I have just started using Brooklyn and I am trying to get the example from the deploying blueprints page working fully through my AWS account.
The Maven build completed successfully and I can successfully launch the Brooklyn Web UI from ~/apache-brooklyn-0.7.0-M2-incubating/usage/dist/target/brooklyn-dist using the steps on the running Brooklyn page.
When I launch the blueprint, I can see all the VMs launching in my AWS Console UI. I can also see the key pairs and security groups created. But the blueprint eventually fails because (I believe) Brooklyn cannot ssh into the VMs, see the first log output below. I assume Brooklyn attempts to login to the VMs using the created key pairs somehow?
Based on the info in the locations page, I created a ~/.brooklyn/brooklyn.properties file and added the following configuration:
brooklyn.location.jclouds.aws-ec2.identity = MyAwsAccessKeyID
brooklyn.location.jclouds.aws-ec2.credential = MyAwsSecretAccessKey
brooklyn.location.jclouds.aws-ec2.privateKeyFile = /home/username/key4brooklyn.pem
I created the key4brooklyn.pemfile from the AWS Console UI and restarted Brooklyn however the blueprint still does not work, it creates the VMs but cannot access the VMs, see log output below.
2015-03-02 23:31:27,295 INFO Starting MySqlNodeImpl{id=lzJhHxwD}, obtaining a new location instance in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2] with ports [22, 3306]
2015-03-02 23:31:27,369 INFO Starting NginxControllerImpl{id=QYRLgQPh}, obtaining a new location instance in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2] with ports [22, 8000]
2015-03-02 23:31:27,612 INFO Resize DynamicWebAppClusterImpl{id=iJNs2ltC} from 0 to 1
2015-03-02 23:31:28,830 INFO Starting JBoss7ServerImpl{id=MWMGwHXx}, obtaining a new location instance in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2] with ports [22, 9443, 10999, 8443, 8080, 9990]
2015-03-02 23:31:37,870 INFO Creating VM aws-ec2@MySqlNodeImpl{id=lzJhHxwD} in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2]
2015-03-02 23:31:38,508 INFO Creating VM aws-ec2@JBoss7ServerImpl{id=MWMGwHXx} in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2]
2015-03-02 23:31:38,983 INFO Creating VM aws-ec2@NginxControllerImpl{id=QYRLgQPh} in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2]
2015-03-02 23:34:55,349 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@MySqlNodeImpl {id=lzJhHxwD}
2015-03-02 23:34:55,353 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@JBoss7ServerImpl {id=MWMGwHXx}
2015-03-02 23:34:55,351 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@NginxControllerImpl {id=QYRLgQPh}
I am using Ubuntu 14.04 with Oracle Java 7 installed, it is a VirtualBox VM.
Looking at the log output, the problem is here:
2015-03-02 23:34:55,349 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@MySqlNodeImpl {id=lzJhHxwD}
The privateKeyFile configuration key needs to specify an id_rsa or id_dsa style key pair in two files. The corresponding *.pub file will be auto-detected if publicKeyFile is not configured. There are better instructions for creating an ssh key available. It is confusing and better error reporting around keys (including fail-fast) is in the latest SNAPSHOT builds and will be included in the M3 milestone release. Also note that the id_rsa file must have one and only one private key and must not contain the public key. Tedious that there are so many formats!
The ~/.ssh/id_rsa or other configured key-pair is just used by Brooklyn for setting up ssh access to the VM after it is provisioned. By default, jclouds (which we use under the covers) will create a temporary AWS key-pair to get initial access to the VM. We'll then automatically add the ~/.ssh/id_rsa.pub to the VM's ~/.ssh/authorized_keys (creating a user on the VM that by default has the same name as the user who is running the Brooklyn process).
The key4brooklyn.pem file you downloaded is the private part of the AWS key-pair. By default, this will not be used because jclouds will create its own key-pair.
If you wanted jclouds to use your pre-existing key pair then you'd have to use the following configuration setting:
brooklyn.location.jclouds.aws-ec2.keyPair = MyKeypairName
Where MyKeypairName is the name of the key-pair according to AWS.