-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathec2_and_elb.yml
183 lines (175 loc) · 5.46 KB
/
ec2_and_elb.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
#####################################################
###Author: Almir Candido #
###Contact: https://br.linkedin.com/in/almircandido #
### #
###Ansible Version: 2.8 #
### #
###Requisitos: #
###Install: #
###python-boto #
###python-boto3 #
#####################################################
# Create Load Balancer and EC2 Instance.
---
- hosts: localhost
gather_facts: no
vars:
AWS_ACCESS_KEY: inform your access key
AWS_SECRET_KEY: inform your secret key
AWS_REGION: us-east-1 # N. Virginia
AWS_ZONE: us-east-1a
LB_NAME: LB
INSTANCE_TYPE: t2.micro
INSTANCE_TAG: web_server
INSTANCE_PORT: 80
DEFAULT_VPC_SUBNET: subnet-b5cd84d2
LB_PORT: 80
LB_SSL_PORT: 443
LB_PROTO: http
LB_SSL_PROTO: https
SG_NAME: elb_sg
VPC_ID: vpc-89abcef3
BASE_AMI: ami-0c322300a1dd5dc79 #RHEL 8
KEY_NAME: ansible_access_keypair
PATH: /home/ansible/
tasks:
- name: Create Key Pair
ec2_key:
aws_access_key: "{{ AWS_ACCESS_KEY }}"
aws_secret_key: "{{ AWS_SECRET_KEY }}"
ec2_region: "{{ AWS_REGION }}"
name: "{{ KEY_NAME }}"
register: keypair
- name: Save Key Pair
lineinfile:
create: yes
path: "{{ PATH }}{{ KEY_NAME }}.pem"
line: "{{ keypair.key.private_key }}"
mode: 0600
- name: Create ELB Security Group
ec2_group:
aws_access_key: "{{ AWS_ACCESS_KEY }}"
aws_secret_key: "{{ AWS_SECRET_KEY }}"
ec2_region: "{{ AWS_REGION }}"
name: "{{ SG_NAME }}"
description: ELB_ACCESS
vpc_id: "{{ VPC_ID }}"
rules:
- proto: tcp
ports:
- 80
- 443
- 22
cidr_ip: 0.0.0.0/0
- name: Create Load Balancer
local_action:
module: ec2_elb_lb
aws_access_key: "{{ AWS_ACCESS_KEY }}"
aws_secret_key: "{{ AWS_SECRET_KEY }}"
name: "{{ LB_NAME }}"
state: present
region: "{{ AWS_REGION }}"
zones: "{{ AWS_ZONE }}"
wait: true
security_group_names: "{{ SG_NAME }}"
listeners:
- protocol: "{{ LB_PROTO }}"
load_balancer_port: "{{ LB_PORT }}"
instance_port: "{{ INSTANCE_PORT }}"
#If you have SSL certificate stored in aws.
# - protocol: "{{ LB_SSL_PROTO }}"
# load_balancer_port: "{{ LB_SSL_PORT }}"
# instance_port: "{{ LB_PORT }}"
# ssl_certificate_id: "arn:aws:iam::xxxxxx:server-certificate/domain_cert"
health_check:
ping_protocol: "{{ LB_PROTO }}" # options are http, https, ssl, tcp
ping_port: "{{ INSTANCE_PORT }}"
ping_path: "/healthy_check.txt"
response_timeout: 5 #seconds
interval: 30 #seconds
unhealthy_threshold: 2
healthy_threshold: 10
- name: Create EC2 instance
ec2:
aws_access_key: "{{ AWS_ACCESS_KEY }}"
aws_secret_key: "{{ AWS_SECRET_KEY }}"
ec2_region: "{{ AWS_REGION }}"
zone: "{{ AWS_ZONE }}"
instance_type: "{{ INSTANCE_TYPE }}"
keypair: "{{ KEY_NAME }}"
group: "{{ SG_NAME }}"
image: "{{ BASE_AMI }}"
vpc_subnet_id: '{{ DEFAULT_VPC_SUBNET }}'
assign_public_ip: yes
wait: true
count: 2 #number of instances
instance_tags:
Name: "{{ INSTANCE_TAG }}"
register: ec2
- name: Add host inventory
add_host:
hostname: "{{ item.public_ip }}"
groupname: web
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
ansible_ssh_private_key_file: "{{ PATH }}{{ KEY_NAME }}.pem"
loop: "{{ ec2.instances }}"
- name: Wait for ssh to come up
wait_for:
host: "{{ item.public_ip }}"
port: 22
delay: 6
timeout: 90
loop: "{{ ec2.instances }}"
### Install HTTPD ###
- hosts: web
become: yes
gather_facts: no
remote_user: ec2-user
vars:
PACKAGES:
- httpd
- mod_ssl
tasks:
- name: install {{ PACKAGES }}
yum:
name: "{{ PACKAGES }}"
state: latest
- name: Create file for healthy check load balancer
file:
path: /var/www/html/healthy_check.txt
state: touch
- name: Start httpd service
service:
name: httpd
state: started
enabled: true
### Add each EC2 instance to the ELB ###
- hosts: localhost
gather_facts: no
vars:
AWS_ACCESS_KEY: inform your access key
AWS_SECRET_KEY: inform your secret key
AWS_REGION: us-east-1
LB_NAME: LB
INSTANCE_TAG: web_server
tasks:
- name: get all ec2 instances
ec2_instance_facts:
aws_access_key: "{{ AWS_ACCESS_KEY }}"
aws_secret_key: "{{ AWS_SECRET_KEY }}"
region: "{{ AWS_REGION }}"
filters:
tag:Name: "{{ INSTANCE_TAG }}"
register: ec2
- name: add ec2 instance on load balancer
local_action:
module: ec2_elb
aws_access_key: "{{ AWS_ACCESS_KEY }}"
aws_secret_key: "{{ AWS_SECRET_KEY }}"
region: "{{ AWS_REGION }}"
instance_id: "{{ item.instance_id }}"
ec2_elbs: "{{ LB_NAME }}"
state: present
loop: "{{ ec2.instances }}"
ignore_errors: yes
...