· 5 years ago · Jan 31, 2020, 03:22 PM
1cat core-report-sb.yml
2---
3
4- name: Find Image
5 hosts: localhost
6 connection: local
7 vars_files:
8 - "/opt/ansible/vault/{{ lookup('env','ENV') }}.yml"
9 vars:
10 region: "{{ region }}"
11 access_key: "{{ access }}"
12 secret_key: "{{ secret }}"
13 ami_name: "AWSLinux-*"
14 roles:
15 - find_gvr_ami
16
17- name: Launch EC2 host
18 hosts: localhost
19 connection: local
20 gather_facts: False
21 vars_files:
22 - "/opt/ansible/vault/{{ lookup('env','ENV') }}.yml"
23 vars:
24 bld_env: "{{ bld_env }}"
25 count: 1
26 instance_type: "{{ size }}"
27 image: "{{ hostvars['localhost']['ami_result']['results'][0].ami_id }}"
28 # Amazon Linux = ec2-user
29 # Ubuntu 14.04 = ubuntu
30 ansible_ssh_user: "ec2-user"
31 region: "{{ region }}"
32 pem_path: "~/.ssh"
33 group_name: "ec2hosts"
34 vpc_subnet_id: "{{ lookup('ini', 'vpc_subnet section=vpc file=./{{ bld_env }}.ini') }}"
35 assign_public_ip: "{{ ip }}"
36 keypair: "{{ key }}"
37 access_key: "{{ access }}"
38 secret_key: "{{ secret }}"
39 instance_tags: "app_name={{ app_name }},Name={{ name }},bld_env={{ bld_env }},server={{ app_name }}-{{ bld_env }},product-line={{ product }}" # No - in the name, only _
40 security_group: "[{{ group }}]"
41 ec2_volumes:
42 - device_name: /dev/xvdb
43 volume_type: gp2
44 volume_size: "16"
45 delete_on_termination: true
46
47
48 roles:
49 - ec2_create
50
51- name: Setup EC2 GVR Default
52 hosts: ec2hosts
53 sudo: yes
54 # Amazon Linux = ec2-user
55 # Ubuntu 14.04 = ubuntu
56 remote_user: ec2-user
57 vars_files:
58 - "/opt/ansible/vault/{{ lookup('env','ENV') }}.yml"
59 vars:
60 app_name: "{{ app_name }}"
61 logstash_pci: False
62 roles:
63 - set_hostname
64 - gvr_repos
65 - gvr_packages
66 - gvr
67 - cloud-ca
68
69- name: Setup EC2 Specific Server
70 hosts: ec2hosts
71 sudo: yes
72 # Amazon Linux = ec2-user
73 # Ubuntu 14.04 = ubuntu
74 remote_user: ec2-user
75 vars_files:
76 - "/opt/ansible/vault/{{ lookup('env','ENV') }}.yml"
77 vars:
78 app_name: "{{ app_name }}"
79 hostname: "{{ ansible_hostname }}"
80 cert: False
81 nocert: True
82 app: "core"
83 jar_name: report
84 springboot: True
85
86 roles:
87 - springboot
88 - security
89 - package_diffs
90+++++++++++
91cat roles/ec2_create/tasks/main.yml
92---
93- name: Launch Instance(s)
94 ec2:
95 aws_access_key: "{{ access_key }}"
96 aws_secret_key: "{{ secret_key }}"
97 region: "{{ region }}"
98 keypair: "{{ keypair }}"
99 vpc_subnet_id: "{{ item }}"
100 assign_public_ip: "{{ assign_public_ip }}"
101 group: "{{ security_group }}"
102 instance_type: "{{ instance_type }}"
103 image: "{{ hostvars['localhost']['ami_result']['results'][0].ami_id }}"
104 count: "{{ count }}"
105 wait: true
106 instance_tags: "{{ instance_tags }}"
107 ebs_optimized: "{{ ebs_optimized }}"
108 volumes: "{{ ec2_volumes }}"
109 instance_profile_name: "{{ iam }}"
110
111 with_items: "{{ vpc_subnet_id.split(',') }}"
112 register: ec2
113
114- name: Instance Ids
115 debug: msg={{ item.instances[0].id }}
116 with_items: "{{ec2.results}}"
117
118- name: Add hosts group temporary inventory group with pem path
119 add_host:
120 name: "{{ item.instances[0].private_ip }}"
121 groups: "{{ group_name }}"
122 ansible_ssh_private_key_file: "{{ pem_path }}/{{ keypair }}.pem"
123 ansible_ssh_user: "{{ ansible_ssh_user }}"
124 with_items: "{{ec2.results}}"
125 when: pem_path != ""
126
127- name: Add hosts group temporary inventory group without pem path
128 add_host:
129 name: "{{ item.instances[0].private_ip }}"
130 groups: "{{ group_name }}"
131 ansible_ssh_user: "{{ ansible_ssh_user }}"
132 with_items: "{{ec2.results}}"
133 when: pem_path == ""
134
135- name: Update Instance Name Tag(s)
136 ec2_tag:
137 aws_access_key: "{{ access_key }}"
138 aws_secret_key: "{{ secret_key }}"
139 region: "{{ region }}"
140 resource: "{{ item.instances[0].id }}"
141 tags:
142 Name: "{{ name }} - {{ item.instances[0].private_ip }}"
143 with_items: "{{ec2.results}}"
144
145- name: Scheduler Instance Name Tag(s) in dev
146 ec2_tag:
147 aws_access_key: "{{ access_key }}"
148 aws_secret_key: "{{ secret_key }}"
149 region: "{{ region }}"
150 resource: "{{ item.instances[0].id }}"
151 tags:
152 scheduler:ec2-startstop:sat: "none;0030;utc;sat"
153 when: "('dev' in bld_env) and ('rm-' in name) and ('site-gw' not in name) and ('sep' not in name) and ('alarm' not in name)"
154 with_items: "{{ec2.results}}"
155
156- name: Scheduler Instance Name Tag(s) in Qa
157 ec2_tag:
158 aws_access_key: "{{ access_key }}"
159 aws_secret_key: "{{ secret_key }}"
160 region: "{{ region }}"
161 resource: "{{ item.instances[0].id }}"
162 tags:
163 ec2-start-stop-weekly: "fri:0530;sun:0500-{{bld_env}}"
164 when: "('qa' in bld_env) and ('es-analytics' not in name) and ('es-parse' not in name) and ('es-logstash' not in name) and ('es-core' not in name) and ('Shared-Services' not in name) and ('kafka' not in name) and ('core-spring-boot' not in name) and ('activemq' not in name) and ('keycloak' not in name) and ('ldap' not in name) and ('cloud-ca' not in name)"
165 with_items: "{{ec2.results}}"
166
167- name: Ec2 Results
168 debug: msg={{ ec2.results }}
169
170- name: Retrieve all volumes for instance
171 ec2_vol:
172 instance: "{{ item.instances[0].id }}"
173 region: "{{ region }}"
174 state: list
175 with_items: "{{ ec2.results }}"
176 register: ec2_vol
177
178- name: All volumes
179 debug: msg={{ ec2_vol }}
180
181- debug: msg= "{{ item.instances[0].block_device_mapping }}"
182 with_items: "{{ec2_vol}}"
183
184- name: Tag EBS Volumes
185 ec2_tag:
186 region: "{{ region }}"
187 resource: "{{ item }}"
188 state: present
189 tags:
190 Name: "{{ app_name }}"
191 bld_env: "{{ bld_env }}"
192 product-line: "{{ product }}"
193 with_items:
194 - "{{ ec2_vol.results[0].volumes | map(attribute='id') | list }}"
195 register: ebs_volume
196
197#- name: All volumes
198# debug: msg={{ ebs_volume }}
199
200- name: Write Instance ID out to a file
201 template:
202 src=id.ini.j2
203 dest="./id.ini"
204
205- name: Wait for SSH
206 wait_for:
207 host: "{{ item.instances[0].private_ip }}"
208 port: 22
209 delay: 30
210 timeout: 420
211 state: started
212 with_items: "{{ec2.results}}"
213 register: result
214
215- debug: var=result
216 when: result|failed