-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbootstrap.yml
105 lines (93 loc) · 3.47 KB
/
bootstrap.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
---
- hosts: "{{ hosts | default('local') }}"
become: true
tasks:
- name: include vars.yml
include_vars: 'vars.yml'
- name: create devops keypair
ec2_key:
state: present
name: "{{ keypair_name }}"
key_material: "{{ public_ssh_key }}"
region: "{{ lookup('env', 'AWS_REGION') }}"
force: false
validate_certs: true
aws_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
aws_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
- name: allow ssh in default security group
ec2_group:
state: present
name: default
purge_rules: false
purge_tags: true
description: 'default'
rules:
- proto: tcp
ports:
- 22
cidr_ip: "{{ lookup('env', 'EXTERNAL_IP') }}/32"
- proto: tcp
ports:
- 80
- 443
cidr_ip: "{{ lookup('env', 'EXTERNAL_IP') }}/32"
region: "{{ lookup('env', 'AWS_REGION') }}"
validate_certs: true
aws_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
aws_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
- name: create an EC2 instance to host docker
ec2_instance:
state: running
name: "{{ instance_name }}"
availability_zone: "{{ lookup('env', 'AWS_REGION') }}"
region: "{{ lookup('env', 'AWS_REGION') }}"
image_id: "{{ ubuntu_2004_ami }}"
instance_type: "{{ aws_ec2_type }}"
key_name: "{{ keypair_name }}"
security_group: default
network:
assign_public_ip: true
wait: true
wait_timeout: "{{ wait_timeout }}"
aws_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
aws_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
ebs_optimized: false
- name: get EC2 instance info
register: ec2_instances
ec2_instance_info:
region: "{{ lookup('env', 'AWS_REGION') }}"
validate_certs: true
filters:
"tag:Name": "{{ instance_name }}"
aws_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
aws_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
- name: create an EIP for our EC2 instance
register: ec2_eip
ec2_eip:
state: present
device_id: "{{ ec2_instances.instances[0].instance_id }}"
allow_reassociation: true
aws_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
aws_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
in_vpc: true
public_ipv4_pool: true
region: "{{ lookup('env', 'AWS_REGION') }}"
reuse_existing_ip_allowed: true
release_on_disassociation: true
validate_certs: true
- name: create custom facts for interacting with our ec2 instance
set_fact:
demo_public_ip: "{{ ec2_eip.public_ip }}"
- name: Add /etc/hosts entry for ec2 public IP
delegate_to: localhost
lineinfile:
state: present
path: '/etc/hosts'
line: "{{ demo_public_ip }} {{ lookup('env', 'NGINX_HOST') }} ec2-nginx-demo.codylane-devops.com"
- name: update our ansible inventory file to include the ec2 public ip
delegate_to: localhost
ini_file:
path: 'inventory'
section: ec2
option: "{{ instance_name }} ansible_ssh_host={{ demo_public_ip }} ansible_user=ubuntu ansible_python_interpreter=python3"
allow_no_value: true