-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
create-instance.yml
121 lines (120 loc) · 3.58 KB
/
create-instance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
---
- name: 'Create VM'
hosts: localhost
gather_facts: false
vars:
key_name: 'tupeuxpasvpn'
image_name: 'ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20190212.1'
groupname: 'vpn'
instance_type: 't2.micro'
region: 'ca-central-1'
secgroup:
name: 'from_myself'
description: 'icmp and ssh from myself'
delete: false
tasks:
- name: "Debug"
debug:
msg: "Region: {{ region }}"
- name: 'prepare folder'
file:
path: artifacts
state: directory
- name: fetch public cidr_ip
set_fact:
public_ip: "{{ lookup('url', 'http://api.ipify.org') }}"
- name: show public ip
debug:
msg: "Our public facing ip is {{ public_ip }}"
- name: 'Get image id'
command: "aws ec2 describe-images --region={{ region }} --filter 'Name=name,Values={{ image_name }}'"
register: ec2_image
changed_when: false
- name: 'Register image info'
set_fact:
image_info: "{{ ec2_image.stdout | from_json }}"
- name: 'Register image id'
set_fact:
image_id: "{{ image_info.Images[0].ImageId }}"
# - meta: end_play
- name: Create SSH keys
command: 'ssh-keygen -t rsa -f artifacts/id_rsa -P ""'
args:
creates: 'artifacts/id_rsa'
- name: 'Create SSH keypair'
ec2_key:
name: "{{ key_name }}"
key_material: "{{ lookup('file', 'artifacts/id_rsa.pub') }}"
region: "{{ region }}"
- name: 'Create security group'
ec2_group:
name: "{{ secgroup.name }}"
description: "{{ secgroup.description }}"
rules:
- proto: icmp
from_port: -1
to_port: -1
cidr_ip:
- "{{ public_ip }}/32"
- proto: tcp
from_port: 22
to_port: 22
cidr_ip:
- "{{ public_ip }}/32"
region: "{{ region }}"
- name: 'Create VM'
ec2:
group: "{{ secgroup.name }}"
image: "{{ image_id }}"
key_name: "{{ key_name }}"
instance_type: "{{ instance_type }}"
region: "{{ region }}"
user_data: |
#!/bin/bash
update-alternatives --install /usr/bin/python python3.6 /usr/bin/python3.6 1
wait: true
exact_count: 1
count_tag:
groupname: "{{ groupname }}"
instance_tags:
groupname: "{{ groupname }}"
register: ec2
- name: Add new instance to host group
add_host:
hostname: "{{ item.public_dns_name }}"
public_dns_name: "{{ item.public_dns_name }}"
groupname: "{{ groupname }}"
ansible_host: "{{ item.public_ip }}"
ansible_user: ubuntu
ansible_ssh_private_key_file: "artifacts/id_rsa"
instance_id: "{{ item.id }}"
tags:
groupname: "{{ groupname }}"
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
delegate_to: "{{ item.public_dns_name }}"
wait_for_connection:
delay: 5
timeout: 320
with_items: "{{ ec2.instances }}"
- name: Print info
debug:
msg: "Instane {{ item.id }} at {{ item.public_ip }} / {{ item.public_dns_name }}"
with_items: "{{ ec2.instances }}"
- name: 'Create vpn script'
hosts: all
gather_facts: true
remote_user: ubuntu
tags:
- script
vars:
groupname: 'vpn'
ansible_ssh_private_key_file: "artifacts/id_rsa"
tasks:
- name: 'vpn script'
template:
src: start-vpn.sh.j2
dest: artifacts/start-vpn.sh
mode: '0700'
delegate_to: localhost
when: tags.groupname == groupname