1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
Alibaba Cloud Compute Services Guide
====================================
.. _alicloud_intro:
Introduction
````````````
Ansible contains several modules for controlling and managing Alibaba Cloud Compute Services (Alicloud). This guide
explains how to use the Alicloud Ansible modules together.
All Alicloud modules require ``footmark`` - install it on your control machine with ``pip install footmark``.
Cloud modules, including Alicloud modules, execute on your local machine (the control machine) with ``connection: local``, rather than on remote machines defined in your hosts.
Normally, you'll use the following pattern for plays that provision Alicloud resources:
.. code-block:: yaml
- hosts: localhost
connection: local
vars:
- ...
tasks:
- ...
.. _alicloud_authentication:
Authentication
``````````````
You can specify your Alicloud authentication credentials (access key and secret key) by passing them as
environment variables or by storing them in a vars file.
To pass authentication credentials as environment variables:
.. code-block:: shell
export ALICLOUD_ACCESS_KEY='Alicloud123'
export ALICLOUD_SECRET_KEY='AlicloudSecret123'
To store authentication credentials in a vars_files, encrypt them with :ref:`Ansible Vault<vault>` to keep them secure, then list them:
.. code-block:: yaml
---
alicloud_access_key: "--REMOVED--"
alicloud_secret_key: "--REMOVED--"
Note that if you store your credentials in a vars_files, you need to refer to them in each Alicloud module. For example:
.. code-block:: yaml
- ali_instance:
alicloud_access_key: "{{alicloud_access_key}}"
alicloud_secret_key: "{{alicloud_secret_key}}"
image_id: "..."
.. _alicloud_provisioning:
Provisioning
````````````
Alicloud modules create Alicloud ECS instances, disks, virtual private clouds, virtual switches, security groups and other resources.
You can use the ``count`` parameter to control the number of resources you create or terminate. For example, if you want exactly 5 instances tagged ``NewECS``,
set the ``count`` of instances to 5 and the ``count_tag`` to ``NewECS``, as shown in the last task of the example playbook below.
If there are no instances with the tag ``NewECS``, the task creates 5 new instances. If there are 2 instances with that tag, the task
creates 3 more. If there are 8 instances with that tag, the task terminates 3 of those instances.
If you do not specify a ``count_tag``, the task creates the number of instances you specify in ``count`` with the ``instance_name`` you provide.
.. code-block:: yaml
# alicloud_setup.yml
- hosts: localhost
connection: local
tasks:
- name: Create VPC
ali_vpc:
cidr_block: '{{ cidr_block }}'
vpc_name: new_vpc
register: created_vpc
- name: Create VSwitch
ali_vswitch:
alicloud_zone: '{{ alicloud_zone }}'
cidr_block: '{{ vsw_cidr }}'
vswitch_name: new_vswitch
vpc_id: '{{ created_vpc.vpc.id }}'
register: created_vsw
- name: Create security group
ali_security_group:
name: new_group
vpc_id: '{{ created_vpc.vpc.id }}'
rules:
- proto: tcp
port_range: 22/22
cidr_ip: 0.0.0.0/0
priority: 1
rules_egress:
- proto: tcp
port_range: 80/80
cidr_ip: 192.168.0.54/32
priority: 1
register: created_group
- name: Create a set of instances
ali_instance:
security_groups: '{{ created_group.group_id }}'
instance_type: ecs.n4.small
image_id: "{{ ami_id }}"
instance_name: "My-new-instance"
instance_tags:
Name: NewECS
Version: 0.0.1
count: 5
count_tag:
Name: NewECS
allocate_public_ip: true
max_bandwidth_out: 50
vswitch_id: '{{ created_vsw.vswitch.id}}'
register: create_instance
In the example playbook above, data about the vpc, vswitch, group, and instances created by this playbook
are saved in the variables defined by the "register" keyword in each task.
Each Alicloud module offers a variety of parameter options. Not all options are demonstrated in the above example.
See each individual module for further details and examples.
|
