ansible --version
ansible 1.8 (devel e564a8ca3f) last updated 2014/11/13 12:08:11 (GMT +200)
lib/ansible/modules/core: (detached HEAD 63e81cfc2e) last updated
2014/10/30 15:43:29 (GMT +200)
lib/ansible/modules/extras: (detached HEAD a0df36c6ab) last updated
2014/10/30 15:43:35 (GMT +200)
v2/ansible/modules/core: (detached HEAD cb69744bce) last updated
2014/10/30 15:43:42 (GMT +200)
v2/ansible/modules/extras: (detached HEAD 8a4f07eecd) last updated
2014/10/30 15:43:54 (GMT +200)
configured module search path = None
I tried doing the VPC creation with only the Subnet that is meant for a
batch of EC2 instances. This worked nicely for the "{{ vpc.subnets[0].id }}"
Then I called the same VPC playbook but this time also with the second
Subnet that is meant for another batch of EC2 instances. This way I managed
to achieve predictability.
This of course is just a dirty workaround as it will work only once because
of the subsequent runs (lack of a Subnet in the VPC module *deletes* the
Subnet if it exists and not used).
On Thursday, 13 November 2014 11:59:30 UTC+1, Dan Vaida wrote:
>
> Hello all,
>
> I am creating a VPC with two subnets, a security group and trying to use
> those for launching an EC2 with a private IP address from one of the
> freshly created subnets.
>
> The problem seems to be that there is no ordering done by the VPC module
> in regards to the CIDRs. If that would be happening, it would enable a more
> predictable access of the subnet by using "{{ vpc.subnets[0].id }}"
> Right now, this makes the new EC2 instance randomly use one of the created
> subnets.
>
> Another solution could be for the ec2 module to accept the subnet's
> CIDR... but then again, what if you have the same CIDR but in another AZ,
> that wouldn't work...
>
> I'm sure the must be a way around this :)
>
>
> vpc.yml
> ---
> - name: VPC, SG, EC
> hosts: localhost
> connection: local
> gather_facts: False
> tasks:
>
> - name: create the VPC
> local_action:
> module: ec2_vpc
> cidr_block: 10.0.0.0/16
> dns_hostnames: yes
> dns_support: yes
> instance_tenancy: default
> internet_gateway: yes
> region: "{{ region }}"
> resource_tags: { "Environment": "test" }
> route_tables:
> - subnets:
> - 10.0.0.0/24
> routes:
> - dest: 0.0.0.0/0
> gw: igw
> state: present
> subnets:
> - cidr: 10.0.0.0/24
> az: "{{ zone }}"
> resource_tags: { "Environment":"test", "Name" : "Public subnet" }
> - cidr: 10.0.1.0/24
> az: "{{ zone }}"
> resource_tags: { "Environment":"test", "Name" : "Private subnet"
> }
> wait: yes
> register: vpc
> - debug: var=vpc
>
> - include: secgroup.yml
>
> secgroup.yml
> ---
> - name: VPC, SG, EC2
> hosts: localhost
> connection: local
> gather_facts: False
> tasks:
>
> - name: create the security group
> local_action:
> module: ec2_group
> name: "{{ security_group }}"
> description: a test EC2 group
> vpc_id: "{{ vpc.vpc_id }}"
> region: "{{ region }}"
> rules:
> - proto: all
> from_port: 0
> to_port: 65535
> cidr_ip: "{{ myip }}"/32
> rules_egress:
> - proto: all
> from_port: 0
> to_port: 65535
> cidr_ip: 0.0.0.0/0
> register: secgroup
>
> - debug: var=secgroup
>
> - include: ec2prov.yml
>
>
> ec2prov.yml
> ---
>
> - name: VPC, SG, EC2
> hosts: localhost
> connection: local
> gather_facts: False
> tasks:
>
> - name: spin up the instance
> local_action:
> module: ec2
> count: 1
> region: "{{ region }}"
> zone: "{{ zone }}"
> instance_type: "{{ instance_type }}"
> image: "{{ ami }}"
> ebs_optimized: yes
> state: present
> group_id: "{{ secgroup.group_id }}"
> vpc_subnet_id: "{{ vpc.subnets[0].id }}"
> key_name: "{{ keypair }}"
> monitoring: yes
> assign_public_ip: yes
> private_ip: 10.0.0.10
> wait: yes
> wait_timeout: 300
> volumes:
> - device_name: /dev/xvda
> volume_size: 50
> device_type: gp2
> - device_name: /dev/xvdb
> volume_size: 80
> device_type: gp2
> ephemeral: ephemeral0
> - device_name: /dev/xvdc
> volume_size: 80
> device_type: gp2
> ephemeral: ephemeral1
> register: ec2
> tags: ec2
>
> - debug: var=ec2
>
> - name: add EIP to the instance
> local_action: ec2_eip in_vpc=yes instance_id={{ item.id }} region={{
> region }}
> with_items: ec2.instances
> register: eip
>
> - name: add instance to host group
> local_action: add_host hostname={{ item.public_ip }} groupname={{
> security_group }}
> with_items: eip.results
>
> - name: tag instance
> local_action: ec2_tag resource={{ item.id }} region={{ region }}
> state=present
> with_items: ec2.instances
> args:
> tags:
> Name: "{{ instance_name }}"
>
> - name: add instance to local host group
> local_action: lineinfile dest=hosts regexp="{{ item.public_ip }}"
> insertafter="[launched]" line={{ item.public_ip }}
> with_items: eip.results
>
> - name: wait for the instance to start
> local_action: wait_for state=started host={{ item.public_ip }} port=22
> with_items: eip.results
> ignore_errors: yes
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/dce446a3-9cc2-4984-bda2-031413d1f846%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
