mirror of
https://bitbucket.org/atlassian/dc-deployments-automation.git
synced 2025-12-17 02:13:06 -06:00
DCD-1123: Add roles to support creating multiple basic EC2 instances into a VPC.
This commit is contained in:
Steve Smith
16
migraion-video-instances.yml
Normal file
16
migraion-video-instances.yml
Normal file
@@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
- hosts: localhost
|
||||||
|
connection: local
|
||||||
|
gather_facts: True
|
||||||
|
become: False
|
||||||
|
|
||||||
|
vars:
|
||||||
|
vpc_name: "DCD-Migration-Video"
|
||||||
|
business_unit: "Engineering-Server"
|
||||||
|
resource_owner: "{{ ansible_user_id }}"
|
||||||
|
aws_region: "us-west-2"
|
||||||
|
|
||||||
|
roles:
|
||||||
|
- { role: aws-vpc }
|
||||||
|
- { role: ec2-instance, vars: { instance_name: "Jira Software Migration Source Instance" } }
|
||||||
|
- { role: ec2-instance, vars: { instance_name: "Jira ServiceDesk Migration Source Instance" } }
|
||||||
91
roles/aws-vpc/tasks/main.yml
Normal file
91
roles/aws-vpc/tasks/main.yml
Normal file
@@ -0,0 +1,91 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Setup VPC
|
||||||
|
ec2_vpc_net:
|
||||||
|
name: "{{ vpc_name }}-vpc"
|
||||||
|
cidr_block: 10.20.0.0/16
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
resource_tags:
|
||||||
|
Name: "{{ vpc_name }}-vpc"
|
||||||
|
name: "{{ vpc_name }}-vpc"
|
||||||
|
business_unit: "{{ business_unit }}"
|
||||||
|
service_name: "{{ vpc_name }}"
|
||||||
|
resource_owner: "{{ resource_owner }}"
|
||||||
|
register: vpc
|
||||||
|
|
||||||
|
- name: Setup VPC Internet Gateway
|
||||||
|
ec2_vpc_igw:
|
||||||
|
vpc_id: "{{ vpc.vpc.id }}"
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
state: present
|
||||||
|
register: igw
|
||||||
|
|
||||||
|
- name: Create subnet for resources
|
||||||
|
ec2_vpc_subnet:
|
||||||
|
vpc_id: "{{ vpc.vpc.id }}"
|
||||||
|
cidr: "10.20.30.0/24"
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
state: present
|
||||||
|
resource_tags:
|
||||||
|
Name: "{{ vpc_name }}-subnet"
|
||||||
|
name: "{{ vpc_name }}-vpc"
|
||||||
|
business_unit: "{{ business_unit }}"
|
||||||
|
service_name: "{{ vpc_name }}"
|
||||||
|
resource_owner: "{{ resource_owner }}"
|
||||||
|
register: subnet
|
||||||
|
|
||||||
|
- name: Set up VPC route table
|
||||||
|
ec2_vpc_route_table:
|
||||||
|
vpc_id: "{{ vpc.vpc.id }}"
|
||||||
|
tags:
|
||||||
|
Name: "{{ vpc_name }}-vpc-routes"
|
||||||
|
subnets:
|
||||||
|
- "{{ subnet.subnet.id }}"
|
||||||
|
routes:
|
||||||
|
- dest: 0.0.0.0/0
|
||||||
|
gateway_id: "{{ igw.gateway_id }}"
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
resource_tags:
|
||||||
|
Name: "{{ vpc_name }}-routes"
|
||||||
|
name: "{{ vpc_name }}"
|
||||||
|
business_unit: "{{ business_unit }}"
|
||||||
|
service_name: "{{ vpc_name }}"
|
||||||
|
resource_owner: "{{ resource_owner }}"
|
||||||
|
register: public_route_table
|
||||||
|
|
||||||
|
|
||||||
|
- name: Setup security group
|
||||||
|
ec2_group:
|
||||||
|
name: "{{ vpc_name }}-sg"
|
||||||
|
description: "Hosting group"
|
||||||
|
vpc_id: "{{ vpc.vpc.id }}"
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
state: present
|
||||||
|
purge_rules: true
|
||||||
|
rules:
|
||||||
|
# External: Allow SSH, HTTP/HTTPS
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 22
|
||||||
|
to_port: 22
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 80
|
||||||
|
to_port: 80
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 443
|
||||||
|
to_port: 443
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
|
||||||
|
# Internal-only traffic
|
||||||
|
- proto: icmp
|
||||||
|
from_port: -1
|
||||||
|
to_port: -1
|
||||||
|
cidr_ip: 10.20.0.0/16
|
||||||
|
purge_rules_egress: true
|
||||||
|
rules_egress:
|
||||||
|
- proto: all
|
||||||
|
from_port: 0
|
||||||
|
to_port: 65535
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
register: sg
|
||||||
8
roles/ec2-instance/defaults/main.yml
Normal file
8
roles/ec2-instance/defaults/main.yml
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
ec2_ami_owner: "amazon"
|
||||||
|
ec2_ami_description: "Amazon Linux 2 AMI 2.0.* x86_64 HVM gp2"
|
||||||
|
ec2_type: "t3a.xlarge"
|
||||||
|
ec2_disk_size: "512"
|
||||||
|
ec2_keypair: "taskcat-ci-key"
|
||||||
|
|
||||||
38
roles/ec2-instance/tasks/main.yml
Normal file
38
roles/ec2-instance/tasks/main.yml
Normal file
@@ -0,0 +1,38 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Fetch AMI list for region
|
||||||
|
ec2_ami_facts:
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
owner: "{{ ec2_ami_owner }}"
|
||||||
|
filters:
|
||||||
|
description: "{{ ec2_ami_description }}"
|
||||||
|
register: amis
|
||||||
|
|
||||||
|
- name: Find the latest version of the AMI
|
||||||
|
set_fact:
|
||||||
|
latest_ami: "{{ amis.images | selectattr('name', 'defined') | sort(attribute='creation_date') | last }}"
|
||||||
|
|
||||||
|
- name: Provision EC2 host
|
||||||
|
ec2:
|
||||||
|
exact_count: 1
|
||||||
|
count_tag:
|
||||||
|
Name: "{{instance_name}}"
|
||||||
|
keypair: "{{ ec2_keypair }}"
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
instance_type: "{{ ec2_type }}"
|
||||||
|
image: "{{ latest_ami.image_id }}"
|
||||||
|
group_id: "{{ sg.group_id }}"
|
||||||
|
vpc_subnet_id: "{{ subnet.subnet.id }}"
|
||||||
|
assign_public_ip: True
|
||||||
|
volumes:
|
||||||
|
- device_name: /dev/xvda
|
||||||
|
volume_type: gp2
|
||||||
|
volume_size: "{{ ec2_disk_size }}"
|
||||||
|
wait: true
|
||||||
|
instance_tags:
|
||||||
|
Name: "{{ instance_name }}"
|
||||||
|
name: "{{ instance_name }}"
|
||||||
|
business_unit: "{{ business_unit }}"
|
||||||
|
service_name: "{{ instance_name}}"
|
||||||
|
resource_owner: "{{ resource_owner }}"
|
||||||
|
register: ec2_instance
|
||||||
Reference in New Issue
Block a user