I have a few questions on handling the creation/tear down of an ec2
instance.
I have a role ( its a task atm, but Ill be migrating it over')
- name: dallascowboys | Deployments
include_tasks:
tasks/customer-instance.yml
vars:
customer_name: dallascowboys
customer_ip: '10.99.100.10'
customer_instance_count: 1
customer_eip_state: present
customer_eni_state: present
tags:
- dallascowboys
- name: Customer | Configure ENI
ec2_eni:
state: "{{ customer_eni_state }}"
description: '{{ customer_name }} ENI'
private_ip_address: '{{ customer_ip }}'
region: "{{ vpc_region }}"
security_groups: "{{ secgrp_appliance_id }}"
subnet_id: "{{ public_subnet_id }}"
register: customer_eni
- name: Customer | Configure EIP
ec2_eip:
state: "{{ customer_eip_state }}"
region: "{{ vpc_region }}"
in_vpc: true
device_id: "{{ customer_eni.interface.id }}"
- name: Customer | Configure EC2 Instance
ec2:
key_name: "{{ aws_mfacloud_key }}"
instance_type: t2.medium
image: "{{ mfa_ami }}"
region: "{{ vpc_region }}"
instance_profile_name: '{{ role_appliance_name }}'
network_interfaces: "{{ customer_eni.interface.id }}"
user_data: "{{ lookup('file','windows-remoting') }}"
instance_tags:
Name: ec2-cloudmfa-{{ customer_name }}-prd
Customer: "{{ customer_name }}"
Environment: prd
Patch Group: cloudmfa
Ansible: true
AMI: True
count_tag:
Name: ec2-cloudmfa-{{ customer_name }}-prd
exact_count: "{{ customer_instance_count }}"
register: instance
- name: debug instance
debug:
var: instance
- name: Customer | Grab Password
ec2_win_password:
instance_id: "{{ instance.tagged_instances[0].id }}"
region: "{{ vpc_region }}"
key_file: "~/.ssh/{{ aws_mfacloud_key }}.pem"
wait: yes
wait_timeout: 300
register: winpass
This works OK to spin an instance up, my issue is when I want to destroy
the instance for some reason. I first set count to 0, which causes the job
to fail because the ec2_win_password module. So I run it again, with eip
absent and this works, but again fails on the ec2_win_password. I then run
it a third time with eni absent, and it fails with the following error.
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg":
> "state is absent but all of the following are missing: eni_id"}
My issues are. Is there a better way to create these instances? Its going
to be ~20 or so instances, that are configured the same, but will end up
with different software on them. So I cant just say "spin up 20
instances". Is there a better way to have ec2_win_password only execute
when I have created, or started an instance? As opposed to turned
off/terminated an instance? I assume im missing something obvious about
the tear down of the EIP and ENI as well.
Sorry for the vagueness here, I know im probably missing some info that
would be helpful so please just ask.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a3f01b40-0086-494e-93f6-f9343a1a29c4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
