From 747d8098ccd8bb736f762f8ca5e65eb1969deed7 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Tue, 19 Sep 2023 22:29:30 -0400 Subject: [PATCH 01/20] Create a playbook to deploy a simple flask web app into high availability architecture --- .../tasks/create_aurora_db_cluster.yaml | 129 +++++++++++++ .../webapp/tasks/create_aurora_setup.yaml | 181 ++++++++++++++++++ .../tasks/delete_aurora_db_cluster.yaml | 59 ++++++ playbooks/webapp/vars/main.yaml | 19 +- playbooks/webapp/webapp_ha_aurora.yaml | 115 +++++++++++ roles/deploy_flask_app/tasks/setup.yaml | 2 +- 6 files changed, 502 insertions(+), 3 deletions(-) create mode 100644 playbooks/webapp/tasks/create_aurora_db_cluster.yaml create mode 100644 playbooks/webapp/tasks/create_aurora_setup.yaml create mode 100644 playbooks/webapp/tasks/delete_aurora_db_cluster.yaml create mode 100644 playbooks/webapp/webapp_ha_aurora.yaml diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml new file mode 100644 index 00000000..37968854 --- /dev/null +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -0,0 +1,129 @@ +--- +- name: Create resources playbook + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key | default(omit) }}" + aws_secret_key: "{{ aws_secret_key | default(omit) }}" + security_token: "{{ security_token | default(omit) }}" + block: + - name: Get security group id + amazon.aws.ec2_security_group_info: + filters: + group-name: "{{ rds_secgroup_name }}" + region: "{{ test_primary_cluster_region }}" + register: rds_primary_sg + + - name: Create rds global database + amazon.cloud.rds_global_cluster: + global_cluster_identifier: "{{ test_global_cluster_name }}" + engine: "aurora-postgresql" + engine_version: "15.2" + region: "{{ test_primary_cluster_region }}" + state: present + register: create_global_result + + - name: Create a primary cluster for global database + amazon.aws.rds_cluster: + global_cluster_identifier: "{{ test_global_cluster_name }}" + db_cluster_identifier: "{{ test_primary_cluster_name }}" + region: "{{ test_primary_cluster_region }}" + engine: "aurora-postgresql" + engine_version: "15.2" + username: "{{ deploy_flask_app_rds_master_username }}" + password: "{{ deploy_flask_app_rds_master_password }}" + db_subnet_group_name: "{{ rds_subnet_group_name }}" + vpc_security_group_ids: + - "{{ rds_primary_sg.security_groups[0].group_id }}" + register: create_primary_result + + - name: Create an instance connected to primary cluster + amazon.aws.rds_instance: + db_cluster_identifier: "{{ test_primary_cluster_name }}" + db_instance_identifier: "{{ test_primary_cluster_name }}-instance" + db_name: "{{ rds_instance_name }}" + region: "{{ test_primary_cluster_region }}" + engine: "aurora-postgresql" + db_instance_class: "{{ test_instance_class }}" + monitoring_interval: 0 + skip_final_snapshot: true + + - name: Get primary instance info + amazon.aws.rds_instance_info: + db_instance_identifier: "{{ test_primary_cluster_name }}-instance" + region: "{{ test_primary_cluster_region }}" + register: primary_instance_info_result + + - name: Get primary cluster info + amazon.aws.rds_cluster_info: + db_cluster_identifier: "{{ test_primary_cluster_name }}" + region: "{{ test_primary_cluster_region }}" + register: primary_cluster_info_result + + - name: Get global db info + command: "aws rds describe-global-clusters --global-cluster-identifier {{ test_global_cluster_name }}" + register: global_cluster_info_result + + - name: convert it to an object + set_fact: + global_cluster_info: "{{ global_cluster_info_result.stdout | from_json }}" + + - name: Assert that primary cluster is a part of global db + assert: + that: + - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[0].DBClusterArn == primary_cluster_info_result.clusters[0].db_cluster_arn + + # Create replica cluster ------------------------------------------------------------------------------- + - name: Get security group id + amazon.aws.ec2_security_group_info: + filters: + group-name: "{{ rds_secgroup_name }}" + region: "{{ test_replica_cluster_region }}" + register: rds_replica_sg + + - name: Create a replica cluster for global database + amazon.aws.rds_cluster: + global_cluster_identifier: "{{ test_global_cluster_name }}" + db_cluster_identifier: "{{ test_replica_cluster_name }}" + engine: "aurora-postgresql" + engine_version: "{{ global_cluster_info.GlobalClusters[0].EngineVersion }}" # replica cluster engine version needs to be exact same as global db engine version + db_subnet_group_name: "{{ rds_subnet_group_name }}" + vpc_security_group_ids: + - "{{ rds_replica_sg.security_groups[0].group_id }}" + region: "{{ test_replica_cluster_region }}" + register: create_replica_result + + - name: Create an instance connected to replica cluster + amazon.aws.rds_instance: + db_cluster_identifier: "{{ test_replica_cluster_name }}" + db_instance_identifier: "{{ test_replica_cluster_name }}-instance" + db_name: "{{ rds_instance_name }}" + region: "{{ test_replica_cluster_region }}" + engine: "aurora-postgresql" + db_instance_class: "{{ test_instance_class }}" + monitoring_interval: 0 + skip_final_snapshot: true + + - name: Get replica instance info + amazon.aws.rds_instance_info: + db_instance_identifier: "{{ test_replica_cluster_name }}-instance" + region: "{{ test_replica_cluster_region }}" + register: replica_instance_info_result + + - name: Get replica cluster info + amazon.aws.rds_cluster_info: + db_cluster_identifier: "{{ test_replica_cluster_name }}" + region: "{{ test_replica_cluster_region }}" + register: replica_cluster_info_result + + - name: Get global db info + command: "aws rds describe-global-clusters --global-cluster-identifier {{ test_global_cluster_name }}" + register: global_cluster_info_result + + - name: convert it to an object + set_fact: + global_cluster_info: "{{ global_cluster_info_result.stdout | from_json }}" + + - name: Assert that replica cluster is a part of global db + assert: + that: + - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[1].DBClusterArn == replica_cluster_info_result.clusters[0].db_cluster_arn diff --git a/playbooks/webapp/tasks/create_aurora_setup.yaml b/playbooks/webapp/tasks/create_aurora_setup.yaml new file mode 100644 index 00000000..d816d4ed --- /dev/null +++ b/playbooks/webapp/tasks/create_aurora_setup.yaml @@ -0,0 +1,181 @@ +--- +- name: Set 'region' variable + ansible.builtin.set_fact: + region: "{{ region | default(aws_region) }}" + +- name: Create resources playbook + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key | default(omit) }}" + aws_secret_key: "{{ aws_secret_key | default(omit) }}" + security_token: "{{ security_token | default(omit) }}" + region: "{{ region }}" + block: + - name: Get image ID to create an instance + amazon.aws.ec2_ami_info: + filters: + architecture: x86_64 + virtualization-type: hvm + root-device-type: ebs + name: "{{ image_filter }}" + register: images + + - name: List availability zones from aws region + amazon.aws.aws_az_info: + register: zones + + - name: Set region_av_zones' variable + ansible.builtin.set_fact: + region_av_zones: "{{ zones.availability_zones | map(attribute='zone_name') }}" + + - name: Create a VPC to work in + amazon.aws.ec2_vpc_net: + cidr_block: "{{ vpc_cidr }}" + name: "{{ vpc_name }}" + register: vpc + + # Public and Private subnets should be in the same availability zone + # So that the load balancer can target workers instances + - name: Set 'shared_az' variable + ansible.builtin.set_fact: + shared_az: "{{ region_av_zones[0] }}" + + - name: Create a public subnet for bastion + amazon.aws.ec2_vpc_subnet: + vpc_id: "{{ vpc.vpc.id }}" + cidr: "{{ subnet_cidr[0] }}" + az: "{{ shared_az }}" + register: subnet + + - name: Create private subnet for workers + amazon.aws.ec2_vpc_subnet: + vpc_id: "{{ vpc.vpc.id }}" + cidr: "{{ subnet_cidr[1] }}" + az: "{{ shared_az }}" + register: private_subnet + + - name: Create another private subnet for RDS + amazon.aws.ec2_vpc_subnet: + vpc_id: "{{ vpc.vpc.id }}" + cidr: "{{ subnet_cidr[2] }}" + az: "{{ region_av_zones[1] }}" + register: rds_subnet + + - name: Create subnet group for RDS instance + amazon.aws.rds_subnet_group: + name: "{{ rds_subnet_group_name }}" + description: subnet group for RDS instance to be hidden + subnets: + - "{{ rds_subnet.subnet.id }}" + - "{{ private_subnet.subnet.id }}" + state: present + + - name: Create internet gateway attached to the VPC + amazon.aws.ec2_vpc_igw: + vpc_id: "{{ vpc.vpc.id }}" + state: present + register: internet_gw + + - name: Create NAT gateway (allow access to internet for instances in private subnet) + amazon.aws.ec2_vpc_nat_gateway: + subnet_id: "{{ subnet.subnet.id }}" + if_exist_do_not_create: true + wait: true + state: present + register: nat_gw + + - name: Create Route table for internet gateway (public subnet) + amazon.aws.ec2_vpc_route_table: + vpc_id: "{{ vpc.vpc.id }}" + subnets: + - "{{ subnet.subnet.id }}" + routes: + - dest: 0.0.0.0/0 + gateway_id: "{{ internet_gw.gateway_id }}" + lookup: tag + resource_tags: + subnet: public + route: internet + state: present + + - name: Create Route table for NAT gateway (private subnet) + amazon.aws.ec2_vpc_route_table: + vpc_id: "{{ vpc.vpc.id }}" + subnets: + - "{{ private_subnet.subnet.id }}" + routes: + - dest: 0.0.0.0/0 + gateway_id: "{{ nat_gw.nat_gateway_id }}" + lookup: tag + resource_tags: + subnet: private + route: nat-gateway + state: present + + - name: Create security group for bastion + amazon.aws.ec2_security_group: + name: "{{ public_secgroup_name }}" + vpc_id: "{{ vpc.vpc.id }}" + description: Security group for Bastion host + rules: + - cidr_ip: 0.0.0.0/0 + proto: tcp + from_port: 22 + to_port: 22 + - cidr_ip: 0.0.0.0/0 + proto: tcp + from_port: "{{ deploy_flask_app_listening_port }}" + to_port: "{{ deploy_flask_app_listening_port }}" + rules_egress: + - cidr_ip: 0.0.0.0/0 + proto: -1 + tags: "{{ resource_tags }}" + state: present + register: secgroup + + - name: Create security group for RDS instance + amazon.aws.ec2_security_group: + name: "{{ rds_secgroup_name }}" + vpc_id: "{{ vpc.vpc.id }}" + description: Security group to allow RDS instance port + rules: + - cidr_ip: 0.0.0.0/0 + proto: tcp + from_port: "{{ rds_listening_port }}" + to_port: "{{ rds_listening_port }}" + tags: "{{ resource_tags }}" + state: present + register: rds_sg + + - name: Set 'sshkey_file' variable + ansible.builtin.set_fact: + sshkey_file: ~/private-key-{{ deploy_flask_app_sshkey_pair_name }}-{{ region | default(aws_region) }} + + - name: Create key pair to connect to the VM + amazon.aws.ec2_key: + name: "{{ deploy_flask_app_sshkey_pair_name }}" + register: rsa_key + + - name: Save private key into file + ansible.builtin.copy: + content: "{{ rsa_key.key.private_key }}" + dest: "{{ sshkey_file }}" + mode: 0400 + when: rsa_key is changed + + - name: Create a virtual machine + amazon.aws.ec2_instance: + name: "{{ deploy_flask_app_bastion_host_name }}" + instance_type: "{{ bastion_host_type }}" + image_id: "{{ images.images.0.image_id }}" + key_name: "{{ deploy_flask_app_sshkey_pair_name }}" + subnet_id: "{{ subnet.subnet.id }}" + network: + assign_public_ip: true + groups: + - "{{ secgroup.group_id }}" + security_groups: + - "{{ secgroup.group_id }}" + wait: true + state: started + register: vm_result diff --git a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml new file mode 100644 index 00000000..1f7e494f --- /dev/null +++ b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml @@ -0,0 +1,59 @@ +--- +- name: Create resources playbook + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key | default(omit) }}" + aws_secret_key: "{{ aws_secret_key | default(omit) }}" + security_token: "{{ security_token | default(omit) }}" + block: + - name: Delete instance connected to replica cluster + amazon.aws.rds_instance: + db_cluster_identifier: "{{ test_replica_cluster_name }}" + db_instance_identifier: "{{ test_replica_cluster_name }}-instance" + engine: "aurora-postgresql" + db_instance_class: "{{ test_instance_class }}" + skip_final_snapshot: true + region: "{{ test_replica_cluster_region }}" + state: absent + + - name: Delete replica cluster + amazon.aws.rds_cluster: + db_cluster_identifier: "{{ test_replica_cluster_name }}" + global_cluster_identifier: "{{ test_global_cluster_name }}" + engine: "aurora-postgresql" + engine_version: "15.2" + skip_final_snapshot: true + remove_from_global_db: true + region: "{{ test_replica_cluster_region }}" + state: absent + + - name: Delete instance connected to primary cluster + amazon.aws.rds_instance: + db_cluster_identifier: "{{ test_primary_cluster_name }}" + db_instance_identifier: "{{ test_primary_cluster_name }}-instance" + engine: "aurora-postgresql" + db_instance_class: "{{ test_instance_class }}" + skip_final_snapshot: true + region: "{{ test_primary_cluster_region }}" + state: absent + + - name: Delete primary cluster + amazon.aws.rds_cluster: + db_cluster_identifier: "{{ test_primary_cluster_name }}" + global_cluster_identifier: "{{ test_global_cluster_name }}" + engine: "aurora-postgresql" + engine_version: "15.2" + username: "{{ deploy_flask_app_rds_master_username }}" + password: "{{ deploy_flask_app_rds_master_password }}" + skip_final_snapshot: true + region: "{{ test_replica_cluster_region }}" + state: absent + + - name: Delete global db + amazon.cloud.rds_global_cluster: + global_cluster_identifier: "{{ test_global_cluster_name }}" + engine: "aurora-postgresql" + engine_version: "15.2" + region: "{{ test_primary_cluster_region }}" + state: absent + diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index 8a2ff513..143d2531 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -2,7 +2,7 @@ # Variables for create.yaml aws_region: us-east-1 dest_region: us-east-2 -resource_prefix: "ansible-demo-test" +resource_prefix: "ansible-test" vpc_name: "{{ resource_prefix }}-vpc" vpc_cidr: 10.1.0.0/16 subnet_cidr: @@ -23,7 +23,7 @@ rds_instance_class: db.m6g.large rds_instance_name: mysampledb123 rds_engine: postgres rds_engine_version: "14.8" -bastion_host_type: t2.xlarge +bastion_host_type: t3.micro bastion_host_venv_path: ~/env rds_listening_port: 5432 @@ -55,3 +55,18 @@ deploy_flask_app_local_registry_pwd: testing123 deploy_flask_app_local_registry_port: "{{ deploy_flask_app_listening_port }}" deploy_flask_app_rds_master_password: L#5cH2mgy_ deploy_flask_app_rds_master_username: ansible + +# vars to create aurora db cluster +test_instance_class: db.r5.large +# Global cluster parameters ================================ +test_global_cluster_name: "{{ resource_prefix }}-global-cluster" + +# Primary cluster parameters ================================ +test_primary_cluster_name: "{{ resource_prefix }}-primary-cluster" +test_primary_cluster_region: us-west-2 +test_primary_cluster_instance_name: "{{ resource_prefix }}-primary-instance" + +# Replica cluster parameters ================================ +test_replica_cluster_name: "{{ resource_prefix }}-replica-cluster" +test_replica_cluster_region: eu-north-1 +test_replica_cluster_instance_name: "{{ resource_prefix }}-replica-instance" diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml new file mode 100644 index 00000000..8aa19a1c --- /dev/null +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -0,0 +1,115 @@ +--- +- name: webapp HA + hosts: localhost + gather_facts: false + + vars_files: + - vars/main.yaml + tasks: + - name: Fail when 'resource_prefix' is not defined + ansible.builtin.fail: + msg: resource prefix should be defined as resource_prefix + when: resource_prefix is not defined + + - name: Fail when 'test_replica_cluster_region' is not defined + ansible.builtin.fail: + msg: destination region should be defined as test_replica_cluster_region + when: test_replica_cluster_region is not defined + + - name: Create resources + when: operation == "create" + ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml + vars: + region: "{{ item }}" + with_items: + - "{{ test_primary_cluster_region }}" + - "{{ test_replica_cluster_region }}" + + - name: Create Aurora db cluster + when: operation == "create" + ansible.builtin.import_tasks: tasks/create_aurora_db_cluster.yaml + + # ================= Deploy App in the primary region ================= + - name: Get VPC info from primary region + amazon.aws.ec2_vpc_net_info: + filters: + "tag:Name": "{{ vpc_name }}" + region: "{{ test_primary_cluster_region }}" + register: primary_vpc + + - name: Get primary private subnet for workers + amazon.aws.ec2_vpc_subnet_info: + filters: + vpc-id: "{{ primary_vpc.vpcs[0].id }}" + region: "{{ test_primary_cluster_region }}" + register: primary_private_subnet + + - name: Get VM info in the primary region + amazon.aws.ec2_instance_info: + filters: + "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" + region: "{{ test_primary_cluster_region }}" + register: primary_vm_result + + - debug: + msg: "{{ primary_vm_result.instances }}" + + - name: Deploy app in primary region + when: operation == "create" + ansible.builtin.import_role: + name: cloud.aws_ops.deploy_flask_app + vars: + deploy_flask_app_private_subnet_id: "{{ primary_private_subnet.subnets[0].id }}" + deploy_flask_app_vpc_id: "{{ primary_vpc.vpcs[0].id }}" + deploy_flask_app_vm_info: "{{ primary_vm_result }}" + deploy_flask_app_rds_info: "{{ primary_instance_info_result }}" + deploy_flask_app_region: "{{ test_primary_cluster_region }}" + + # ================= Deploy App in the replica region ================= + + - name: Get VPC info from replica region + amazon.aws.ec2_vpc_net_info: + filters: + "tag:Name": "{{ vpc_name }}" + region: "{{ test_replica_cluster_region }}" + register: replica_vpc + + - name: Get VM info in the replica region + amazon.aws.ec2_instance_info: + filters: + "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" + region: "{{ test_replica_cluster_region }}" + register: replica_vm_result + + - name: Get replica private subnet for workers + amazon.aws.ec2_vpc_subnet_info: + filters: + vpc-id: "{{ replica_vpc.vpcs[0].id }}" + region: "{{ test_replica_cluster_region }}" + register: replica_private_subnet + + - name: Deploy app in replica region + when: operation == "create" + ansible.builtin.import_role: + name: cloud.aws_ops.deploy_flask_app + vars: + deploy_flask_app_private_subnet_id: "{{ replica_private_subnet.subnets[0].id }}" + deploy_flask_app_vpc_id: "{{ replica_vpc.vpcs[0].id }}" + deploy_flask_app_vm_info: "{{ replica_vm_result }}" + deploy_flask_app_rds_info: "{{ replica_instance_info_result }}" + deploy_flask_app_region: "{{ test_replica_cluster_region }}" + + # ================================================================================ + + - name: Delete instance from source region + when: operation == "delete" + ansible.builtin.import_tasks: tasks/delete_aurora_db_cluster.yaml + + - name: Delete instance from source region + when: operation == "delete" + ansible.builtin.include_tasks: tasks/delete.yaml + vars: + region: "{{ item }}" + with_items: + - "{{ test_primary_cluster_region }}" + - "{{ test_replica_cluster_region }}" diff --git a/roles/deploy_flask_app/tasks/setup.yaml b/roles/deploy_flask_app/tasks/setup.yaml index d543353c..55b68b47 100644 --- a/roles/deploy_flask_app/tasks/setup.yaml +++ b/roles/deploy_flask_app/tasks/setup.yaml @@ -26,7 +26,7 @@ vpc_id: "{{ deploy_flask_app_vpc_id }}" rds_info: host: "{{ deploy_flask_app_rds_info.instances.0.endpoint.address }}" - name: "{{ deploy_flask_app_rds_info.instances.0.dbname | default('mysampledb123') }}" + name: "{{ deploy_flask_app_rds_info.instances.0.db_name | default('mysampledb123') }}" master_user_password: "{{ deploy_flask_app_rds_master_password | default('L#5cH2mgy_') }}" master_username: "{{ deploy_flask_app_rds_master_username | default('ansible') }}" register: deploy_flask_app_setup From 548c5888c3774c54ed06fc0b7d1357be26e7dc98 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Thu, 28 Sep 2023 21:49:54 -0400 Subject: [PATCH 02/20] Deploy app in 2 regions --- playbooks/webapp/files/run_app.yaml | 3 + .../tasks/create_aurora_db_cluster.yaml | 31 ++- .../webapp/tasks/create_aurora_setup.yaml | 2 +- playbooks/webapp/tasks/delete.yaml | 16 +- .../tasks/delete_aurora_db_cluster.yaml | 21 ++- playbooks/webapp/vars/main.yaml | 18 +- playbooks/webapp/webapp_ha_aurora.yaml | 178 +++++++++--------- roles/deploy_flask_app/files/run_app.yaml | 6 + roles/deploy_flask_app/meta/main.yaml | 1 + .../deploy_flask_app/tasks/bastion_setup.yaml | 6 + roles/deploy_flask_app/tasks/main.yaml | 5 + roles/deploy_flask_app/templates/vars.yaml.j2 | 1 + 12 files changed, 162 insertions(+), 126 deletions(-) diff --git a/playbooks/webapp/files/run_app.yaml b/playbooks/webapp/files/run_app.yaml index 080d3d26..62033421 100644 --- a/playbooks/webapp/files/run_app.yaml +++ b/playbooks/webapp/files/run_app.yaml @@ -24,6 +24,9 @@ ansible.builtin.yum: name: - podman + sslverify: false + validate_certs: false + update_cache: true state: present - name: Pull image from private registry diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index 37968854..45a11980 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -16,8 +16,8 @@ - name: Create rds global database amazon.cloud.rds_global_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" - engine: "aurora-postgresql" - engine_version: "15.2" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" region: "{{ test_primary_cluster_region }}" state: present register: create_global_result @@ -26,11 +26,13 @@ amazon.aws.rds_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" db_cluster_identifier: "{{ test_primary_cluster_name }}" + db_name: "{{ rds_instance_name }}" region: "{{ test_primary_cluster_region }}" - engine: "aurora-postgresql" - engine_version: "15.2" - username: "{{ deploy_flask_app_rds_master_username }}" - password: "{{ deploy_flask_app_rds_master_password }}" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" + #enable_global_write_forwarding: True + master_user_password: "{{ deploy_flask_app_rds_master_password }}" + master_username: "{{ deploy_flask_app_rds_master_username }}" db_subnet_group_name: "{{ rds_subnet_group_name }}" vpc_security_group_ids: - "{{ rds_primary_sg.security_groups[0].group_id }}" @@ -40,11 +42,9 @@ amazon.aws.rds_instance: db_cluster_identifier: "{{ test_primary_cluster_name }}" db_instance_identifier: "{{ test_primary_cluster_name }}-instance" - db_name: "{{ rds_instance_name }}" region: "{{ test_primary_cluster_region }}" - engine: "aurora-postgresql" - db_instance_class: "{{ test_instance_class }}" - monitoring_interval: 0 + engine: "{{ rds_engine }}" + db_instance_class: "db.r6g.large" skip_final_snapshot: true - name: Get primary instance info @@ -84,9 +84,10 @@ amazon.aws.rds_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" db_cluster_identifier: "{{ test_replica_cluster_name }}" - engine: "aurora-postgresql" - engine_version: "{{ global_cluster_info.GlobalClusters[0].EngineVersion }}" # replica cluster engine version needs to be exact same as global db engine version db_subnet_group_name: "{{ rds_subnet_group_name }}" + engine: "{{ rds_engine }}" + engine_version: "{{ global_cluster_info.GlobalClusters[0].EngineVersion }}" # replica cluster engine version needs to be exact same as global db engine version + #enable_global_write_forwarding: True vpc_security_group_ids: - "{{ rds_replica_sg.security_groups[0].group_id }}" region: "{{ test_replica_cluster_region }}" @@ -96,11 +97,9 @@ amazon.aws.rds_instance: db_cluster_identifier: "{{ test_replica_cluster_name }}" db_instance_identifier: "{{ test_replica_cluster_name }}-instance" - db_name: "{{ rds_instance_name }}" region: "{{ test_replica_cluster_region }}" - engine: "aurora-postgresql" - db_instance_class: "{{ test_instance_class }}" - monitoring_interval: 0 + engine: "{{ rds_engine }}" + db_instance_class: "db.r6g.large" skip_final_snapshot: true - name: Get replica instance info diff --git a/playbooks/webapp/tasks/create_aurora_setup.yaml b/playbooks/webapp/tasks/create_aurora_setup.yaml index d816d4ed..8c49c6aa 100644 --- a/playbooks/webapp/tasks/create_aurora_setup.yaml +++ b/playbooks/webapp/tasks/create_aurora_setup.yaml @@ -149,7 +149,7 @@ - name: Set 'sshkey_file' variable ansible.builtin.set_fact: - sshkey_file: ~/private-key-{{ deploy_flask_app_sshkey_pair_name }}-{{ region | default(aws_region) }} + sshkey_file: ~/private-key-{{ deploy_flask_app_sshkey_pair_name }}-{{ region }} - name: Create key pair to connect to the VM amazon.aws.ec2_key: diff --git a/playbooks/webapp/tasks/delete.yaml b/playbooks/webapp/tasks/delete.yaml index 57a07e0d..999707d0 100644 --- a/playbooks/webapp/tasks/delete.yaml +++ b/playbooks/webapp/tasks/delete.yaml @@ -1,10 +1,13 @@ --- - name: Delete resources playbook + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key | default(omit) }}" + aws_secret_key: "{{ aws_secret_key | default(omit) }}" + security_token: "{{ security_token | default(omit) }}" + region: "{{ region }}" block: - - name: Set 'region' variable - ansible.builtin.set_fact: - region: "{{ region | default(aws_region) }}" - name: Get vpc information amazon.aws.ec2_vpc_net_info: @@ -25,6 +28,7 @@ instance-type: "{{ bastion_host_type }}" key-name: "{{ deploy_flask_app_sshkey_pair_name }}" vpc-id: "{{ vpc_id }}" + instance-state-name: running register: bastion - name: Delete EC2 instances with dependant Resources @@ -81,6 +85,7 @@ amazon.aws.rds_subnet_group: name: "{{ rds_subnet_group_name }}" state: absent + ignore_errors: true - name: List Security group from VPC amazon.aws.ec2_security_group_info: @@ -94,6 +99,7 @@ state: absent group_id: "{{ item }}" with_items: "{{ secgroups.security_groups | map(attribute='group_id') | list }}" + ignore_errors: true - name: List routes table from VPC amazon.aws.ec2_vpc_route_table_info: @@ -109,6 +115,7 @@ lookup: id state: absent with_items: "{{ route_table.route_tables | map(attribute='id') | list }}" + ignore_errors: true - name: Get NAT gateway amazon.aws.ec2_vpc_nat_gateway_info: @@ -122,11 +129,13 @@ state: absent wait: true with_items: "{{ nat_gw.result | map(attribute='nat_gateway_id') | list }}" + ignore_errors: true - name: Delete internet gateway amazon.aws.ec2_vpc_igw: vpc_id: "{{ vpc_id }}" state: absent + ignore_errors: true - name: Delete subnets amazon.aws.ec2_vpc_subnet: @@ -134,6 +143,7 @@ state: absent vpc_id: "{{ vpc_id }}" with_items: "{{ subnet_cidr }}" + ignore_errors: true # As ec2_vpc_route_table can't delete route table, the vpc still has dependencies and cannot be deleted. # You need to do it delete it manually using either the console or the cli. diff --git a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml index 1f7e494f..21394306 100644 --- a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml @@ -10,18 +10,20 @@ amazon.aws.rds_instance: db_cluster_identifier: "{{ test_replica_cluster_name }}" db_instance_identifier: "{{ test_replica_cluster_name }}-instance" - engine: "aurora-postgresql" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" db_instance_class: "{{ test_instance_class }}" skip_final_snapshot: true region: "{{ test_replica_cluster_region }}" + wait: True state: absent - name: Delete replica cluster amazon.aws.rds_cluster: db_cluster_identifier: "{{ test_replica_cluster_name }}" global_cluster_identifier: "{{ test_global_cluster_name }}" - engine: "aurora-postgresql" - engine_version: "15.2" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" skip_final_snapshot: true remove_from_global_db: true region: "{{ test_replica_cluster_region }}" @@ -31,7 +33,8 @@ amazon.aws.rds_instance: db_cluster_identifier: "{{ test_primary_cluster_name }}" db_instance_identifier: "{{ test_primary_cluster_name }}-instance" - engine: "aurora-postgresql" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" db_instance_class: "{{ test_instance_class }}" skip_final_snapshot: true region: "{{ test_primary_cluster_region }}" @@ -41,19 +44,19 @@ amazon.aws.rds_cluster: db_cluster_identifier: "{{ test_primary_cluster_name }}" global_cluster_identifier: "{{ test_global_cluster_name }}" - engine: "aurora-postgresql" - engine_version: "15.2" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" username: "{{ deploy_flask_app_rds_master_username }}" password: "{{ deploy_flask_app_rds_master_password }}" skip_final_snapshot: true - region: "{{ test_replica_cluster_region }}" + region: "{{ test_primary_cluster_region }}" state: absent - name: Delete global db amazon.cloud.rds_global_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" - engine: "aurora-postgresql" - engine_version: "15.2" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" region: "{{ test_primary_cluster_region }}" state: absent diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index 143d2531..d4c84411 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -1,6 +1,6 @@ --- # Variables for create.yaml -aws_region: us-east-1 +# aws_region: us-west-2 dest_region: us-east-2 resource_prefix: "ansible-test" vpc_name: "{{ resource_prefix }}-vpc" @@ -13,7 +13,10 @@ resource_tags: prefix: "{{ resource_prefix }}" operation: create -image_filter: Fedora-Cloud-Base-35-* +# image_filter: Fedora-Cloud-Base-37-* +# image_filter: RHEL-8.7.0_HVM-20221101-x86_64-0-Hourly2-GP2 +# image_filter: RHEL_HA-9.0.0_HVM-20230822-x86_64-17-Hourly2-GP2 - podman 503 error +image_filter: RHEL_HA-9.2.0_HVM-20230905-x86_64-38-Hourly2-GP2 public_secgroup_name: "{{ resource_prefix }}-sg" rds_subnet_group_name: "{{ resource_prefix }}-rds-sg" rds_secgroup_name: "{{ resource_prefix }}-rds-sec" @@ -30,17 +33,17 @@ rds_listening_port: 5432 # Variables for the deploy_flask_app role deploy_flask_app_sshkey_pair_name: "{{ resource_prefix }}-key" deploy_flask_app_bastion_host_name: "{{ resource_prefix }}-bastion" -deploy_flask_app_bastion_host_username: fedora +deploy_flask_app_bastion_host_username: ec2-user deploy_flask_app_bastion_host_required_packages: - python3 - - python-virtualenv - sshpass - git + - gcc - podman - httpd-tools - - ansible + - ansible-core deploy_flask_app_workers_instance_type: t3.micro -deploy_flask_app_workers_user_name: fedora +deploy_flask_app_workers_user_name: ec2-user deploy_flask_app_number_of_workers: 2 deploy_flask_app_listening_port: 5000 deploy_flask_app_git_repository: https://github.com/abikouo/webapp_pyflask_demo.git @@ -60,6 +63,7 @@ deploy_flask_app_rds_master_username: ansible test_instance_class: db.r5.large # Global cluster parameters ================================ test_global_cluster_name: "{{ resource_prefix }}-global-cluster" +aurora_listening_port: 3306 # Primary cluster parameters ================================ test_primary_cluster_name: "{{ resource_prefix }}-primary-cluster" @@ -68,5 +72,5 @@ test_primary_cluster_instance_name: "{{ resource_prefix }}-primary-instance" # Replica cluster parameters ================================ test_replica_cluster_name: "{{ resource_prefix }}-replica-cluster" -test_replica_cluster_region: eu-north-1 +test_replica_cluster_region: us-east-1 test_replica_cluster_instance_name: "{{ resource_prefix }}-replica-instance" diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml index 8aa19a1c..6a5e16b8 100644 --- a/playbooks/webapp/webapp_ha_aurora.yaml +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -6,104 +6,102 @@ vars_files: - vars/main.yaml tasks: - - name: Fail when 'resource_prefix' is not defined - ansible.builtin.fail: - msg: resource prefix should be defined as resource_prefix - when: resource_prefix is not defined - - - name: Fail when 'test_replica_cluster_region' is not defined - ansible.builtin.fail: - msg: destination region should be defined as test_replica_cluster_region - when: test_replica_cluster_region is not defined - - - name: Create resources + - name: Create resources and Deploy App when: operation == "create" - ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml - vars: - region: "{{ item }}" - with_items: - - "{{ test_primary_cluster_region }}" - - "{{ test_replica_cluster_region }}" + block: + - name: Create resources in primary region + ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml + vars: + region: "{{ test_primary_cluster_region }}" + + - name: Create resources in replica region + ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml + vars: + region: "{{ test_replica_cluster_region }}" + + - name: Create Aurora db cluster + ansible.builtin.import_tasks: tasks/create_aurora_db_cluster.yaml + vars: + rds_engine: "aurora-postgresql" + + # ================= Deploy App in the primary region ================= + - name: Get VPC info from primary region + amazon.aws.ec2_vpc_net_info: + filters: + "tag:Name": "{{ vpc_name }}" + region: "{{ test_primary_cluster_region }}" + register: primary_vpc + + - name: Get primary private subnet for workers + amazon.aws.ec2_vpc_subnet_info: + filters: + vpc-id: "{{ primary_vpc.vpcs[0].id }}" + region: "{{ test_primary_cluster_region }}" + register: primary_private_subnet + + - name: Get VM info in the primary region + amazon.aws.ec2_instance_info: + filters: + "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" + instance-state-name: [ "running"] + region: "{{ test_primary_cluster_region }}" + register: primary_vm_result + + - name: Deploy app in primary region + ansible.builtin.include_role: + name: cloud.aws_ops.deploy_flask_app + vars: + deploy_flask_app_private_subnet_id: "{{ primary_private_subnet.subnets[0].id }}" + deploy_flask_app_vpc_id: "{{ primary_vpc.vpcs[0].id }}" + deploy_flask_app_vm_info: "{{ primary_vm_result }}" + deploy_flask_app_rds_info: "{{ primary_instance_info_result }}" + deploy_flask_app_region: "{{ test_primary_cluster_region }}" + + # ================= Deploy App in the replica region ================= + + - name: Get VPC info from replica region + amazon.aws.ec2_vpc_net_info: + filters: + "tag:Name": "{{ vpc_name }}" + region: "{{ test_replica_cluster_region }}" + register: replica_vpc + + - name: Get VM info in the replica region + amazon.aws.ec2_instance_info: + filters: + "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" + instance-state-name: [ "running"] + region: "{{ test_replica_cluster_region }}" + register: replica_vm_result + + - name: Get replica private subnet for workers + amazon.aws.ec2_vpc_subnet_info: + filters: + vpc-id: "{{ replica_vpc.vpcs[0].id }}" + region: "{{ test_replica_cluster_region }}" + register: replica_private_subnet + + - debug: + msg: "Replica : {{ test_replica_cluster_region }}" + + - name: Deploy app in replica region + ansible.builtin.include_role: + name: cloud.aws_ops.deploy_flask_app + vars: + deploy_flask_app_private_subnet_id: "{{ replica_private_subnet.subnets[0].id }}" + deploy_flask_app_vpc_id: "{{ replica_vpc.vpcs[0].id }}" + deploy_flask_app_vm_info: "{{ replica_vm_result }}" + deploy_flask_app_rds_info: "{{ replica_instance_info_result }}" + deploy_flask_app_region: "{{ test_replica_cluster_region }}" - - name: Create Aurora db cluster - when: operation == "create" - ansible.builtin.import_tasks: tasks/create_aurora_db_cluster.yaml - - # ================= Deploy App in the primary region ================= - - name: Get VPC info from primary region - amazon.aws.ec2_vpc_net_info: - filters: - "tag:Name": "{{ vpc_name }}" - region: "{{ test_primary_cluster_region }}" - register: primary_vpc - - - name: Get primary private subnet for workers - amazon.aws.ec2_vpc_subnet_info: - filters: - vpc-id: "{{ primary_vpc.vpcs[0].id }}" - region: "{{ test_primary_cluster_region }}" - register: primary_private_subnet - - - name: Get VM info in the primary region - amazon.aws.ec2_instance_info: - filters: - "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" - region: "{{ test_primary_cluster_region }}" - register: primary_vm_result - - - debug: - msg: "{{ primary_vm_result.instances }}" - - - name: Deploy app in primary region - when: operation == "create" - ansible.builtin.import_role: - name: cloud.aws_ops.deploy_flask_app - vars: - deploy_flask_app_private_subnet_id: "{{ primary_private_subnet.subnets[0].id }}" - deploy_flask_app_vpc_id: "{{ primary_vpc.vpcs[0].id }}" - deploy_flask_app_vm_info: "{{ primary_vm_result }}" - deploy_flask_app_rds_info: "{{ primary_instance_info_result }}" - deploy_flask_app_region: "{{ test_primary_cluster_region }}" - - # ================= Deploy App in the replica region ================= - - - name: Get VPC info from replica region - amazon.aws.ec2_vpc_net_info: - filters: - "tag:Name": "{{ vpc_name }}" - region: "{{ test_replica_cluster_region }}" - register: replica_vpc - - - name: Get VM info in the replica region - amazon.aws.ec2_instance_info: - filters: - "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" - region: "{{ test_replica_cluster_region }}" - register: replica_vm_result - - - name: Get replica private subnet for workers - amazon.aws.ec2_vpc_subnet_info: - filters: - vpc-id: "{{ replica_vpc.vpcs[0].id }}" - region: "{{ test_replica_cluster_region }}" - register: replica_private_subnet - - - name: Deploy app in replica region - when: operation == "create" - ansible.builtin.import_role: - name: cloud.aws_ops.deploy_flask_app - vars: - deploy_flask_app_private_subnet_id: "{{ replica_private_subnet.subnets[0].id }}" - deploy_flask_app_vpc_id: "{{ replica_vpc.vpcs[0].id }}" - deploy_flask_app_vm_info: "{{ replica_vm_result }}" - deploy_flask_app_rds_info: "{{ replica_instance_info_result }}" - deploy_flask_app_region: "{{ test_replica_cluster_region }}" # ================================================================================ - name: Delete instance from source region when: operation == "delete" ansible.builtin.import_tasks: tasks/delete_aurora_db_cluster.yaml + vars: + rds_engine: "aurora-postgresql" - name: Delete instance from source region when: operation == "delete" diff --git a/roles/deploy_flask_app/files/run_app.yaml b/roles/deploy_flask_app/files/run_app.yaml index 080d3d26..e043660e 100644 --- a/roles/deploy_flask_app/files/run_app.yaml +++ b/roles/deploy_flask_app/files/run_app.yaml @@ -20,10 +20,16 @@ - regex: ^(# *)?ClientAliveCountMax line: ClientAliveCountMax 3 + # - name: Enable EPEL + # ansible.builtin.package: + # name: + # - epel-release + - name: Install Podman ansible.builtin.yum: name: - podman + update_cache: True state: present - name: Pull image from private registry diff --git a/roles/deploy_flask_app/meta/main.yaml b/roles/deploy_flask_app/meta/main.yaml index e8b3ab42..3bf1568b 100644 --- a/roles/deploy_flask_app/meta/main.yaml +++ b/roles/deploy_flask_app/meta/main.yaml @@ -1,3 +1,4 @@ --- dependencies: - role: cloud.aws_ops.aws_setup_credentials +allow_duplicates: true diff --git a/roles/deploy_flask_app/tasks/bastion_setup.yaml b/roles/deploy_flask_app/tasks/bastion_setup.yaml index f13e550c..2bb04d33 100644 --- a/roles/deploy_flask_app/tasks/bastion_setup.yaml +++ b/roles/deploy_flask_app/tasks/bastion_setup.yaml @@ -20,6 +20,12 @@ line: ClientAliveCountMax 3 become: true +# - name: Enable EPEL +# ansible.builtin.package: +# name: +# - epel-release +# become: true + - name: Install required packages ansible.builtin.yum: name: "{{ deploy_flask_app_bastion_host_required_packages }}" diff --git a/roles/deploy_flask_app/tasks/main.yaml b/roles/deploy_flask_app/tasks/main.yaml index 34df2040..4d722167 100644 --- a/roles/deploy_flask_app/tasks/main.yaml +++ b/roles/deploy_flask_app/tasks/main.yaml @@ -1,8 +1,13 @@ --- +- debug: + msg: "Rgion {{ deploy_flask_app_region }}" - name: Deploy flask app. module_defaults: group/aws: "{{ aws_setup_credentials__output }}" block: + - debug: + msg: "Rgion {{ deploy_flask_app_region }}" + - name: Create new host in inventory for use in later plays. ansible.builtin.include_tasks: setup.yaml diff --git a/roles/deploy_flask_app/templates/vars.yaml.j2 b/roles/deploy_flask_app/templates/vars.yaml.j2 index 9f61ae53..bc6a211d 100644 --- a/roles/deploy_flask_app/templates/vars.yaml.j2 +++ b/roles/deploy_flask_app/templates/vars.yaml.j2 @@ -3,6 +3,7 @@ registry_host_port: "{{ deploy_flask_app_setup.add_host.host_vars.host_config.pr registry_login: user: "{{ deploy_flask_app_local_registry_user }}" password: "{{ deploy_flask_app_local_registry_pwd }}" +rds_listening_port: "{{ rds_listening_port }}" application_dir: "{{ deploy_flask_app_config.app_dir }}" application_env: "{{ deploy_flask_app_config.env }}" application_db: From c017dd2d7c414107bf6fd6f01d460b0523f37954 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Wed, 4 Oct 2023 13:48:36 -0400 Subject: [PATCH 03/20] use fedora --- playbooks/webapp/vars/main.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index d4c84411..b940eae5 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -13,10 +13,10 @@ resource_tags: prefix: "{{ resource_prefix }}" operation: create -# image_filter: Fedora-Cloud-Base-37-* +image_filter: Fedora-Cloud-Base-35-*gp2-0 # image_filter: RHEL-8.7.0_HVM-20221101-x86_64-0-Hourly2-GP2 # image_filter: RHEL_HA-9.0.0_HVM-20230822-x86_64-17-Hourly2-GP2 - podman 503 error -image_filter: RHEL_HA-9.2.0_HVM-20230905-x86_64-38-Hourly2-GP2 +#image_filter: RHEL_HA-9.2.0_HVM-20230905-x86_64-38-Hourly2-GP2 public_secgroup_name: "{{ resource_prefix }}-sg" rds_subnet_group_name: "{{ resource_prefix }}-rds-sg" rds_secgroup_name: "{{ resource_prefix }}-rds-sec" @@ -33,9 +33,10 @@ rds_listening_port: 5432 # Variables for the deploy_flask_app role deploy_flask_app_sshkey_pair_name: "{{ resource_prefix }}-key" deploy_flask_app_bastion_host_name: "{{ resource_prefix }}-bastion" -deploy_flask_app_bastion_host_username: ec2-user +deploy_flask_app_bastion_host_username: fedora deploy_flask_app_bastion_host_required_packages: - python3 + - python-virtualenv - sshpass - git - gcc @@ -43,7 +44,7 @@ deploy_flask_app_bastion_host_required_packages: - httpd-tools - ansible-core deploy_flask_app_workers_instance_type: t3.micro -deploy_flask_app_workers_user_name: ec2-user +deploy_flask_app_workers_user_name: fedora deploy_flask_app_number_of_workers: 2 deploy_flask_app_listening_port: 5000 deploy_flask_app_git_repository: https://github.com/abikouo/webapp_pyflask_demo.git @@ -72,5 +73,5 @@ test_primary_cluster_instance_name: "{{ resource_prefix }}-primary-instance" # Replica cluster parameters ================================ test_replica_cluster_name: "{{ resource_prefix }}-replica-cluster" -test_replica_cluster_region: us-east-1 +test_replica_cluster_region: us-east-2 test_replica_cluster_instance_name: "{{ resource_prefix }}-replica-instance" From f4afa3d1f821b19f0fe4a45390d2ab5c164ac84e Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Fri, 6 Oct 2023 14:57:38 -0400 Subject: [PATCH 04/20] Add route53 configs --- .../fragments/webapp_in_HA_playbook.yaml | 3 + playbooks/webapp/README.md | 33 +++++++++ .../webapp/tasks/add_route53_records.yaml | 68 +++++++++++++++++++ .../tasks/create_aurora_db_cluster.yaml | 12 ++-- playbooks/webapp/tasks/delete.yaml | 15 +--- .../tasks/delete_aurora_db_cluster.yaml | 1 - playbooks/webapp/vars/main.yaml | 9 ++- playbooks/webapp/webapp_ha_aurora.yaml | 25 ++++--- roles/deploy_flask_app/files/run_app.yaml | 5 -- .../deploy_flask_app/tasks/bastion_setup.yaml | 6 -- 10 files changed, 133 insertions(+), 44 deletions(-) create mode 100644 changelogs/fragments/webapp_in_HA_playbook.yaml create mode 100644 playbooks/webapp/tasks/add_route53_records.yaml diff --git a/changelogs/fragments/webapp_in_HA_playbook.yaml b/changelogs/fragments/webapp_in_HA_playbook.yaml new file mode 100644 index 00000000..74cf75cb --- /dev/null +++ b/changelogs/fragments/webapp_in_HA_playbook.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: +- "Add a playbook to deploy a simple flask web app into high availability architecture (https://github.com/redhat-cop/cloud.aws_ops/pull/97)." diff --git a/playbooks/webapp/README.md b/playbooks/webapp/README.md index 5b612ee3..49d7c102 100644 --- a/playbooks/webapp/README.md +++ b/playbooks/webapp/README.md @@ -157,6 +157,26 @@ To delete the webapp: ``` * **deploy_flask_app_force_init** (bool): Whether to drop existing tables and create new ones when deploying the webapp database. Default: `false` +### webapp deployment in HA architecture + +`webapp_ha_aurora.yaml` playbook deploys the flask app to a cross region high availability architecture. The playbook replicates the app deployment to a second region. The backend is an Aurora global cluster. For adding the write forwarding feature, aurora-mysql can be used. Default db engine is aurora-postgresql. The app in each region is configured to access the associated Aurora cluster. In front of the two regions, route53 records are added to provide cross region DNS (failover scenario). + +Along with the above variables, following variables are need for this playbook: + +* **test_instance_class** (str): DB instance class for the aurora db instances. Default: `db.r5.large` +* **test_global_cluster_name** (str): Name of the global cluster. Default: "{{ resource_prefix }}-global-cluster" +* **test_primary_cluster_name** (str): Name of the primary cluster. Default: "{{ resource_prefix }}-primary-cluster" +* **test_primary_cluster_region** (str): Primary Region. Default: `us-west-2` +* **test_primary_cluster_instance_name* (str): Name of primary db instance. Default: "{{ resource_prefix }}-primary-instance" +* **test_replica_cluster_name** (str): Name of the replica cluster. Default: "{{ resource_prefix }}-replica-cluster" +* **test_replica_cluster_region** (str): Replica Region. Default: `us-east-2` +* **test_replica_cluster_instance_name** (str): Name of the replica db instance. Default: "{{ resource_prefix }}-replica-instance" + +# vars for route53 records +* **route53_zone_name** (str): Route53 Zone name. Default: "ansiblecloud.xyz" +* **route53_subdomain** (str): Sub domain name for the application url. Default: "flaskapp" + +* ** ## Example Usage Create a `credentials.yaml` file with the folling contents: @@ -187,3 +207,16 @@ ansible-playbook migrate_webapp.yaml -e "@credentials.yaml" -e "dest_region=my-n ``` Note: migrating a webapp does not delete the app resources from the source region by default. To delete the source webapp, set var `delete_source: true`. + +To deploy the app in a high availability architecture, run: + +```bash +ansible-playbook webapp_ha_aurora.yaml -e "@credentials.yaml" -e "operation=create" +``` + +To delete the webapp resources created by the above playbook, run: + +```bash +ansible-playbook webapp_ha_aurora.yaml -e "@credentials.yaml" -e "operation=delete" +``` + diff --git a/playbooks/webapp/tasks/add_route53_records.yaml b/playbooks/webapp/tasks/add_route53_records.yaml new file mode 100644 index 00000000..2ae94873 --- /dev/null +++ b/playbooks/webapp/tasks/add_route53_records.yaml @@ -0,0 +1,68 @@ +--- +- name: Add Route53 configurations + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key | default(omit) }}" + aws_secret_key: "{{ aws_secret_key | default(omit) }}" + security_token: "{{ security_token | default(omit) }}" + block: + + - name: Add route53 health check for the load balancer in primary region + amazon.aws.route53_health_check: + health_check_name: "healthchk-lb-primary" + fqdn: "{{ primary_lb.elb.dns_name }}" + port: 5000 + type: HTTP + use_unique_names: true + state: present + register: healthchk_primary_result + + - name: Add route53 health check for the load balancer in replica region + amazon.aws.route53_health_check: + health_check_name: "healthchk-lb-replica" + fqdn: "{{ replica_lb.elb.dns_name }}" + port: 5000 + type: HTTP + use_unique_names: true + state: present + register: healthchk_replica_result + + - name: Pause for 30 secs for the health check status to be in sync + ansible.builtin.pause: + seconds: 30 + + - name: Add an alias record that points to an aws ELB in the primary region + amazon.aws.route53: + state: present + zone: "{{ route53_zone_name }}" + record: "{{route53_subdomain }}.{{ route53_zone_name }}" + type: A + value: "{{ primary_lb.elb.dns_name }}" + alias: True + identifier: "primary-record" + failover: "PRIMARY" + health_check: "{{ healthchk_primary_result.health_check.id }}" + alias_hosted_zone_id: "{{ primary_lb.elb.hosted_zone_id }}" + register: alias_record_primary_result + + - name: Add an alias record that points to an aws ELB in the replica region + amazon.aws.route53: + state: present + zone: "{{ route53_zone_name }}" + record: "{{route53_subdomain }}.{{ route53_zone_name }}" + type: A + value: "{{ replica_lb.elb.dns_name }}" + alias: True + identifier: "replica-record" + failover: "SECONDARY" + health_check: "{{ healthchk_replica_result.health_check.id }}" + alias_hosted_zone_id: "{{ replica_lb.elb.hosted_zone_id }}" + register: alias_record_replica_result + + - name: Pause for 30 secs for the alias records to be active + ansible.builtin.pause: + seconds: 30 + + - name: Get Application URL + ansible.builtin.debug: + msg: "Application url: {{ route53_subdomain }}.{{ route53_zone_name }}:{{ deploy_flask_app_listening_port }}" diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index 45a11980..1d5706a2 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -11,8 +11,8 @@ filters: group-name: "{{ rds_secgroup_name }}" region: "{{ test_primary_cluster_region }}" - register: rds_primary_sg - + register: rds_primary_sg + - name: Create rds global database amazon.cloud.rds_global_cluster: global_cluster_identifier: "{{ test_global_cluster_name }}" @@ -30,7 +30,7 @@ region: "{{ test_primary_cluster_region }}" engine: "{{ rds_engine }}" engine_version: "{{ rds_engine_version }}" - #enable_global_write_forwarding: True + # enable_global_write_forwarding: true master_user_password: "{{ deploy_flask_app_rds_master_password }}" master_username: "{{ deploy_flask_app_rds_master_username }}" db_subnet_group_name: "{{ rds_subnet_group_name }}" @@ -78,7 +78,7 @@ filters: group-name: "{{ rds_secgroup_name }}" region: "{{ test_replica_cluster_region }}" - register: rds_replica_sg + register: rds_replica_sg - name: Create a replica cluster for global database amazon.aws.rds_cluster: @@ -86,8 +86,8 @@ db_cluster_identifier: "{{ test_replica_cluster_name }}" db_subnet_group_name: "{{ rds_subnet_group_name }}" engine: "{{ rds_engine }}" - engine_version: "{{ global_cluster_info.GlobalClusters[0].EngineVersion }}" # replica cluster engine version needs to be exact same as global db engine version - #enable_global_write_forwarding: True + engine_version: "{{ global_cluster_info.GlobalClusters[0].EngineVersion }}" # replica cluster engine version needs to be exact same as global db engine version + # enable_global_write_forwarding: true vpc_security_group_ids: - "{{ rds_replica_sg.security_groups[0].group_id }}" region: "{{ test_replica_cluster_region }}" diff --git a/playbooks/webapp/tasks/delete.yaml b/playbooks/webapp/tasks/delete.yaml index 999707d0..639a1e0c 100644 --- a/playbooks/webapp/tasks/delete.yaml +++ b/playbooks/webapp/tasks/delete.yaml @@ -57,6 +57,7 @@ register: running - name: Delete workers + when: running.instances | length != 0 amazon.aws.ec2_instance: instance_ids: "{{ running.instances | map(attribute='instance_id') | list }}" wait: true @@ -87,20 +88,6 @@ state: absent ignore_errors: true - - name: List Security group from VPC - amazon.aws.ec2_security_group_info: - filters: - vpc-id: "{{ vpc_id }}" - tag:prefix: "{{ resource_prefix }}" - register: secgroups - - - name: Delete security groups - amazon.aws.ec2_security_group: - state: absent - group_id: "{{ item }}" - with_items: "{{ secgroups.security_groups | map(attribute='group_id') | list }}" - ignore_errors: true - - name: List routes table from VPC amazon.aws.ec2_vpc_route_table_info: filters: diff --git a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml index 21394306..bb7bab5e 100644 --- a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml @@ -59,4 +59,3 @@ engine_version: "{{ rds_engine_version }}" region: "{{ test_primary_cluster_region }}" state: absent - diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index b940eae5..510678e0 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -2,7 +2,7 @@ # Variables for create.yaml # aws_region: us-west-2 dest_region: us-east-2 -resource_prefix: "ansible-test" +resource_prefix: "ansible-test-gosriniv" vpc_name: "{{ resource_prefix }}-vpc" vpc_cidr: 10.1.0.0/16 subnet_cidr: @@ -16,7 +16,7 @@ operation: create image_filter: Fedora-Cloud-Base-35-*gp2-0 # image_filter: RHEL-8.7.0_HVM-20221101-x86_64-0-Hourly2-GP2 # image_filter: RHEL_HA-9.0.0_HVM-20230822-x86_64-17-Hourly2-GP2 - podman 503 error -#image_filter: RHEL_HA-9.2.0_HVM-20230905-x86_64-38-Hourly2-GP2 +# image_filter: RHEL_HA-9.2.0_HVM-20230905-x86_64-38-Hourly2-GP2 public_secgroup_name: "{{ resource_prefix }}-sg" rds_subnet_group_name: "{{ resource_prefix }}-rds-sg" rds_secgroup_name: "{{ resource_prefix }}-rds-sec" @@ -64,7 +64,6 @@ deploy_flask_app_rds_master_username: ansible test_instance_class: db.r5.large # Global cluster parameters ================================ test_global_cluster_name: "{{ resource_prefix }}-global-cluster" -aurora_listening_port: 3306 # Primary cluster parameters ================================ test_primary_cluster_name: "{{ resource_prefix }}-primary-cluster" @@ -75,3 +74,7 @@ test_primary_cluster_instance_name: "{{ resource_prefix }}-primary-instance" test_replica_cluster_name: "{{ resource_prefix }}-replica-cluster" test_replica_cluster_region: us-east-2 test_replica_cluster_instance_name: "{{ resource_prefix }}-replica-instance" + +# vars for route53 records +route53_zone_name: "ansiblecloud.xyz" +route53_subdomain: "flaskapp" diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml index 6a5e16b8..c04f34ff 100644 --- a/playbooks/webapp/webapp_ha_aurora.yaml +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -12,12 +12,10 @@ - name: Create resources in primary region ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml vars: - region: "{{ test_primary_cluster_region }}" - - - name: Create resources in replica region - ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml - vars: - region: "{{ test_replica_cluster_region }}" + region: "{{ item }}" + with_items: + - "{{ test_primary_cluster_region }}" + - "{{ test_replica_cluster_region }}" - name: Create Aurora db cluster ansible.builtin.import_tasks: tasks/create_aurora_db_cluster.yaml @@ -36,6 +34,7 @@ amazon.aws.ec2_vpc_subnet_info: filters: vpc-id: "{{ primary_vpc.vpcs[0].id }}" + cidr: "{{ subnet_cidr[1] }}" region: "{{ test_primary_cluster_region }}" register: primary_private_subnet @@ -57,6 +56,10 @@ deploy_flask_app_rds_info: "{{ primary_instance_info_result }}" deploy_flask_app_region: "{{ test_primary_cluster_region }}" + - name: Get load balancer name from the primary region + ansible.builtin.set_fact: + primary_lb: "{{ deploy_flask_app_lb_result }}" + # ================= Deploy App in the replica region ================= - name: Get VPC info from replica region @@ -78,12 +81,10 @@ amazon.aws.ec2_vpc_subnet_info: filters: vpc-id: "{{ replica_vpc.vpcs[0].id }}" + cidr: "{{ subnet_cidr[1] }}" region: "{{ test_replica_cluster_region }}" register: replica_private_subnet - - debug: - msg: "Replica : {{ test_replica_cluster_region }}" - - name: Deploy app in replica region ansible.builtin.include_role: name: cloud.aws_ops.deploy_flask_app @@ -94,6 +95,12 @@ deploy_flask_app_rds_info: "{{ replica_instance_info_result }}" deploy_flask_app_region: "{{ test_replica_cluster_region }}" + - name: Get load balancer name from the replica region + ansible.builtin.set_fact: + replica_lb: "{{ deploy_flask_app_lb_result }}" + + - name: Add Route53 configurations + ansible.builtin.include_tasks: tasks/add_route53_records.yaml # ================================================================================ diff --git a/roles/deploy_flask_app/files/run_app.yaml b/roles/deploy_flask_app/files/run_app.yaml index e043660e..b221927b 100644 --- a/roles/deploy_flask_app/files/run_app.yaml +++ b/roles/deploy_flask_app/files/run_app.yaml @@ -20,11 +20,6 @@ - regex: ^(# *)?ClientAliveCountMax line: ClientAliveCountMax 3 - # - name: Enable EPEL - # ansible.builtin.package: - # name: - # - epel-release - - name: Install Podman ansible.builtin.yum: name: diff --git a/roles/deploy_flask_app/tasks/bastion_setup.yaml b/roles/deploy_flask_app/tasks/bastion_setup.yaml index 2bb04d33..f13e550c 100644 --- a/roles/deploy_flask_app/tasks/bastion_setup.yaml +++ b/roles/deploy_flask_app/tasks/bastion_setup.yaml @@ -20,12 +20,6 @@ line: ClientAliveCountMax 3 become: true -# - name: Enable EPEL -# ansible.builtin.package: -# name: -# - epel-release -# become: true - - name: Install required packages ansible.builtin.yum: name: "{{ deploy_flask_app_bastion_host_required_packages }}" From aa69319e3489780229e3d5664dc3617c1b998a6c Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Fri, 6 Oct 2023 15:15:10 -0400 Subject: [PATCH 05/20] Change var name --- playbooks/webapp/vars/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index 510678e0..55803c63 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -2,7 +2,7 @@ # Variables for create.yaml # aws_region: us-west-2 dest_region: us-east-2 -resource_prefix: "ansible-test-gosriniv" +resource_prefix: "ansible-test" vpc_name: "{{ resource_prefix }}-vpc" vpc_cidr: 10.1.0.0/16 subnet_cidr: From b54b0e895443c25370e4ad4cb67dbf7a4c8d7489 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Fri, 6 Oct 2023 15:17:19 -0400 Subject: [PATCH 06/20] Remove debug --- roles/deploy_flask_app/tasks/main.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/roles/deploy_flask_app/tasks/main.yaml b/roles/deploy_flask_app/tasks/main.yaml index 4d722167..34df2040 100644 --- a/roles/deploy_flask_app/tasks/main.yaml +++ b/roles/deploy_flask_app/tasks/main.yaml @@ -1,13 +1,8 @@ --- -- debug: - msg: "Rgion {{ deploy_flask_app_region }}" - name: Deploy flask app. module_defaults: group/aws: "{{ aws_setup_credentials__output }}" block: - - debug: - msg: "Rgion {{ deploy_flask_app_region }}" - - name: Create new host in inventory for use in later plays. ansible.builtin.include_tasks: setup.yaml From d8c4e17e15fbb438578c657c83797d6c57b67e67 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Mon, 9 Oct 2023 10:22:10 -0400 Subject: [PATCH 07/20] updated galaxy.yaml --- galaxy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/galaxy.yml b/galaxy.yml index 509ff62e..88c7b94a 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -18,6 +18,7 @@ tags: - cluster dependencies: amazon.aws: '>=5.1.0' + amazon.cloud: '>=0.4.0' community.aws: '>=5.0.0' amazon.cloud: '>=0.4.0' version: 1.0.3 From 7bfdb59bb06affd9cfb09a3054028ec0f8bef91e Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Tue, 10 Oct 2023 16:22:47 -0400 Subject: [PATCH 08/20] Include create_rds_global_cluster role to create db --- .../tasks/create_aurora_db_cluster.yaml | 95 ++++++------------- playbooks/webapp/tasks/delete.yaml | 13 +++ .../webapp/tasks/delete_route53_records.yaml | 74 +++++++++++++++ playbooks/webapp/webapp_ha_aurora.yaml | 49 ++++++---- 4 files changed, 151 insertions(+), 80 deletions(-) create mode 100644 playbooks/webapp/tasks/delete_route53_records.yaml diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index 1d5706a2..ffcc4efc 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -6,50 +6,47 @@ aws_secret_key: "{{ aws_secret_key | default(omit) }}" security_token: "{{ security_token | default(omit) }}" block: - - name: Get security group id + - name: Get security group id - primary region amazon.aws.ec2_security_group_info: filters: group-name: "{{ rds_secgroup_name }}" region: "{{ test_primary_cluster_region }}" register: rds_primary_sg - - name: Create rds global database - amazon.cloud.rds_global_cluster: - global_cluster_identifier: "{{ test_global_cluster_name }}" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - region: "{{ test_primary_cluster_region }}" - state: present - register: create_global_result + - name: Get security group id - replica region + amazon.aws.ec2_security_group_info: + filters: + group-name: "{{ rds_secgroup_name }}" + region: "{{ test_replica_cluster_region }}" + register: rds_replica_sg - - name: Create a primary cluster for global database - amazon.aws.rds_cluster: - global_cluster_identifier: "{{ test_global_cluster_name }}" - db_cluster_identifier: "{{ test_primary_cluster_name }}" - db_name: "{{ rds_instance_name }}" - region: "{{ test_primary_cluster_region }}" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - # enable_global_write_forwarding: true - master_user_password: "{{ deploy_flask_app_rds_master_password }}" - master_username: "{{ deploy_flask_app_rds_master_username }}" - db_subnet_group_name: "{{ rds_subnet_group_name }}" - vpc_security_group_ids: + - name: Create Aurora db cluster + ansible.builtin.include_role: + name: cloud.aws_ops.create_rds_global_cluster + vars: + create_rds_global_cluster_operation: create + create_rds_global_cluster_engine: "aurora-postgresql" + create_rds_global_cluster_engine_version: "{{ rds_engine_version }}" + create_rds_global_cluster_instance_class: "{{ test_instance_class }}" + create_rds_global_cluster_master_username: "{{ deploy_flask_app_rds_master_username }}" + create_rds_global_cluster_master_user_password: "{{ deploy_flask_app_rds_master_password }}" + create_rds_global_cluster_global_cluster_name: "{{ test_global_cluster_name }}" + create_rds_global_cluster_primary_cluster_name: "{{ test_primary_cluster_name }}" + create_rds_global_cluster_primary_cluster_region: "{{ test_primary_cluster_region }}" + create_rds_global_cluster_primary_cluster_instance_name: "{{ test_primary_cluster_instance_name }}" + create_rds_global_cluster_replica_cluster_name: "{{ test_replica_cluster_name }}" + create_rds_global_cluster_replica_cluster_region: "{{ test_replica_cluster_region }}" + create_rds_global_cluster_replica_cluster_instance_name: "{{ test_replica_cluster_instance_name }}" + create_rds_global_cluster_db_subnet_group_name: "{{ rds_subnet_group_name }}" + create_rds_global_cluster_primary_cluster_db_name: "{{ rds_instance_name }}" + create_rds_global_cluster_primary_cluster_vpc_security_group_ids: - "{{ rds_primary_sg.security_groups[0].group_id }}" - register: create_primary_result - - - name: Create an instance connected to primary cluster - amazon.aws.rds_instance: - db_cluster_identifier: "{{ test_primary_cluster_name }}" - db_instance_identifier: "{{ test_primary_cluster_name }}-instance" - region: "{{ test_primary_cluster_region }}" - engine: "{{ rds_engine }}" - db_instance_class: "db.r6g.large" - skip_final_snapshot: true + create_rds_global_cluster_replica_cluster_vpc_security_group_ids: + - "{{ rds_replica_sg.security_groups[0].group_id }}" - name: Get primary instance info amazon.aws.rds_instance_info: - db_instance_identifier: "{{ test_primary_cluster_name }}-instance" + db_instance_identifier: "{{ test_primary_cluster_instance_name }}" region: "{{ test_primary_cluster_region }}" register: primary_instance_info_result @@ -72,39 +69,9 @@ that: - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[0].DBClusterArn == primary_cluster_info_result.clusters[0].db_cluster_arn - # Create replica cluster ------------------------------------------------------------------------------- - - name: Get security group id - amazon.aws.ec2_security_group_info: - filters: - group-name: "{{ rds_secgroup_name }}" - region: "{{ test_replica_cluster_region }}" - register: rds_replica_sg - - - name: Create a replica cluster for global database - amazon.aws.rds_cluster: - global_cluster_identifier: "{{ test_global_cluster_name }}" - db_cluster_identifier: "{{ test_replica_cluster_name }}" - db_subnet_group_name: "{{ rds_subnet_group_name }}" - engine: "{{ rds_engine }}" - engine_version: "{{ global_cluster_info.GlobalClusters[0].EngineVersion }}" # replica cluster engine version needs to be exact same as global db engine version - # enable_global_write_forwarding: true - vpc_security_group_ids: - - "{{ rds_replica_sg.security_groups[0].group_id }}" - region: "{{ test_replica_cluster_region }}" - register: create_replica_result - - - name: Create an instance connected to replica cluster - amazon.aws.rds_instance: - db_cluster_identifier: "{{ test_replica_cluster_name }}" - db_instance_identifier: "{{ test_replica_cluster_name }}-instance" - region: "{{ test_replica_cluster_region }}" - engine: "{{ rds_engine }}" - db_instance_class: "db.r6g.large" - skip_final_snapshot: true - - name: Get replica instance info amazon.aws.rds_instance_info: - db_instance_identifier: "{{ test_replica_cluster_name }}-instance" + db_instance_identifier: "{{ test_replica_cluster_instance_name }}" region: "{{ test_replica_cluster_region }}" register: replica_instance_info_result diff --git a/playbooks/webapp/tasks/delete.yaml b/playbooks/webapp/tasks/delete.yaml index 639a1e0c..d243b175 100644 --- a/playbooks/webapp/tasks/delete.yaml +++ b/playbooks/webapp/tasks/delete.yaml @@ -88,6 +88,19 @@ state: absent ignore_errors: true + - name: List Security group from VPC + amazon.aws.ec2_security_group_info: + filters: + vpc-id: "{{ vpc_id }}" + tag:prefix: "{{ resource_prefix }}" + register: secgroups + + - name: Delete security groups + amazon.aws.ec2_security_group: + state: absent + group_id: "{{ item }}" + with_items: "{{ secgroups.security_groups | map(attribute='group_id') | list }}" + - name: List routes table from VPC amazon.aws.ec2_vpc_route_table_info: filters: diff --git a/playbooks/webapp/tasks/delete_route53_records.yaml b/playbooks/webapp/tasks/delete_route53_records.yaml new file mode 100644 index 00000000..a13da170 --- /dev/null +++ b/playbooks/webapp/tasks/delete_route53_records.yaml @@ -0,0 +1,74 @@ +--- +- name: Add Route53 configurations + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key | default(omit) }}" + aws_secret_key: "{{ aws_secret_key | default(omit) }}" + security_token: "{{ security_token | default(omit) }}" + block: + + - name: Get health check info + amazon.aws.route53_info: + query: health_check + register: health_check_info + + + - name: Delete route53 health check for the load balancer in primary region + amazon.aws.route53_health_check: + health_check_id: "{{ item.id }}" + state: absent + when: + - item.health_check_config.port == 5000 + - item.health_check_config.type == 'HTTP' + - item.health_check_config.fully_qualified_domain_name | regex_search('.*elb.amazonaws.com') + loop: "{{ health_check_info.health_checks }}" + ignore_errors: True + + - name: Get hosted zone details + amazon.aws.route53_info: + query: hosted_zone + register: hosted_zone_info + + - name: Set facts for deletion + ansible.builtin.set_fact: + hosted_zone_id: "{{ item.id }}" + when: item.name[:-1] == route53_zone_name + loop: "{{ hosted_zone_info.hosted_zones }}" + + - name: Get alias hosted zone record record details + amazon.aws.route53_info: + query: record_sets + hosted_zone_id: "{{ hosted_zone_id }}" + register: record_info + + - name: Delete alias record that points to an aws ELB in the primary region + amazon.aws.route53: + state: absent + zone: "{{ route53_zone_name }}" + record: "{{route53_subdomain }}.{{ route53_zone_name }}." + type: A + alias: True + alias_hosted_zone_id: "{{ item.alias_target.hosted_zone_id }}" + value: "{{ item.alias_target.dns_name[:-1] }}" + ignore_errors: True + when: + - item.set_identifier is defined + - item.set_identifier == "primary-record" + loop: "{{ record_info.resource_record_sets }}" + + - name: Delete alias record that points to an aws ELB in the secondary region + amazon.aws.route53: + state: absent + zone: "{{ route53_zone_name }}" + record: "{{route53_subdomain }}.{{ route53_zone_name }}." + type: A + alias: True + identifier: "replica-record" + failover: "SECONDARY" + alias_hosted_zone_id: "{{ item.alias_target.hosted_zone_id }}" + value: "{{ item.alias_target.dns_name[:-1] }}" + ignore_errors: True + when: + - item.set_identifier is defined + - item.set_identifier == "replica-record" + loop: "{{ record_info.resource_record_sets }}" diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml index c04f34ff..4df715a5 100644 --- a/playbooks/webapp/webapp_ha_aurora.yaml +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -12,17 +12,19 @@ - name: Create resources in primary region ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml vars: - region: "{{ item }}" - with_items: + region: "{{ creation_region }}" + loop: - "{{ test_primary_cluster_region }}" - "{{ test_replica_cluster_region }}" + loop_control: + loop_var: creation_region - name: Create Aurora db cluster ansible.builtin.import_tasks: tasks/create_aurora_db_cluster.yaml - vars: - rds_engine: "aurora-postgresql" # ================= Deploy App in the primary region ================= + + - name: Get VPC info from primary region amazon.aws.ec2_vpc_net_info: filters: @@ -104,17 +106,32 @@ # ================================================================================ - - name: Delete instance from source region + - name: Delete resources when: operation == "delete" - ansible.builtin.import_tasks: tasks/delete_aurora_db_cluster.yaml - vars: - rds_engine: "aurora-postgresql" + block: - - name: Delete instance from source region - when: operation == "delete" - ansible.builtin.include_tasks: tasks/delete.yaml - vars: - region: "{{ item }}" - with_items: - - "{{ test_primary_cluster_region }}" - - "{{ test_replica_cluster_region }}" + - name: Delete Route 53 records and health checks + ansible.builtin.import_tasks: tasks/delete_route53_records.yaml + + - name: Delete Aurora DB + ansible.builtin.include_role: + name: cloud.aws_ops.create_rds_global_cluster + vars: + create_rds_global_cluster_operation: delete + create_rds_global_cluster_global_cluster_name: "{{ test_global_cluster_name }}" + create_rds_global_cluster_primary_cluster_name: "{{ test_primary_cluster_name }}" + create_rds_global_cluster_primary_cluster_region: "{{ test_primary_cluster_region }}" + create_rds_global_cluster_primary_cluster_instance_name: "{{ test_primary_cluster_instance_name }}" + create_rds_global_cluster_replica_cluster_name: "{{ test_replica_cluster_name }}" + create_rds_global_cluster_replica_cluster_region: "{{ test_replica_cluster_region }}" + create_rds_global_cluster_replica_cluster_instance_name: "{{ test_replica_cluster_instance_name }}" + + - name: Delete all resources + ansible.builtin.include_tasks: tasks/delete.yaml + vars: + region: "{{ deletion_region }}" + loop: + - "{{ test_primary_cluster_region }}" + - "{{ test_replica_cluster_region }}" + loop_control: + loop_var: deletion_region From 1dd5ce7b2637b66641b61fc9b2b093622183509d Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Wed, 11 Oct 2023 11:12:03 -0400 Subject: [PATCH 09/20] Change change_fragment file name to avoid ansible-lint failures --- changelogs/fragments/webapp_in_HA.yaml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelogs/fragments/webapp_in_HA.yaml diff --git a/changelogs/fragments/webapp_in_HA.yaml b/changelogs/fragments/webapp_in_HA.yaml new file mode 100644 index 00000000..74cf75cb --- /dev/null +++ b/changelogs/fragments/webapp_in_HA.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: +- "Add a playbook to deploy a simple flask web app into high availability architecture (https://github.com/redhat-cop/cloud.aws_ops/pull/97)." From 7880cf10bbba080e1adb08c36db23e136fbb20e0 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Thu, 12 Oct 2023 10:08:34 -0400 Subject: [PATCH 10/20] Change var name --- playbooks/webapp/README.md | 16 ++++---- .../tasks/create_aurora_db_cluster.yaml | 40 +++++++++---------- .../tasks/delete_aurora_db_cluster.yaml | 32 +++++++-------- playbooks/webapp/vars/main.yaml | 16 ++++---- playbooks/webapp/webapp_ha_aurora.yaml | 38 +++++++++--------- 5 files changed, 71 insertions(+), 71 deletions(-) diff --git a/playbooks/webapp/README.md b/playbooks/webapp/README.md index 49d7c102..b9b68e0b 100644 --- a/playbooks/webapp/README.md +++ b/playbooks/webapp/README.md @@ -163,14 +163,14 @@ To delete the webapp: Along with the above variables, following variables are need for this playbook: -* **test_instance_class** (str): DB instance class for the aurora db instances. Default: `db.r5.large` -* **test_global_cluster_name** (str): Name of the global cluster. Default: "{{ resource_prefix }}-global-cluster" -* **test_primary_cluster_name** (str): Name of the primary cluster. Default: "{{ resource_prefix }}-primary-cluster" -* **test_primary_cluster_region** (str): Primary Region. Default: `us-west-2` -* **test_primary_cluster_instance_name* (str): Name of primary db instance. Default: "{{ resource_prefix }}-primary-instance" -* **test_replica_cluster_name** (str): Name of the replica cluster. Default: "{{ resource_prefix }}-replica-cluster" -* **test_replica_cluster_region** (str): Replica Region. Default: `us-east-2` -* **test_replica_cluster_instance_name** (str): Name of the replica db instance. Default: "{{ resource_prefix }}-replica-instance" +* **rds_instance_class** (str): DB instance class for the aurora db instances. Default: `db.r5.large` +* **rds_global_cluster_name** (str): Name of the global cluster. Default: "{{ resource_prefix }}-global-cluster" +* **rds_primary_cluster_name** (str): Name of the primary cluster. Default: "{{ resource_prefix }}-primary-cluster" +* **rds_primary_cluster_region** (str): Primary Region. Default: `us-west-2` +* **rds_primary_cluster_instance_name* (str): Name of primary db instance. Default: "{{ resource_prefix }}-primary-instance" +* **rds_replica_cluster_name** (str): Name of the replica cluster. Default: "{{ resource_prefix }}-replica-cluster" +* **rds_replica_cluster_region** (str): Replica Region. Default: `us-east-2` +* **rds_replica_cluster_instance_name** (str): Name of the replica db instance. Default: "{{ resource_prefix }}-replica-instance" # vars for route53 records * **route53_zone_name** (str): Route53 Zone name. Default: "ansiblecloud.xyz" diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index ffcc4efc..bc704a67 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -10,14 +10,14 @@ amazon.aws.ec2_security_group_info: filters: group-name: "{{ rds_secgroup_name }}" - region: "{{ test_primary_cluster_region }}" + region: "{{ rds_primary_cluster_region }}" register: rds_primary_sg - name: Get security group id - replica region amazon.aws.ec2_security_group_info: filters: group-name: "{{ rds_secgroup_name }}" - region: "{{ test_replica_cluster_region }}" + region: "{{ rds_replica_cluster_region }}" register: rds_replica_sg - name: Create Aurora db cluster @@ -27,16 +27,16 @@ create_rds_global_cluster_operation: create create_rds_global_cluster_engine: "aurora-postgresql" create_rds_global_cluster_engine_version: "{{ rds_engine_version }}" - create_rds_global_cluster_instance_class: "{{ test_instance_class }}" + create_rds_global_cluster_instance_class: "{{ rds_instance_class }}" create_rds_global_cluster_master_username: "{{ deploy_flask_app_rds_master_username }}" create_rds_global_cluster_master_user_password: "{{ deploy_flask_app_rds_master_password }}" - create_rds_global_cluster_global_cluster_name: "{{ test_global_cluster_name }}" - create_rds_global_cluster_primary_cluster_name: "{{ test_primary_cluster_name }}" - create_rds_global_cluster_primary_cluster_region: "{{ test_primary_cluster_region }}" - create_rds_global_cluster_primary_cluster_instance_name: "{{ test_primary_cluster_instance_name }}" - create_rds_global_cluster_replica_cluster_name: "{{ test_replica_cluster_name }}" - create_rds_global_cluster_replica_cluster_region: "{{ test_replica_cluster_region }}" - create_rds_global_cluster_replica_cluster_instance_name: "{{ test_replica_cluster_instance_name }}" + create_rds_global_cluster_global_cluster_name: "{{ rds_global_cluster_name }}" + create_rds_global_cluster_primary_cluster_name: "{{ rds_primary_cluster_name }}" + create_rds_global_cluster_primary_cluster_region: "{{ rds_primary_cluster_region }}" + create_rds_global_cluster_primary_cluster_instance_name: "{{ rds_primary_cluster_instance_name }}" + create_rds_global_cluster_replica_cluster_name: "{{ rds_replica_cluster_name }}" + create_rds_global_cluster_replica_cluster_region: "{{ rds_replica_cluster_region }}" + create_rds_global_cluster_replica_cluster_instance_name: "{{ rds_replica_cluster_instance_name }}" create_rds_global_cluster_db_subnet_group_name: "{{ rds_subnet_group_name }}" create_rds_global_cluster_primary_cluster_db_name: "{{ rds_instance_name }}" create_rds_global_cluster_primary_cluster_vpc_security_group_ids: @@ -46,18 +46,18 @@ - name: Get primary instance info amazon.aws.rds_instance_info: - db_instance_identifier: "{{ test_primary_cluster_instance_name }}" - region: "{{ test_primary_cluster_region }}" + db_instance_identifier: "{{ rds_primary_cluster_instance_name }}" + region: "{{ rds_primary_cluster_region }}" register: primary_instance_info_result - name: Get primary cluster info amazon.aws.rds_cluster_info: - db_cluster_identifier: "{{ test_primary_cluster_name }}" - region: "{{ test_primary_cluster_region }}" + db_cluster_identifier: "{{ rds_primary_cluster_name }}" + region: "{{ rds_primary_cluster_region }}" register: primary_cluster_info_result - name: Get global db info - command: "aws rds describe-global-clusters --global-cluster-identifier {{ test_global_cluster_name }}" + command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" register: global_cluster_info_result - name: convert it to an object @@ -71,18 +71,18 @@ - name: Get replica instance info amazon.aws.rds_instance_info: - db_instance_identifier: "{{ test_replica_cluster_instance_name }}" - region: "{{ test_replica_cluster_region }}" + db_instance_identifier: "{{ rds_replica_cluster_instance_name }}" + region: "{{ rds_replica_cluster_region }}" register: replica_instance_info_result - name: Get replica cluster info amazon.aws.rds_cluster_info: - db_cluster_identifier: "{{ test_replica_cluster_name }}" - region: "{{ test_replica_cluster_region }}" + db_cluster_identifier: "{{ rds_replica_cluster_name }}" + region: "{{ rds_replica_cluster_region }}" register: replica_cluster_info_result - name: Get global db info - command: "aws rds describe-global-clusters --global-cluster-identifier {{ test_global_cluster_name }}" + command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" register: global_cluster_info_result - name: convert it to an object diff --git a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml index bb7bab5e..2f75d24b 100644 --- a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml @@ -8,54 +8,54 @@ block: - name: Delete instance connected to replica cluster amazon.aws.rds_instance: - db_cluster_identifier: "{{ test_replica_cluster_name }}" - db_instance_identifier: "{{ test_replica_cluster_name }}-instance" + db_cluster_identifier: "{{ rds_replica_cluster_name }}" + db_instance_identifier: "{{ rds_replica_cluster_name }}-instance" engine: "{{ rds_engine }}" engine_version: "{{ rds_engine_version }}" - db_instance_class: "{{ test_instance_class }}" + db_instance_class: "{{ rds_instance_class }}" skip_final_snapshot: true - region: "{{ test_replica_cluster_region }}" + region: "{{ rds_replica_cluster_region }}" wait: True state: absent - name: Delete replica cluster amazon.aws.rds_cluster: - db_cluster_identifier: "{{ test_replica_cluster_name }}" - global_cluster_identifier: "{{ test_global_cluster_name }}" + db_cluster_identifier: "{{ rds_replica_cluster_name }}" + global_cluster_identifier: "{{ rds_global_cluster_name }}" engine: "{{ rds_engine }}" engine_version: "{{ rds_engine_version }}" skip_final_snapshot: true remove_from_global_db: true - region: "{{ test_replica_cluster_region }}" + region: "{{ rds_replica_cluster_region }}" state: absent - name: Delete instance connected to primary cluster amazon.aws.rds_instance: - db_cluster_identifier: "{{ test_primary_cluster_name }}" - db_instance_identifier: "{{ test_primary_cluster_name }}-instance" + db_cluster_identifier: "{{ rds_primary_cluster_name }}" + db_instance_identifier: "{{ rds_primary_cluster_name }}-instance" engine: "{{ rds_engine }}" engine_version: "{{ rds_engine_version }}" - db_instance_class: "{{ test_instance_class }}" + db_instance_class: "{{ rds_instance_class }}" skip_final_snapshot: true - region: "{{ test_primary_cluster_region }}" + region: "{{ rds_primary_cluster_region }}" state: absent - name: Delete primary cluster amazon.aws.rds_cluster: - db_cluster_identifier: "{{ test_primary_cluster_name }}" - global_cluster_identifier: "{{ test_global_cluster_name }}" + db_cluster_identifier: "{{ rds_primary_cluster_name }}" + global_cluster_identifier: "{{ rds_global_cluster_name }}" engine: "{{ rds_engine }}" engine_version: "{{ rds_engine_version }}" username: "{{ deploy_flask_app_rds_master_username }}" password: "{{ deploy_flask_app_rds_master_password }}" skip_final_snapshot: true - region: "{{ test_primary_cluster_region }}" + region: "{{ rds_primary_cluster_region }}" state: absent - name: Delete global db amazon.cloud.rds_global_cluster: - global_cluster_identifier: "{{ test_global_cluster_name }}" + global_cluster_identifier: "{{ rds_global_cluster_name }}" engine: "{{ rds_engine }}" engine_version: "{{ rds_engine_version }}" - region: "{{ test_primary_cluster_region }}" + region: "{{ rds_primary_cluster_region }}" state: absent diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index 55803c63..bce00dd5 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -61,19 +61,19 @@ deploy_flask_app_rds_master_password: L#5cH2mgy_ deploy_flask_app_rds_master_username: ansible # vars to create aurora db cluster -test_instance_class: db.r5.large +rds_instance_class: db.r5.large # Global cluster parameters ================================ -test_global_cluster_name: "{{ resource_prefix }}-global-cluster" +rds_global_cluster_name: "{{ resource_prefix }}-global-cluster" # Primary cluster parameters ================================ -test_primary_cluster_name: "{{ resource_prefix }}-primary-cluster" -test_primary_cluster_region: us-west-2 -test_primary_cluster_instance_name: "{{ resource_prefix }}-primary-instance" +rds_primary_cluster_name: "{{ resource_prefix }}-primary-cluster" +rds_primary_cluster_region: us-west-2 +rds_primary_cluster_instance_name: "{{ resource_prefix }}-primary-instance" # Replica cluster parameters ================================ -test_replica_cluster_name: "{{ resource_prefix }}-replica-cluster" -test_replica_cluster_region: us-east-2 -test_replica_cluster_instance_name: "{{ resource_prefix }}-replica-instance" +rds_replica_cluster_name: "{{ resource_prefix }}-replica-cluster" +rds_replica_cluster_region: us-east-2 +rds_replica_cluster_instance_name: "{{ resource_prefix }}-replica-instance" # vars for route53 records route53_zone_name: "ansiblecloud.xyz" diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml index 4df715a5..87ddbc9f 100644 --- a/playbooks/webapp/webapp_ha_aurora.yaml +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -14,8 +14,8 @@ vars: region: "{{ creation_region }}" loop: - - "{{ test_primary_cluster_region }}" - - "{{ test_replica_cluster_region }}" + - "{{ rds_primary_cluster_region }}" + - "{{ rds_replica_cluster_region }}" loop_control: loop_var: creation_region @@ -29,7 +29,7 @@ amazon.aws.ec2_vpc_net_info: filters: "tag:Name": "{{ vpc_name }}" - region: "{{ test_primary_cluster_region }}" + region: "{{ rds_primary_cluster_region }}" register: primary_vpc - name: Get primary private subnet for workers @@ -37,7 +37,7 @@ filters: vpc-id: "{{ primary_vpc.vpcs[0].id }}" cidr: "{{ subnet_cidr[1] }}" - region: "{{ test_primary_cluster_region }}" + region: "{{ rds_primary_cluster_region }}" register: primary_private_subnet - name: Get VM info in the primary region @@ -45,7 +45,7 @@ filters: "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" instance-state-name: [ "running"] - region: "{{ test_primary_cluster_region }}" + region: "{{ rds_primary_cluster_region }}" register: primary_vm_result - name: Deploy app in primary region @@ -56,7 +56,7 @@ deploy_flask_app_vpc_id: "{{ primary_vpc.vpcs[0].id }}" deploy_flask_app_vm_info: "{{ primary_vm_result }}" deploy_flask_app_rds_info: "{{ primary_instance_info_result }}" - deploy_flask_app_region: "{{ test_primary_cluster_region }}" + deploy_flask_app_region: "{{ rds_primary_cluster_region }}" - name: Get load balancer name from the primary region ansible.builtin.set_fact: @@ -68,7 +68,7 @@ amazon.aws.ec2_vpc_net_info: filters: "tag:Name": "{{ vpc_name }}" - region: "{{ test_replica_cluster_region }}" + region: "{{ rds_replica_cluster_region }}" register: replica_vpc - name: Get VM info in the replica region @@ -76,7 +76,7 @@ filters: "tag:Name": "{{ deploy_flask_app_bastion_host_name }}" instance-state-name: [ "running"] - region: "{{ test_replica_cluster_region }}" + region: "{{ rds_replica_cluster_region }}" register: replica_vm_result - name: Get replica private subnet for workers @@ -84,7 +84,7 @@ filters: vpc-id: "{{ replica_vpc.vpcs[0].id }}" cidr: "{{ subnet_cidr[1] }}" - region: "{{ test_replica_cluster_region }}" + region: "{{ rds_replica_cluster_region }}" register: replica_private_subnet - name: Deploy app in replica region @@ -95,7 +95,7 @@ deploy_flask_app_vpc_id: "{{ replica_vpc.vpcs[0].id }}" deploy_flask_app_vm_info: "{{ replica_vm_result }}" deploy_flask_app_rds_info: "{{ replica_instance_info_result }}" - deploy_flask_app_region: "{{ test_replica_cluster_region }}" + deploy_flask_app_region: "{{ rds_replica_cluster_region }}" - name: Get load balancer name from the replica region ansible.builtin.set_fact: @@ -118,20 +118,20 @@ name: cloud.aws_ops.create_rds_global_cluster vars: create_rds_global_cluster_operation: delete - create_rds_global_cluster_global_cluster_name: "{{ test_global_cluster_name }}" - create_rds_global_cluster_primary_cluster_name: "{{ test_primary_cluster_name }}" - create_rds_global_cluster_primary_cluster_region: "{{ test_primary_cluster_region }}" - create_rds_global_cluster_primary_cluster_instance_name: "{{ test_primary_cluster_instance_name }}" - create_rds_global_cluster_replica_cluster_name: "{{ test_replica_cluster_name }}" - create_rds_global_cluster_replica_cluster_region: "{{ test_replica_cluster_region }}" - create_rds_global_cluster_replica_cluster_instance_name: "{{ test_replica_cluster_instance_name }}" + create_rds_global_cluster_global_cluster_name: "{{ rds_global_cluster_name }}" + create_rds_global_cluster_primary_cluster_name: "{{ rds_primary_cluster_name }}" + create_rds_global_cluster_primary_cluster_region: "{{ rds_primary_cluster_region }}" + create_rds_global_cluster_primary_cluster_instance_name: "{{ rds_primary_cluster_instance_name }}" + create_rds_global_cluster_replica_cluster_name: "{{ rds_replica_cluster_name }}" + create_rds_global_cluster_replica_cluster_region: "{{ rds_replica_cluster_region }}" + create_rds_global_cluster_replica_cluster_instance_name: "{{ rds_replica_cluster_instance_name }}" - name: Delete all resources ansible.builtin.include_tasks: tasks/delete.yaml vars: region: "{{ deletion_region }}" loop: - - "{{ test_primary_cluster_region }}" - - "{{ test_replica_cluster_region }}" + - "{{ rds_primary_cluster_region }}" + - "{{ rds_replica_cluster_region }}" loop_control: loop_var: deletion_region From c14ad4954958f2948d5b1d2f69d5a9751eae8848 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Thu, 12 Oct 2023 10:47:17 -0400 Subject: [PATCH 11/20] Remove redundant vars --- playbooks/webapp/vars/main.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index bce00dd5..30da7540 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -61,7 +61,6 @@ deploy_flask_app_rds_master_password: L#5cH2mgy_ deploy_flask_app_rds_master_username: ansible # vars to create aurora db cluster -rds_instance_class: db.r5.large # Global cluster parameters ================================ rds_global_cluster_name: "{{ resource_prefix }}-global-cluster" From e34e7b3ead2d369d81a1e5cf803d19f4dd521f71 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Thu, 12 Oct 2023 10:54:41 -0400 Subject: [PATCH 12/20] remove unwanted file --- changelogs/fragments/webapp_in_HA_playbook.yaml | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 changelogs/fragments/webapp_in_HA_playbook.yaml diff --git a/changelogs/fragments/webapp_in_HA_playbook.yaml b/changelogs/fragments/webapp_in_HA_playbook.yaml deleted file mode 100644 index 74cf75cb..00000000 --- a/changelogs/fragments/webapp_in_HA_playbook.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: -- "Add a playbook to deploy a simple flask web app into high availability architecture (https://github.com/redhat-cop/cloud.aws_ops/pull/97)." From d31b41610226c99855785c31569c959ab0d3e25b Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Thu, 12 Oct 2023 16:11:24 -0400 Subject: [PATCH 13/20] common create playbook --- playbooks/webapp/README.md | 7 +- playbooks/webapp/migrate_webapp.yaml | 7 +- playbooks/webapp/tasks/create.yaml | 107 ++++++----- .../tasks/create_aurora_db_cluster.yaml | 2 +- .../webapp/tasks/create_aurora_setup.yaml | 181 ------------------ playbooks/webapp/vars/main.yaml | 8 +- playbooks/webapp/webapp.yaml | 6 +- playbooks/webapp/webapp_ha_aurora.yaml | 10 +- 8 files changed, 79 insertions(+), 249 deletions(-) delete mode 100644 playbooks/webapp/tasks/create_aurora_setup.yaml diff --git a/playbooks/webapp/README.md b/playbooks/webapp/README.md index b9b68e0b..f51cc168 100644 --- a/playbooks/webapp/README.md +++ b/playbooks/webapp/README.md @@ -85,7 +85,7 @@ To delete the webapp: ### Common * **operation** (str): Operation for the webapp playbook to perform, either `create` or `delete`. Default: `create` -* **resource_prefix** (str): (Required) A prefix to prepend to the name of all AWS resources created for the webapp +* **resource_prefix** (str): A prefix to prepend to the name of all AWS resources created for the webapp. Default: `ansible-test` * **resource_tags** (dict, elements dict): Tags to apply to all AWS resources created for the webapp. Default: `prefix: "{{ resource_prefix }}"` * **aws_access_key** (str): (Required) AWS access key ID for user account with the above permissions * **aws_secret_key** (str): (Required) AWS secret access key for user account with the above permissions @@ -167,16 +167,15 @@ Along with the above variables, following variables are need for this playbook: * **rds_global_cluster_name** (str): Name of the global cluster. Default: "{{ resource_prefix }}-global-cluster" * **rds_primary_cluster_name** (str): Name of the primary cluster. Default: "{{ resource_prefix }}-primary-cluster" * **rds_primary_cluster_region** (str): Primary Region. Default: `us-west-2` -* **rds_primary_cluster_instance_name* (str): Name of primary db instance. Default: "{{ resource_prefix }}-primary-instance" +* **rds_primary_cluster_instance_name** (str): Name of primary db instance. Default: "{{ resource_prefix }}-primary-instance" * **rds_replica_cluster_name** (str): Name of the replica cluster. Default: "{{ resource_prefix }}-replica-cluster" * **rds_replica_cluster_region** (str): Replica Region. Default: `us-east-2` * **rds_replica_cluster_instance_name** (str): Name of the replica db instance. Default: "{{ resource_prefix }}-replica-instance" -# vars for route53 records +#### vars for route53 records * **route53_zone_name** (str): Route53 Zone name. Default: "ansiblecloud.xyz" * **route53_subdomain** (str): Sub domain name for the application url. Default: "flaskapp" -* ** ## Example Usage Create a `credentials.yaml` file with the folling contents: diff --git a/playbooks/webapp/migrate_webapp.yaml b/playbooks/webapp/migrate_webapp.yaml index 016bc232..2c5feb56 100644 --- a/playbooks/webapp/migrate_webapp.yaml +++ b/playbooks/webapp/migrate_webapp.yaml @@ -2,7 +2,6 @@ - name: Migrate webapp hosts: localhost gather_facts: false - vars_files: - vars/main.yaml @@ -53,6 +52,8 @@ vars: rds_snapshot_arn: "{{ result.db_snapshot_arn }}" region: "{{ dest_region }}" + bastion_host_type: t3.micro + deploy_flask_app_workers_instance_type: t3.micro - name: Deploy app when: operation == "create" @@ -64,6 +65,7 @@ deploy_flask_app_vm_info: "{{ vm_result }}" deploy_flask_app_rds_info: "{{ rds_result }}" deploy_flask_app_region: "{{ dest_region }}" + deploy_flask_app_workers_instance_type: t3.micro - name: Delete RDS snapshots from different regions amazon.aws.rds_instance_snapshot: @@ -77,4 +79,7 @@ - name: Delete instance from source region ansible.builtin.import_tasks: tasks/delete.yaml + vars: + bastion_host_type: t3.micro + deploy_flask_app_workers_instance_type: t3.micro when: delete_source | default(false) | bool diff --git a/playbooks/webapp/tasks/create.yaml b/playbooks/webapp/tasks/create.yaml index db893d63..052b27c7 100644 --- a/playbooks/webapp/tasks/create.yaml +++ b/playbooks/webapp/tasks/create.yaml @@ -147,61 +147,64 @@ state: present register: rds_sg - - name: Get RDS instance info - amazon.aws.rds_instance_info: - db_instance_identifier: "{{ rds_identifier }}" - register: rds_result - - - name: Create RDS instance - when: rds_result.instances | length == 0 + - name: RDS creation + when: not "aurora" in rds_engine block: - - name: Create RDS instance (PostGreSQL Database) - amazon.aws.rds_instance: - force_update_password: true - wait: true - allocated_storage: "{{ rds_allocated_storage_gb }}" - backup_retention_period: 0 - db_instance_class: "{{ rds_instance_class }}" + - name: Get RDS instance info + amazon.aws.rds_instance_info: db_instance_identifier: "{{ rds_identifier }}" - db_name: "{{ rds_instance_name }}" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - master_user_password: "{{ deploy_flask_app_rds_master_password }}" - master_username: "{{ deploy_flask_app_rds_master_username }}" - monitoring_interval: 0 - storage_type: standard - skip_final_snapshot: true - db_subnet_group_name: "{{ rds_subnet_group_name }}" - vpc_security_group_ids: - - "{{ rds_sg.group_id }}" - when: rds_snapshot_arn is not defined - - - name: Create RDS instance from snapshot (PostGreSQL Database) - amazon.aws.rds_instance: - force_update_password: true - wait: true - allocated_storage: "{{ rds_allocated_storage_gb }}" - backup_retention_period: 0 - db_instance_class: "{{ rds_instance_class }}" + register: rds_result + + - name: Create RDS instance + when: rds_result.instances | length == 0 + block: + - name: Create RDS instance (PostGreSQL Database) + amazon.aws.rds_instance: + force_update_password: true + wait: true + allocated_storage: "{{ rds_allocated_storage_gb }}" + backup_retention_period: 0 + db_instance_class: "{{ rds_instance_class }}" + db_instance_identifier: "{{ rds_identifier }}" + db_name: "{{ rds_instance_name }}" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" + master_user_password: "{{ deploy_flask_app_rds_master_password }}" + master_username: "{{ deploy_flask_app_rds_master_username }}" + monitoring_interval: 0 + storage_type: standard + skip_final_snapshot: true + db_subnet_group_name: "{{ rds_subnet_group_name }}" + vpc_security_group_ids: + - "{{ rds_sg.group_id }}" + when: rds_snapshot_arn is not defined + + - name: Create RDS instance from snapshot (PostGreSQL Database) + amazon.aws.rds_instance: + force_update_password: true + wait: true + allocated_storage: "{{ rds_allocated_storage_gb }}" + backup_retention_period: 0 + db_instance_class: "{{ rds_instance_class }}" + db_instance_identifier: "{{ rds_identifier }}" + engine: "{{ rds_engine }}" + engine_version: "{{ rds_engine_version }}" + master_user_password: "{{ deploy_flask_app_rds_master_password }}" + master_username: "{{ deploy_flask_app_rds_master_username }}" + monitoring_interval: 0 + storage_type: standard + skip_final_snapshot: true + db_subnet_group_name: "{{ rds_subnet_group_name }}" + vpc_security_group_ids: + - "{{ rds_sg.group_id }}" + creation_source: snapshot + db_snapshot_identifier: "{{ rds_snapshot_arn }}" + when: rds_snapshot_arn is defined + + - name: Get RDS instance info + amazon.aws.rds_instance_info: db_instance_identifier: "{{ rds_identifier }}" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - master_user_password: "{{ deploy_flask_app_rds_master_password }}" - master_username: "{{ deploy_flask_app_rds_master_username }}" - monitoring_interval: 0 - storage_type: standard - skip_final_snapshot: true - db_subnet_group_name: "{{ rds_subnet_group_name }}" - vpc_security_group_ids: - - "{{ rds_sg.group_id }}" - creation_source: snapshot - db_snapshot_identifier: "{{ rds_snapshot_arn }}" - when: rds_snapshot_arn is defined - - - name: Get RDS instance info - amazon.aws.rds_instance_info: - db_instance_identifier: "{{ rds_identifier }}" - register: rds_result + register: rds_result - name: Set 'sshkey_file' variable ansible.builtin.set_fact: diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index bc704a67..20c8634b 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -25,7 +25,7 @@ name: cloud.aws_ops.create_rds_global_cluster vars: create_rds_global_cluster_operation: create - create_rds_global_cluster_engine: "aurora-postgresql" + create_rds_global_cluster_engine: "{{ rds_engine }}" create_rds_global_cluster_engine_version: "{{ rds_engine_version }}" create_rds_global_cluster_instance_class: "{{ rds_instance_class }}" create_rds_global_cluster_master_username: "{{ deploy_flask_app_rds_master_username }}" diff --git a/playbooks/webapp/tasks/create_aurora_setup.yaml b/playbooks/webapp/tasks/create_aurora_setup.yaml deleted file mode 100644 index 8c49c6aa..00000000 --- a/playbooks/webapp/tasks/create_aurora_setup.yaml +++ /dev/null @@ -1,181 +0,0 @@ ---- -- name: Set 'region' variable - ansible.builtin.set_fact: - region: "{{ region | default(aws_region) }}" - -- name: Create resources playbook - module_defaults: - group/aws: - aws_access_key: "{{ aws_access_key | default(omit) }}" - aws_secret_key: "{{ aws_secret_key | default(omit) }}" - security_token: "{{ security_token | default(omit) }}" - region: "{{ region }}" - block: - - name: Get image ID to create an instance - amazon.aws.ec2_ami_info: - filters: - architecture: x86_64 - virtualization-type: hvm - root-device-type: ebs - name: "{{ image_filter }}" - register: images - - - name: List availability zones from aws region - amazon.aws.aws_az_info: - register: zones - - - name: Set region_av_zones' variable - ansible.builtin.set_fact: - region_av_zones: "{{ zones.availability_zones | map(attribute='zone_name') }}" - - - name: Create a VPC to work in - amazon.aws.ec2_vpc_net: - cidr_block: "{{ vpc_cidr }}" - name: "{{ vpc_name }}" - register: vpc - - # Public and Private subnets should be in the same availability zone - # So that the load balancer can target workers instances - - name: Set 'shared_az' variable - ansible.builtin.set_fact: - shared_az: "{{ region_av_zones[0] }}" - - - name: Create a public subnet for bastion - amazon.aws.ec2_vpc_subnet: - vpc_id: "{{ vpc.vpc.id }}" - cidr: "{{ subnet_cidr[0] }}" - az: "{{ shared_az }}" - register: subnet - - - name: Create private subnet for workers - amazon.aws.ec2_vpc_subnet: - vpc_id: "{{ vpc.vpc.id }}" - cidr: "{{ subnet_cidr[1] }}" - az: "{{ shared_az }}" - register: private_subnet - - - name: Create another private subnet for RDS - amazon.aws.ec2_vpc_subnet: - vpc_id: "{{ vpc.vpc.id }}" - cidr: "{{ subnet_cidr[2] }}" - az: "{{ region_av_zones[1] }}" - register: rds_subnet - - - name: Create subnet group for RDS instance - amazon.aws.rds_subnet_group: - name: "{{ rds_subnet_group_name }}" - description: subnet group for RDS instance to be hidden - subnets: - - "{{ rds_subnet.subnet.id }}" - - "{{ private_subnet.subnet.id }}" - state: present - - - name: Create internet gateway attached to the VPC - amazon.aws.ec2_vpc_igw: - vpc_id: "{{ vpc.vpc.id }}" - state: present - register: internet_gw - - - name: Create NAT gateway (allow access to internet for instances in private subnet) - amazon.aws.ec2_vpc_nat_gateway: - subnet_id: "{{ subnet.subnet.id }}" - if_exist_do_not_create: true - wait: true - state: present - register: nat_gw - - - name: Create Route table for internet gateway (public subnet) - amazon.aws.ec2_vpc_route_table: - vpc_id: "{{ vpc.vpc.id }}" - subnets: - - "{{ subnet.subnet.id }}" - routes: - - dest: 0.0.0.0/0 - gateway_id: "{{ internet_gw.gateway_id }}" - lookup: tag - resource_tags: - subnet: public - route: internet - state: present - - - name: Create Route table for NAT gateway (private subnet) - amazon.aws.ec2_vpc_route_table: - vpc_id: "{{ vpc.vpc.id }}" - subnets: - - "{{ private_subnet.subnet.id }}" - routes: - - dest: 0.0.0.0/0 - gateway_id: "{{ nat_gw.nat_gateway_id }}" - lookup: tag - resource_tags: - subnet: private - route: nat-gateway - state: present - - - name: Create security group for bastion - amazon.aws.ec2_security_group: - name: "{{ public_secgroup_name }}" - vpc_id: "{{ vpc.vpc.id }}" - description: Security group for Bastion host - rules: - - cidr_ip: 0.0.0.0/0 - proto: tcp - from_port: 22 - to_port: 22 - - cidr_ip: 0.0.0.0/0 - proto: tcp - from_port: "{{ deploy_flask_app_listening_port }}" - to_port: "{{ deploy_flask_app_listening_port }}" - rules_egress: - - cidr_ip: 0.0.0.0/0 - proto: -1 - tags: "{{ resource_tags }}" - state: present - register: secgroup - - - name: Create security group for RDS instance - amazon.aws.ec2_security_group: - name: "{{ rds_secgroup_name }}" - vpc_id: "{{ vpc.vpc.id }}" - description: Security group to allow RDS instance port - rules: - - cidr_ip: 0.0.0.0/0 - proto: tcp - from_port: "{{ rds_listening_port }}" - to_port: "{{ rds_listening_port }}" - tags: "{{ resource_tags }}" - state: present - register: rds_sg - - - name: Set 'sshkey_file' variable - ansible.builtin.set_fact: - sshkey_file: ~/private-key-{{ deploy_flask_app_sshkey_pair_name }}-{{ region }} - - - name: Create key pair to connect to the VM - amazon.aws.ec2_key: - name: "{{ deploy_flask_app_sshkey_pair_name }}" - register: rsa_key - - - name: Save private key into file - ansible.builtin.copy: - content: "{{ rsa_key.key.private_key }}" - dest: "{{ sshkey_file }}" - mode: 0400 - when: rsa_key is changed - - - name: Create a virtual machine - amazon.aws.ec2_instance: - name: "{{ deploy_flask_app_bastion_host_name }}" - instance_type: "{{ bastion_host_type }}" - image_id: "{{ images.images.0.image_id }}" - key_name: "{{ deploy_flask_app_sshkey_pair_name }}" - subnet_id: "{{ subnet.subnet.id }}" - network: - assign_public_ip: true - groups: - - "{{ secgroup.group_id }}" - security_groups: - - "{{ secgroup.group_id }}" - wait: true - state: started - register: vm_result diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index 30da7540..1940abf7 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -1,8 +1,7 @@ --- # Variables for create.yaml -# aws_region: us-west-2 -dest_region: us-east-2 resource_prefix: "ansible-test" +dest_region: us-east-2 vpc_name: "{{ resource_prefix }}-vpc" vpc_cidr: 10.1.0.0/16 subnet_cidr: @@ -14,9 +13,6 @@ resource_tags: operation: create image_filter: Fedora-Cloud-Base-35-*gp2-0 -# image_filter: RHEL-8.7.0_HVM-20221101-x86_64-0-Hourly2-GP2 -# image_filter: RHEL_HA-9.0.0_HVM-20230822-x86_64-17-Hourly2-GP2 - podman 503 error -# image_filter: RHEL_HA-9.2.0_HVM-20230905-x86_64-38-Hourly2-GP2 public_secgroup_name: "{{ resource_prefix }}-sg" rds_subnet_group_name: "{{ resource_prefix }}-rds-sg" rds_secgroup_name: "{{ resource_prefix }}-rds-sec" @@ -26,7 +22,7 @@ rds_instance_class: db.m6g.large rds_instance_name: mysampledb123 rds_engine: postgres rds_engine_version: "14.8" -bastion_host_type: t3.micro +bastion_host_type: t2.xlarge bastion_host_venv_path: ~/env rds_listening_port: 5432 diff --git a/playbooks/webapp/webapp.yaml b/playbooks/webapp/webapp.yaml index 58973e44..221e7b2a 100644 --- a/playbooks/webapp/webapp.yaml +++ b/playbooks/webapp/webapp.yaml @@ -2,7 +2,6 @@ - name: Webapp hosts: localhost gather_facts: false - vars_files: - vars/main.yaml @@ -14,11 +13,13 @@ - name: Run operation create/delete ansible.builtin.import_tasks: tasks/{{ operation }}.yaml + vars: + bastion_host_type: t3.micro + deploy_flask_app_workers_instance_type: t3.micro - name: Deploy Flask App hosts: localhost gather_facts: false - vars_files: - vars/main.yaml @@ -32,3 +33,4 @@ deploy_flask_app_vpc_id: "{{ vpc.vpc.id }}" deploy_flask_app_vm_info: "{{ vm_result }}" deploy_flask_app_rds_info: "{{ rds_result }}" + deploy_flask_app_workers_instance_type: t3.micro diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml index 87ddbc9f..25fe726c 100644 --- a/playbooks/webapp/webapp_ha_aurora.yaml +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -2,17 +2,21 @@ - name: webapp HA hosts: localhost gather_facts: false - vars_files: - vars/main.yaml + tasks: - name: Create resources and Deploy App when: operation == "create" block: - name: Create resources in primary region - ansible.builtin.include_tasks: tasks/create_aurora_setup.yaml + ansible.builtin.include_tasks: tasks/create.yaml vars: region: "{{ creation_region }}" + rds_instance_class: db.r5.large + rds_engine: aurora-postgresql + bastion_host_type: t3.micro + deploy_flask_app_workers_instance_type: t3.micro loop: - "{{ rds_primary_cluster_region }}" - "{{ rds_replica_cluster_region }}" @@ -52,6 +56,7 @@ ansible.builtin.include_role: name: cloud.aws_ops.deploy_flask_app vars: + deploy_flask_app_workers_instance_type: t3.micro deploy_flask_app_private_subnet_id: "{{ primary_private_subnet.subnets[0].id }}" deploy_flask_app_vpc_id: "{{ primary_vpc.vpcs[0].id }}" deploy_flask_app_vm_info: "{{ primary_vm_result }}" @@ -91,6 +96,7 @@ ansible.builtin.include_role: name: cloud.aws_ops.deploy_flask_app vars: + deploy_flask_app_workers_instance_type: t3.micro deploy_flask_app_private_subnet_id: "{{ replica_private_subnet.subnets[0].id }}" deploy_flask_app_vpc_id: "{{ replica_vpc.vpcs[0].id }}" deploy_flask_app_vm_info: "{{ replica_vm_result }}" From 68522ba32f56fbe606bb1a3c218f003a23c30cfc Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Thu, 12 Oct 2023 16:20:41 -0400 Subject: [PATCH 14/20] Remove delete_aurora_db_cluster.yaml --- playbooks/webapp/tasks/create.yaml | 6 +- playbooks/webapp/tasks/delete.yaml | 2 +- .../tasks/delete_aurora_db_cluster.yaml | 61 ------------------- playbooks/webapp/webapp_ha_aurora.yaml | 3 + 4 files changed, 5 insertions(+), 67 deletions(-) delete mode 100644 playbooks/webapp/tasks/delete_aurora_db_cluster.yaml diff --git a/playbooks/webapp/tasks/create.yaml b/playbooks/webapp/tasks/create.yaml index 052b27c7..36999ef7 100644 --- a/playbooks/webapp/tasks/create.yaml +++ b/playbooks/webapp/tasks/create.yaml @@ -1,15 +1,11 @@ --- -- name: Set 'region' variable - ansible.builtin.set_fact: - region: "{{ region | default(aws_region) }}" - - name: Create resources playbook module_defaults: group/aws: aws_access_key: "{{ aws_access_key | default(omit) }}" aws_secret_key: "{{ aws_secret_key | default(omit) }}" security_token: "{{ security_token | default(omit) }}" - region: "{{ region }}" + region: "{{ region | default(aws_region) }}" block: - name: Get image ID to create an instance amazon.aws.ec2_ami_info: diff --git a/playbooks/webapp/tasks/delete.yaml b/playbooks/webapp/tasks/delete.yaml index d243b175..34e1cf86 100644 --- a/playbooks/webapp/tasks/delete.yaml +++ b/playbooks/webapp/tasks/delete.yaml @@ -5,7 +5,7 @@ aws_access_key: "{{ aws_access_key | default(omit) }}" aws_secret_key: "{{ aws_secret_key | default(omit) }}" security_token: "{{ security_token | default(omit) }}" - region: "{{ region }}" + region: "{{ region | default(aws_region) }}" block: diff --git a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml b/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml deleted file mode 100644 index 2f75d24b..00000000 --- a/playbooks/webapp/tasks/delete_aurora_db_cluster.yaml +++ /dev/null @@ -1,61 +0,0 @@ ---- -- name: Create resources playbook - module_defaults: - group/aws: - aws_access_key: "{{ aws_access_key | default(omit) }}" - aws_secret_key: "{{ aws_secret_key | default(omit) }}" - security_token: "{{ security_token | default(omit) }}" - block: - - name: Delete instance connected to replica cluster - amazon.aws.rds_instance: - db_cluster_identifier: "{{ rds_replica_cluster_name }}" - db_instance_identifier: "{{ rds_replica_cluster_name }}-instance" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - db_instance_class: "{{ rds_instance_class }}" - skip_final_snapshot: true - region: "{{ rds_replica_cluster_region }}" - wait: True - state: absent - - - name: Delete replica cluster - amazon.aws.rds_cluster: - db_cluster_identifier: "{{ rds_replica_cluster_name }}" - global_cluster_identifier: "{{ rds_global_cluster_name }}" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - skip_final_snapshot: true - remove_from_global_db: true - region: "{{ rds_replica_cluster_region }}" - state: absent - - - name: Delete instance connected to primary cluster - amazon.aws.rds_instance: - db_cluster_identifier: "{{ rds_primary_cluster_name }}" - db_instance_identifier: "{{ rds_primary_cluster_name }}-instance" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - db_instance_class: "{{ rds_instance_class }}" - skip_final_snapshot: true - region: "{{ rds_primary_cluster_region }}" - state: absent - - - name: Delete primary cluster - amazon.aws.rds_cluster: - db_cluster_identifier: "{{ rds_primary_cluster_name }}" - global_cluster_identifier: "{{ rds_global_cluster_name }}" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - username: "{{ deploy_flask_app_rds_master_username }}" - password: "{{ deploy_flask_app_rds_master_password }}" - skip_final_snapshot: true - region: "{{ rds_primary_cluster_region }}" - state: absent - - - name: Delete global db - amazon.cloud.rds_global_cluster: - global_cluster_identifier: "{{ rds_global_cluster_name }}" - engine: "{{ rds_engine }}" - engine_version: "{{ rds_engine_version }}" - region: "{{ rds_primary_cluster_region }}" - state: absent diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml index 25fe726c..5e179d01 100644 --- a/playbooks/webapp/webapp_ha_aurora.yaml +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -25,6 +25,9 @@ - name: Create Aurora db cluster ansible.builtin.import_tasks: tasks/create_aurora_db_cluster.yaml + vars: + rds_instance_class: db.r5.large + rds_engine: aurora-postgresql # ================= Deploy App in the primary region ================= From cc1c20b3af6ca6127a9fa33caeb0938aafedc0c0 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Thu, 12 Oct 2023 16:32:47 -0400 Subject: [PATCH 15/20] Fix lint errors --- playbooks/webapp/tasks/add_route53_records.yaml | 4 ++-- .../webapp/tasks/create_aurora_db_cluster.yaml | 14 +++++++------- playbooks/webapp/tasks/delete_route53_records.yaml | 4 ++-- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/playbooks/webapp/tasks/add_route53_records.yaml b/playbooks/webapp/tasks/add_route53_records.yaml index 2ae94873..0caa62c1 100644 --- a/playbooks/webapp/tasks/add_route53_records.yaml +++ b/playbooks/webapp/tasks/add_route53_records.yaml @@ -35,7 +35,7 @@ amazon.aws.route53: state: present zone: "{{ route53_zone_name }}" - record: "{{route53_subdomain }}.{{ route53_zone_name }}" + record: "{{ route53_subdomain }}.{{ route53_zone_name }}" type: A value: "{{ primary_lb.elb.dns_name }}" alias: True @@ -49,7 +49,7 @@ amazon.aws.route53: state: present zone: "{{ route53_zone_name }}" - record: "{{route53_subdomain }}.{{ route53_zone_name }}" + record: "{{ route53_subdomain }}.{{ route53_zone_name }}" type: A value: "{{ replica_lb.elb.dns_name }}" alias: True diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index 20c8634b..49ccd5a6 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -57,15 +57,15 @@ register: primary_cluster_info_result - name: Get global db info - command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" + ansible.builtin.command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" register: global_cluster_info_result - name: convert it to an object - set_fact: + ansible.builtin.set_fact: global_cluster_info: "{{ global_cluster_info_result.stdout | from_json }}" - name: Assert that primary cluster is a part of global db - assert: + ansible.builtin.assert: that: - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[0].DBClusterArn == primary_cluster_info_result.clusters[0].db_cluster_arn @@ -82,14 +82,14 @@ register: replica_cluster_info_result - name: Get global db info - command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" + ansible.builtin.command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" register: global_cluster_info_result - - name: convert it to an object - set_fact: + - name: Convert it to an object + ansible.builtin.set_fact: global_cluster_info: "{{ global_cluster_info_result.stdout | from_json }}" - name: Assert that replica cluster is a part of global db - assert: + ansible.builtin.assert: that: - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[1].DBClusterArn == replica_cluster_info_result.clusters[0].db_cluster_arn diff --git a/playbooks/webapp/tasks/delete_route53_records.yaml b/playbooks/webapp/tasks/delete_route53_records.yaml index a13da170..10abfab9 100644 --- a/playbooks/webapp/tasks/delete_route53_records.yaml +++ b/playbooks/webapp/tasks/delete_route53_records.yaml @@ -45,7 +45,7 @@ amazon.aws.route53: state: absent zone: "{{ route53_zone_name }}" - record: "{{route53_subdomain }}.{{ route53_zone_name }}." + record: "{{ route53_subdomain }}.{{ route53_zone_name }}." type: A alias: True alias_hosted_zone_id: "{{ item.alias_target.hosted_zone_id }}" @@ -60,7 +60,7 @@ amazon.aws.route53: state: absent zone: "{{ route53_zone_name }}" - record: "{{route53_subdomain }}.{{ route53_zone_name }}." + record: "{{ route53_subdomain }}.{{ route53_zone_name }}." type: A alias: True identifier: "replica-record" From cb6457fcb73a98e3c9698b326622e6203928639f Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Tue, 17 Oct 2023 12:49:49 -0400 Subject: [PATCH 16/20] Remove aws rds command --- .../tasks/create_aurora_db_cluster.yaml | 34 ++++--------------- 1 file changed, 7 insertions(+), 27 deletions(-) diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index 49ccd5a6..1f8e3841 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -56,25 +56,6 @@ region: "{{ rds_primary_cluster_region }}" register: primary_cluster_info_result - - name: Get global db info - ansible.builtin.command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" - register: global_cluster_info_result - - - name: convert it to an object - ansible.builtin.set_fact: - global_cluster_info: "{{ global_cluster_info_result.stdout | from_json }}" - - - name: Assert that primary cluster is a part of global db - ansible.builtin.assert: - that: - - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[0].DBClusterArn == primary_cluster_info_result.clusters[0].db_cluster_arn - - - name: Get replica instance info - amazon.aws.rds_instance_info: - db_instance_identifier: "{{ rds_replica_cluster_instance_name }}" - region: "{{ rds_replica_cluster_region }}" - register: replica_instance_info_result - - name: Get replica cluster info amazon.aws.rds_cluster_info: db_cluster_identifier: "{{ rds_replica_cluster_name }}" @@ -82,14 +63,13 @@ register: replica_cluster_info_result - name: Get global db info - ansible.builtin.command: "aws rds describe-global-clusters --global-cluster-identifier {{ rds_global_cluster_name }}" - register: global_cluster_info_result - - - name: Convert it to an object - ansible.builtin.set_fact: - global_cluster_info: "{{ global_cluster_info_result.stdout | from_json }}" + amazon.aws.rds_global_cluster_info: + global_cluster_identifier: "{{ rds_global_cluster_name }}" + region: "{{ rds_primary_cluster_region }}" + register: global_cluster_info - - name: Assert that replica cluster is a part of global db + - name: Assert that primary and replica cluster are part of global db ansible.builtin.assert: that: - - global_cluster_info.GlobalClusters[0].GlobalClusterMembers[1].DBClusterArn == replica_cluster_info_result.clusters[0].db_cluster_arn + - global_cluster_info.global_clusters[0].global_cluster_members[0].db_cluster_arn == primary_cluster_info_result.clusters[0].db_cluster_arn + - global_cluster_info.global_clusters[0].global_cluster_members[1].db_cluster_arn == replica_cluster_info_result.clusters[0].db_cluster_arn From fe49153745e0aca2171700a464f4e97e1b420cec Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Mon, 23 Oct 2023 12:02:49 -0400 Subject: [PATCH 17/20] Addressed review comments --- playbooks/webapp/README.md | 2 +- playbooks/webapp/migrate_webapp.yaml | 6 ------ playbooks/webapp/tasks/delete.yaml | 6 ------ playbooks/webapp/tasks/delete_route53_records.yaml | 3 --- playbooks/webapp/vars/main.yaml | 2 +- playbooks/webapp/webapp.yaml | 4 ---- playbooks/webapp/webapp_ha_aurora.yaml | 4 ---- 7 files changed, 2 insertions(+), 25 deletions(-) diff --git a/playbooks/webapp/README.md b/playbooks/webapp/README.md index f51cc168..1649147e 100644 --- a/playbooks/webapp/README.md +++ b/playbooks/webapp/README.md @@ -161,7 +161,7 @@ To delete the webapp: `webapp_ha_aurora.yaml` playbook deploys the flask app to a cross region high availability architecture. The playbook replicates the app deployment to a second region. The backend is an Aurora global cluster. For adding the write forwarding feature, aurora-mysql can be used. Default db engine is aurora-postgresql. The app in each region is configured to access the associated Aurora cluster. In front of the two regions, route53 records are added to provide cross region DNS (failover scenario). -Along with the above variables, following variables are need for this playbook: +Along with the [above](https://github.com/redhat-cop/cloud.aws_ops/blob/main/playbooks/webapp/README.md#playbook-variables) variables, following variables are needed for this playbook: * **rds_instance_class** (str): DB instance class for the aurora db instances. Default: `db.r5.large` * **rds_global_cluster_name** (str): Name of the global cluster. Default: "{{ resource_prefix }}-global-cluster" diff --git a/playbooks/webapp/migrate_webapp.yaml b/playbooks/webapp/migrate_webapp.yaml index 2c5feb56..83886ad1 100644 --- a/playbooks/webapp/migrate_webapp.yaml +++ b/playbooks/webapp/migrate_webapp.yaml @@ -52,8 +52,6 @@ vars: rds_snapshot_arn: "{{ result.db_snapshot_arn }}" region: "{{ dest_region }}" - bastion_host_type: t3.micro - deploy_flask_app_workers_instance_type: t3.micro - name: Deploy app when: operation == "create" @@ -65,7 +63,6 @@ deploy_flask_app_vm_info: "{{ vm_result }}" deploy_flask_app_rds_info: "{{ rds_result }}" deploy_flask_app_region: "{{ dest_region }}" - deploy_flask_app_workers_instance_type: t3.micro - name: Delete RDS snapshots from different regions amazon.aws.rds_instance_snapshot: @@ -79,7 +76,4 @@ - name: Delete instance from source region ansible.builtin.import_tasks: tasks/delete.yaml - vars: - bastion_host_type: t3.micro - deploy_flask_app_workers_instance_type: t3.micro when: delete_source | default(false) | bool diff --git a/playbooks/webapp/tasks/delete.yaml b/playbooks/webapp/tasks/delete.yaml index 34e1cf86..5ef5525a 100644 --- a/playbooks/webapp/tasks/delete.yaml +++ b/playbooks/webapp/tasks/delete.yaml @@ -86,7 +86,6 @@ amazon.aws.rds_subnet_group: name: "{{ rds_subnet_group_name }}" state: absent - ignore_errors: true - name: List Security group from VPC amazon.aws.ec2_security_group_info: @@ -115,7 +114,6 @@ lookup: id state: absent with_items: "{{ route_table.route_tables | map(attribute='id') | list }}" - ignore_errors: true - name: Get NAT gateway amazon.aws.ec2_vpc_nat_gateway_info: @@ -129,13 +127,11 @@ state: absent wait: true with_items: "{{ nat_gw.result | map(attribute='nat_gateway_id') | list }}" - ignore_errors: true - name: Delete internet gateway amazon.aws.ec2_vpc_igw: vpc_id: "{{ vpc_id }}" state: absent - ignore_errors: true - name: Delete subnets amazon.aws.ec2_vpc_subnet: @@ -143,7 +139,6 @@ state: absent vpc_id: "{{ vpc_id }}" with_items: "{{ subnet_cidr }}" - ignore_errors: true # As ec2_vpc_route_table can't delete route table, the vpc still has dependencies and cannot be deleted. # You need to do it delete it manually using either the console or the cli. @@ -152,4 +147,3 @@ name: "{{ vpc_name }}" cidr_block: "{{ vpc_cidr }}" state: absent - ignore_errors: true diff --git a/playbooks/webapp/tasks/delete_route53_records.yaml b/playbooks/webapp/tasks/delete_route53_records.yaml index 10abfab9..bfed4e61 100644 --- a/playbooks/webapp/tasks/delete_route53_records.yaml +++ b/playbooks/webapp/tasks/delete_route53_records.yaml @@ -22,7 +22,6 @@ - item.health_check_config.type == 'HTTP' - item.health_check_config.fully_qualified_domain_name | regex_search('.*elb.amazonaws.com') loop: "{{ health_check_info.health_checks }}" - ignore_errors: True - name: Get hosted zone details amazon.aws.route53_info: @@ -50,7 +49,6 @@ alias: True alias_hosted_zone_id: "{{ item.alias_target.hosted_zone_id }}" value: "{{ item.alias_target.dns_name[:-1] }}" - ignore_errors: True when: - item.set_identifier is defined - item.set_identifier == "primary-record" @@ -67,7 +65,6 @@ failover: "SECONDARY" alias_hosted_zone_id: "{{ item.alias_target.hosted_zone_id }}" value: "{{ item.alias_target.dns_name[:-1] }}" - ignore_errors: True when: - item.set_identifier is defined - item.set_identifier == "replica-record" diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index 1940abf7..96969023 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -39,7 +39,7 @@ deploy_flask_app_bastion_host_required_packages: - podman - httpd-tools - ansible-core -deploy_flask_app_workers_instance_type: t3.micro +deploy_flask_app_workers_instance_type: t2.xlarge deploy_flask_app_workers_user_name: fedora deploy_flask_app_number_of_workers: 2 deploy_flask_app_listening_port: 5000 diff --git a/playbooks/webapp/webapp.yaml b/playbooks/webapp/webapp.yaml index 221e7b2a..0f169154 100644 --- a/playbooks/webapp/webapp.yaml +++ b/playbooks/webapp/webapp.yaml @@ -13,9 +13,6 @@ - name: Run operation create/delete ansible.builtin.import_tasks: tasks/{{ operation }}.yaml - vars: - bastion_host_type: t3.micro - deploy_flask_app_workers_instance_type: t3.micro - name: Deploy Flask App hosts: localhost @@ -33,4 +30,3 @@ deploy_flask_app_vpc_id: "{{ vpc.vpc.id }}" deploy_flask_app_vm_info: "{{ vm_result }}" deploy_flask_app_rds_info: "{{ rds_result }}" - deploy_flask_app_workers_instance_type: t3.micro diff --git a/playbooks/webapp/webapp_ha_aurora.yaml b/playbooks/webapp/webapp_ha_aurora.yaml index 5e179d01..3997385a 100644 --- a/playbooks/webapp/webapp_ha_aurora.yaml +++ b/playbooks/webapp/webapp_ha_aurora.yaml @@ -15,8 +15,6 @@ region: "{{ creation_region }}" rds_instance_class: db.r5.large rds_engine: aurora-postgresql - bastion_host_type: t3.micro - deploy_flask_app_workers_instance_type: t3.micro loop: - "{{ rds_primary_cluster_region }}" - "{{ rds_replica_cluster_region }}" @@ -59,7 +57,6 @@ ansible.builtin.include_role: name: cloud.aws_ops.deploy_flask_app vars: - deploy_flask_app_workers_instance_type: t3.micro deploy_flask_app_private_subnet_id: "{{ primary_private_subnet.subnets[0].id }}" deploy_flask_app_vpc_id: "{{ primary_vpc.vpcs[0].id }}" deploy_flask_app_vm_info: "{{ primary_vm_result }}" @@ -99,7 +96,6 @@ ansible.builtin.include_role: name: cloud.aws_ops.deploy_flask_app vars: - deploy_flask_app_workers_instance_type: t3.micro deploy_flask_app_private_subnet_id: "{{ replica_private_subnet.subnets[0].id }}" deploy_flask_app_vpc_id: "{{ replica_vpc.vpcs[0].id }}" deploy_flask_app_vm_info: "{{ replica_vm_result }}" From 4082b9e0b37b56c8b5fa2961e54b1113401f8013 Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Mon, 23 Oct 2023 13:08:43 -0400 Subject: [PATCH 18/20] Fix galaxy.yml --- galaxy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/galaxy.yml b/galaxy.yml index 88c7b94a..509ff62e 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -18,7 +18,6 @@ tags: - cluster dependencies: amazon.aws: '>=5.1.0' - amazon.cloud: '>=0.4.0' community.aws: '>=5.0.0' amazon.cloud: '>=0.4.0' version: 1.0.3 From e8714c9432dc79048171e51690117a671a95fa6c Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Tue, 24 Oct 2023 14:42:40 -0400 Subject: [PATCH 19/20] Addressed review comments --- playbooks/webapp/README.md | 2 +- playbooks/webapp/tasks/add_route53_records.yaml | 4 ++-- playbooks/webapp/tasks/create.yaml | 10 ++++++++++ playbooks/webapp/tasks/create_aurora_db_cluster.yaml | 6 ++++++ playbooks/webapp/tasks/delete.yaml | 2 +- playbooks/webapp/tasks/delete_route53_records.yaml | 8 ++++++-- 6 files changed, 26 insertions(+), 6 deletions(-) diff --git a/playbooks/webapp/README.md b/playbooks/webapp/README.md index 1649147e..bf7bdef3 100644 --- a/playbooks/webapp/README.md +++ b/playbooks/webapp/README.md @@ -173,7 +173,7 @@ Along with the [above](https://github.com/redhat-cop/cloud.aws_ops/blob/main/pla * **rds_replica_cluster_instance_name** (str): Name of the replica db instance. Default: "{{ resource_prefix }}-replica-instance" #### vars for route53 records -* **route53_zone_name** (str): Route53 Zone name. Default: "ansiblecloud.xyz" +* **route53_zone_name** (str): (required) Route53 Zone name. * **route53_subdomain** (str): Sub domain name for the application url. Default: "flaskapp" ## Example Usage diff --git a/playbooks/webapp/tasks/add_route53_records.yaml b/playbooks/webapp/tasks/add_route53_records.yaml index 0caa62c1..70935d5f 100644 --- a/playbooks/webapp/tasks/add_route53_records.yaml +++ b/playbooks/webapp/tasks/add_route53_records.yaml @@ -38,7 +38,7 @@ record: "{{ route53_subdomain }}.{{ route53_zone_name }}" type: A value: "{{ primary_lb.elb.dns_name }}" - alias: True + alias: true identifier: "primary-record" failover: "PRIMARY" health_check: "{{ healthchk_primary_result.health_check.id }}" @@ -52,7 +52,7 @@ record: "{{ route53_subdomain }}.{{ route53_zone_name }}" type: A value: "{{ replica_lb.elb.dns_name }}" - alias: True + alias: true identifier: "replica-record" failover: "SECONDARY" health_check: "{{ healthchk_replica_result.health_check.id }}" diff --git a/playbooks/webapp/tasks/create.yaml b/playbooks/webapp/tasks/create.yaml index 36999ef7..c885e592 100644 --- a/playbooks/webapp/tasks/create.yaml +++ b/playbooks/webapp/tasks/create.yaml @@ -218,7 +218,17 @@ mode: 0400 when: rsa_key is changed + - name: Check if the vm exists + amazon.aws.ec2_instance_info: + filters: + instance-type: "{{ bastion_host_type }}" + key-name: "{{ deploy_flask_app_sshkey_pair_name }}" + vpc-id: "{{ vpc.vpc.id }}" + instance-state-name: running + register: vm_result + - name: Create a virtual machine + when: vm_result.instances | length == 0 amazon.aws.ec2_instance: name: "{{ deploy_flask_app_bastion_host_name }}" instance_type: "{{ bastion_host_type }}" diff --git a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml index 1f8e3841..e92c4b9f 100644 --- a/playbooks/webapp/tasks/create_aurora_db_cluster.yaml +++ b/playbooks/webapp/tasks/create_aurora_db_cluster.yaml @@ -62,6 +62,12 @@ region: "{{ rds_replica_cluster_region }}" register: replica_cluster_info_result + - name: Get replica instance info + amazon.aws.rds_instance_info: + db_instance_identifier: "{{ rds_replica_cluster_instance_name }}" + region: "{{ rds_replica_cluster_region }}" + register: replica_instance_info_result + - name: Get global db info amazon.aws.rds_global_cluster_info: global_cluster_identifier: "{{ rds_global_cluster_name }}" diff --git a/playbooks/webapp/tasks/delete.yaml b/playbooks/webapp/tasks/delete.yaml index 5ef5525a..1ae28294 100644 --- a/playbooks/webapp/tasks/delete.yaml +++ b/playbooks/webapp/tasks/delete.yaml @@ -15,7 +15,7 @@ tag:Name: "{{ vpc_name }}" register: vpc - - name: Deelete resources + - name: Delete resources when: vpc.vpcs | length == 1 block: - name: Set 'vpc_id' variable diff --git a/playbooks/webapp/tasks/delete_route53_records.yaml b/playbooks/webapp/tasks/delete_route53_records.yaml index bfed4e61..feaed1ec 100644 --- a/playbooks/webapp/tasks/delete_route53_records.yaml +++ b/playbooks/webapp/tasks/delete_route53_records.yaml @@ -46,9 +46,12 @@ zone: "{{ route53_zone_name }}" record: "{{ route53_subdomain }}.{{ route53_zone_name }}." type: A - alias: True + alias: true alias_hosted_zone_id: "{{ item.alias_target.hosted_zone_id }}" value: "{{ item.alias_target.dns_name[:-1] }}" + identifier: "primary-record" + health_check: "{{ item.health_check_id }}" + failover: "PRIMARY" when: - item.set_identifier is defined - item.set_identifier == "primary-record" @@ -60,11 +63,12 @@ zone: "{{ route53_zone_name }}" record: "{{ route53_subdomain }}.{{ route53_zone_name }}." type: A - alias: True + alias: true identifier: "replica-record" failover: "SECONDARY" alias_hosted_zone_id: "{{ item.alias_target.hosted_zone_id }}" value: "{{ item.alias_target.dns_name[:-1] }}" + health_check: "{{ item.health_check_id }}" when: - item.set_identifier is defined - item.set_identifier == "replica-record" From 93fce44c72070437d360f7b4807547a04e71b61c Mon Sep 17 00:00:00 2001 From: GomathiselviS Date: Wed, 25 Oct 2023 10:21:38 -0400 Subject: [PATCH 20/20] Remove route53_zone_name from vars --- playbooks/webapp/vars/main.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/playbooks/webapp/vars/main.yaml b/playbooks/webapp/vars/main.yaml index 96969023..b04589a8 100644 --- a/playbooks/webapp/vars/main.yaml +++ b/playbooks/webapp/vars/main.yaml @@ -71,5 +71,4 @@ rds_replica_cluster_region: us-east-2 rds_replica_cluster_instance_name: "{{ resource_prefix }}-replica-instance" # vars for route53 records -route53_zone_name: "ansiblecloud.xyz" route53_subdomain: "flaskapp"