Created
May 27, 2019 12:24
-
-
Save markuman/4eb2d6511a313b5e8aaf9adb4d745a4e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: localhost | |
| connection: local | |
| gather_facts: False | |
| #################### | |
| # | |
| # run with | |
| # ANSIBLE_HOST_KEY_CHECKING=False \ | |
| # AWS_PROFILE=myaws \ | |
| # ansible-playbook \ | |
| # aws_docker_swarm.yml \ | |
| # --ssh-common-args="-i /home/m/.ssh/myaws.pem" | |
| # | |
| #################### | |
| vars: | |
| region: eu-west-1 | |
| VPC: vpc-c732c7a3 | |
| ami: ami-030dbca661d402413 # amazon linux 2 | |
| subnet: subnet-41d30025 # eu-west-1c | |
| tasks: | |
| - name: rules for my aws security group | |
| ec2_group: | |
| name: myaws | |
| description: allow incomming traffic only from hetzner.osuv.de | |
| region: "{{ region }}" | |
| state: present | |
| vpc_id: "{{ VPC }}" | |
| rules: | |
| - proto: all | |
| rule_desc: hetzner.osuv.de | |
| cidr_ip: "{{ lookup('dig', 'hetzner.osuv.de') }}/32" | |
| - proto: all | |
| rule_desc: internal traffic | |
| cidr_ip: "172.0.0.0/8" | |
| tags: | |
| Name: myaws | |
| # create instances | |
| ################## | |
| - name: add donald | |
| ec2: | |
| region: "{{ region }}" | |
| keypair: myaws | |
| group: myaws | |
| instance_type: t3a.small | |
| image: "{{ ami }}" | |
| wait: yes | |
| vpc_subnet_id: "{{ subnet }}" | |
| assign_public_ip: yes | |
| count: 1 | |
| instance_tags: | |
| Name: donald | |
| register: donald | |
| - name: create tick | |
| ec2: | |
| region: "{{ region }}" | |
| keypair: myaws | |
| group: myaws | |
| instance_type: t3a.micro | |
| image: "{{ ami }}" | |
| wait: yes | |
| vpc_subnet_id: "{{ subnet }}" | |
| assign_public_ip: yes | |
| count: 1 | |
| instance_tags: | |
| Name: tick | |
| register: tick | |
| - name: create trick | |
| ec2: | |
| region: "{{ region }}" | |
| keypair: myaws | |
| group: myaws | |
| instance_type: t3a.micro | |
| image: "{{ ami }}" | |
| wait: yes | |
| vpc_subnet_id: "{{ subnet }}" | |
| assign_public_ip: yes | |
| count: 1 | |
| instance_tags: | |
| Name: trick | |
| register: trick | |
| - name: create track | |
| ec2: | |
| region: "{{ region }}" | |
| keypair: myaws | |
| group: myaws | |
| instance_type: t3a.micro | |
| image: "{{ ami }}" | |
| wait: yes | |
| vpc_subnet_id: "{{ subnet }}" | |
| assign_public_ip: yes | |
| count: 1 | |
| instance_tags: | |
| Name: track | |
| register: track | |
| # wait for ssh | |
| ############## | |
| - name: Wait for donald SSH to come up | |
| wait_for: | |
| host: "{{ item.public_ip }}" | |
| port: 22 | |
| state: started | |
| with_items: "{{ donald.instances }}" | |
| - name: Wait for tick SSH to come up | |
| wait_for: | |
| host: "{{ item.public_ip }}" | |
| port: 22 | |
| state: started | |
| with_items: "{{ tick.instances }}" | |
| - name: Wait for trick SSH to come up | |
| wait_for: | |
| host: "{{ item.public_ip }}" | |
| port: 22 | |
| state: started | |
| with_items: "{{ trick.instances }}" | |
| - name: Wait for track SSH to come up | |
| wait_for: | |
| host: "{{ item.public_ip }}" | |
| port: 22 | |
| state: started | |
| with_items: "{{ track.instances }}" | |
| # add instance to temporary inventory for next plays | |
| #################################################### | |
| - name: add donald instances to manager host group | |
| add_host: | |
| hostname: "{{ item.public_ip }}" | |
| groupname: manager | |
| with_items: "{{ donald.instances }}" | |
| - name: add tick, trick and track instances to worker host group | |
| add_host: | |
| hostname: "{{ item.public_ip }}" | |
| groupname: worker | |
| with_items: "{{ tick.instances }}" | |
| - name: add tick, trick and track instances to worker host group | |
| add_host: | |
| hostname: "{{ item.public_ip }}" | |
| groupname: tick | |
| with_items: "{{ tick.instances }}" | |
| - name: add tick, trick and track instances to worker host group | |
| add_host: | |
| hostname: "{{ item.public_ip }}" | |
| groupname: worker | |
| with_items: "{{ trick.instances }}" | |
| - name: add tick, trick and track instances to worker host group | |
| add_host: | |
| hostname: "{{ item.public_ip }}" | |
| groupname: trick | |
| with_items: "{{ trick.instances }}" | |
| - name: add tick, trick and track instances to worker host group | |
| add_host: | |
| hostname: "{{ item.public_ip }}" | |
| groupname: worker | |
| with_items: "{{ track.instances }}" | |
| - name: add tick, trick and track instances to worker host group | |
| add_host: | |
| hostname: "{{ item.public_ip }}" | |
| groupname: track | |
| with_items: "{{ track.instances }}" | |
| ############ | |
| # | |
| # prepare host | |
| ############ | |
| - name: prepare tack | |
| hosts: tick | |
| become: True | |
| user: ec2-user | |
| gather_facts: False | |
| tasks: | |
| - name: hostname | |
| hostname: | |
| name: tick | |
| - name: prepare tick | |
| hosts: trick | |
| become: True | |
| user: ec2-user | |
| gather_facts: False | |
| tasks: | |
| - name: hostname | |
| hostname: | |
| name: trick | |
| - name: prepare track | |
| hosts: track | |
| become: True | |
| user: ec2-user | |
| gather_facts: False | |
| tasks: | |
| - name: hostname | |
| hostname: | |
| name: track | |
| - name: prepare track | |
| hosts: donald | |
| become: True | |
| user: ec2-user | |
| gather_facts: False | |
| tasks: | |
| - name: hostname | |
| hostname: | |
| name: donald | |
| ############ | |
| # | |
| # setup manager | |
| # | |
| ############ | |
| - name: Configure all instances | |
| hosts: manager | |
| become: True | |
| user: ec2-user | |
| gather_facts: False | |
| tasks: | |
| - name: bootstrap ansible usage by checking availabilty of python | |
| raw: test -e /usr/bin/python || (ln -s /usr/bin/python3 /usr/bin/python) | |
| - name: install docker | |
| yum: | |
| name: "{{ packages }}" | |
| vars: | |
| packages: | |
| - docker | |
| - python2-pip | |
| - name: enable docker | |
| systemd: | |
| name: docker | |
| state: started | |
| enabled: yes | |
| - name: pip install docker | |
| pip: | |
| name: docker | |
| - name: Init a new swarm with default parameters | |
| docker_swarm: | |
| state: present | |
| register: out | |
| - name: get join tokens | |
| set_fact: | |
| join_manager: "{{ out.swarm_facts.JoinTokens.Manager }}" | |
| join_worker: "{{ out.swarm_facts.JoinTokens.Worker }}" | |
| - name: show join token | |
| debug: | |
| msg: "{{ join_worker }}" | |
| # setup worker | |
| ############## | |
| - name: Configure worker instances | |
| hosts: worker | |
| become: True | |
| user: ec2-user | |
| gather_facts: False | |
| tasks: | |
| - name: bootstrap ansible usage by checking availabilty of python | |
| raw: test -e /usr/bin/python || (ln -s /usr/bin/python3 /usr/bin/python) | |
| - name: install docker | |
| yum: | |
| name: "{{ packages }}" | |
| vars: | |
| packages: | |
| - docker | |
| - python2-pip | |
| - name: enable docker | |
| systemd: | |
| name: docker | |
| state: started | |
| enabled: yes | |
| - name: pip install docker | |
| pip: | |
| name: docker | |
| - name: get join token | |
| set_fact: | |
| join_token: "{{ hostvars['manager']['join_worker'] }}" | |
| - name: Add nodes | |
| docker_swarm: | |
| state: join | |
| join_token: "{{ join_token }}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment