Hello all,
I am creating a VPC with two subnets, a security group and trying to use those for launching an EC2 with a private IP address from one of the freshly created subnets.
The problem seems to be that there is no ordering done by the VPC module in regards to the CIDRs. If that would be happening, it would enable a more predictable access of the subnet by using “{{ vpc.subnets[0].id }}”
Right now, this makes the new EC2 instance randomly use one of the created subnets.
Another solution could be for the ec2 module to accept the subnet’s CIDR… but then again, what if you have the same CIDR but in another AZ, that wouldn’t work…
I’m sure the must be a way around this 
vpc.yml
`
`
ansible --version
ansible 1.8 (devel e564a8ca3f) last updated 2014/11/13 12:08:11 (GMT +200)
lib/ansible/modules/core: (detached HEAD 63e81cfc2e) last updated 2014/10/30 15:43:29 (GMT +200)
lib/ansible/modules/extras: (detached HEAD a0df36c6ab) last updated 2014/10/30 15:43:35 (GMT +200)
v2/ansible/modules/core: (detached HEAD cb69744bce) last updated 2014/10/30 15:43:42 (GMT +200)
v2/ansible/modules/extras: (detached HEAD 8a4f07eecd) last updated 2014/10/30 15:43:54 (GMT +200)
configured module search path = None
`
I tried doing the VPC creation with only the Subnet that is meant for a batch of EC2 instances. This worked nicely for the “{{ vpc.subnets[0].id }}”
Then I called the same VPC playbook but this time also with the second Subnet that is meant for another batch of EC2 instances. This way I managed to achieve predictability.
This of course is just a dirty workaround as it will work only once because of the subsequent runs (lack of a Subnet in the VPC module deletes the Subnet if it exists and not used).
Can you please share what version of Ansible, the output of your ansible playbook, and how it fails?
Thanks!
Hi Michael,
Sorry for my late reply. See the Ansible version in my previous comment.
I don’t have the playbook at hand while writing this comment but it fails like so:
- vpc module successfully creates private and public subnets
- vpc module, as shown by using register and debug, returns the created subnets in random order. “{{ vpc.subnets[0].id }}” would match the private subnet right now but could match the public subnet 2 minutes later.
- my playbook fails at the task that’s waiting for the SSH to come up as the playbook might launch the instances in the private subnet
Hope that makes sense and you see the issue here. If not, I will fetch the playbook and pass you the entire output.