packer encrypted ebs volume not mounting when launched with terrafrom on aws

Created on 3 Apr 2020  ·  3Comments  ·  Source: hashicorp/packer

Hi

I have created packer encrypted volume by the following code snippets

"builders": [{
    "type": "amazon-ebs",
    "access_key": "{{user `aws_access_key`}}",
    "secret_key": "{{user `aws_secret_key`}}",
    "region": "eu-central-1",
    "source_ami_filter": {
      "filters": {
        "virtualization-type": "hvm",
        "name": "CentOS Linux 7 x86_64 HVM EBS *",
        "root-device-type": "ebs"
      },
      "owners": ["aws-marketplace"],
      "most_recent": true
    },
    "instance_type": "t2.micro",
    "ssh_username": "centos",
    "ami_name": "awx-10.0.0-{{timestamp}}",
    "tags" : { "Name": "awx-base" },
    "launch_block_device_mappings": [
      {
        "device_name": "/dev/sdb",
        "volume_size": 40,
        "volume_type": "gp2",
        "encrypted": true,
        "delete_on_termination": false
      }]
  }],

startup script

#!/bin/sh
set -x
sudo -S mkdir -p /data
sudo -S mkfs.ext4 /dev/xvdb
sudo -S /usr/sbin/blkid -o value -s UUID /dev/xvdb >> /tmp/testfile
sudo -S cat /tmp/testfile
sudo -S echo -e "UUID=$(/usr/sbin/blkid -o value -s UUID /dev/xvdb) /data ext4 defaults 0 0" > /tmp/tempfile
sudo -S cat /tmp/tempfile |sudo -S tee -a /etc/fstab
sudo -S cat /etc/fstab
sudo -S mount -a

And ami creation is successful and i could launch the ec2 manually without any issues,
but using the terrafrom script i am get "Instance reachability check failed" on AWS.

Please see the terraform resource

resource "aws_instance" "default" {
  ami           = var.awx_ami_id
  instance_type = var.awx_instance_type
#  availability_zone = data.aws_availability_zones.available.names[0]
  key_name      =  aws_key_pair.deployer.key_name
  security_groups = [aws_security_group.awx_sg.id]
  subnet_id     = var.public_subnet[0]
  associate_public_ip_address = true
  user_data = data.template_file.userdataAWX.rendered
  iam_instance_profile = aws_iam_instance_profile.awx.name
  lifecycle {
    ignore_changes              = [ami, user_data_base64,security_groups]
  }
  tags = {
    Name = "${var.environment_name}-awx"
  }
}

user-data dont have any scripts as of now

EC2 Syslog Error:

[FAILED] Failed to mount /data.
See 'systemctl status data.mount' for details.
[DEPEND] Dependency failed for Local File Systems.
[DEPEND] Dependency failed for Relabel all filesystems, if necessary.
[DEPEND] Dependency failed for Migrate local... structure to the new structure.
[DEPEND] Dependency failed for Mark the need to relabel after reboot.
         Starting Preprocess NFS configuration...

Thanks in advance

buildeamazon question
Source
picture jobycxa

All 3 comments

Thanks for reaching out! I've fixed your template and logs format to make it easier to read.
We’ll take a look when we get a chance.

sylviamoss picture sylviamoss on 3 Apr 2020
👍1

My mistake, This caused because of nvme volume type in ec2 c5 family.

jobycxa picture jobycxa on 6 Apr 2020
👍1

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 7 May 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

sourav82 picture sourav82  ·  3Comments
paulcdejean picture paulcdejean  ·  3Comments
wduncanfraser picture wduncanfraser  ·  3Comments
shantanugadgil picture shantanugadgil  ·  3Comments
shashanksinha89 picture shashanksinha89  ·  3Comments