- Provision and configure below resources using an Ansible Playbook containing an Ansible Role.
- GCE instance
- disk,
- VPC global network,
- subnetwork,
- firewall rules, and
- external IP address
- Install Docker using an Ansible Playbook.
- Test (pending)
- Clean up all the GCP resources using an Ansible Playbook containing an Ansible Role.
- Ansible Controller Installed
- GCP Account with a Project
- Create a ServiceAccount in GCP with Compute Admin role
ssh-keygen -t rsa -b 4096 -C "ansible"
host_key_checking = False
roles_path = roles
#inventory = inventories/gcp-dynamic-inventory.gcp.yml
remote_user = ansible
private_key_file = ~/.ssh/ansible
[inventory]
enable_plugins = gcp_compute
plugin: gcp_compute
projects:
- istio-kubernetes-263915
auth_kind: serviceaccount
service_account_file: /home/gcp/ansible-basics/service_account_gcp/sa.json
scopes:
- https://www.googleapis.com/auth/compute
#hostnames:
# - name
keyed_groups:
- key: zone
groups:
ansible-gcp-servers: "'ansible-' in name"
ansible-inventory -i inventories/dynamic-inventory.gcp.yml --graph
---
- name: Create GCP webservers
hosts: localhost
gather_facts: no
connection: local
roles:
- role: gcp-infra
Tasks in Roles - roles/gcp-infra/tasks/main.yml
---
- import_tasks: create_infra.yml
tags:
- create_infra
- import_tasks: delete_infra.yml
tags:
- delete_infra
ansible-playbook -i inventories/gcp-dynamic-inventory.gcp.yml playbooks/gcp_infra_setup.yml -t create_infra
Add Public SSH Key to newly create Compute Engine either manually or automate it through authorized_key
module
Copy the ~/.ssh/ansible.pub to the GCE SSH Keys
ansible -m authorized_key -a 'name=ansible key="...."' -i inventories/gcp-dynamic-inventory.gcp.yml ansible_gcp_servers
ansible-playbook playbooks/docker.yml -i inventories/gcp-dynamic-inventory.gcp.yml
- PENDING
ansible-playbook -i inventories/gcp-dynamic-inventory.gcp.yml playbooks/gcp_infra_setup.yml -t delete_infra