--- - name: Step 002 Post Infrastructure hosts: localhost connection: local become: false vars_files: - "./env_vars.yml" - "./env_secret_vars.yml" tags: - step002 - post_infrastructure tasks: - name: Job Template to launch a Job Template with update on launch inventory set uri: url: "https://{{ ansible_tower_ip }}/api/v1/job_templates/{{ job_template_id }}/launch/" method: POST user: "{{ tower_admin }}" password: "{{ tower_admin_password }}" body: extra_vars: guid: "{{guid}}" ipa_host_password: "{{ ipa_host_password }}" body_format: json validate_certs: False HEADER_Content-Type: "application/json" status_code: 200, 201 when: tower_run == 'true' - name: customizization entry point for labs hosts: control_nodes gather_facts: false tasks: - name: test clone to control host git: repo: https://github.com/tonykay/bad-ansible.git dest: /tmp - name: create our own ansible agnostic deployer inventory hosts: localhost connection: local gather_facts: false become: false vars_files: - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_vars.yml" - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_secret_vars.yml" tags: - step001 - pre_infrastructure - generate_env_keys tasks: - name: get rid of linklight deployers hostvars set_fact: hostvars: "" - name: Gather EC2 facts ec2_instance_facts: aws_access_key: "{{ aws_access_key_id }}" aws_secret_key: "{{ aws_secret_access_key }}" region: "{{ aws_region_final|d(aws_region) | default(region) | default('us-east-1')}}" filters: instance-state-name: running "tag:Workshop": "{{ guid }}" register: ec2_facts - name: print our new instances debug: msg: "instance short name is: {{ item.tags.short_name }}" # var: item verbosity: 2 with_items: "{{ ec2_facts['instances'] }}" - name: print our bastion when found debug: msg: "found BASTION {{ item.id }}" verbosity: 2 when: item.tags.short_name == 'ansible' with_items: "{{ ec2_facts['instances'] }}" - name: Ensure Project AnsibleGroup and guid tags are present on all resources ec2_tag: region: "{{ aws_region_final|d(aws_region) | default(region) | default('us-east-1') }}" resource: "{{ item.id }}" state: present tags: Project: "{{ env_type }}-{{ guid }}" AnsibleGroup: "all" guid: "{{ guid }}" with_items: "{{ ec2_facts['instances'] }}" - name: tag bastion hosts with the bastion group tag ec2_tag: region: "{{ aws_region_final | d(aws_region) | d(region) | d('us-east-1') }}" resource: "{{ item.id }}" state: present tags: Project: "{{ env_type }}-{{ guid }}" AnsibleGroup: "bastions" when: item.tags.short_name == 'ansible' with_items: "{{ec2_facts['instances']}}" - name: Run infra-ec2-create-inventory Role include_role: name: "{{ ANSIBLE_REPO_PATH }}/roles-infra/infra-ec2-create-inventory" - name: Run Common SSH Config Generator Role include_role: name: "{{ANSIBLE_REPO_PATH}}/roles-infra/infra-common-ssh-config-generate" - name: ssh workaround thing hosts: all connection: local become: false vars_files: - "./env_vars.yml" - "./env_secret_vars.yml" tags: - step002 - post_infrastructure tasks: - name: set facts for remote access set_fact: ansible_ssh_extra_args: "{{ ansible_ssh_extra_args|d() }} -F {{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf"