From e3a6170ae637b82f69774373dbf19d44a7394086 Mon Sep 17 00:00:00 2001 From: Elliot Murphy Date: Mon, 20 May 2019 08:40:51 -0400 Subject: [PATCH] AWS support for existing EIP (revised) (#1292) * Support for associating to existing AWS Elastic IP Signed-off-by: Elliot Murphy * Backport ec2_eip_facts module for EIP support This means that EIP support no longer requires Ansible 2.6 The local fact module has been named ec2_elasticip_facts to avoid conflict with the ec2_eip_facts module whenever the Ansible 2.6 upgrade takes place. Signed-off-by: Elliot Murphy * Update from review feedback. Signed-off-by: Elliot Murphy * Move to the native module. Add additional condition for existing Elastic IP --- config.cfg | 7 +++++-- roles/cloud-ec2/defaults/main.yml | 1 + roles/cloud-ec2/files/stack.yaml | 17 ++++++++++++++++- roles/cloud-ec2/tasks/cloudformation.yml | 1 + roles/cloud-ec2/tasks/prompts.yml | 22 ++++++++++++++++++++++ 5 files changed, 45 insertions(+), 3 deletions(-) diff --git a/config.cfg b/config.cfg index 48b83fc..508caa9 100644 --- a/config.cfg +++ b/config.cfg @@ -131,9 +131,12 @@ cloud_providers: size: s-1vcpu-1gb image: "ubuntu-18-04-x64" ec2: - # Change the encrypted flag to "true" to enable AWS volume encryption, for encryption of data at rest. - # Warning: the Algo script will take approximately 6 minutes longer to complete. + # Change the encrypted flag to "true" to enable AWS volume encryption, for encryption of data at rest. + # Warning: the Algo script will take approximately 6 minutes longer to complete. encrypted: false + # Set use_existing_eip to "true" if you want to use a pre-allocated Elastic IP + # Additional prompt will be raised to determine which IP to use + use_existing_eip: true size: t2.micro image: name: "ubuntu-bionic-18.04" diff --git a/roles/cloud-ec2/defaults/main.yml b/roles/cloud-ec2/defaults/main.yml index 12b3f19..86ae995 100644 --- a/roles/cloud-ec2/defaults/main.yml +++ b/roles/cloud-ec2/defaults/main.yml @@ -5,3 +5,4 @@ ec2_vpc_nets: cidr_block: 172.16.0.0/16 subnet_cidr: 172.16.254.0/23 ec2_venv: "{{ playbook_dir }}/configs/.venvs/aws" +existing_eip: "" diff --git a/roles/cloud-ec2/files/stack.yaml b/roles/cloud-ec2/files/stack.yaml index 829a2cb..5a8d2f8 100644 --- a/roles/cloud-ec2/files/stack.yaml +++ b/roles/cloud-ec2/files/stack.yaml @@ -11,6 +11,12 @@ Parameters: Type: String WireGuardPort: Type: String + UseThisElasticIP: + Type: String + Default: '' +Conditions: + AllocateNewEIP: !Equals [!Ref UseThisElasticIP, ''] + AssociateExistingEIP: !Not [!Equals [!Ref UseThisElasticIP, '']] Resources: VPC: Type: AWS::EC2::VPC @@ -175,6 +181,7 @@ Resources: ElasticIP: Type: AWS::EC2::EIP + Condition: AllocateNewEIP Properties: Domain: vpc InstanceId: !Ref EC2Instance @@ -182,6 +189,14 @@ Resources: - EC2Instance - VPCGatewayAttachment + ElasticIPAssociation: + Type: AWS::EC2::EIPAssociation + Condition: AssociateExistingEIP + Properties: + AllocationId: !Ref UseThisElasticIP + InstanceId: !Ref EC2Instance + + Outputs: ElasticIP: - Value: !Ref ElasticIP + Value: !GetAtt [EC2Instance, PublicIp] diff --git a/roles/cloud-ec2/tasks/cloudformation.yml b/roles/cloud-ec2/tasks/cloudformation.yml index 126c531..8aadfaa 100644 --- a/roles/cloud-ec2/tasks/cloudformation.yml +++ b/roles/cloud-ec2/tasks/cloudformation.yml @@ -12,6 +12,7 @@ PublicSSHKeyParameter: "{{ lookup('file', SSH_keys.public) }}" ImageIdParameter: "{{ ami_image }}" WireGuardPort: "{{ wireguard_port }}" + UseThisElasticIP: "{{ existing_eip }}" tags: Environment: Algo register: stack diff --git a/roles/cloud-ec2/tasks/prompts.yml b/roles/cloud-ec2/tasks/prompts.yml index 2993f69..040af83 100644 --- a/roles/cloud-ec2/tasks/prompts.yml +++ b/roles/cloud-ec2/tasks/prompts.yml @@ -53,3 +53,25 @@ [{{ default_region }}] register: _algo_region when: region is undefined + +- block: + - name: Get existing available Elastic IPs + ec2_eip_facts: + register: raw_eip_addresses + + - set_fact: + available_eip_addresses: "{{ raw_eip_addresses.addresses | selectattr('association_id', 'undefined') | list }}" + + - pause: + prompt: >- + What Elastic IP would you like to use? + {% for eip in available_eip_addresses %} + {{ loop.index }}. {{ eip['public_ip'] }} + {% endfor %} + + Enter the number of your desired Elastic IP + register: _use_existing_eip + + - set_fact: + existing_eip: "{{ available_eip_addresses[_use_existing_eip.user_input | int -1 ]['allocation_id'] }}" + when: cloud_providers.ec2.use_existing_eip