Home>
I want to achieve

I want to deploy the Rails application created in the local Docker container to the EC2 server of AWS.

The error being displayed

When I execute "bundle exec cap production deploy" in Rails container of docker, the following error appears.

SSHKit::Runner::ExecuteError: Exception while executing as [email protected](IP address): Authentication failed for user [email protected](IP address)

Full error

In trouble

I am investigating from the error content that it is a problem with the SSH key,
We do not have enough knowledge about the key part, and we would like to know the specific cause and solution.
"The key should be passed from docker with the host drive mounted."I also saw an article called
I don't understand the meaning of this sentence, and I can't do anything.

Current Capistrano configuration file Capfile
require "capistrano/setup"
require "capistrano/deploy"
require'capistrano/scm/git'
install_plugin Capistrano::SCM::Git
# add requires
require'capistrano/bundler'
require'capistrano/rbenv'
require'capistrano/rails/assets'
require'capistrano/rails/migrations'
require'capistrano/puma'
# Load custom tasks from `lib/capistrano/tasks` if you have any defined
Dir.glob("lib/capistrano/tasks/*.rake").each {|r| import r}
config/deploy.rb
lock "3.7.0"
# Used to display the Capistrano log
set :application, "myfavrest-app"
# Specify which repository to pull the app from
set :repo_url, "[email protected]:gcp632dsh/myfavrest-app.git"
#Location of source on server
set :deploy_to, "/var/www/apps/myapp"
# Use Ruby via rbenv
set :rbenv_type, :system
set :rbenv_ruby, File.read('.ruby-version').strip
set :rbenv_prefix, "RBENV_ROOT=#{fetch(:rbenv_path)} #{fetch(:rbenv_path)}/bin/rbenv exec"
# Share gems used in application between releases
append :linked_dirs,'.bundle'
# Parallel number of servers
set :bundle_jobs, 2
# Shared resource definition between releases
append :linked_files, "config/master.key"
append :linked_dirs, "log", "tmp/pids", "tmp/cache", "tmp/sockets"
config/deploy/production.rb
# Describe the IP of the EC2 server, the user name to log in to the EC2 server, and the role of the server
server'(IP address)', user:'ec2-user', roles: %w{app db web}
set :ssh_options, {
  # capistrano Command executor's private key
  keys: %w(~/.ssh/id_rsa),
  forward_agent: true,
  auth_methods: %w(publickey)
}
Gemfile (only relevant parts are extracted)
ruby '2.6.5'
gem'rails','~>5.2.4'
gem'mysql2','>= 0.4.4','<0.6.0'
gem'puma','~>3.11'
group :development do
  gem'capistrano-rails'
  gem'capistrano-bundler'
  gem'capistrano-rbenv'
  gem'capistrano-rbenv-vars'
  gem'capistrano3-puma'
end
docker-compose.yml
version: '3'
services:
  db:
    image: mysql:5.7
    command: mysqld --character-set-server=utf8 --collation-server=utf8_unicode_ci
    environment:
       (abridgement)
    volumes:
      -db-volume:/var/lib/mysql
    ports:
      -"3306:3306"
  app:
    build:
      context:.
      dockerfile: ./docker/rails/Dockerfile
    command: bundle exec pumactl start
    tty: true
    stdin_open: true
    volumes:
      -.:/myapp
      -public-data:/myapp/public
      -tmp-data:/myapp/tmp
      -log-data:/myapp/log-sockets:/myapp/tmp/sockets
    privileged: true
    depends_on:
      -db
  web:
    build:
      context:.
      dockerfile: ./docker/nginx/Dockerfile
    ports:
      -'80:80'
    volumes:
      -public-data:/myapp/public
      -tmp-data:/myapp/tmp
      -sockets:/myapp/tmp/sockets
    depends_on:
      -app
volumes:
  db-volume:
  public-data:
  tmp-data:
  log-data:
  sockets:
Referenced information/trials

For the settings of Capistrano, refer to the following article.
Learn how to deploy Rails 5.2 + puma + nginx with Capistrano 3 step by step

Also, guessing from the error content, I think that it is a problem of key setting, refer to the following article,
I corrected the :ssh_options part of deploy/production.rb and ran the deployment again, but the error content did not change.
Tips around ssh-key when deploying with capistrano
→ In this article,"If this is the only thing, I can not get the source code from github, so I need to put my public key on github. Furthermore, when using my ssh-key with ssh-agent, execute the following command in the local environment Need to be done in."Is a state in which nothing can be done at all without knowing what to do specifically. ..

"Where and what key should I put?"
"Do I need to generate a new key?"
And so on, I am confused, and I am investigating little by little.

You can SSH to EC2 through SSH client (Rlogin) (EIP is also fixed IP)
We have also created a deploy directory called var/www/app/myapp.

environment

Ruby 2.6.5
Rails 5.2.4
puma 3.11
EC2 AMI is Amazon Linux 2 (t2.micro)
Host OS: Windows10 Home
I'm building a container using Docker-compose on Virtual Box, and it's working fine, and I can access the app with a browser. (Puma(Rails)+Nginx+Mysql containers exist respectively)

If i have any questions or lack of information, please kindly let us know and we would appreciate it if you could tell us.
We are continuously studying and investigating the key, but we would like to ask for your cooperation.

  • Answer # 1

    For the time being, the permissions on the local .ssh directory and private key are overkill.
    Set the .ssh directory to 700 (drwx------) and the private key to 600 or 400.

    chmod 700 ~/.ssh
    chmod 600 ~/.ssh/id_rsa
    chmod 600 ~/.ssh/myportfolio-ssh-key.pem

    If you get Permission denied with SSH

    This may not be the only reason, but for the time being.

    The reference site is clearly lacking in explanation, so why not take a look at it?

Related articles