AnsibleでGCEインスタンスを管理する ref: http://qiita.com/curious-eyes/items/c7feb3edbeb7c7c640e6

file0.txt

$ pip install apache-libcloud

file1.txt

~/gce_ansible/
 play.sh          # playbook実行シェルスクリプト
 master.yml       # master playbook
 credentials/     # 証明書管理Dir
    cacert.pem     # libcloud用 CA bundleファイル
    pkey.pem       # GCE用 証明書ファイル
    secrets.py     # 証明書指定ファイル
 inventory/       # inventory管理用Dir
    gce.ini        # GCE用設定ファイル
    gce.py         # GCE用モジュール
    hosts          # inventoryファイル
 vars/
    gce_auth.yml   # GCE認証情報変数
    instance.yml   # GCEinstance設定変数

file10.yml

- name: Create new GCE instances
  hosts: localhost
  gather_facts: no
  vars_files:
    - "vars/instance.yml"
    - "vars/gce_auth.yml"
  tasks:
    - name: Launch instances
      local_action:
        module: gce
        instance_names: "{{ names }}"
        machine_type: "{{ type }}"
        image: "{{ image }}"
        zone: "{{ zone }}"
        service_account_email: "{{ service_account_email }}"
        pem_file: "{{ pem_file }}"
        project_id: "{{ project_id }}"
        tags: webserver

file11.yml

service_account_email: i...@project.googleusercontent.com
pem_file: ~/gce_ansible/credentials/pkey.pem
project_id: project-name

file12.yml

names: www1
type: f1-micro
image: debian-7
zone: us-central1-b

file13.txt

#!/bin/bash
PLAYBOOK="$1"

if [ -z $PLAYBOOK ]; then
  echo "You need to pass a playback as argument to this script."
  exit 1
fi

export GCE_INI_PATH=$(pwd)/inventory/gce.ini
export SSL_CERT_FILE=$(pwd)/credentials/cacert.pem
export ANSIBLE_HOST_KEY_CHECKING=False

if [ ! -f "$SSL_CERT_FILE" ]; then
  curl -O http://curl.haxx.se/ca/cacert.pem
fi

ansible-playbook -v -i inventory/ "$PLAYBOOK"

file14.txt

$ cd ~/gce_ansible
$ ./play.sh master.yml

PLAY [Create new GCE instances] ******************
...(略)...
PLAY RECAP ********************************************************************
127.0.0.1                  : ok=1    changed=1    unreachable=0    failed=0

file2.txt

RuntimeError: No CA Certificates were found in CA_CERTS_PATH.

file3.txt

$ openssl pkcs12 -in (p12ファイルパス).p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out ~/gce_ansible/credentials/pkey.pem

file4.py

GCE_PARAMS = ('i...@project.googleusercontent.com', '~/gce_ansible/credentials/pkey.pem')
GCE_KEYWORD_PARAMS = {'project': 'project-name'}

file5.txt

[localhost]
127.0.0.1

file6.txt

- contrib/inventory/gce.ini
- contrib/inventory/gce.py

file7.txt

libcloud_secrets = /Users/shuhei/gce_ansible/credentials/secrets.py

file8.txt

$ cd ~/gce_ansible
$ export SSL_CERT_FILE=$HOME/gce_ansible/credentials/cacert.pem # Mac OSX の場合のみ
$ ./inventory/gce.py --list

file9.txt

$ cd ~/gce_ansible
$ export GCE_INI_PATH=$HOME/gce_ansible/inventory/gce.ini
$ ansible all -i inventory/gce.py -m setup
hostname | success >> {
  "ansible_facts": {
    "ansible_all_ipv4_addresses": [
      "x.x.x.x"
    ],
  ....
  }
}