Can you please share what version of Ansible, the output of your ansible playbook, and how it fails?
Thanks! On Thu, Nov 13, 2014 at 5:59 AM, Dan Vaida <[email protected]> wrote: > Hello all, > > I am creating a VPC with two subnets, a security group and trying to use > those for launching an EC2 with a private IP address from one of the > freshly created subnets. > > The problem seems to be that there is no ordering done by the VPC module > in regards to the CIDRs. If that would be happening, it would enable a more > predictable access of the subnet by using "{{ vpc.subnets[0].id }}" > Right now, this makes the new EC2 instance randomly use one of the created > subnets. > > Another solution could be for the ec2 module to accept the subnet's > CIDR... but then again, what if you have the same CIDR but in another AZ, > that wouldn't work... > > I'm sure the must be a way around this :) > > > vpc.yml > --- > - name: VPC, SG, EC > hosts: localhost > connection: local > gather_facts: False > tasks: > > - name: create the VPC > local_action: > module: ec2_vpc > cidr_block: 10.0.0.0/16 > dns_hostnames: yes > dns_support: yes > instance_tenancy: default > internet_gateway: yes > region: "{{ region }}" > resource_tags: { "Environment": "test" } > route_tables: > - subnets: > - 10.0.0.0/24 > routes: > - dest: 0.0.0.0/0 > gw: igw > state: present > subnets: > - cidr: 10.0.0.0/24 > az: "{{ zone }}" > resource_tags: { "Environment":"test", "Name" : "Public subnet" } > - cidr: 10.0.1.0/24 > az: "{{ zone }}" > resource_tags: { "Environment":"test", "Name" : "Private subnet" > } > wait: yes > register: vpc > - debug: var=vpc > > - include: secgroup.yml > > secgroup.yml > --- > - name: VPC, SG, EC2 > hosts: localhost > connection: local > gather_facts: False > tasks: > > - name: create the security group > local_action: > module: ec2_group > name: "{{ security_group }}" > description: a test EC2 group > vpc_id: "{{ vpc.vpc_id }}" > region: "{{ region }}" > rules: > - proto: all > from_port: 0 > to_port: 65535 > cidr_ip: "{{ myip }}"/32 > rules_egress: > - proto: all > from_port: 0 > to_port: 65535 > cidr_ip: 0.0.0.0/0 > register: secgroup > > - debug: var=secgroup > > - include: ec2prov.yml > > > ec2prov.yml > --- > > - name: VPC, SG, EC2 > hosts: localhost > connection: local > gather_facts: False > tasks: > > - name: spin up the instance > local_action: > module: ec2 > count: 1 > region: "{{ region }}" > zone: "{{ zone }}" > instance_type: "{{ instance_type }}" > image: "{{ ami }}" > ebs_optimized: yes > state: present > group_id: "{{ secgroup.group_id }}" > vpc_subnet_id: "{{ vpc.subnets[0].id }}" > key_name: "{{ keypair }}" > monitoring: yes > assign_public_ip: yes > private_ip: 10.0.0.10 > wait: yes > wait_timeout: 300 > volumes: > - device_name: /dev/xvda > volume_size: 50 > device_type: gp2 > - device_name: /dev/xvdb > volume_size: 80 > device_type: gp2 > ephemeral: ephemeral0 > - device_name: /dev/xvdc > volume_size: 80 > device_type: gp2 > ephemeral: ephemeral1 > register: ec2 > tags: ec2 > > - debug: var=ec2 > > - name: add EIP to the instance > local_action: ec2_eip in_vpc=yes instance_id={{ item.id }} region={{ > region }} > with_items: ec2.instances > register: eip > > - name: add instance to host group > local_action: add_host hostname={{ item.public_ip }} groupname={{ > security_group }} > with_items: eip.results > > - name: tag instance > local_action: ec2_tag resource={{ item.id }} region={{ region }} > state=present > with_items: ec2.instances > args: > tags: > Name: "{{ instance_name }}" > > - name: add instance to local host group > local_action: lineinfile dest=hosts regexp="{{ item.public_ip }}" > insertafter="[launched]" line={{ item.public_ip }} > with_items: eip.results > > - name: wait for the instance to start > local_action: wait_for state=started host={{ item.public_ip }} port=22 > with_items: eip.results > ignore_errors: yes > > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/52a5b293-be6f-44dd-939c-f89d2122d38c%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/52a5b293-be6f-44dd-939c-f89d2122d38c%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgx16jP2pmsSUcDHbupnhDtxhO9P7P9ZjFdGLHAHUEXCKQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
