-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path02_azure.yml
104 lines (98 loc) · 3.31 KB
/
02_azure.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
---
- hosts: localhost
connection: local
vars:
user: magchr
location: northeurope
virtual_network_name: "webserver_{{ user }}"
subnet: Webserver
resource_group: "webserver_{{ user }}"
domain_sub: "domain{{ user }}"
ssh_public_key: "{{lookup('file', '~/.ssh/id_rsa.pub') }}"
tasks:
- name: create a virtual network
azure_rm_virtualnetwork:
resource_group: "{{ resource_group }}"
name: "{{ virtual_network_name }}"
address_prefixes_cidr: "10.99.0.0/16"
tags:
solution: "webserver_{{ user }}"
delete: ansibletraining
- name: Create a subnet
azure_rm_subnet:
resource_group: "{{ resource_group }}"
virtual_network_name: "{{ virtual_network_name }}"
name: "{{ subnet }}"
address_prefix_cidr: "10.99.0.0/24"
- name: Create a public ip address for webserver
azure_rm_publicipaddress:
resource_group: "{{ resource_group }}"
name: public_ip_webserver
allocation_method: static
domain_name: "webserver{{ domain_sub }}"
tags:
solution: "webserver_{{ user }}"
delete: ansibletraining
register: webserver_pub_ip
- name: Create Security Group for webserver
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: "webserver_securitygroup"
purge_rules: yes
rules:
- name: Allow_SSH
protocol: Tcp
destination_port_range: 22
access: Allow
priority: 100
direction: Inbound
- name: Allow_HTTP
protocol: Tcp
destination_port_range: 80
access: Allow
priority: 101
direction: Inbound
tags:
solution: "webserver_{{ user }}"
delete: ansibletraining
- name: Create a network interface for webserver
azure_rm_networkinterface:
name: "webserver_nic01"
resource_group: "{{ resource_group }}"
virtual_network: "{{ virtual_network_name }}"
subnet_name: "{{ subnet }}"
security_group: "webserver_securitygroup"
ip_configurations:
- name: "webserver_nic01_ipconfig"
public_ip_address_name: "public_ip_webserver"
primary: True
tags:
solution: "webserver_{{ user }}"
delete: ansibletraining
- name: Create a VM webserver
azure_rm_virtualmachine:
resource_group: "{{ resource_group }}"
name: "webserver"
os_type: Linux
admin_username: "{{ user }}"
ssh_password_enabled: false
ssh_public_keys:
- path: "/home/{{ user }}/.ssh/authorized_keys"
key_data: "{{ ssh_public_key }}"
managed_disk_type: Standard_LRS
state: present
image:
offer: RHEL
publisher: RedHat
sku: 8
version: latest
vm_size: Standard_A1_v2
network_interfaces: "webserver_nic01"
tags:
solution: "webserver_{{ user }}"
delete: ansibletraining
- name: Show webserver public ip
debug:
msg: "{{ webserver_pub_ip.state.ip_address }}"
- name: Add webserver to ssh known_hosts
shell: "ssh-keyscan -t ecdsa {{ webserver_pub_ip.state.ip_address }} >> /home/{{ user }}/.ssh/known_hosts"