Support Questions

Find answers, ask questions, and share your expertise

AWS APACHE SPOT: Cloudera director bootstrap failing with key error

avatar
Explorer

Hi,

 

I am new to Cloudera and am trying to use the Cloudera director to spin up an AWS cluster to test Apache Spot in accordance with the instructions given here -

 

https://blog.cloudera.com/blog/2018/02/apache-spot-incubating-and-cloudera-on-aws-in-60-minutes/

 

Having installed the Cloudera director according to the instructions mentioned above, the bootstrap command

"cloudera-director bootstrap spot-director.conf"

 

fails for me with the following message in the logs (taken from~/.cloudera-director/logs/application.log) -

 

[2018-06-01 18:59:27.127 +0000] ERROR [main] - c.c.l.commands.BootstrapCommand: Failed to parse environment configuration
java.lang.IllegalArgumentException: Please provide either a password or a private key
at com.google.common.base.Preconditions.checkArgument(Preconditions.java:122)
at com.cloudera.launchpad.common.ssh.SshCredentials.<init>(SshCredentials.java:80)
at com.cloudera.launchpad.common.ssh.SshCredentialsBuilder.build(SshCredentialsBuilder.java:94)
at com.cloudera.launchpad.templates.ConfigToSshCredentials.apply(ConfigToSshCredentials.java:92)

 

The spot-director.conf references the location of my private key for ssh -

----

ssh {
username: ec2-user # for RHEL image
privateKey: ${?path_to_private_key} # with an absolute path to .pem file
}

-----
And I confirmed that the environment variable is set -

ubuntu@ip-172-31-28-149:~/apache-spot-60-min$ echo $path_to_private_key
/home/ubuntu/.ssh/id_rsa

 

Any idea what could be going wrong here ? Any help would be appreciated !

1 ACCEPTED SOLUTION

avatar
Super Collaborator

Hi sg321,

 

Your configuration appears correct, including the substitution of the environment variable for the private key path.

 

It's true that Director will not accept SSH credentials that have neither a password nor a private key defined.

 

My first guess is that, despite your check that the "path_to_private_key" environment variable is set, it still isn't visible to the Director process. If it isn't visible, then the substitution using ${?path_to_private_key} doesn't happen, and the entire "privateKey" property is left out; that fits the symptoms here. Try changing the substitution to only ${path_to_private_key}, without the question mark; this way, if the substitution cannot be made, parsing will fail with an error.

 

Reference for HOCON substitution rules: https://github.com/lightbend/config/blob/master/HOCON.md#substitutions

 

My second guess is that the ssh section you posted may be nested at the wrong location in the HOCON configuration file, and the parser is actually looking elsewhere. Is it possible for you to post your entire spot-director.conf file? If so, please do remove any passwords or other sensitive information from it.

View solution in original post

3 REPLIES 3

avatar
Super Collaborator

Hi sg321,

 

Your configuration appears correct, including the substitution of the environment variable for the private key path.

 

It's true that Director will not accept SSH credentials that have neither a password nor a private key defined.

 

My first guess is that, despite your check that the "path_to_private_key" environment variable is set, it still isn't visible to the Director process. If it isn't visible, then the substitution using ${?path_to_private_key} doesn't happen, and the entire "privateKey" property is left out; that fits the symptoms here. Try changing the substitution to only ${path_to_private_key}, without the question mark; this way, if the substitution cannot be made, parsing will fail with an error.

 

Reference for HOCON substitution rules: https://github.com/lightbend/config/blob/master/HOCON.md#substitutions

 

My second guess is that the ssh section you posted may be nested at the wrong location in the HOCON configuration file, and the parser is actually looking elsewhere. Is it possible for you to post your entire spot-director.conf file? If so, please do remove any passwords or other sensitive information from it.

avatar
Explorer

Hi Bill,

 

Thanks for the hint!

Careless error on my part where I forgot to "export" the environment variables in my environment variable file. 

 

I was going crazy trying to check if the permissions on my private key were correct etc, whether I needed to run the director from a different user account etc. 

 

The problem has been resolved.

avatar
Super Collaborator

Great! Thanks for the follow-up.