Ansible cloudformation 模块
Ansible cloudformation module
我不明白如何正确使用template_parameters参数(http://docs.ansible.com/ansible/cloudformation_module.html)
所以,看起来我可以使用此参数来覆盖模板中的某些参数。很简单的配置就是
sandbox_cloudformation.yml
---
- name: Sandbox CloudFormation
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Launch Ansible CloudFormation Stack
cloudformation:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
stack_name: "{{ aws_default_cloudformation_stack_name }}"
state: "present"
region: "{{ aws_default_region }}"
disable_rollback: true
template: "files/cloudformation.yml"
args:
template_parameters:
GroupDescription: "Sandbox Security Group"
cloudformation.yml
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Sandbox Stack
Resources:
SandboxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: "DEMO"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '80'
ToPort: '80'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/0
但是我遇到了下一个错误:
fatal: [127.0.0.1]: FAILED! => {"changed": false, "failed": true, "msg": "Parameter values specified for a template which does not require them."}
另外,我得到这个错误,如果尝试使用,例如
template_parameters:
KeyName: "{{ aws_default_keypair }}"
InstanceType: "{{ aws_default_instance_type }}"
此外,请建议使用 Ansible 的 cloudformation 模块的最佳方法。也许最好的方法是生成云形成模板并在下一步中使用它?喜欢..
- name: Render Cloud Formation Template
template: src=cloudformation.yml.j2 dest=rendered_templates/cloudformation.yml
- name: Launch Ansible CloudFormation Stack
cloudformation:
template: "rendered_templates/cloudformation.yml"
提前致谢!
您可以使用 template_parameters 将参数传递给 CloudFormation 模板。在模板中,您将使用 Ref 引用参数。在你的情况下:
剧本:
...
args:
template_parameters:
GroupDescriptionParam: "Sandbox Security Group"
...
模板:
...
Resources:
SandboxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription:
Ref: GroupDescriptionParam
...
见
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#w1ab2c19c12d282c19
有关 AWS SecurityGroup CloudFormation 模板的示例。
我发现创建 Jinja2 模板很方便,使用 Ansible template 模块将其转换为 CloudFormation 模板,而不是在 Ansible cloudformation 模块中使用 template_parameters 参数,只是就像您在问题末尾建议的那样。使用这种方法,您可以在 cloudformation 模块调用中省略 args 和 template_parameters。
例如:
- name: Generate CloudFormation template
become: no
run_once: yes
local_action:
module: template
src: "mycloudformation.yml.j2"
dest: "{{ cf_templ_dir }}/mycloudformation.yml"
tags:
- cloudformation
- cf_template
- name: Deploy the CloudFormation stack
become: no
run_once: yes
local_action:
module: cloudformation
stack_name: "{{ cf_stack_name }}"
state: present
region: "{{ ec2_default_region }}"
template: "{{ cf_templ_dir }}/mycloudformation.yml"
register: cf_result
tags:
- cloudformation
- name: Show CloudFormation output
run_once: yes
become: no
debug: var=cf_result
tags:
- cloudformation
和mycloudformation.yml.j2:
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Sandbox Stack
Resources:
SandboxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: {{ group_desc_param_defined_somewhere_in_ansible }}
...
我不明白如何正确使用template_parameters参数(http://docs.ansible.com/ansible/cloudformation_module.html)
所以,看起来我可以使用此参数来覆盖模板中的某些参数。很简单的配置就是
sandbox_cloudformation.yml
---
- name: Sandbox CloudFormation
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Launch Ansible CloudFormation Stack
cloudformation:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
stack_name: "{{ aws_default_cloudformation_stack_name }}"
state: "present"
region: "{{ aws_default_region }}"
disable_rollback: true
template: "files/cloudformation.yml"
args:
template_parameters:
GroupDescription: "Sandbox Security Group"
cloudformation.yml
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Sandbox Stack
Resources:
SandboxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: "DEMO"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '80'
ToPort: '80'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/0
但是我遇到了下一个错误:
fatal: [127.0.0.1]: FAILED! => {"changed": false, "failed": true, "msg": "Parameter values specified for a template which does not require them."}
另外,我得到这个错误,如果尝试使用,例如
template_parameters:
KeyName: "{{ aws_default_keypair }}"
InstanceType: "{{ aws_default_instance_type }}"
此外,请建议使用 Ansible 的 cloudformation 模块的最佳方法。也许最好的方法是生成云形成模板并在下一步中使用它?喜欢..
- name: Render Cloud Formation Template
template: src=cloudformation.yml.j2 dest=rendered_templates/cloudformation.yml
- name: Launch Ansible CloudFormation Stack
cloudformation:
template: "rendered_templates/cloudformation.yml"
提前致谢!
您可以使用 template_parameters 将参数传递给 CloudFormation 模板。在模板中,您将使用 Ref 引用参数。在你的情况下:
剧本:
...
args:
template_parameters:
GroupDescriptionParam: "Sandbox Security Group"
...
模板:
...
Resources:
SandboxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription:
Ref: GroupDescriptionParam
...
见 http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#w1ab2c19c12d282c19 有关 AWS SecurityGroup CloudFormation 模板的示例。
我发现创建 Jinja2 模板很方便,使用 Ansible template 模块将其转换为 CloudFormation 模板,而不是在 Ansible cloudformation 模块中使用 template_parameters 参数,只是就像您在问题末尾建议的那样。使用这种方法,您可以在 cloudformation 模块调用中省略 args 和 template_parameters。
例如:
- name: Generate CloudFormation template
become: no
run_once: yes
local_action:
module: template
src: "mycloudformation.yml.j2"
dest: "{{ cf_templ_dir }}/mycloudformation.yml"
tags:
- cloudformation
- cf_template
- name: Deploy the CloudFormation stack
become: no
run_once: yes
local_action:
module: cloudformation
stack_name: "{{ cf_stack_name }}"
state: present
region: "{{ ec2_default_region }}"
template: "{{ cf_templ_dir }}/mycloudformation.yml"
register: cf_result
tags:
- cloudformation
- name: Show CloudFormation output
run_once: yes
become: no
debug: var=cf_result
tags:
- cloudformation
和mycloudformation.yml.j2:
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Sandbox Stack
Resources:
SandboxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: {{ group_desc_param_defined_somewhere_in_ansible }}
...