ansible --version ansible 1.8 (devel e564a8ca3f) last updated 2014/11/13 12:08:11 (GMT +200) lib/ansible/modules/core: (detached HEAD 63e81cfc2e) last updated 2014/10/30 15:43:29 (GMT +200) lib/ansible/modules/extras: (detached HEAD a0df36c6ab) last updated 2014/10/30 15:43:35 (GMT +200) v2/ansible/modules/core: (detached HEAD cb69744bce) last updated 2014/10/30 15:43:42 (GMT +200) v2/ansible/modules/extras: (detached HEAD 8a4f07eecd) last updated 2014/10/30 15:43:54 (GMT +200) configured module search path = None
I tried doing the VPC creation with only the Subnet that is meant for a batch of EC2 instances. This worked nicely for the "{{ vpc.subnets[0].id }}" Then I called the same VPC playbook but this time also with the second Subnet that is meant for another batch of EC2 instances. This way I managed to achieve predictability. This of course is just a dirty workaround as it will work only once because of the subsequent runs (lack of a Subnet in the VPC module *deletes* the Subnet if it exists and not used). On Thursday, 13 November 2014 11:59:30 UTC+1, Dan Vaida wrote: > > Hello all, > > I am creating a VPC with two subnets, a security group and trying to use > those for launching an EC2 with a private IP address from one of the > freshly created subnets. > > The problem seems to be that there is no ordering done by the VPC module > in regards to the CIDRs. If that would be happening, it would enable a more > predictable access of the subnet by using "{{ vpc.subnets[0].id }}" > Right now, this makes the new EC2 instance randomly use one of the created > subnets. > > Another solution could be for the ec2 module to accept the subnet's > CIDR... but then again, what if you have the same CIDR but in another AZ, > that wouldn't work... > > I'm sure the must be a way around this :) > > > vpc.yml > --- > - name: VPC, SG, EC > hosts: localhost > connection: local > gather_facts: False > tasks: > > - name: create the VPC > local_action: > module: ec2_vpc > cidr_block: 10.0.0.0/16 > dns_hostnames: yes > dns_support: yes > instance_tenancy: default > internet_gateway: yes > region: "{{ region }}" > resource_tags: { "Environment": "test" } > route_tables: > - subnets: > - 10.0.0.0/24 > routes: > - dest: 0.0.0.0/0 > gw: igw > state: present > subnets: > - cidr: 10.0.0.0/24 > az: "{{ zone }}" > resource_tags: { "Environment":"test", "Name" : "Public subnet" } > - cidr: 10.0.1.0/24 > az: "{{ zone }}" > resource_tags: { "Environment":"test", "Name" : "Private subnet" > } > wait: yes > register: vpc > - debug: var=vpc > > - include: secgroup.yml > > secgroup.yml > --- > - name: VPC, SG, EC2 > hosts: localhost > connection: local > gather_facts: False > tasks: > > - name: create the security group > local_action: > module: ec2_group > name: "{{ security_group }}" > description: a test EC2 group > vpc_id: "{{ vpc.vpc_id }}" > region: "{{ region }}" > rules: > - proto: all > from_port: 0 > to_port: 65535 > cidr_ip: "{{ myip }}"/32 > rules_egress: > - proto: all > from_port: 0 > to_port: 65535 > cidr_ip: 0.0.0.0/0 > register: secgroup > > - debug: var=secgroup > > - include: ec2prov.yml > > > ec2prov.yml > --- > > - name: VPC, SG, EC2 > hosts: localhost > connection: local > gather_facts: False > tasks: > > - name: spin up the instance > local_action: > module: ec2 > count: 1 > region: "{{ region }}" > zone: "{{ zone }}" > instance_type: "{{ instance_type }}" > image: "{{ ami }}" > ebs_optimized: yes > state: present > group_id: "{{ secgroup.group_id }}" > vpc_subnet_id: "{{ vpc.subnets[0].id }}" > key_name: "{{ keypair }}" > monitoring: yes > assign_public_ip: yes > private_ip: 10.0.0.10 > wait: yes > wait_timeout: 300 > volumes: > - device_name: /dev/xvda > volume_size: 50 > device_type: gp2 > - device_name: /dev/xvdb > volume_size: 80 > device_type: gp2 > ephemeral: ephemeral0 > - device_name: /dev/xvdc > volume_size: 80 > device_type: gp2 > ephemeral: ephemeral1 > register: ec2 > tags: ec2 > > - debug: var=ec2 > > - name: add EIP to the instance > local_action: ec2_eip in_vpc=yes instance_id={{ item.id }} region={{ > region }} > with_items: ec2.instances > register: eip > > - name: add instance to host group > local_action: add_host hostname={{ item.public_ip }} groupname={{ > security_group }} > with_items: eip.results > > - name: tag instance > local_action: ec2_tag resource={{ item.id }} region={{ region }} > state=present > with_items: ec2.instances > args: > tags: > Name: "{{ instance_name }}" > > - name: add instance to local host group > local_action: lineinfile dest=hosts regexp="{{ item.public_ip }}" > insertafter="[launched]" line={{ item.public_ip }} > with_items: eip.results > > - name: wait for the instance to start > local_action: wait_for state=started host={{ item.public_ip }} port=22 > with_items: eip.results > ignore_errors: yes > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/dce446a3-9cc2-4984-bda2-031413d1f846%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.