forked from redhat-cop/agnosticd
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathdefault_vars_ec2.yml
146 lines (134 loc) · 3.69 KB
/
default_vars_ec2.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
---
### AWS EC2 Environment settings
### Route 53 Zone ID (AWS)
# This is the Route53 HostedZoneId where you will create your Public DNS entries
# This only needs to be defined if your CF template uses route53
HostedZoneId: Z3IHLWJZOU9SRT
# The region to be used, if not specified by -e in the command line
aws_region: us-east-1
# The key that is used to
## Networking (AWS)
subdomain_base_short: "{{ guid }}"
subdomain_base_suffix: ".example.opentlc.com"
subdomain_base: "{{ subdomain_base_short }}{{ subdomain_base_suffix }}"
zone_internal_dns: "{{ guid }}.internal."
chomped_zone_internal_dns: "{{ guid }}.internal"
## Environment Sizing
# Instance Type
__instance_type: "t2.medium"
#bastion_instance_type: "t2.medium"
# Image ID
# __image: RHELAMI
__image: RHEL77GOLD
security_groups:
- name: FrontendSG
rules:
- name: FrontHTTPPorts
description: "HTTP Public"
from_port: 80
to_port: 80
protocol: tcp
cidr: "0.0.0.0/0"
rule_type: Ingress
- name: WebSG
rules:
- name: HTTPPorts
description: "HTTP Public"
from_port: 80
to_port: 80
protocol: tcp
cidr: "0.0.0.0/0"
rule_type: Ingress
- name: HTTPSPorts
description: "HTTP Public"
from_port: 443
to_port: 443
protocol: tcp
cidr: "0.0.0.0/0"
rule_type: Ingress
- name: HostSG
rules:
- name: FromHostSG
description: "Allow everything from HostSG nodes"
from_port: 0
to_port: 65535
protocol: -1
from_group: HostSG
rule_type: Ingress
instances:
- name: bastion
count: 1
unique: true
public_dns: true
dns_loadbalancer: true
floating_ip: true
image: "{{ bastion_instance_image | default(__image) }}"
flavor:
ec2: "{{ bastion_instance_type | default(__instance_type) }}"
tags:
- key: "AnsibleGroup"
value: "bastions"
- key: "ostype"
value: "linux"
- key: "instance_filter"
value: "{{ env_type }}-{{ email }}"
rootfs_size: "{{ rootfs_size_bastion | default(50) }}"
security_groups:
- BastionSG
- WebSG # For code server
- name: "frontend"
count: "{{ frontend_instance_count | default(1) }}"
public_dns: true
dns_loadbalancer: false
image: "{{ frontend_instance_image | default(__image) }}"
flavor:
ec2: "{{ frontend_instance_type | default(__instance_type) }}"
tags:
- key: "AnsibleGroup"
value: "frontends"
- key: "ostype"
value: "linux"
- key: "instance_filter"
value: "{{ env_type }}-{{ email }}"
security_groups:
- DefaultSG
- FrontendSG
- HostSG
- BastionSG
- name: "app"
count: "{{ app_instance_count | default(2) }}"
public_dns: true
image: "{{ app_instance_image | default(__image) }}"
flavor:
ec2: "{{ app_instance_type | default(__instance_type) }}"
tags:
- key: "AnsibleGroup"
value: "apps"
- key: "ostype"
value: "rhel"
- key: "instance_filter"
value: "{{ env_type }}-{{ email }}"
key_name: "{{ key_name }}"
security_groups:
- DefaultSG
- HostSG
- BastionSG
- name: "appdb"
count: "{{ appdb_instance_count | default(1) }}"
public_dns: true
image: "{{ appdb_instance_image | default(__image) }}"
flavor:
ec2: "{{ appdb_instance_type | default(__instance_type) }}"
tags:
- key: "AnsibleGroup"
value: "appdbs"
- key: "ostype"
value: "rhel"
- key: "instance_filter"
value: "{{ env_type }}-{{ email }}"
key_name: "{{ key_name }}"
security_groups:
- DefaultSG
- HostSG
- BastionSG
...