This repository provides plays for provisioning RHEL nodes in AWS and creating/destroying an Apache web server.
The plays rely on particular assets being stored in Tower as credentials and extra_vars, and some preconfiguration in AWS. They can't run on their own.
Your AWS account ID needs to be enrolled as an AWS Account in the Subscriptions > Cloud Access section of the Customer Portal. This is required to gain access to the RHEL AMIs.
<my_personal_ip>/32
0.0.0.0/0
Machine
with the private key/user for the AWS SSH key-pair and AMI user.ec2-user
Amazon Web Services
with an access key/secret key with the ability to create/manage ec2 instances.# Input Configuration fields: - id: redhat_acct type: string label: Username - id: redhat_acct_pass type: string label: Password secret: true - id: redhat_acct_pool type: string label: Pool ID secret: true required: - redhat_acct - redhat_acct_pass - redhat_acct_pool # Injector Configuration extra_vars: redhat_account: '{{ redhat_acct }}' redhat_passphrase: '{{ redhat_acct_pass }}' redhat_pool: '{{ redhat_acct_pool }}'
An inventory with a source of type Amazon EC2
using the AWS credential. In my environment I have "Overwrite" and "Update on Launch" enabled, allowing the inventory to be dynamically updated and cleansed on every job run using it.
All job templates should use the previously created EC2 inventory.
create_ec2
On the EC2 creation template, the AWS credential created needs to be applied, as well as the following extra_args with "Prompt on Launch" enabled. Defaults can be set here for ease of use.
instance_name: instance_env: aws_region: aws_ssh_key: aws_subnet: aws_ami: aws_sec_groups: # Supply as YAML list!
configure_ec2
On the configuration template the Machine and Subscription credentials need to be applied. Also apply "Prompt on Launch" to the Limit
parameter, using the public DNS name output from the creation job as its input.
deploy_apache
and remove_apache
For the web server templates, the Machine key needs to be applied, as well as enabling "Prompt on Launch" for Limit
(same as the configuration template) and "Enable Privilege Escalation".
destroy_ec2
This template is a slimmed down variant of the initial EC2 creation playbook. It requires the following extra_args with "Prompt on Launch" enabled.
aws_region: instance_name: