Hello Ananda,
Is your number of processes (containers in your case) static? What about
the ports? do they have a particular generation rule that matters to you?
On Friday, 7 November 2014 16:08:51 UTC+1, Ananda Debnath wrote:
>
> Thanks for looking Michael,
>
> I was looking for an intuitive way for expressing nested variables in this
> use case.
>
> In my group vars, I specify 3 ec2 region/ami specs:
> ec2_specs:
> - { region: "us-east-1", ami: "ami-b66ed3de", count: 1, type: "t2.micro"
> }
> - { region: "us-west-1", ami: "ami-b56e64f0", count: 2, type: "t2.micro"
> }
> - { region: "sa-east-1", ami: "ami-9337828e", count: 1, type: "t2.micro"
> }
>
> I want to spin up *count* instances of each ami. In *each* of them I want
> to setup N separate processes that run on different ports:
> process_ports:
> - { name: "Process_A", hostport: "1443" }
> - { name: "Process_B", hostport: "2974" }
> - { name: "Process_C", hostport: "3555" }
>
> To make sure these ports are accessible from the outside world I need to
> set up ec2 security groups for these instances. *How can I express this
> by using my group vars rather than hard coding them as I have done below?*
>
> - name: Setup AWS EC2 Security group
> ec2_group:
> name: microserver_security_group
> description: "Security group for microservices"
> region: "{{ item.region }}"
> rules:
> - proto: tcp
> from_port: 22
> to_port: 22
> cidr_ip: 0.0.0.0/0
> - proto: tcp
>
>
> * from_port: 1443 to_port: 1443* cidr_ip: 0.0.0.0/0
> - proto: tcp
>
>
> * from_port: 2754 to_port: 2754* cidr_ip: 0.0.0.0/0
> - proto: tcp
>
>
> * from_port: 3555 to_port: 3555* cidr_ip: 0.0.0.0/0
> rules_egress:
> - proto: all
> cidr_ip: 0.0.0.0/0
> with_items: *ec2_specs*
>
> Using nesting variables trivially doesn't work:
>
> - name: Setup AWS EC2 Security group
> ec2_group:
> name: microserver_security_group
> description: "Security group for microservices"
> region: "{{ item[0].region }}"
> rules:
> - proto: tcp
> from_port: 22
> to_port: 22
> cidr_ip: 0.0.0.0/0
> - proto: tcp
>
> * from_port: "{{ item[1].hostport }}" to_port: *
> *"{{ item[1].hostport }}"* cidr_ip: 0.0.0.0/0
> rules_egress:
> - proto: all
> cidr_ip: 0.0.0.0/0
> with_nested:
> * - ec2_specs*
> * - process_ports*
>
> This simply causes 3 separate runs of the same ec2_group command and I end
> up with a single security group in each region where only the last hostport
> is exposed (each run overwriting the previous run).
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/bf672a5e-ab59-459b-ac90-546e162466b3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
