amazon-ec2 - Packer 将私钥存储在哪里？

Question

我从 ubuntu shell 运行以下命令，与 aws 平台对话，自定义 amazon ami(ami-9abea4fb):

$ packer build -debug template.packer 
Debug mode enabled. Builds will not be parallelized.
amazon-ebs output will be in this color.

==> amazon-ebs: Prevalidating AMI Name...
==> amazon-ebs: Pausing after run of step 'StepPreValidate'. Press enter to continue. 
==> amazon-ebs: Inspecting the source AMI...
==> amazon-ebs: Pausing after run of step 'StepSourceAMIInfo'. Press enter to continue. 
==> amazon-ebs: Creating temporary keypair: packer 5dfe9f3b-9cc2-cbfa-7349-5c8ef50c64d5
    amazon-ebs: Saving key for debug purposes: ec2_amazon-ebs.pem
==> amazon-ebs: Pausing after run of step 'StepKeyPair'. Press enter to continue. 

在哪里 template.packer是:

{
    "builders": [
        {
            "type": "amazon-ebs",
            "region": "us-west-2",
            "source_ami": "ami-9abea4fb",
            "instance_type": "t2.micro",
            "ssh_username": "ubuntu",
            "ami_name": "MiddleTier-{{isotime | clean_ami_name}}",
            "ami_description": "Amazon AMI customised",
            "tags": {
                "role": "MiddleTier"
            },
            "run_tags":{
                "role": "buildSystem"
            }
        }
    ],
    "provisioners": [

    ],
    "post-processors":[

    ]
}

我的理解是，AWS 为打包程序创建了一个私钥( ec2_amazon-ebs.pem)，以便以无密码方式与 EC2 实例通信，如上述步骤所述。

但是我没有看到打包程序在我的笔记本电脑中复制私钥( ec2_amazon-ebs.pem )(如 ~/.ssh/ec2_amazon-ebs.pem )

Packer 如何与 EC2 通信？不复制为 ~/.ssh/ec2_amazon-ebs.pem在我的笔记本电脑中

Answer 1

除非 Packer 获得了带有 ssh_private_key_file 的私有(private) SSH。 Packer 创建一个仅在 Packer 运行时保存在内存中的临时文件。

当您使用 -debug 运行时标记这个临时 key 被保存到当前工作目录中。这是为了让您能够通过手动 SSH 连接到实例来对构建进行故障排除。