ansible --version
ansible 1.8 (devel e564a8ca3f) last updated 2014/11/13 12:08:11 (GMT +200)
lib/ansible/modules/core: (detached HEAD 63e81cfc2e) last updated
2014/10/30 15:43:29 (GMT +200)
lib/ansible/modules/extras: (detached HEAD a0df36c6ab) last updated
2014/10/30 15:43:35 (GMT +200)
v2/ansible/modules/core: (detached HEAD cb69744bce) last updated
2014/10/30 15:43:42 (GMT +200)
v2/ansible/modules/extras: (detached HEAD 8a4f07eecd) last updated
2014/10/30 15:43:54 (GMT +200)
configured module search path = None
I tried doing the VPC creation with only the Subnet that is meant for a
batch of EC2 instances. This worked nicely for the "{{ vpc.subnets[0].id }}"
Then I called the same VPC playbook but this time also with the second
Subnet that is meant for another batch of EC2 instances. This way I managed
to achieve predictability.
This of course is just a dirty workaround as it will work only once because
of the subsequent runs (lack of a Subnet in the VPC module *deletes* the
Subnet if it exists and not used).
On Thursday, 13 November 2014 11:59:30 UTC+1, Dan Vaida wrote:
>
> Hello all,
>
> I am creating a VPC with two subnets, a security group and trying to use
> those for launching an EC2 with a private IP address from one of the
> freshly created subnets.
>
> The problem seems to be that there is no ordering done by the VPC module
> in regards to the CIDRs. If that would be happening, it would enable a more
> predictable access of the subnet by using "{{ vpc.subnets[0].id }}"
> Right now, this makes the new EC2 instance randomly use one of the created
> subnets.
>
> Another solution could be for the ec2 module to accept the subnet's
> CIDR... but then again, what if you have the same CIDR but in another AZ,
> that wouldn't work...
>
> I'm sure the must be a way around this :)
>
>
> vpc.yml
> ---
> - name: VPC, SG, EC
> hosts: localhost
> connection: local
> gather_facts: False
> tasks:
>
> - name: create the VPC
> local_action:
> module: ec2_vpc
> cidr_block: 10.0.0.0/16
> dns_hostnames: yes
> dns_support: yes
> instance_tenancy: default
> internet_gateway: yes
> region: "{{ region }}"
> resource_tags: { "Environment": "test" }
> route_tables:
> - subnets:
> - 10.0.0.0/24
> routes:
> - dest: 0.0.0.0/0
> gw: igw
> state: present
> subnets:
> - cidr: 10.0.0.0/24
> az: "{{ zone }}"
> resource_tags: { "Environment":"test", "Name" : "Public subnet" }
> - cidr: 10.0.1.0/24
> az: "{{ zone }}"
> resource_tags: { "Environment":"test", "Name" : "Private subnet"
> }
> wait: yes
> register: vpc
> - debug: var=vpc
>
> - include: secgroup.yml
>
> secgroup.yml
> ---
> - name: VPC, SG, EC2
> hosts: localhost
> connection: local
> gather_facts: False
> tasks:
>
> - name: create the security group
> local_action:
> module: ec2_group
> name: "{{ security_group }}"
> description: a test EC2 group
> vpc_id: "{{ vpc.vpc_id }}"
> region: "{{ region }}"
> rules:
> - proto: all
> from_port: 0
> to_port: 65535
> cidr_ip: "{{ myip }}"/32
> rules_egress:
> - proto: all
> from_port: 0
> to_port: 65535
> cidr_ip: 0.0.0.0/0
> register: secgroup
>
> - debug: var=secgroup
>
> - include: ec2prov.yml
>
>
> ec2prov.yml
> ---
>
> - name: VPC, SG, EC2
> hosts: localhost
> connection: local
> gather_facts: False
> tasks:
>
> - name: spin up the instance
> local_action:
> module: ec2
> count: 1
> region: "{{ region }}"
> zone: "{{ zone }}"
> instance_type: "{{ instance_type }}"
> image: "{{ ami }}"
> ebs_optimized: yes
> state: present
> group_id: "{{ secgroup.group_id }}"
> vpc_subnet_id: "{{ vpc.subnets[0].id }}"
> key_name: "{{ keypair }}"
> monitoring: yes
> assign_public_ip: yes
> private_ip: 10.0.0.10
> wait: yes
> wait_timeout: 300
> volumes:
> - device_name: /dev/xvda
> volume_size: 50
> device_type: gp2
> - device_name: /dev/xvdb
> volume_size: 80
> device_type: gp2
> ephemeral: ephemeral0
> - device_name: /dev/xvdc
> volume_size: 80
> device_type: gp2
> ephemeral: ephemeral1
> register: ec2
> tags: ec2
>
> - debug: var=ec2
>
> - name: add EIP to the instance
> local_action: ec2_eip in_vpc=yes instance_id={{ item.id }} region={{
> region }}
> with_items: ec2.instances
> register: eip
>
> - name: add instance to host group
> local_action: add_host hostname={{ item.public_ip }} groupname={{
> security_group }}
> with_items: eip.results
>
> - name: tag instance
> local_action: ec2_tag resource={{ item.id }} region={{ region }}
> state=present
> with_items: ec2.instances
> args:
> tags:
> Name: "{{ instance_name }}"
>
> - name: add instance to local host group
> local_action: lineinfile dest=hosts regexp="{{ item.public_ip }}"
> insertafter="[launched]" line={{ item.public_ip }}
> with_items: eip.results
>
> - name: wait for the instance to start
> local_action: wait_for state=started host={{ item.public_ip }} port=22
> with_items: eip.results
> ignore_errors: yes
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/dce446a3-9cc2-4984-bda2-031413d1f846%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
