I wanted to use ansible to create a VPC with Amazon supplied IPv6 addresses. In the Console this is an option, when I create and VPC, but I could not find anything in ec2_vpc_net for that.
When I use ec2_vpc_net_info I see the IPv6 association of the other VPCs I created manually, and I see that ec2_vpc_subnet has the ability to let instances get and IPv6 address, but that needs to be specified out of the /56 that normally is assigned from Amazon per VPC.
What is missing is the initial option to create the /56 for the VPC or am I missing something?
I wanted to use ansible to create a VPC with Amazon supplied IPv6
addresses. In the Console this is an option, when I create and VPC, but
I could not find anything in ec2_vpc_net for that.
When I use ec2_vpc_net_info I see the IPv6 association of the other VPCs
I created manually, and I see that ec2_vpc_subnet has the ability to let
instances get and IPv6 address, but that needs to be specified out of
the /56 that normally is assigned from Amazon per VPC.
What is missing is the initial option to create the /56 for the VPC or
am I missing something?
This is indeed not supporting by the ec2_vpc_net module.
I am using an aws cli helper task, which needs to be conditional to
prevent adding the prefix when it's already there:
- name: Ensure VPC is available
ec2_vpc_net:
name: my_vpc
cidr_block: 10.0.0.0/24
register: realized_vpc
# Workaround because ec2_vpc_net doesn't have IPv6 functionality, see
# https://github.com/ansible/ansible/issues/27800 for the list of open
IPv6 issues.
- name: Ensure VPC has IPv6 prefix
command: aws ec2 associate-vpc-cidr-block
--amazon-provided-ipv6-cidr-block --vpc-id "{{ realized_vpc.vpc.id }}"
when: realized_vpc.vpc.ipv6_cidr_block_association_set is not defined
Good to hear.
We are running many dual stack environments that are deployed with ansible.
They do require a little bit of tinkering because of said limitations
but overall we are very happy with the set-up.
Don't hesitate to ask questions about it.