| | |
| | | Value: "{{security_group['name']}}" |
| | | {% endfor %} |
| | | |
| | | |
| | | {% for security_group in security_groups %} |
| | | {% for rule in security_group['rules'] %} |
| | | {{security_group['name']}}{{rule['name']}}: |
| | | {{security_group['name']}}_{{rule['name']}}: |
| | | Type: "AWS::EC2::SecurityGroupIngress" |
| | | Properties: |
| | | GroupId: |
| | | Fn::GetAtt: |
| | | - "{{security_group['name']}}" |
| | | - GroupId |
| | | IpProtocol: "{{rule['protocol']}}" |
| | | FromPort: "{{rule['from_port']}}" |
| | | ToPort: "{{rule['to_port']}}" |
| | | CidrIp: "{{rule['cidr']}}" |
| | | Fn::GetAtt: |
| | | - "{{security_group['name']}}" |
| | | - GroupId |
| | | IpProtocol: tcp |
| | | FromPort: {{rule['from_port']}} |
| | | ToPort: {{rule['to_port']}} |
| | | {% if rule['cidr'] is defined %} |
| | | CidrIp: "{{rule['cidr']}}" |
| | | {% endif %} |
| | | {% if rule['from_group'] is defined %} |
| | | from_group: "{{rule['from_group']}}" |
| | | {% endif %} |
| | | {% endfor %} |
| | | {% endfor %} |
| | | |
| | | |
| | | # PublicSG: |
| | | # Type: "AWS::EC2::SecurityGroup" |
| | | # Properties: |
| | | # GroupDescription: Host |
| | | # VpcId: |
| | | # Ref: Vpc |
| | | # Tags: |
| | | # - Key: Name |
| | | # Value: host_sg |
| | | # |
| | | # HostUDPPorts: |
| | | # Type: "AWS::EC2::SecurityGroupIngress" |
| | | # Properties: |
| | | # GroupId: |
| | | # Fn::GetAtt: |
| | | # - PublicSG |
| | | # - GroupId |
| | | # IpProtocol: udp |
| | | # FromPort: 0 |
| | | # ToPort: 65535 |
| | | # CidrIp: "0.0.0.0/0" |
| | | # |
| | | # HostTCPPorts: |
| | | # Type: "AWS::EC2::SecurityGroupIngress" |
| | | # Properties: |
| | | # GroupId: |
| | | # Fn::GetAtt: |
| | | # - PublicSG |
| | | # - GroupId |
| | | # IpProtocol: tcp |
| | | # FromPort: 0 |
| | | # ToPort: 65535 |
| | | # CidrIp: "0.0.0.0/0" |
| | | # |
| | | # zoneinternalidns: |
| | | # Type: "AWS::Route53::HostedZone" |
| | | # Properties: |
| | | # Name: "{{ zone_internal_dns }}" |
| | | # VPCs: |
| | | # - VPCId: |
| | | # Ref: Vpc |
| | | # VPCRegion: |
| | | # Ref: "AWS::Region" |
| | | # HostedZoneConfig: |
| | | # Comment: "Created By ansible agnostic deployer" |
| | | # |
| | | # CloudDNS: |
| | | # Type: AWS::Route53::RecordSetGroup |
| | | # DependsOn: |
| | | # {% for c in range(1,(infranode_instance_count|int)+1) %} |
| | | # - "infranode{{loop.index}}EIP" |
| | | # {% endfor %} |
| | | # Properties: |
| | | # HostedZoneId: "{{HostedZoneId}}" |
| | | # RecordSets: |
| | | # - Name: "{{cloudapps_dns}}" |
| | | # Type: A |
| | | # TTL: 900 |
| | | # ResourceRecords: |
| | | # {% for c in range(1,(infranode_instance_count|int)+1) %} |
| | | # - Fn::GetAtt: |
| | | # - infranode{{loop.index}} |
| | | # - PublicIp |
| | | # {% endfor %} |
| | | # |
| | | # {% for instance in instances %} |
| | | # {% if instance['dns_loadbalancer']|d(false)|bool and not instance['unique']|d(false)|bool %} |
| | | # {{instance['name']}}DNSLoadBalancer: |
| | | # Type: "AWS::Route53::RecordSetGroup" |
| | | # DependsOn: |
| | | # {% for c in range(1, (instance['count']|int)+1) %} |
| | | # - {{instance['name']}}{{c}}EIP |
| | | # {% endfor %} |
| | | # Properties: |
| | | # HostedZoneId: {{HostedZoneId}} |
| | | # RecordSets: |
| | | # - Name: "{{instance['name']}}.{{subdomain_base}}." |
| | | # Type: A |
| | | # TTL: 900 |
| | | # ResourceRecords: |
| | | # {% for c in range(1,(instance['count'] |int)+1) %} |
| | | # - "Fn::GetAtt": |
| | | # - {{instance['name']}}{{c}} |
| | | # - PublicIp |
| | | # {% endfor %} |
| | | # {% endif %} |
| | | # |
| | | # {% for c in range(1,(instance['count'] |int)+1) %} |
| | | # {{instance['name']}}{{loop.index}}: |
| | | # Type: "AWS::EC2::Instance" |
| | | # Properties: |
| | | # ImageId: |
| | | # Fn::FindInMap: |
| | | # - RegionMapping |
| | | # - Ref: AWS::Region |
| | | # - {{ instance['image_id'] | default('RHELAMI') }} |
| | | # InstanceType: "{{instance['flavor'][cloud_provider]}}" |
| | | # KeyName: "{{instance['key_name'] | default(key_name)}}" |
| | | # {% if instance['UserData'] is defined %} |
| | | # {{instance['UserData']}} |
| | | # {% endif %} |
| | | # SecurityGroupIds: |
| | | # - "Fn::GetAtt": |
| | | # - {{instance['security_group']}} |
| | | # - GroupId |
| | | # SubnetId: |
| | | # Ref: {{instance['subnet']}} |
| | | # Tags: |
| | | # {% if instance['unique'] | d(false) | bool %} |
| | | # - Key: Name |
| | | # Value: {{instance['name']}} |
| | | # - Key: internaldns |
| | | # Value: {{instance['name']}}.{{chomped_zone_internal_dns}} |
| | | # {% else %} |
| | | # - Key: Name |
| | | # Value: {{instance['name']}}{{loop.index}} |
| | | # - Key: internaldns |
| | | # Value: {{instance['name']}}{{loop.index}}.{{chomped_zone_internal_dns}} |
| | | # {% endif %} |
| | | # - Key: "owner" |
| | | # Value: "{{ email | default('unknownuser') }}" |
| | | # - Key: "Project" |
| | | # Value: "{{project_tag}}" |
| | | # - Key: "{{project_tag}}" |
| | | # Value: "{{ instance['name'] }}" |
| | | # {% for tag in instance['tags'] %} |
| | | # - Key: {{tag['key']}} |
| | | # Value: {{tag['value']}} |
| | | # {% endfor %} |
| | | # BlockDeviceMappings: |
| | | # - DeviceName: "/dev/sda1" |
| | | # Ebs: |
| | | # VolumeSize: {{ instance['rootfs_size'] | default('50') }} |
| | | # {% for vol in instance['volumes']|default([]) %} |
| | | # - DeviceName: "{{ vol['device_name'] }}" |
| | | # Ebs: |
| | | # VolumeType: "{{ vol['volume_type'] | d('gp2') }}" |
| | | # VolumeSize: "{{ vol['volume_size'] | d('20') }}" |
| | | # {% endfor %} |
| | | # |
| | | # {{instance['name']}}{{loop.index}}InternalDNS: |
| | | # Type: "AWS::Route53::RecordSetGroup" |
| | | # Properties: |
| | | # HostedZoneId: |
| | | # Ref: zoneinternalidns |
| | | # RecordSets: |
| | | # {% if instance['unique'] | d(false) | bool %} |
| | | # - Name: "{{instance['name']}}.{{zone_internal_dns}}" |
| | | # {% else %} |
| | | # - Name: "{{instance['name']}}{{loop.index}}.{{zone_internal_dns}}" |
| | | # {% endif %} |
| | | # Type: A |
| | | # TTL: 10 |
| | | # ResourceRecords: |
| | | # - "Fn::GetAtt": |
| | | # - {{instance['name']}}{{loop.index}} |
| | | # - PrivateIp |
| | | # |
| | | # {% if instance['public_dns'] %} |
| | | # {{instance['name']}}{{loop.index}}EIP: |
| | | # Type: "AWS::EC2::EIP" |
| | | # DependsOn: |
| | | # - VpcGA |
| | | # Properties: |
| | | # InstanceId: |
| | | # Ref: {{instance['name']}}{{loop.index}} |
| | | # |
| | | # {{instance['name']}}{{loop.index}}PublicDNS: |
| | | # Type: "AWS::Route53::RecordSetGroup" |
| | | # DependsOn: |
| | | # - {{instance['name']}}{{loop.index}}EIP |
| | | # Properties: |
| | | # HostedZoneId: {{HostedZoneId}} |
| | | # RecordSets: |
| | | # {% if instance['unique'] | d(false) | bool %} |
| | | # - Name: "{{instance['name']}}.{{subdomain_base}}." |
| | | # {% else %} |
| | | # - Name: "{{instance['name']}}{{loop.index}}.{{subdomain_base}}." |
| | | # {% endif %} |
| | | # Type: A |
| | | # TTL: 10 |
| | | # ResourceRecords: |
| | | # - "Fn::GetAtt": |
| | | # - {{instance['name']}}{{loop.index}} |
| | | # - PublicIp |
| | | # {% endif %} |
| | | # {% endfor %} |
| | | # {% endfor %} |
| | | # |
| | | # Outputs: |
| | | # Route53internalzoneOutput: |
| | | # Description: The ID of the internal route 53 zone |
| | | # Value: |
| | | # Ref: zoneinternalidns |
| | | zoneinternalidns: |
| | | Type: "AWS::Route53::HostedZone" |
| | | Properties: |
| | | Name: "{{ zone_internal_dns }}" |
| | | VPCs: |
| | | - VPCId: |
| | | Ref: Vpc |
| | | VPCRegion: |
| | | Ref: "AWS::Region" |
| | | HostedZoneConfig: |
| | | Comment: "Created By ansible agnostic deployer" |
| | | |
| | | CloudDNS: |
| | | Type: AWS::Route53::RecordSetGroup |
| | | DependsOn: |
| | | {% for c in range(1,(infranode_instance_count|int)+1) %} |
| | | - "infranode{{loop.index}}EIP" |
| | | {% endfor %} |
| | | Properties: |
| | | HostedZoneId: "{{HostedZoneId}}" |
| | | RecordSets: |
| | | - Name: "{{cloudapps_dns}}" |
| | | Type: A |
| | | TTL: 900 |
| | | ResourceRecords: |
| | | {% for c in range(1,(infranode_instance_count|int)+1) %} |
| | | - Fn::GetAtt: |
| | | - infranode{{loop.index}} |
| | | - PublicIp |
| | | {% endfor %} |
| | | |
| | | {% for instance in instances %} |
| | | {% if instance['dns_loadbalancer']|d(false)|bool and not instance['unique']|d(false)|bool %} |
| | | {{instance['name']}}DNSLoadBalancer: |
| | | Type: "AWS::Route53::RecordSetGroup" |
| | | DependsOn: |
| | | {% for c in range(1, (instance['count']|int)+1) %} |
| | | - {{instance['name']}}{{c}}EIP |
| | | {% endfor %} |
| | | Properties: |
| | | HostedZoneId: {{HostedZoneId}} |
| | | RecordSets: |
| | | - Name: "{{instance['name']}}.{{subdomain_base}}." |
| | | Type: A |
| | | TTL: 900 |
| | | ResourceRecords: |
| | | {% for c in range(1,(instance['count'] |int)+1) %} |
| | | - "Fn::GetAtt": |
| | | - {{instance['name']}}{{c}} |
| | | - PublicIp |
| | | {% endfor %} |
| | | {% endif %} |
| | | |
| | | {% for c in range(1,(instance['count'] |int)+1) %} |
| | | {{instance['name']}}{{loop.index}}: |
| | | Type: "AWS::EC2::Instance" |
| | | Properties: |
| | | ImageId: |
| | | Fn::FindInMap: |
| | | - RegionMapping |
| | | - Ref: AWS::Region |
| | | - {{ instance['image_id'] | default('RHELAMI') }} |
| | | InstanceType: "{{instance['flavor'][cloud_provider]}}" |
| | | KeyName: "{{instance['key_name'] | default(key_name)}}" |
| | | {% if instance['UserData'] is defined %} |
| | | {{instance['UserData']}} |
| | | {% endif %} |
| | | SecurityGroupIds: |
| | | - "Fn::GetAtt": |
| | | - {{instance['security_group']}} |
| | | - GroupId |
| | | SubnetId: |
| | | Ref: {{instance['subnet']}} |
| | | Tags: |
| | | {% if instance['unique'] | d(false) | bool %} |
| | | - Key: Name |
| | | Value: {{instance['name']}} |
| | | - Key: internaldns |
| | | Value: {{instance['name']}}.{{chomped_zone_internal_dns}} |
| | | {% else %} |
| | | - Key: Name |
| | | Value: {{instance['name']}}{{loop.index}} |
| | | - Key: internaldns |
| | | Value: {{instance['name']}}{{loop.index}}.{{chomped_zone_internal_dns}} |
| | | {% endif %} |
| | | - Key: "owner" |
| | | Value: "{{ email | default('unknownuser') }}" |
| | | - Key: "Project" |
| | | Value: "{{project_tag}}" |
| | | - Key: "{{project_tag}}" |
| | | Value: "{{ instance['name'] }}" |
| | | {% for tag in instance['tags'] %} |
| | | - Key: {{tag['key']}} |
| | | Value: {{tag['value']}} |
| | | {% endfor %} |
| | | BlockDeviceMappings: |
| | | - DeviceName: "/dev/sda1" |
| | | Ebs: |
| | | VolumeSize: {{ instance['rootfs_size'] | default('50') }} |
| | | {% for vol in instance['volumes']|default([]) %} |
| | | - DeviceName: "{{ vol['device_name'] }}" |
| | | Ebs: |
| | | VolumeType: "{{ vol['volume_type'] | d('gp2') }}" |
| | | VolumeSize: "{{ vol['volume_size'] | d('20') }}" |
| | | {% endfor %} |
| | | |
| | | {{instance['name']}}{{loop.index}}InternalDNS: |
| | | Type: "AWS::Route53::RecordSetGroup" |
| | | Properties: |
| | | HostedZoneId: |
| | | Ref: zoneinternalidns |
| | | RecordSets: |
| | | {% if instance['unique'] | d(false) | bool %} |
| | | - Name: "{{instance['name']}}.{{zone_internal_dns}}" |
| | | {% else %} |
| | | - Name: "{{instance['name']}}{{loop.index}}.{{zone_internal_dns}}" |
| | | {% endif %} |
| | | Type: A |
| | | TTL: 10 |
| | | ResourceRecords: |
| | | - "Fn::GetAtt": |
| | | - {{instance['name']}}{{loop.index}} |
| | | - PrivateIp |
| | | |
| | | {% if instance['public_dns'] %} |
| | | {{instance['name']}}{{loop.index}}EIP: |
| | | Type: "AWS::EC2::EIP" |
| | | DependsOn: |
| | | - VpcGA |
| | | Properties: |
| | | InstanceId: |
| | | Ref: {{instance['name']}}{{loop.index}} |
| | | |
| | | {{instance['name']}}{{loop.index}}PublicDNS: |
| | | Type: "AWS::Route53::RecordSetGroup" |
| | | DependsOn: |
| | | - {{instance['name']}}{{loop.index}}EIP |
| | | Properties: |
| | | HostedZoneId: {{HostedZoneId}} |
| | | RecordSets: |
| | | {% if instance['unique'] | d(false) | bool %} |
| | | - Name: "{{instance['name']}}.{{subdomain_base}}." |
| | | {% else %} |
| | | - Name: "{{instance['name']}}{{loop.index}}.{{subdomain_base}}." |
| | | {% endif %} |
| | | Type: A |
| | | TTL: 10 |
| | | ResourceRecords: |
| | | - "Fn::GetAtt": |
| | | - {{instance['name']}}{{loop.index}} |
| | | - PublicIp |
| | | {% endif %} |
| | | {% endfor %} |
| | | {% endfor %} |
| | | |
| | | Outputs: |
| | | Route53internalzoneOutput: |
| | | Description: The ID of the internal route 53 zone |
| | | Value: |
| | | Ref: zoneinternalidns |