Hey there,
I’m trying to write a playbook that gets the latest Pingdom probe servers IPs and add updates an EC2 Security groups rules with those IPs, but I’m failing are iterating the IPs in the rule and only the latest IPs is added (I’m replacing instead of appending). I opened an ticket on github (1) but because I hadn’t detailed out the whole use case it got closed without really answering the issue; so I thought I’d post here see what others are thinking.
I’m not sure whether I’m trying to hard to fit this into a playbook as I have this working via a script, now of course I could call the script itself but that IMHO would defeat the purpose of using Ansible in the first place.
I understand why the playbook fails to append the rules but I haven’t been able to figure out a way around other than modifying the ec2_group module itself.
Hi Jaime,
I had the exact same problem. ec2_group modules recreates the rules every time you use the it, so if you’re running it in a loop, it will create the group the rule for the last item only.
A workaround that I implemented is to generate a var.yml with a var defined with the rules out of a template, and then source it dynamically:
Nice work around, thanks a lot for sharing, for the record I am doing something similar in other AWS oriented playbooks (e.g. to create mappings of the AWS random subnets IDs to the actual subnet CIDR I’ve defined in my var files) but I didn’t think about using it here. It seems the template/include var is a common trick for AWS playbooks but maybe that’s just my experience, meh.
Thanks again!
J.
Many thanks for this tip.
It’s clever
Thanks for the tips. I tried this and this worked but to only some extents.
What do I meant by that and here are the steps that you can repeat to see the potential issue of this ec2_group module.
- I started out with a vars yml file that has about 9 different IP addresses/32
Has anyone made any further progress on this yet?
I ran into this problem, and found a workaround by creating a jinja2 filter module: https://gist.github.com/viesti/1febe79938c09cc29501
- Kimmo
lauantai 16. toukokuuta 2015 4.31.02 UTC+3 senorsmile kirjoitti: