Author: | Seth Vidal, Tim Gerla, Lester Wade |
---|
Creates or terminates ec2 instances. When created optionally waits for it to be ‘running’. This module has a dependency on python-boto >= 2.5
parameter | required | default | choices | comments |
---|---|---|---|---|
assign_public_ip | no | when provisioning within vpc, assign a public IP address. Boto library must be 2.13.0+ (added in Ansible 1.5) | ||
aws_access_key | no | AWS access key. If not set then the value of the AWS_ACCESS_KEY environment variable is used. | ||
aws_secret_key | no | AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used. | ||
count | no | 1 | number of instances to launch | |
count_tag | no | Used with 'exact_count' to determine how many nodes based on a specific tag criteria should be running. This can be expressed in multiple ways and is shown in the EXAMPLES section. For instance, one can request 25 servers that are tagged with "class=webserver". (added in Ansible 1.5) | ||
ebs_optimized | no | whether instance is using optimized EBS volumes, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html (added in Ansible 1.6) | ||
ec2_url | no | Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Must be specified if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used | ||
exact_count | no | An integer value which indicates how many instances that match the 'count_tag' parameter should be running. Instances are either created or terminated based on this value. (added in Ansible 1.5) | ||
group | no | security group (or list of groups) to use with the instance | ||
group_id | no | security group id (or list of ids) to use with the instance (added in Ansible 1.1) | ||
id | no | identifier for this instance or set of instances, so that the module will be idempotent with respect to EC2 instances. This identifier is valid for at least 24 hours after the termination of the instance, and should not be reused for another call later on. For details, see the description of client token at http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html. | ||
image | yes | emi (or ami) to use for the instance | ||
instance_ids | no | list of instance ids, currently only used when state='absent' (added in Ansible 1.3) | ||
instance_profile_name | no | Name of the IAM instance profile to use. Boto library must be 2.5.0+ (added in Ansible 1.3) | ||
instance_tags | no | a hash/dictionary of tags to add to the new instance; '{"key":"value"}' and '{"key":"value","key":"value"}' (added in Ansible 1.0) | ||
instance_type | yes | instance type to use for the instance | ||
kernel | no | kernel eki to use for the instance | ||
key_name | no | key pair to use on the instance | ||
monitoring | no | enable detailed monitoring (CloudWatch) for instance (added in Ansible 1.1) | ||
placement_group | no | placement group for the instance when using EC2 Clustered Compute (added in Ansible 1.3) | ||
private_ip | no | the private ip address to assign the instance (from the vpc subnet) (added in Ansible 1.2) | ||
profile | no | uses a boto profile. Only works with boto >= 2.24.0 (added in Ansible 1.6) | ||
ramdisk | no | ramdisk eri to use for the instance | ||
region | no | The AWS region to use. Must be specified if ec2_url is not used. If not specified then the value of the EC2_REGION environment variable, if any, is used. (added in Ansible 1.2) | ||
security_token | no | security token to authenticate against AWS (added in Ansible 1.6) | ||
source_dest_check | no | True | Enable or Disable the Source/Destination checks (for NAT instances and Virtual Routers) (added in Ansible 1.6) | |
spot_price | no | Maximum spot price to bid, If not set a regular on-demand instance is requested. A spot request is made with this maximum bid. When it is filled, the instance is started. (added in Ansible 1.5) | ||
spot_wait_timeout | no | 600 | how long to wait for the spot instance request to be fulfilled (added in Ansible 1.5) | |
state | no | present | create or terminate instances (added in Ansible 1.3) | |
user_data | no | opaque blob of data which is made available to the ec2 instance (added in Ansible 0.9) | ||
validate_certs | no | yes |
|
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0. (added in Ansible 1.5) |
volumes | no | a list of volume dicts, each containing device name and optionally ephemeral id or snapshot id. Size and type (and number of iops for io device type) must be specified for a new volume or a root volume, and may be passed for a snapshot volume. For any volume, a volume size less than 1 will be interpreted as a request not to create the volume. (added in Ansible 1.5) | ||
vpc_subnet_id | no | the subnet ID in which to launch the instance (VPC) (added in Ansible 1.1) | ||
wait | no | no |
|
wait for the instance to be in state 'running' before returning |
wait_timeout | no | 300 | how long before wait gives up, in seconds | |
zone | no | AWS availability zone in which to launch the instance (added in Ansible 1.2) |
Note
Requires boto
# Note: None of these examples set aws_access_key, aws_secret_key, or region.
# It is assumed that their matching environment variables are set.
# Basic provisioning example
- local_action:
module: ec2
key_name: mykey
instance_type: c1.medium
image: emi-40603AD1
wait: yes
group: webserver
count: 3
# Advanced example with tagging and CloudWatch
- local_action:
module: ec2
key_name: mykey
group: databases
instance_type: m1.large
image: ami-6e649707
wait: yes
wait_timeout: 500
count: 5
instance_tags:
db: postgres
monitoring: yes
# Single instance with additional IOPS volume from snapshot and volume delete on termination
local_action:
module: ec2
key_name: mykey
group: webserver
instance_type: m1.large
image: ami-6e649707
wait: yes
wait_timeout: 500
volumes:
- device_name: /dev/sdb
snapshot: snap-abcdef12
device_type: io1
iops: 1000
volume_size: 100
delete_on_termination: true
monitoring: yes
# Multiple groups example
local_action:
module: ec2
key_name: mykey
group: ['databases', 'internal-services', 'sshable', 'and-so-forth']
instance_type: m1.large
image: ami-6e649707
wait: yes
wait_timeout: 500
count: 5
instance_tags:
db: postgres
monitoring: yes
# Multiple instances with additional volume from snapshot
local_action:
module: ec2
key_name: mykey
group: webserver
instance_type: m1.large
image: ami-6e649707
wait: yes
wait_timeout: 500
count: 5
volumes:
- device_name: /dev/sdb
snapshot: snap-abcdef12
volume_size: 10
monitoring: yes
# VPC example
- local_action:
module: ec2
key_name: mykey
group_id: sg-1dc53f72
instance_type: m1.small
image: ami-6e649707
wait: yes
vpc_subnet_id: subnet-29e63245
assign_public_ip: yes
# Spot instance example
- local_action:
module: ec2
spot_price: 0.24
spot_wait_timeout: 600
keypair: mykey
group_id: sg-1dc53f72
instance_type: m1.small
image: ami-6e649707
wait: yes
vpc_subnet_id: subnet-29e63245
assign_public_ip: yes
# Launch instances, runs some tasks
# and then terminate them
- name: Create a sandbox instance
hosts: localhost
gather_facts: False
vars:
key_name: my_keypair
instance_type: m1.small
security_group: my_securitygroup
image: my_ami_id
region: us-east-1
tasks:
- name: Launch instance
local_action: ec2 key_name={{ keypair }} group={{ security_group }} instance_type={{ instance_type }} image={{ image }} wait=true region={{ region }}
register: ec2
- name: Add new instance to host group
local_action: add_host hostname={{ item.public_ip }} groupname=launched
with_items: ec2.instances
- name: Wait for SSH to come up
local_action: wait_for host={{ item.public_dns_name }} port=22 delay=60 timeout=320 state=started
with_items: ec2.instances
- name: Configure instance(s)
hosts: launched
sudo: True
gather_facts: True
roles:
- my_awesome_role
- my_awesome_test
- name: Terminate instances
hosts: localhost
connection: local
tasks:
- name: Terminate instances that were previously launched
local_action:
module: ec2
state: 'absent'
instance_ids: '{{ ec2.instance_ids }}'
# Start a few existing instances, run some tasks
# and stop the instances
- name: Start sandbox instances
hosts: localhost
gather_facts: false
connection: local
vars:
instance_ids:
- 'i-xxxxxx'
- 'i-xxxxxx'
- 'i-xxxxxx'
region: us-east-1
tasks:
- name: Start the sandbox instances
local_action:
module: ec2
instance_ids: '{{ instance_ids }}'
region: '{{ region }}'
state: running
wait: True
role:
- do_neat_stuff
- do_more_neat_stuff
- name: Stop sandbox instances
hosts: localhost
gather_facts: false
connection: local
vars:
instance_ids:
- 'i-xxxxxx'
- 'i-xxxxxx'
- 'i-xxxxxx'
region: us-east-1
tasks:
- name: Stop the sanbox instances
local_action:
module: ec2
instance_ids: '{{ instance_ids }}'
region: '{{ region }}'
state: stopped
wait: True
#
# Enforce that 5 instances with a tag "foo" are running
#
- local_action:
module: ec2
key_name: mykey
instance_type: c1.medium
image: emi-40603AD1
wait: yes
group: webserver
instance_tags:
foo: bar
exact_count: 5
count_tag: foo
#
# Enforce that 5 running instances named "database" with a "dbtype" of "postgres"
#
- local_action:
module: ec2
key_name: mykey
instance_type: c1.medium
image: emi-40603AD1
wait: yes
group: webserver
instance_tags:
Name: database
dbtype: postgres
exact_count: 5
count_tag:
Name: database
dbtype: postgres
#
# count_tag complex argument examples
#
# instances with tag foo
count_tag:
foo:
# instances with tag foo=bar
count_tag:
foo: bar
# instances with tags foo=bar & baz
count_tag:
foo: bar
baz:
# instances with tags foo & bar & baz=bang
count_tag:
- foo
- bar
- baz: bang
Note
The following environment variables can be used AWS_ACCESS_KEY or EC2_ACCESS_KEY or AWS_ACCESS_KEY_ID, AWS_SECRET_KEY or EC2_SECRET_KEY or AWS_SECRET_ACCESS_KEY, AWS_REGION or EC2_REGION, AWS_SECURITY_TOKEN
Note
Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See http://boto.readthedocs.org/en/latest/boto_config_tut.html
Note
AWS_REGION or EC2_REGION can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file