projects / awsible / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add vpcaccess role
[awsible] / roles / vpcaccess / tasks / main.yml
1 ---
2 - action: ec2_facts
3
4 - name: Enable IP Forwarding
5 with_items:
6 - { "var": "net.ipv4.ip_forward", "val": 1 }
7 - { "var": "net.ipv4.conf.eth0.send_redirects", "val": 0 }
8 sysctl:
9 state: present
10 name: "{{ item.var }}"
11 value: "{{ item.val }}"
12 sysctl_set: yes
13 reload: yes
14 ignoreerrors: yes
15
16 - name: naming things
17 set_fact:
18 environment_name: "{{ ACCT_NAME }}"
19 - name: Find CIDR
20 set_fact:
21 subnet_to_announce: "{{ vpc.vpc.cidr_block }}"
22
23 - name: enable PAT
24 iptables:
25 table: nat
26 chain: POSTROUTING
27 out_interface: eth0
28 source: "{{ vpc.vpc.cidr_block }}"
29 jump: MASQUERADE
30 - command: /etc/init.d/iptables save
31 args:
32 creates: /etc/sysconfig/iptables
33
34 - name: Attach EIP
35 delegate_to: localhost
36 become: no
37 ec2_eip:
38 state: present
39 in_vpc: true
40 device_id: "{{ ansible_ec2_instance_id }}"
41 region: "{{ ansible_ec2_placement_region }}"
42 reuse_existing_ip_allowed: yes
43 register: eip_attachment
44
45 - name: Refresh inventory
46 when: eip_attachment|changed
47 meta: refresh_inventory
48
49 - name: Install support scripts
50 with_items:
51 - routeUpdater.py
52 copy:
53 src: "{{ item }}"
54 dest: "/usr/local/bin/{{ item }}"
55 owner: root
56 group: root
57 mode: "0755"
58
59 - name: Take over private VPC routing
60 command: /usr/local/bin/routeUpdater.py
61
62 - name: Install Quagga
63 yum:
64 name: quagga
65 state: present
66
67 - name: Configure Quagga
68 with_items:
69 - ripd.conf
70 - zebra.conf
71 template:
72 src: "{{ item }}.j2"
73 dest: "/etc/quagga/{{ item }}"
74 owner: quagga
75 group: quagga
76 mode: "0640"
77 notify:
78 - restart ripd
79 - restart zebra
80
81 - name: Enable Quagga
82 with_items:
83 - ripd
84 - zebra
85 service:
86 name: "{{ item }}"
87 enabled: yes
88 notify:
89 - restart ripd
90 - restart zebra
AWSible - Autonomous Ansible in AWS