default'],
  :image_id => 'ami-fa7dc492',
  :source_key_path => '/Users/doug/git/ops-secure/ec2_keypairs/test-ec2-default',
  :aws_access_key_id => 'xxx',
  :aws_secret_access_key => 'yyy'
}

You guessed it. Didn't work. Same error, even though the code clearly shows that it gives setting the creds here the top priority.

Doug.



On Tue, Oct 14, 2014 at 10:38 AM, Douglas Garstang < " target="_blank"> > wrote:
I've also looked into the get_aws_profile() method in chef_metal_fog/providers/aws.rb which seems to be where it's failing.

Now, I know I'm not much of a ruby guy, but I see this....

if compute_options[:aws_access_key_id]
          Chef::Log.debug("Using AWS driver access key options")
          aws_profile = {
            :aws_access_key_id => compute_options[:aws_access_key_id],
            :aws_secret_access_key => compute_options[:aws_secret_access_key],
            :aws_security_token => compute_options[:aws_session_token],
            :region => compute_options[:region]
          }
< a couple of else if statememnts >
elsif ENV['AWS_PROFILE']

I threw a simple puts("FOO') in there and even though I had the AWS_PROFILE environment variable set, the puts wasn't printed. Another puts() at the start of the method() is displayed. So, I'm a bit confused about what is going on.

Doug.




On Tue, Oct 14, 2014 at 10:32 AM, Douglas Garstang < " target="_blank"> > wrote:
Here's my latest attempt. It's still not working. I removed the 'profile' prefix from the profiles in the aws config file, just to test. They need to stay there however, as the boto library and more importantly, the AWS CLI require it.

~/.aws/config:
[prod]
aws_access_key_id = xxx
aws_secret_access_key = xxx
region = us-east-1

[test]
aws_access_key_id = xxx
aws_secret_access_key = xxx
region = us-east-1

simple.rb"
require 'chef_metal'

ENV['AWS_CONFIG_FILE'] = '/Users/doug/.aws/config'
with_machine_options :bootstrap_options => {
  :flavor_id => 'm3.medium',
  :key_name => 'ec2-default',
  :groups => ['slice-default'],
  :image_id => 'ami-fa7dc492',
  :source_key_path => '/Users/doug/git/ops-secure/ec2_keypairs/test-ec2-default'
}
with_driver 'fog:AWS:test'
machine 'mario' do
  tag 'itsa_me'
  converge true
end

So, with that I got the same error.  I then removed the driver stuff from simple.rb, so that I had this:

simple.rb:
require 'chef_metal'

ENV['AWS_CONFIG_FILE'] = '/Users/doug/.aws/config'

with_machine_options :bootstrap_options => {
  :flavor_id => 'm3.medium',
  :key_name => 'ec2-default',
  :groups => ['slice-default'],
  :image_id => 'ami-fa7dc492',
  :source_key_path => '/Users/doug/git/ops-secure/ec2_keypairs/test-ec2-default'
}

machine 'mario' do
  tag 'itsa_me
  converge true
end

and I set CHEF_DRIVER=aws:fog:test. Tried again. Failed again. I'm still getting this:

RuntimeError
------------
No AWS profile specified!  Are you missing something in the Chef config or ~/.aws/config?

Ran with -l debug. Output is here... http://pastebin.com/EmYFA35x

Doug.






On Tue, Oct 14, 2014 at 10:13 AM, John Keiser < " target="_blank"> > wrote:
This could be just how you're testing stuff, but I think you need to rename [test] to [profile test] in your config file.  fog:AWS:test:us-east-1 should work; fog:AWS:test is worth a try, though.  I would set CHEF_DRIVER env var and remove stuff from the recipe now until you've got this debugged.

If it's still failing after you rename the profile section to [profile test] in ~/.aws/config, a debug log running chef-client -l debug would probably be helpful.

On Tue, Oct 14, 2014 at 9:53 AM, Douglas Garstang < " target="_blank"> > wrote:
John,

File is ~/.aws/config. That was a typo in my initial email.

Douglass-MacBook-Pro:~ doug$ cat ~/.aws/config
[profile prod]
aws_access_key_id = xxx
aws_secret_access_key = xxx
region = us-east-1

[test]
aws_access_key_id = xxx
aws_secret_access_key = xxx
region = us-east-1




On Tue, Oct 14, 2014 at 9:40 AM, John Keiser < " target="_blank"> > wrote:
Looking at your issue, I'm guessing the problem is that it's looking in ~/.aws/config and you have ~/.aws.config (at least from the mail, maybe it was a typo?).

Can you try putting the file at that location and let us know if it works?  Is ~/.aws.config a standard location we should be handling as well?

On Tue, Oct 14, 2014 at 9:35 AM, Douglas Garstang < " target="_blank"> > wrote:
No replies. Is chef-metal an active project? Has it been replaced by something else?

Doug


On Mon, Oct 13, 2014 at 4:47 PM, Douglas Garstang < " target="_blank"> > wrote:
Not sure if this the right place to ask a chef-metal question.

Can't seem to get the AWS profiles to work. I keep getting this:

RuntimeError
------------
No AWS profile specified!  Are you missing something in the Chef config or ~/.aws/config?


My ~/.aws.config contains this:

[profile prod]
aws_access_key_id = <key_id>
aws_secret_access_key = <key>
region = us-east-1

[profile test]
aws_access_key_id = <key_id>
aws_secret_access_key = <key>
region = us-east-1

The reason the profille names have 'profile' at the front is because this is required for the AWS CLI, and boto as well, which also use this file.

I've tried setting these:

export CHEF_DRIVER="fog:AWS:test:us-east-1"
export CHEF_DRIVER="fog:AWS:profile test:us-east-1"

export CHEF_DRIVER="fog:AWS:<aws account #>:us-east-1"
export CHEF_DRIVER="fog:AWS:<aws account #> test:us-east-1"

None of those work (although they are being picked up because I see the value in the back trace).

I've also tried putting variations of the following into the simple.rb file:

with_driver 'fog:AWS:test'
with_driver 'fog:AWS:profile test'

and so on. Doesn't work.

I also tried this:

with_driver 'fog:AWS:test'
machine 'mario' do
  tag 'itsa_me'
  converge true
end

Didn't work. I tried this:

machine 'mario' do
  tag 'itsa_me'
  driver 'fog:AWS:test'
  converge true
end

and many many permutations. Also didn't work.

I then tried to put the settings into my ~/.chef/knife.rb. That also didn't work. Basically, NOTHING has worked. I keep getting the error above. Where should I put this?

To make matters more confusing, the gem seems to have been installed to my home directory under .chefdk. I don't know why as I use the gem that came with the chef-dk and that normally puts gems in /opt/chefdk/embedded (except for the chef-metal ones and it's dependancies).

Also,
Douglass-MacBook-Pro:~ doug$ /opt/chefdk/embedded/bin/gem list | grep chef-metal
chef-metal (0.14.2)
chef-metal-fog (0.9)
chef-metal-vagrant (0.6)

Thanks,
Doug.









I've also tried using 'profile test' instead of test, since that's what boto requi



--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: " target="_blank">
Cell: +1-805-340-5627




--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: " target="_blank">
Cell: +1-805-340-5627




--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: " target="_blank">
Cell: +1-805-340-5627



--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: " target="_blank">
Cell: +1-805-340-5627



--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: " target="_blank">
Cell: +1-805-340-5627



--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: " target="_blank">
Cell: +1-805-340-5627




--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: " target="_blank">
Cell: +1-805-340-5627



--
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: ">
Cell: +1-805-340-5627

Archive powered by MHonArc 2.6.16.

§