mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
cloudstack: docs: use local_action, not connection=local (#17951)
This commit is contained in:
parent
7b2f15453d
commit
f50c0a78b2
1 changed files with 67 additions and 52 deletions
|
@ -78,7 +78,8 @@ By passing the argument ``api_region`` with the CloudStack modules, the region w
|
||||||
.. code-block:: yaml
|
.. code-block:: yaml
|
||||||
|
|
||||||
- name: ensure my ssh public key exists on Exoscale
|
- name: ensure my ssh public key exists on Exoscale
|
||||||
local_action: cs_sshkeypair
|
local_action:
|
||||||
|
module: cs_sshkeypair
|
||||||
name: my-ssh-key
|
name: my-ssh-key
|
||||||
public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
||||||
api_region: exoscale
|
api_region: exoscale
|
||||||
|
@ -88,7 +89,8 @@ Or by looping over a regions list if you want to do the task in every region:
|
||||||
.. code-block:: yaml
|
.. code-block:: yaml
|
||||||
|
|
||||||
- name: ensure my ssh public key exists in all CloudStack regions
|
- name: ensure my ssh public key exists in all CloudStack regions
|
||||||
local_action: cs_sshkeypair
|
local_action:
|
||||||
|
module: cs_sshkeypair
|
||||||
name: my-ssh-key
|
name: my-ssh-key
|
||||||
public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
||||||
api_region: "{{ item }}"
|
api_region: "{{ item }}"
|
||||||
|
@ -171,28 +173,32 @@ Now to the fun part. We create a playbook to create our infrastructure we call i
|
||||||
---
|
---
|
||||||
- name: provision our VMs
|
- name: provision our VMs
|
||||||
hosts: cloud-vm
|
hosts: cloud-vm
|
||||||
connection: local
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: ensure VMs are created and running
|
- name: ensure VMs are created and running
|
||||||
cs_instance:
|
local_action:
|
||||||
|
module: cs_instance
|
||||||
name: "{{ inventory_hostname_short }}"
|
name: "{{ inventory_hostname_short }}"
|
||||||
template: Linux Debian 7 64-bit 20GB Disk
|
template: Linux Debian 7 64-bit 20GB Disk
|
||||||
service_offering: "{{ cs_offering }}"
|
service_offering: "{{ cs_offering }}"
|
||||||
state: running
|
state: running
|
||||||
|
|
||||||
|
- name: ensure static NATs
|
||||||
|
local_action:
|
||||||
|
module: cs_staticnat
|
||||||
|
vm: "{{ inventory_hostname_short }}"
|
||||||
|
ip_address: "{{ public_ip }}"
|
||||||
|
when: public_ip is defined
|
||||||
|
|
||||||
- name: ensure firewall ports opened
|
- name: ensure firewall ports opened
|
||||||
cs_firewall:
|
local_action:
|
||||||
|
module: cs_firewall
|
||||||
ip_address: "{{ public_ip }}"
|
ip_address: "{{ public_ip }}"
|
||||||
port: "{{ item.port }}"
|
port: "{{ item.port }}"
|
||||||
cidr: "{{ item.cidr | default('0.0.0.0/0') }}"
|
cidr: "{{ item.cidr | default('0.0.0.0/0') }}"
|
||||||
with_items: cs_firewall
|
with_items: cs_firewall
|
||||||
when: public_ip is defined
|
when: public_ip is defined
|
||||||
|
|
||||||
- name: ensure static NATs
|
In the above play we defined 3 tasks and use the group ``cloud-vm`` as target to handle all VMs in the cloud but instead SSH to these VMs, we use ``local_action`` to execute the API calls locally from our workstation.
|
||||||
cs_staticnat: vm="{{ inventory_hostname_short }}" ip_address="{{ public_ip }}"
|
|
||||||
when: public_ip is defined
|
|
||||||
|
|
||||||
In the above play we defined 3 tasks and use the group ``cloud-vm`` as target to handle all VMs in the cloud but instead SSH to these VMs, we use ``connetion=local`` to execute the API calls locally from our workstation.
|
|
||||||
|
|
||||||
In the first task, we ensure we have a running VM created with the Debian template. If the VM is already created but stopped, it would just start it. If you like to change the offering on an exisiting VM, you must add ``force: yes`` to the task, which would stop the VM, change the offering and start the VM again.
|
In the first task, we ensure we have a running VM created with the Debian template. If the VM is already created but stopped, it would just start it. If you like to change the offering on an exisiting VM, you must add ``force: yes`` to the task, which would stop the VM, change the offering and start the VM again.
|
||||||
|
|
||||||
|
@ -246,59 +252,68 @@ The playbook looks like the following:
|
||||||
---
|
---
|
||||||
- name: cloud base setup
|
- name: cloud base setup
|
||||||
hosts: localhost
|
hosts: localhost
|
||||||
connection: local
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: upload ssh public key
|
- name: upload ssh public key
|
||||||
cs_sshkeypair:
|
local_action:
|
||||||
name: defaultkey
|
module: cs_sshkeypair
|
||||||
public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
name: defaultkey
|
||||||
|
public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
||||||
|
|
||||||
- name: ensure security groups exist
|
- name: ensure security groups exist
|
||||||
cs_securitygroup:
|
local_action:
|
||||||
name: "{{ item }}"
|
module: cs_securitygroup
|
||||||
with_items:
|
name: "{{ item }}"
|
||||||
- default
|
with_items:
|
||||||
- web
|
- default
|
||||||
|
- web
|
||||||
|
|
||||||
- name: add inbound SSH to security group default
|
- name: add inbound SSH to security group default
|
||||||
cs_securitygroup_rule:
|
local_action:
|
||||||
security_group: default
|
module: cs_securitygroup_rule
|
||||||
start_port: "{{ item }}"
|
security_group: default
|
||||||
end_port: "{{ item }}"
|
start_port: "{{ item }}"
|
||||||
with_items:
|
end_port: "{{ item }}"
|
||||||
- 22
|
with_items:
|
||||||
|
- 22
|
||||||
|
|
||||||
- name: add inbound TCP rules to security group web
|
- name: add inbound TCP rules to security group web
|
||||||
cs_securitygroup_rule:
|
local_action:
|
||||||
security_group: web
|
module: cs_securitygroup_rule
|
||||||
start_port: "{{ item }}"
|
security_group: web
|
||||||
end_port: "{{ item }}"
|
start_port: "{{ item }}"
|
||||||
with_items:
|
end_port: "{{ item }}"
|
||||||
- 80
|
with_items:
|
||||||
- 443
|
- 80
|
||||||
|
- 443
|
||||||
|
|
||||||
- name: install VMs in the cloud
|
- name: install VMs in the cloud
|
||||||
hosts: cloud-vm
|
hosts: cloud-vm
|
||||||
connection: local
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: create and run VMs on CloudStack
|
- name: create and run VMs on CloudStack
|
||||||
cs_instance:
|
local_action:
|
||||||
name: "{{ inventory_hostname_short }}"
|
module: cs_instance
|
||||||
template: Linux Debian 7 64-bit 20GB Disk
|
name: "{{ inventory_hostname_short }}"
|
||||||
service_offering: "{{ cs_offering }}"
|
template: Linux Debian 7 64-bit 20GB Disk
|
||||||
security_groups: "{{ cs_securitygroups }}"
|
service_offering: "{{ cs_offering }}"
|
||||||
ssh_key: defaultkey
|
security_groups: "{{ cs_securitygroups }}"
|
||||||
state: Running
|
ssh_key: defaultkey
|
||||||
register: vm
|
state: running
|
||||||
|
register: vm
|
||||||
|
|
||||||
- name: show VM IP
|
- name: show VM IP
|
||||||
debug: msg="VM {{ inventory_hostname }} {{ vm.default_ip }}"
|
debug:
|
||||||
|
msg: "VM {{ inventory_hostname }} {{ vm.default_ip }}"
|
||||||
|
|
||||||
- name: assing IP to the inventory
|
- name: assing IP to the inventory
|
||||||
set_fact: ansible_ssh_host={{ vm.default_ip }}
|
set_fact:
|
||||||
|
ansible_ssh_host: "{{ vm.default_ip }}"
|
||||||
|
|
||||||
- name: waiting for SSH to come up
|
- name: waiting for SSH to come up
|
||||||
wait_for: port=22 host={{ vm.default_ip }} delay=5
|
local_action:
|
||||||
|
module: wait_for
|
||||||
|
port: 22
|
||||||
|
host: "{{ vm.default_ip }}"
|
||||||
|
delay: 5
|
||||||
|
|
||||||
In the first play we setup the security groups, in the second play the VMs will created be assigned to these groups. Further you see, that we assign the public IP returned from the modules to the host inventory. This is needed as we do not know the IPs we will get in advance. In a next step you would configure the DNS servers with these IPs for accassing the VMs with their DNS name.
|
In the first play we setup the security groups, in the second play the VMs will created be assigned to these groups. Further you see, that we assign the public IP returned from the modules to the host inventory. This is needed as we do not know the IPs we will get in advance. In a next step you would configure the DNS servers with these IPs for accassing the VMs with their DNS name.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue