[ansible-project] Re: Confused By EC2 Dynamic Inventory

Mon, 29 Aug 2016 11:00:07 -0700 

Provide the whole "ansible-playbook" command line you're invoking.

On Monday, August 29, 2016 at 10:25:01 AM UTC-4, Jon Forrest wrote:
>
> I'm 90% done with a problem. The remaining 10% requires using 
> EC2 dynamic inventory, but I'm missing something important. 
> I'm creating two instances ('frontend' and 'backend') where 
> backend only allows SSH access from frontend, and nowhere else. 
> Backend runs MySQL so I want to limit MySQL logins 
> to only from frontend. This is trivial to do manually 
> but I want to do it from an Ansible playbook. 
>
> There are 2 things I still need to do: 
>
> 1) Add a rule to the security group used by backend to 
> allow access for SSH and MySQL only from frontend. 
>
> 2) Without using dynamic inventory I've had to populate 
> the hosts file with lines like: 
>
> frontend ansible_ssh_host=52.32.251.105 
> backend ansible_ssh_host=52.27.199.119 
>
> I'd want to somehow do this dynamically. 
>
> I've looked at both the Ansible docs and an excellent page 
> at https://djaodjin.com/blog/deploying-on-ec2-with-ansible.blog.html 
> (see below) but I'm not seeing how to accomplish these 2 tasks. 
>
> I know about the ec2.py script, which I can successfully run manually, 
> but I don't know how to incorporate what it produces into a playbook. 
>
> I'd appreciate any help. 
>
> Cordially, 
> Jon Forrest 
>
> P.S. What I'm confused about in the djaodjin page is where he lists 
> basic-delete.yml and shows this line: 
>
> hosts: security_group_*my-security-group*    # <-- MAGIC IS HERE! 
>
> I'm guessing that somehow this is invoking the ec2.py script but I 
> don't see how. 
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/598c955a-e8f4-41f7-8723-631f7f5faefa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to