I have a few questions on handling the creation/tear down of an ec2 instance.
I have a role ( its a task atm, but Ill be migrating it over') - name: dallascowboys | Deployments include_tasks: tasks/customer-instance.yml vars: customer_name: dallascowboys customer_ip: '10.99.100.10' customer_instance_count: 1 customer_eip_state: present customer_eni_state: present tags: - dallascowboys - name: Customer | Configure ENI ec2_eni: state: "{{ customer_eni_state }}" description: '{{ customer_name }} ENI' private_ip_address: '{{ customer_ip }}' region: "{{ vpc_region }}" security_groups: "{{ secgrp_appliance_id }}" subnet_id: "{{ public_subnet_id }}" register: customer_eni - name: Customer | Configure EIP ec2_eip: state: "{{ customer_eip_state }}" region: "{{ vpc_region }}" in_vpc: true device_id: "{{ customer_eni.interface.id }}" - name: Customer | Configure EC2 Instance ec2: key_name: "{{ aws_mfacloud_key }}" instance_type: t2.medium image: "{{ mfa_ami }}" region: "{{ vpc_region }}" instance_profile_name: '{{ role_appliance_name }}' network_interfaces: "{{ customer_eni.interface.id }}" user_data: "{{ lookup('file','windows-remoting') }}" instance_tags: Name: ec2-cloudmfa-{{ customer_name }}-prd Customer: "{{ customer_name }}" Environment: prd Patch Group: cloudmfa Ansible: true AMI: True count_tag: Name: ec2-cloudmfa-{{ customer_name }}-prd exact_count: "{{ customer_instance_count }}" register: instance - name: debug instance debug: var: instance - name: Customer | Grab Password ec2_win_password: instance_id: "{{ instance.tagged_instances[0].id }}" region: "{{ vpc_region }}" key_file: "~/.ssh/{{ aws_mfacloud_key }}.pem" wait: yes wait_timeout: 300 register: winpass This works OK to spin an instance up, my issue is when I want to destroy the instance for some reason. I first set count to 0, which causes the job to fail because the ec2_win_password module. So I run it again, with eip absent and this works, but again fails on the ec2_win_password. I then run it a third time with eni absent, and it fails with the following error. fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": > "state is absent but all of the following are missing: eni_id"} My issues are. Is there a better way to create these instances? Its going to be ~20 or so instances, that are configured the same, but will end up with different software on them. So I cant just say "spin up 20 instances". Is there a better way to have ec2_win_password only execute when I have created, or started an instance? As opposed to turned off/terminated an instance? I assume im missing something obvious about the tear down of the EIP and ENI as well. Sorry for the vagueness here, I know im probably missing some info that would be helpful so please just ask. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a3f01b40-0086-494e-93f6-f9343a1a29c4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.