Created
January 12, 2015 03:48
-
-
Save ober/41cf81a4b241f34ac41a to your computer and use it in GitHub Desktop.
proper indentiation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- name: AWS VPC | Create RSD-MultiTenant VPC | |
local_action: | |
module: ec2_vpc | |
state: present | |
cidr_block: "{{ vpc_subnet }}/16" | |
resource_tags: { "Environment":"Prod", "Stack":"{{ stack_name }}", "Name": "RSD-MultiTenant" } | |
region: us-east-1 | |
subnets: | |
- cidr: "{{ vpc_sub_public }}" | |
resource_tags: { "Environment": "Prod", "Stack":"{{ stack_name }}", "Tier": "Public", "Name": "RSD-Mt public" } | |
- cidr: "{{ vpc_sub_private }}" | |
resource_tags: { "Environment": "Prod", "Stack":"{{ stack_name }}", "Tier": "Private", "Name": "RSD-Mt private" } | |
internet_gateway: True | |
route_tables: | |
- subnets: | |
- "{{ vpc_sub_public }}" | |
routes: | |
- dest: 0.0.0.0/0 | |
gw: igw | |
- subnets: | |
- "{{ vpc_sub_private }}" | |
routes: | |
- dest: 0.0.0.0/0 | |
gw: igw | |
register: vpc | |
- name: AWS Security Group | Create security group for proxy access | |
local_action: | |
module: ec2_group | |
name: RSD-Mt-Proxy-Access | |
description: AWS security group for accessing proxy server | |
region: us-east-1 | |
vpc_id: "{{ vpc.vpc_id }}" | |
rules: | |
- proto: tcp | |
from_port: 22 | |
to_port: 22 | |
cidr_ip: 0.0.0.0/0 | |
- proto: tcp | |
from_port: 80 | |
to_port: 80 | |
cidr_ip: 0.0.0.0/0 | |
- proto: tcp | |
from_port: 443 | |
to_port: 443 | |
cidr_ip: 0.0.0.0/0 | |
# Haproxy stats | |
- proto: tcp | |
from_port: 1872 | |
to_port: 1872 | |
cidr_ip: 0.0.0.0/0 | |
# HTTP/HTTPS proxy setup | |
- proto: tcp | |
from_port: 8888 | |
to_port: 8888 | |
cidr_ip: "{{ vpc_sub_private }}" | |
# OpenLdap connections | |
- proto: tcp | |
from_port: 389 | |
to_port: 389 | |
cidr_ip: "{{ vpc_sub_private }}" | |
# NTP server port | |
- proto: udp | |
from_port: 123 | |
to_port: 123 | |
cidr_ip: "{{ vpc_sub_private }}" | |
- name: AWS Security Group | Create security group for machine access | |
local_action: | |
module: ec2_group | |
name: RSD-Mt-Machine-Access | |
description: AWS security group for access to normal machines | |
region: us-east-1 | |
vpc_id: "{{ vpc.vpc_id }}" | |
rules: | |
- proto: tcp | |
from_port: 22 | |
to_port: 22 | |
cidr_ip: 0.0.0.0/0 | |
# Tomcat admin | |
- proto: tcp | |
from_port: 8080 | |
to_port: 8085 | |
cidr_ip: 0.0.0.0/0 | |
# Solr admin | |
- proto: tcp | |
from_port: 8585 | |
to_port: 8585 | |
cidr_ip: 0.0.0.0/0 | |
- proto: tcp | |
from_port: 3306 | |
to_port: 3306 | |
cidr_ip: 0.0.0.0/0 | |
- proto: tcp | |
from_port: 2181 | |
to_port: 2181 | |
cidr_ip: 0.0.0.0/0 | |
# - debug: msg="{{vpc}}" | |
- name: Register Private subnet id | |
local_action: set_fact vpc_private_subnet_id="{{ item.id }}" | |
with_items: vpc.subnets | |
when: item.resource_tags.Tier == 'Private' | |
- name: Register Public subnet id | |
local_action: set_fact vpc_private_subnet_id="{{ item.id }}" | |
with_items: vpc.subnets | |
when: item.resource_tags.Tier == 'Public' | |
# this will create sec group and vpc subnets | |
# and create fact automatically for a given subnet |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment