Creating an AWS VPC from scratch has got to be one of the most frustrating chores in the devops wheelhouse to date. In this exercise I'll take you from zero to hero by way of ansible!
You're only a few short minutes and a yaml
file away from spinning up that VPC.
Wait, what is ansible?
Ansible is an open source infrastructure as code management tool. It comes stocked with modules that allow you to instrument services such as AWS EC2. manage packages, update operating systems and so much more. Check out the Module Index and check out how wide reaching ansible truly is.
Why AWS?
I choose AWS for this exercise because it is one of the most complex cloud platforms as a service today. After seeing how easy it is to abstract away the complexity with ansible you could easily enough apply the same patterns to other providers, systems and infrastructure.
Preparation
First we need to install ansible using pip
and we will use a virtual environment like a champ.
Create Virtual Environment
$ python3 -m venv venv
$ source venv/bin/activate
Install Ansible
$ pip install ansible boto3
Create a new AWS VPC
Install my Ansible Role
Ansible roles are packages are instructions that ansible exposes to you in a package format. Similar to pip, npm, etc.
$ ansible-galaxy install mateothegreat.aws_vpc_create
That's it, we're ready to roll!
The Playbook
Create a file called playbook.yaml
with the following contents (edit to your liking):
- hosts: monitoring
roles:
- role: "mateothegreat.aws_vpc_create"
vars:
aws_vpc_create:
profile: "default"
name: "test-1"
region: "eu-central-1"
cidr: "201.0.0.0/16"
internet_gateway: "true"
nat_gateway: "true"
allow_duplicate_name: "false"
allow_duplicate_cidr: "false"
purge_cidrs: "true"
peering:
- name: "test-1-peer"
vpc_id: "vpc-0504d01b93f46e610"
region: "eu-central-1"
cidr: "22.16.0.0/16"
update_accepter_route_table: "true"
dns:
enable_support: "true"
enable_hostnames: "true"
subnets:
- name: "public-1"
type: "public"
az: "eu-central-1a"
cidr: "201.0.1.0/24"
- name: "public-2"
type: "public"
cidr: "201.0.2.0/24"
az: "eu-central-1b"
- name: "private-1"
type: "private"
cidr: "201.0.3.0/24"
az: "eu-central-1a"
- name: "private-2"
type: "private"
cidr: "201.0.4.0/24"
az: "eu-central-1b"
tags:
created_by: "Matthew Davis"
Now that we have our playbook defined we can simply start things up with:
$ ansible-playbook playbook.yaml
Once the playbook as finished your new VPC will have been spun up!
Next we will go over how to delete an AWS VPC. π π
Delete our AWS VPC
Install my Ansible Role
Ansible roles are packages are instructions that ansible exposes to you in a package format. Similar to pip, npm, etc.
$ ansible-galaxy install mateothegreat.aws_vpc_delete
The Playbook
Create a file called playbook.yaml
with the following contents (edit to your liking):
- hosts: localhost
roles:
- role: "mateothegreat.aws_vpc_delete"
vars:
aws_vpc_delete:
profile: "default"
name: "test-1"
region: "eu-central-1"
release_elastic_ip: "yes"
Now that we have our playbook defined we can simply start things up with:
$ ansible-playbook playbook.yaml
Once the playbook as finished all traces of our AWS VPC (subnets, routing table, NAT gateway, etc..) are now delete! π π
Read More
- GitHub: https://github.com/mateothegreat?tab=repositories&q=ansible
- Ansible Galaxy: https://galaxy.ansible.com/mateothegreat
- Role Source: https://github.com/mateothegreat/aws-vpc-create
- Role Source: https://github.com/mateothegreat/aws-vpc-delete