Creating an AWS VPC from scratch has got to be one of the most frustrating chores in the devops wheelhouse to date. In this exercise I'll take you from zero to hero by way of ansible!
You're only a few short minutes and a yaml file away from spinning up that VPC.
Wait, what is ansible?
Ansible is an open source infrastructure as code management tool. It comes stocked with modules that allow you to instrument services such as AWS EC2. manage packages, update operating systems and so much more. Check out the Module Index and check out how wide reaching ansible truly is.
Why AWS?
I choose AWS for this exercise because it is one of the most complex cloud platforms as a service today. After seeing how easy it is to abstract away the complexity with ansible you could easily enough apply the same patterns to other providers, systems and infrastructure.
Preparation
First we need to install ansible using pip and we will use a virtual environment like a champ.
Create Virtual Environment
$ python3 -m venv venv
$ source venv/bin/activateInstall Ansible
$ pip install ansible boto3Create a new AWS VPC
Install my Ansible Role
Ansible roles are packages are instructions that ansible exposes to you in a package format. Similar to pip, npm, etc.
$ ansible-galaxy install mateothegreat.aws_vpc_createThat's it, we're ready to roll!
The Playbook
Create a file called playbook.yaml with the following contents (edit to your liking):
- hosts: monitoring
roles:
- role: "mateothegreat.aws_vpc_create"
vars:
aws_vpc_create:
profile: "default"
name: "test-1"
region: "eu-central-1"
cidr: "201.0.0.0/16"
internet_gateway: "true"
nat_gateway: "true"
allow_duplicate_name: "false"
allow_duplicate_cidr: "false"
purge_cidrs: "true"
peering:
- name: "test-1-peer"
vpc_id: "vpc-0504d01b93f46e610"
region: "eu-central-1"
cidr: "22.16.0.0/16"
update_accepter_route_table: "true"
dns:
enable_support: "true"
enable_hostnames: "true"
subnets:
- name: "public-1"
type: "public"
az: "eu-central-1a"
cidr: "201.0.1.0/24"
- name: "public-2"
type: "public"
cidr: "201.0.2.0/24"
az: "eu-central-1b"
- name: "private-1"
type: "private"
cidr: "201.0.3.0/24"
az: "eu-central-1a"
- name: "private-2"
type: "private"
cidr: "201.0.4.0/24"
az: "eu-central-1b"
tags:
created_by: "Matthew Davis"Now that we have our playbook defined we can simply start things up with:
$ ansible-playbook playbook.yamlOnce the playbook as finished your new VPC will have been spun up!
Next we will go over how to delete an AWS VPC. π π
Delete our AWS VPC
Install my Ansible Role
Ansible roles are packages are instructions that ansible exposes to you in a package format. Similar to pip, npm, etc.
$ ansible-galaxy install mateothegreat.aws_vpc_deleteThe Playbook
Create a file called playbook.yaml with the following contents (edit to your liking):
- hosts: localhost
roles:
- role: "mateothegreat.aws_vpc_delete"
vars:
aws_vpc_delete:
profile: "default"
name: "test-1"
region: "eu-central-1"
release_elastic_ip: "yes"
Now that we have our playbook defined we can simply start things up with:
$ ansible-playbook playbook.yamlOnce the playbook as finished all traces of our AWS VPC (subnets, routing table, NAT gateway, etc..) are now delete! π π
Read More
Ansible, Inc- GitHub: https://github.com/mateothegreat?tab=repositories&q=ansible
- Ansible Galaxy: https://galaxy.ansible.com/mateothegreat
- Role Source: https://github.com/mateothegreat/aws-vpc-create
- Role Source: https://github.com/mateothegreat/aws-vpc-delete