brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From andreaturli <>
Subject [GitHub] brooklyn-docs pull request #237: instructions for using a keypair in AWS
Date Thu, 16 Nov 2017 09:10:34 GMT
Github user andreaturli commented on a diff in the pull request:
    --- Diff: guide/locations/ ---
    @@ -43,6 +43,51 @@ Below are examples of configuration options that use values specific
to AWS EC2:
       For example, `securityGroups: mygroup1` or `securityGroups: [ mygroup1, mygroup2 ]`.
    +### Using a Registered Key Pair
    +You can specify a `keyPair` to use for initial provisioning as a configuration option.
    +If this is omitted, Brooklyn will use jclouds to create a new ad hoc key pair at AWS
    +for that machine, and it will delete it afterwards.  This is usually seamless and
    +occurs behind the scenes, with the post-provision user set up and configured as normal
    +for all locations.  However if you are optimizing for creation of many machines,
    +or you are using an image where keypair installation is not reliable (such as [some
    +RightImages](, then you may wish
    +to use a registered key pair.
    +First, in the AWS Console, open the EC2 service in the region you are interested in,
    +then click "Key Pairs" at the left.  For `us-east-1`, the link is 
    +Click "Create Key Pair" (or "Import Key Pair" if you want to provide a public key) and
    +follow the instructions.
    +Then define your location as follows for `aws-us-east-1`.  Make sure to replace the
    +`XXXX` sections with the key-pair name defined above and the corresponding private key
    +  version: "1.0"
    +  itemType: location
    +  items:
    +  - id: aws-base
    +    item:
    +      type: jclouds:aws-ec2
    +      brooklyn.config:
    +        identity: XXXXXXXXXXXXXXXX
    +  - id: aws-us-east-1
    +    item:
    +      type: aws-base
    +      region: us-east-1
    +      keyPair: XXXXXXXXX
    +      login.privateKeyData: |
    --- End diff --
    isn't `loginUser.privateKeyData`? there is also `loginUser.privateKeyFile` which can maybe
be more convenient in some cases.


View raw message