Python Fabric and Amazon EC2 : Sudo password asked

Question

You know that on EC2, there is no password associated with "ubuntu" user. With the following lines, if I try to run :

fab development install_dir

I get :

[ec2-46-51-132-252.eu-west-1.compute.amazonaws.com] sudo: chown -R webadmin:webadmin /var/www [ec2-46-51-132-252.eu-west-1.compute.amazonaws.com] Login password:

I tried to add shell=False to sudo method (according to Can I prevent fabric from prompting me for a sudo password?), but it doesn't change anything

Any idea ? Thanks a lot !

def development():
    env.envname = 'development'
    env.user = 'ubuntu'
    env.group = 'ubuntu'
    env.chuser = 'webadmin'
    env.chgroup = 'webadmin'
    env.hosts = ['ec2-***.eu-west-1.compute.amazonaws.com']
    env.envname_abriev = 'dev'
    env.key_filename = '/home/xx/.ssh/xx.pem'

    env.postgresql_version = '9.0'

def install_dir():
    if not exists('/var/www'):
        sudo('mkdir /var/www')
    sudo('chown -R %s:%s /var/www' % (env.chuser, env.chgroup))

Answer 1

Download (or create) a keypair file from aws as shown below

Create a file called fabfile.py and set its contents as follows:

from fabric.context_managers import cd
from fabric.operations import sudo
from fabric.api import run, env
import os

HOME = os.getenv('HOME')

env.user = 'ubuntu'
env.hosts = ['PUBLICDNS.ap-southeast-1.compute.amazonaws.com','ANOTHERSERVER.compute.amazonaws.com'] #can add multiple instances
env.key_filename = [
'%s/<your-keypair-file>.pem'%HOME
     ] #assuming keypair file is located in HOME

#example code we want to run on remote machine
def update():
    with cd('/var/www'):
            sudo('svn update')
                 with cd ('/var/www/cache'):
                       run('rm -rf *')
    sudo('service lighttpd restart')

To run the file, type fab update in the terminal.

Answer 2

You need to specify keypair file name associated with your EC2 instance while running fab command.

Usage: fab [options] <command>[:arg1,arg2=val2,host=foo,hosts='h1;h2',...] ...

Options:

-R ROLES, --roles=ROLES
                    comma-separated list of roles to operate on

-i KEY_FILENAME       path to SSH private key file. May be repeated.