amazon.aws
amazon.aws copied to clipboard
ansible-collections
ec2_instance - updating user_data doesn't work
Summary
When attempting to add user data to an ec2 instance via the user_data parameter, the output returns as successful, however the user data is never actually written to the instance.
Issue Type
Bug Report
Component Name
ec2_instance
Ansible Version
$ ansible --version
ansible 2.9.6
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 3.8.10 (default, Nov 26 2021, 20:14:08) [GCC 9.3.0]
Collection Versions
$ ansible-galaxy collection list
usage: ansible-galaxy collection [-h] COLLECTION_ACTION ...
ansible-galaxy collection: error: argument COLLECTION_ACTION: invalid choice: 'list' (choose from 'init', 'build', 'publish', 'install')
$ ansible-galaxy collection install amazon.aws -vvv
ansible-galaxy 2.9.6
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
executable location = /usr/bin/ansible-galaxy
python version = 3.8.10 (default, Nov 26 2021, 20:14:08) [GCC 9.3.0]
Using /etc/ansible/ansible.cfg as config file
Found installed collection community.crypto:1.9.5 at '/home/user/.ansible/collections/ansible_collections/community/crypto'
Found installed collection community.aws:2.0.0 at '/home/user/.ansible/collections/ansible_collections/community/aws'
Found installed collection amazon.aws:2.0.0 at '/home/user/.ansible/collections/ansible_collections/amazon/aws'
Process install dependency map
Opened /home/user/.ansible/galaxy_token
Processing requirement collection 'amazon.aws'
Collection 'amazon.aws' obtained from server default https://galaxy.ansible.com/api/
Starting collection install process
Skipping 'amazon.aws' as it is already installed
AWS SDK versions
$ pip show boto boto3 botocore
Name: boto
Version: 2.49.0
Summary: Amazon Web Services Library
Home-page: https://github.com/boto/boto/
Author: Mitch Garnaat
Author-email: [email protected]
License: MIT
Location: /home/user/.local/lib/python3.8/site-packages
Requires:
Required-by:
---
Name: boto3
Version: 1.20.17
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /home/user/.local/lib/python3.8/site-packages
Requires: botocore, jmespath, s3transfer
Required-by:
---
Name: botocore
Version: 1.23.17
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /home/user/.local/lib/python3.8/site-packages
Requires: jmespath, python-dateutil, urllib3
Required-by: boto3, s3transfer
Configuration
$ ansible-config dump --only-changed
$ #command returned no output
OS / Environment
ansible server (aka, localhost):
$ cat /etc/os-release
NAME="Linux Mint"
VERSION="20.3 (Una)"
ID=linuxmint
ID_LIKE=ubuntu
PRETTY_NAME="Linux Mint 20.3"
VERSION_ID="20.3"
HOME_URL="https://www.linuxmint.com/"
SUPPORT_URL="https://forums.linuxmint.com/"
BUG_REPORT_URL="http://linuxmint-troubleshooting-guide.readthedocs.io/en/latest/"
PRIVACY_POLICY_URL="https://www.linuxmint.com/"
VERSION_CODENAME=una
UBUNTU_CODENAME=focal
ansible target system (aka aws):
$ cat /etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
Steps to Reproduce
- hosts: aws
tasks:
- name: set ec2 user data
vars:
- ansible_python_interpreter: /usr/bin/python3
delegate_to: localhost
amazon.aws.ec2_instance:
instance_ids: "{{ ansible_instance_id }}"
user_data: "echo hi"
state: present
- Confirm that there is no user data set on the ec2 instance.
- Run the play above.
Expected Results
User data is set on the ec2 instance. Playbook output should report as changed=1.
Actual Results
ansible-playbook ./debug.yml -i ./env/aws/ --check -c eci
PLAY [aws] ************************************************************************************************************************************************************************
TASK [set ec2 user data] **********************************************************************************************************************************************************
ok: [aws -> localhost]
PLAY RECAP ************************************************************************************************************************************************************************
aws : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
AWS console shows that no user data is set on the instance. The playbook output reports ok=1, indicating no changes were made. (which I guess is technically accurate since it didn't actually make the change...)
Code of Conduct
- [X] I agree to follow the Ansible Code of Conduct
Files identified in the description:
- [
plugins/modules/ec2_instance.py](https://github.com/['ansible-collections/amazon.aws', 'ansible-collections/community.aws', 'ansible-collections/community.vmware']/blob/main/plugins/modules/ec2_instance.py)
If these files are inaccurate, please update the component name section of the description or use the !component bot command.
Hi @charltonstanley, thank you for bringing this up. If my understanding is correct, user_data can only be set when a new instance is created. Since it is an immutable parameter, you cannot set or change it on an already existing instance.Could you try to set it when you try to create a new instance and let us know please?
Hi @alinabuzachis thanks for responding!
If my understanding is correct, user_data can only be set when a new instance is created.
According to the AWS documentation, it should be possible to modify and ec2 instance's user data—the instance just needs to be stopped in order to modify it. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html#user-data-view-change These steps do work from within the AWS console; are you saying that this is it not available via the api?
Could you try to set it when you try to create a new instance and let us know please?
I tried what you said and it worked to set user_data on instance launch/creation. Here is what worked:
---
- hosts: localhost
tasks:
- name: set ec2 user data
become: false
vars:
- ansible_python_interpreter: /usr/bin/python3
amazon.aws.ec2_instance:
name: "ansible-ec2-creation-test"
user_data: "echo hostname"
state: present
aws_profile: dev
image_id: ami-01dcdbd83c7e846ec
I'm not sure I understand the use case here. While user_data can be modified on a stopped instance, user_data scripts are not rerun after instance launch.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html#user-data-console
If you have a PR that solves this we would consider it but it would need to cautious of not triggering an instance stop/start in an unexpected way for users.
I re-read the documentation and I found what you were referencing @jillr.
The new user data is visible on your instance after you restart it; however, user data scripts are not run.
I missed this in my previous read of the documentation. Being that I was able to prove in https://github.com/ansible-collections/amazon.aws/issues/650#issuecomment-1039396713 that user data is properly set on launch/creation, this all seems to be working properly and as expected. It might be helpful to update the documentation of the module itself to reflect this. If this is acceptable, is this something that I could submit a PR for?
@charltonstanley if you could open a PR to update the module's documentation that would be great!