I have a few questions on handling the creation/tear down of an ec2
instance.
I have a role ( its a task atm, but Ill be migrating it over')
- name: dallascowboys | Deployments
include_tasks:
tasks/customer-instance.yml
vars:
customer_name: dallascowboys
customer_ip: '10.99.100.10'
customer_instance_count: 1
customer_eip_state: present
customer_eni_state: present
tags:
- dallascowboys
- name: Customer | Configure ENI
ec2_eni:
state: "{{ customer_eni_state }}"
description: '{{ customer_name }} ENI'
private_ip_address: '{{ customer_ip }}'
region: "{{ vpc_region }}"
security_groups: "{{ secgrp_appliance_id }}"
subnet_id: "{{ public_subnet_id }}"
register: customer_eni
- name: Customer | Configure EIP
ec2_eip:
state: "{{ customer_eip_state }}"
region: "{{ vpc_region }}"
in_vpc: true
device_id: "{{ customer_eni.interface.id }}"
- name: Customer | Configure EC2 Instance
ec2:
key_name: "{{ aws_mfacloud_key }}"
instance_type: t2.medium
image: "{{ mfa_ami }}"
region: "{{ vpc_region }}"
instance_profile_name: '{{ role_appliance_name }}'
network_interfaces: "{{ customer_eni.interface.id }}"
user_data: "{{ lookup('file','windows-remoting') }}"
instance_tags:
Name: ec2-cloudmfa-{{ customer_name }}-prd
Customer: "{{ customer_name }}"
Environment: prd
Patch Group: cloudmfa
Ansible: true
AMI: True
count_tag:
Name: ec2-cloudmfa-{{ customer_name }}-prd
exact_count: "{{ customer_instance_count }}"
register: instance
- name: debug instance
debug:
var: instance
- name: Customer | Grab Password
ec2_win_password:
instance_id: "{{ instance.tagged_instances[0].id }}"
region: "{{ vpc_region }}"
key_file: "~/.ssh/{{ aws_mfacloud_key }}.pem"
wait: yes
wait_timeout: 300
register: winpass
This works OK to spin an instance up, my issue is when I want to destroy
the instance for some reason. I first set count to 0, which causes the job
to fail because the ec2_win_password module. So I run it again, with eip
absent and this works, but again fails on the ec2_win_password. I then run
it a third time with eni absent, and it fails with the following error.
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg":
> "state is absent but all of the following are missing: eni_id"}
My issues are. Is there a better way to create these instances? Its going
to be ~20 or so instances, that are configured the same, but will end up
with different software on them. So I cant just say "spin up 20
instances". Is there a better way to have ec2_win_password only execute
when I have created, or started an instance? As opposed to turned
off/terminated an instance? I assume im missing something obvious about
the tear down of the EIP and ENI as well.
Sorry for the vagueness here, I know im probably missing some info that
would be helpful so please just ask.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a3f01b40-0086-494e-93f6-f9343a1a29c4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
