codygreen/deploy_bigip_aws.yaml

## deploy_bigip_aws.yaml
--- # Deploy a BIG-IP in AWS

- name: Deploy BIG-IP
  hosts: localhost
  gather_facts: false
  vars:
    stack_name: "my-ansible-test"
    region: us-east-2
    template_url: https://s3.amazonaws.com/f5-cft/f5-existing-stack-payg-1nic-bigip.template
    vpc: vpc-1234567890
    subnet1Az1: subnet-1234567890
    imageName: Good25Mbps
    instanceType: t2.medium
    sshKey: my-key
    restrictedSrcAddress: 0.0.0.0/0
    restrictedSrcAddressApp: 0.0.0.0/0
    user: admin
    password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          66376135353162303535313338653431306266386566313733383330346162376164383633663133
          3265306666346466366638333339633662353931626462350a306132373835643964393635306232
          64373835333562613566363831373261653138343134303664376661313138623766613537303736
          3961373762333965390a306331343461646139616162353263363038633034393632386234363463
          34366461336266613130623538613036396262343339636666626436663662313935

  tasks:
  # Deploy BIG-IP in AWS
  - name: Deploy a BIG-IP in AWS via CFT
    register: deploy_output
    cloudformation:
      stack_name: "{{ stack_name }}"
      state: present
      region: "{{ region }}"
      template_url: "{{ template_url }}"
      template_parameters:
        Vpc: "{{ vpc }}"
        subnet1Az1: "{{ subnet1Az1 }}"
        imageName: "{{ imageName }}"
        instanceType: "{{ instanceType }}"
        sshKey: "{{ sshKey }}"
        restrictedSrcAddress: "{{ restrictedSrcAddress }}"
        restrictedSrcAddressApp: "{{ restrictedSrcAddressApp }}"

  # Wait for BIG-IP to be ready
  - name: Wait for BIG-IP to be ready
    wait_for:
      host: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
      port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}"
      state: present

  # Change the BIG-IP admin password
  - name: Change BIG-IP admin password
    bigip_command:
      provider:
        server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
        ssh_keyfile: "{{ playbook_dir }}/files/cody-key.pem"
        transport: cli
        user: "{{ user }}"
      commands: modify auth user {{ user }} password {{ password }}

  # Install Declarative Onboarding RPM
  # NOTE: rpm binary must be installed on host running playbook
  - name: Retrieve DO Install Version
    find:
      paths: "{{ playbook_dir }}/files"
      patterns: "f5-decl*.rpm"
    register: dorpm

  - name: Install DO
    bigip_iapplx_package:
      package: "{{ dorpm.files[0].path }}"
      provider:
        server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
        server_port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}"
        transport: rest
        user: "{{ user }}"
        password: "{{ password }}"
        validate_certs: no

  # Push Declarative Onboarding declaration to BIG-IP
  - name: Push DO declaration to BIG-IP
    uri:
      url: "{{ deploy_output.stack_outputs.Bigip1Url }}/mgmt/shared/declarative-onboarding"
      method: POST
      user: "{{ user }}"
      password: "{{ password }}"
      #body: "{{ playbook_dir }}/files/single_nic_do.json"
      body: "{{ lookup('file', 'files/single_nic_do.json') }}"
      status_code: 202
      timeout: 300
      body_format: json
      validate_certs: no

  # - debug:
  #     var: deploy_output.stack_outputs
	--- # Deploy a BIG-IP in AWS

	- name: Deploy BIG-IP
	hosts: localhost
	gather_facts: false
	vars:
	stack_name: "my-ansible-test"
	region: us-east-2
	template_url: https://s3.amazonaws.com/f5-cft/f5-existing-stack-payg-1nic-bigip.template
	vpc: vpc-1234567890
	subnet1Az1: subnet-1234567890
	imageName: Good25Mbps
	instanceType: t2.medium
	sshKey: my-key
	restrictedSrcAddress: 0.0.0.0/0
	restrictedSrcAddressApp: 0.0.0.0/0
	user: admin
	password: !vault \|
	$ANSIBLE_VAULT;1.1;AES256
	66376135353162303535313338653431306266386566313733383330346162376164383633663133
	3265306666346466366638333339633662353931626462350a306132373835643964393635306232
	64373835333562613566363831373261653138343134303664376661313138623766613537303736
	3961373762333965390a306331343461646139616162353263363038633034393632386234363463
	34366461336266613130623538613036396262343339636666626436663662313935

	tasks:
	# Deploy BIG-IP in AWS
	- name: Deploy a BIG-IP in AWS via CFT
	register: deploy_output
	cloudformation:
	stack_name: "{{ stack_name }}"
	state: present
	region: "{{ region }}"
	template_url: "{{ template_url }}"
	template_parameters:
	Vpc: "{{ vpc }}"
	subnet1Az1: "{{ subnet1Az1 }}"
	imageName: "{{ imageName }}"
	instanceType: "{{ instanceType }}"
	sshKey: "{{ sshKey }}"
	restrictedSrcAddress: "{{ restrictedSrcAddress }}"
	restrictedSrcAddressApp: "{{ restrictedSrcAddressApp }}"

	# Wait for BIG-IP to be ready
	- name: Wait for BIG-IP to be ready
	wait_for:
	host: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
	port: "{{ deploy_output.stack_outputs.Bigip1Url \| urlsplit('port')}}"
	state: present

	# Change the BIG-IP admin password
	- name: Change BIG-IP admin password
	bigip_command:
	provider:
	server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
	ssh_keyfile: "{{ playbook_dir }}/files/cody-key.pem"
	transport: cli
	user: "{{ user }}"
	commands: modify auth user {{ user }} password {{ password }}

	# Install Declarative Onboarding RPM
	# NOTE: rpm binary must be installed on host running playbook
	- name: Retrieve DO Install Version
	find:
	paths: "{{ playbook_dir }}/files"
	patterns: "f5-decl*.rpm"
	register: dorpm

	- name: Install DO
	bigip_iapplx_package:
	package: "{{ dorpm.files[0].path }}"
	provider:
	server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
	server_port: "{{ deploy_output.stack_outputs.Bigip1Url \| urlsplit('port')}}"
	transport: rest
	user: "{{ user }}"
	password: "{{ password }}"
	validate_certs: no

	# Push Declarative Onboarding declaration to BIG-IP
	- name: Push DO declaration to BIG-IP
	uri:
	url: "{{ deploy_output.stack_outputs.Bigip1Url }}/mgmt/shared/declarative-onboarding"
	method: POST
	user: "{{ user }}"
	password: "{{ password }}"
	#body: "{{ playbook_dir }}/files/single_nic_do.json"
	body: "{{ lookup('file', 'files/single_nic_do.json') }}"
	status_code: 202
	timeout: 300
	body_format: json
	validate_certs: no

	# - debug:
	# var: deploy_output.stack_outputs