-
Notifications
You must be signed in to change notification settings - Fork 6
/
main.yml
128 lines (113 loc) · 3.99 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
---
# AWS specific initialization starts here
- name: "AWS specific initialization"
hosts: build_control
connection: local
become: false
vars_files:
- "vars/aws_vars.yml"
- "../../vars/main.yml"
- "~/agof_vault.yml"
vars:
ec2_wait: true
tasks:
- name: collection final check
block:
- name: run AWS check setup if using AWS
ansible.builtin.include_role:
name: roles/aws_check_setup
rescue:
- name: Error with setup
fail:
msg: The provisioner has failed during initial check_setup, please scroll up to see exact error.
- name: Provision network stuff
ansible.builtin.include_role:
name: roles/manage_ec2_infra
- name: Include vars from previous runs
ansible.builtin.include_vars:
file: '{{ pattern_state_rootdir }}/{{ ec2_name_prefix }}/aws_state_vars.yml'
ignore_errors: true
when: save_aws_vars
- name: Copy AMI image if needed
block:
- name: Check for AMI in ec2 region
amazon.aws.ec2_ami:
image_id: "{{ imagebuilder_ami }}"
region: "{{ ec2_region }}"
register: ami_query
failed_when: ami_query.msg is search('InvalidAMIID.NotFound')
rescue:
- name: Copy image to desired region
community.aws.ec2_ami_copy:
source_region: "{{ ami_source_region }}"
region: "{{ ec2_region }}"
source_image_id: "{{ imagebuilder_ami }}"
wait: true
register: ami_copy
- name: Set AMI ID now that we have a new one
ansible.builtin.set_fact:
copied_ami: "{{ ami_copy.image_id }}"
when:
- copied_ami is not defined
- ami_source_region != ec2_region
- name: Save variables for later if desired
ansible.builtin.copy:
content: |-
---
ec2_name_prefix: '{{ ec2_name_prefix }}'
ec2_region: '{{ ec2_region }}'
ec2_vpc_id: '{{ ec2_vpc_id }}'
ec2_vpc_subnet_id: '{{ ec2_vpc_subnet_id }}'
pattern_dns_zone: '{{ pattern_dns_zone }}'
{% if copied_ami is defined %}
copied_ami: '{{ copied_ami }}'
{% endif %}
imagebuilder_ami: '{{ imagebuilder_ami }}'
dest: '{{ pattern_state_rootdir }}/{{ ec2_name_prefix }}/aws_state_vars.yml'
when: save_aws_vars
- name: Build VMs and manage DNS entries
ansible.builtin.include_role:
name: roles/manage_ec2_instances
vars:
ami_id: "{{ copied_ami | default(imagebuilder_ami) }}"
- name: Post-provisioning tasks
hosts: aws_nodes
become: true
gather_facts: true
vars_files:
- "vars/aws_vars.yml"
- "~/agof_vault.yml"
vars:
ec2_instances_built: "{{ hostvars['localhost']['ec2_instances_built'] }}"
ipaclient_configure_dns_resolver: false
tasks:
- name: "Wait for VM(s) to be ready for SSH"
ansible.builtin.wait_for:
port: 22
search_regex: OpenSSH
- name: "Ensure remote tmp directory"
ansible.builtin.file:
path: '{{ aws_remote_tmp }}'
mode: '0700'
owner: '{{ ansible_user }}'
recurse: true
- name: 'Ensure hostname-setting can persist (thanks, cloud-init)'
ansible.builtin.lineinfile:
path: '/etc/cloud/cloud.cfg'
regexp: '^\s*preserve_hostname:'
line: 'preserve_hostname: true'
- name: Set hostnames
ansible.builtin.hostname:
name: '{{ short_hostname }}.{{ pattern_domain }}'
- name: Set /etc/hosts
ansible.builtin.copy:
content: |
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
{% for ib in ec2_instances_built %}
{{ ib.private_ip_address }} {{ ib.tags.avpname }}.{{ pattern_domain }} {{ ib.tags.avpaliases }}
{% endfor %}
dest: /etc/hosts
owner: root
group: root
mode: '0644'