2012-08-20 23:46:45 +00:00
|
|
|
# Ansible EC2 external inventory script settings
|
|
|
|
#
|
|
|
|
|
|
|
|
[ec2]
|
|
|
|
|
2012-08-31 13:52:12 +00:00
|
|
|
# to talk to a private eucalyptus instance uncomment these lines
|
|
|
|
# and edit edit eucalyptus_host to be the host name of your cloud controller
|
|
|
|
#eucalyptus = True
|
|
|
|
#eucalyptus_host = clc.cloud.domain.org
|
|
|
|
|
2012-08-20 23:46:45 +00:00
|
|
|
# AWS regions to make calls to. Set this to 'all' to make request to all regions
|
|
|
|
# in AWS and merge the results together. Alternatively, set this to a comma
|
2017-03-22 13:31:58 +00:00
|
|
|
# separated list of regions. E.g. 'us-east-1,us-west-1,us-west-2' and do not
|
|
|
|
# provide the 'regions_exclude' option. If this is set to 'auto', AWS_REGION or
|
|
|
|
# AWS_DEFAULT_REGION environment variable will be read to determine the region.
|
2012-08-20 23:46:45 +00:00
|
|
|
regions = all
|
2017-02-01 14:08:15 +00:00
|
|
|
regions_exclude = us-gov-west-1, cn-north-1
|
2012-08-20 23:46:45 +00:00
|
|
|
|
|
|
|
# When generating inventory, Ansible needs to know how to address a server.
|
|
|
|
# Each EC2 instance has a lot of variables associated with it. Here is the list:
|
|
|
|
# http://docs.pythonboto.org/en/latest/ref/ec2.html#module-boto.ec2.instance
|
|
|
|
# Below are 2 variables that are used as the address of a server:
|
|
|
|
# - destination_variable
|
|
|
|
# - vpc_destination_variable
|
|
|
|
|
|
|
|
# This is the normal destination variable to use. If you are running Ansible
|
|
|
|
# from outside EC2, then 'public_dns_name' makes the most sense. If you are
|
|
|
|
# running Ansible from within EC2, then perhaps you want to use the internal
|
2014-12-16 06:31:29 +00:00
|
|
|
# address, and should set this to 'private_dns_name'. The key of an EC2 tag
|
|
|
|
# may optionally be used; however the boto instance variables hold precedence
|
|
|
|
# in the event of a collision.
|
2012-08-20 23:46:45 +00:00
|
|
|
destination_variable = public_dns_name
|
|
|
|
|
2014-08-09 13:10:38 +00:00
|
|
|
# This allows you to override the inventory_name with an ec2 variable, instead
|
|
|
|
# of using the destination_variable above. Addressing (aka ansible_ssh_host)
|
|
|
|
# will still use destination_variable. Tags should be written as 'tag_TAGNAME'.
|
|
|
|
#hostname_variable = tag_Name
|
|
|
|
|
2012-08-20 23:46:45 +00:00
|
|
|
# For server inside a VPC, using DNS names may not make sense. When an instance
|
|
|
|
# has 'subnet_id' set, this variable is used. If the subnet is public, setting
|
|
|
|
# this to 'ip_address' will return the public IP address. For instances in a
|
|
|
|
# private subnet, this should be set to 'private_ip_address', and Ansible must
|
2015-04-07 16:19:37 +00:00
|
|
|
# be run from within EC2. The key of an EC2 tag may optionally be used; however
|
2014-12-16 06:31:29 +00:00
|
|
|
# the boto instance variables hold precedence in the event of a collision.
|
2016-02-01 16:05:46 +00:00
|
|
|
# WARNING: - instances that are in the private vpc, _without_ public ip address
|
2015-07-10 16:42:59 +00:00
|
|
|
# will not be listed in the inventory until You set:
|
2016-02-01 16:05:46 +00:00
|
|
|
# vpc_destination_variable = private_ip_address
|
2012-08-20 23:46:45 +00:00
|
|
|
vpc_destination_variable = ip_address
|
|
|
|
|
2015-03-09 14:49:54 +00:00
|
|
|
# The following two settings allow flexible ansible host naming based on a
|
|
|
|
# python format string and a comma-separated list of ec2 tags. Note that:
|
|
|
|
#
|
|
|
|
# 1) If the tags referenced are not present for some instances, empty strings
|
|
|
|
# will be substituted in the format string.
|
|
|
|
# 2) This overrides both destination_variable and vpc_destination_variable.
|
|
|
|
#
|
|
|
|
#destination_format = {0}.{1}.example.com
|
|
|
|
#destination_format_tags = Name,environment
|
|
|
|
|
2013-09-23 18:00:56 +00:00
|
|
|
# To tag instances on EC2 with the resource records that point to them from
|
2017-02-14 15:50:41 +00:00
|
|
|
# Route53, set 'route53' to True.
|
2013-09-23 18:00:56 +00:00
|
|
|
route53 = False
|
2013-09-24 01:40:18 +00:00
|
|
|
|
2017-02-14 15:50:41 +00:00
|
|
|
# To use Route53 records as the inventory hostnames, uncomment and set
|
|
|
|
# to equal the domain name you wish to use. You must also have 'route53' (above)
|
|
|
|
# set to True.
|
|
|
|
# route53_hostnames = .example.com
|
|
|
|
|
2014-03-27 18:58:46 +00:00
|
|
|
# To exclude RDS instances from the inventory, uncomment and set to False.
|
|
|
|
#rds = False
|
2014-03-27 15:57:24 +00:00
|
|
|
|
2015-06-14 20:07:39 +00:00
|
|
|
# To exclude ElastiCache instances from the inventory, uncomment and set to False.
|
|
|
|
#elasticache = False
|
|
|
|
|
2013-09-24 01:40:18 +00:00
|
|
|
# Additionally, you can specify the list of zones to exclude looking up in
|
2014-03-08 10:49:55 +00:00
|
|
|
# 'route53_excluded_zones' as a comma-separated list.
|
2013-09-24 01:40:18 +00:00
|
|
|
# route53_excluded_zones = samplezone1.com, samplezone2.com
|
2013-09-23 18:00:56 +00:00
|
|
|
|
2014-07-01 19:50:04 +00:00
|
|
|
# By default, only EC2 instances in the 'running' state are returned. Set
|
|
|
|
# 'all_instances' to True to return all instances regardless of state.
|
|
|
|
all_instances = False
|
|
|
|
|
2015-07-12 00:53:05 +00:00
|
|
|
# By default, only EC2 instances in the 'running' state are returned. Specify
|
|
|
|
# EC2 instance states to return as a comma-separated list. This
|
2016-12-11 02:50:09 +00:00
|
|
|
# option is overridden when 'all_instances' is True.
|
2015-07-12 00:53:05 +00:00
|
|
|
# instance_states = pending, running, shutting-down, terminated, stopping, stopped
|
|
|
|
|
2014-07-01 19:50:04 +00:00
|
|
|
# By default, only RDS instances in the 'available' state are returned. Set
|
|
|
|
# 'all_rds_instances' to True return all RDS instances regardless of state.
|
|
|
|
all_rds_instances = False
|
|
|
|
|
Add RDS cluster info to EC2 dynamic inventory
Add db_clusters to the ec2 inventory. Show tags. Only show clusters
matching tags in the `.ini`. Set `include_rds_clusters = True` option to
enable RDS cluster inventory collection.
Example inventory output:
```
{
"db_clusters": {
"ryansb-cluster-test": {
"AllocatedStorage": 1,
"AvailabilityZones": [
"us-west-2a",
"us-west-2b",
"us-west-2c"
],
"BackupRetentionPeriod": 1,
"DBClusterIdentifier": "ryansb-cluster-test",
"DBClusterMembers": [
{
"DBClusterParameterGroupStatus": "in-sync",
"DBInstanceIdentifier": "ryansb-test",
"IsClusterWriter": true,
"PromotionTier": 1
},
{
"DBClusterParameterGroupStatus": "in-sync",
"DBInstanceIdentifier": "ryansb-test-us-west-2b",
"IsClusterWriter": false,
"PromotionTier": 1
}
],
"DBClusterParameterGroup": "default.aurora5.6",
"DBSubnetGroup": "default",
"DatabaseName": "mydb",
"DbClusterResourceId": "cluster-OB6H7JQURFKFD4BYNHG5HSRLBA",
"Endpoint": "ryansb-cluster-test.cluster-c9ntgaejgqln.us-west-2.rds.amazonaws.com",
"Engine": "aurora",
"EngineVersion": "5.6.10a",
"MasterUsername": "admin",
"Port": 3306,
"PreferredBackupWindow": "06:09-06:39",
"PreferredMaintenanceWindow": "mon:11:22-mon:11:52",
"ReadReplicaIdentifiers": [],
"Status": "available",
"StorageEncrypted": false,
"VpcSecurityGroups": [
{
"Status": "active",
"VpcSecurityGroupId": "sg-47eaea20"
}
]
}
},
"rds": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"rds_aurora": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"rds_parameter_group_default_aurora5_6": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"ryansb-test": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"ryansb-test-us-west-2b": [
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"type_db_r3_large": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"us-west-2": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"us-west-2a": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"us-west-2b": [
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"vpc_id_vpc_3ca34459": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
]
}
```
2016-06-09 12:54:50 +00:00
|
|
|
# Include RDS cluster information (Aurora etc.)
|
2016-08-15 18:27:48 +00:00
|
|
|
include_rds_clusters = False
|
Add RDS cluster info to EC2 dynamic inventory
Add db_clusters to the ec2 inventory. Show tags. Only show clusters
matching tags in the `.ini`. Set `include_rds_clusters = True` option to
enable RDS cluster inventory collection.
Example inventory output:
```
{
"db_clusters": {
"ryansb-cluster-test": {
"AllocatedStorage": 1,
"AvailabilityZones": [
"us-west-2a",
"us-west-2b",
"us-west-2c"
],
"BackupRetentionPeriod": 1,
"DBClusterIdentifier": "ryansb-cluster-test",
"DBClusterMembers": [
{
"DBClusterParameterGroupStatus": "in-sync",
"DBInstanceIdentifier": "ryansb-test",
"IsClusterWriter": true,
"PromotionTier": 1
},
{
"DBClusterParameterGroupStatus": "in-sync",
"DBInstanceIdentifier": "ryansb-test-us-west-2b",
"IsClusterWriter": false,
"PromotionTier": 1
}
],
"DBClusterParameterGroup": "default.aurora5.6",
"DBSubnetGroup": "default",
"DatabaseName": "mydb",
"DbClusterResourceId": "cluster-OB6H7JQURFKFD4BYNHG5HSRLBA",
"Endpoint": "ryansb-cluster-test.cluster-c9ntgaejgqln.us-west-2.rds.amazonaws.com",
"Engine": "aurora",
"EngineVersion": "5.6.10a",
"MasterUsername": "admin",
"Port": 3306,
"PreferredBackupWindow": "06:09-06:39",
"PreferredMaintenanceWindow": "mon:11:22-mon:11:52",
"ReadReplicaIdentifiers": [],
"Status": "available",
"StorageEncrypted": false,
"VpcSecurityGroups": [
{
"Status": "active",
"VpcSecurityGroupId": "sg-47eaea20"
}
]
}
},
"rds": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"rds_aurora": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"rds_parameter_group_default_aurora5_6": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"ryansb-test": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"ryansb-test-us-west-2b": [
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"type_db_r3_large": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"us-west-2": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"us-west-2a": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"us-west-2b": [
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
],
"vpc_id_vpc_3ca34459": [
"ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com",
"ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com"
]
}
```
2016-06-09 12:54:50 +00:00
|
|
|
|
2015-06-14 20:07:39 +00:00
|
|
|
# By default, only ElastiCache clusters and nodes in the 'available' state
|
|
|
|
# are returned. Set 'all_elasticache_clusters' and/or 'all_elastic_nodes'
|
|
|
|
# to True return all ElastiCache clusters and nodes, regardless of state.
|
2015-06-15 09:36:33 +00:00
|
|
|
#
|
|
|
|
# Note that all_elasticache_nodes only applies to listed clusters. That means
|
|
|
|
# if you set all_elastic_clusters to false, no node will be return from
|
|
|
|
# unavailable clusters, regardless of the state and to what you set for
|
|
|
|
# all_elasticache_nodes.
|
2015-06-14 21:12:52 +00:00
|
|
|
all_elasticache_replication_groups = False
|
2015-06-14 20:07:39 +00:00
|
|
|
all_elasticache_clusters = False
|
|
|
|
all_elasticache_nodes = False
|
|
|
|
|
2012-08-20 23:46:45 +00:00
|
|
|
# API calls to EC2 are slow. For this reason, we cache the results of an API
|
|
|
|
# call. Set this to the path you want cache files to be written to. Two files
|
|
|
|
# will be written to this directory:
|
|
|
|
# - ansible-ec2.cache
|
|
|
|
# - ansible-ec2.index
|
2013-12-04 01:18:15 +00:00
|
|
|
cache_path = ~/.ansible/tmp
|
2012-08-20 23:46:45 +00:00
|
|
|
|
|
|
|
# The number of seconds a cache file is considered valid. After this many
|
|
|
|
# seconds, a new API call will be made, and the cache file will be updated.
|
2014-04-29 16:13:55 +00:00
|
|
|
# To disable the cache, set this value to 0
|
2012-08-20 23:46:45 +00:00
|
|
|
cache_max_age = 300
|
2014-07-01 19:29:39 +00:00
|
|
|
|
|
|
|
# Organize groups into a nested/hierarchy instead of a flat namespace.
|
|
|
|
nested_groups = False
|
2014-08-08 13:26:14 +00:00
|
|
|
|
2015-10-21 17:18:32 +00:00
|
|
|
# Replace - tags when creating groups to avoid issues with ansible
|
|
|
|
replace_dash_in_groups = True
|
|
|
|
|
2015-10-06 06:48:43 +00:00
|
|
|
# If set to true, any tag of the form "a,b,c" is expanded into a list
|
|
|
|
# and the results are used to create additional tag_* inventory groups.
|
|
|
|
expand_csv_tags = False
|
|
|
|
|
2015-02-11 06:47:37 +00:00
|
|
|
# The EC2 inventory output can become very large. To manage its size,
|
|
|
|
# configure which groups should be created.
|
|
|
|
group_by_instance_id = True
|
|
|
|
group_by_region = True
|
|
|
|
group_by_availability_zone = True
|
2015-03-12 20:04:36 +00:00
|
|
|
group_by_aws_account = False
|
2015-02-11 06:47:37 +00:00
|
|
|
group_by_ami_id = True
|
|
|
|
group_by_instance_type = True
|
2017-02-14 15:27:19 +00:00
|
|
|
group_by_instance_state = False
|
2017-08-07 18:45:04 +00:00
|
|
|
group_by_platform = True
|
2015-02-11 06:47:37 +00:00
|
|
|
group_by_key_pair = True
|
|
|
|
group_by_vpc_id = True
|
|
|
|
group_by_security_group = True
|
|
|
|
group_by_tag_keys = True
|
|
|
|
group_by_tag_none = True
|
|
|
|
group_by_route53_names = True
|
|
|
|
group_by_rds_engine = True
|
|
|
|
group_by_rds_parameter_group = True
|
2015-06-14 20:07:39 +00:00
|
|
|
group_by_elasticache_engine = True
|
|
|
|
group_by_elasticache_cluster = True
|
|
|
|
group_by_elasticache_parameter_group = True
|
2015-06-14 21:12:52 +00:00
|
|
|
group_by_elasticache_replication_group = True
|
2015-02-11 06:47:37 +00:00
|
|
|
|
2014-08-08 13:26:14 +00:00
|
|
|
# If you only want to include hosts that match a certain regular expression
|
2015-06-27 06:38:06 +00:00
|
|
|
# pattern_include = staging-*
|
2014-08-08 13:26:14 +00:00
|
|
|
|
|
|
|
# If you want to exclude any hosts that match a certain regular expression
|
2015-06-27 06:38:06 +00:00
|
|
|
# pattern_exclude = staging-*
|
2014-09-02 22:50:28 +00:00
|
|
|
|
|
|
|
# Instance filters can be used to control which instances are retrieved for
|
|
|
|
# inventory. For the full list of possible filters, please read the EC2 API
|
|
|
|
# docs: http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-DescribeInstances.html#query-DescribeInstances-filters
|
|
|
|
# Filters are key/value pairs separated by '=', to list multiple filters use
|
2017-09-21 16:06:56 +00:00
|
|
|
# a list separated by commas. To "AND" criteria together, use "&". Note that
|
|
|
|
# the "AND" is not useful along with stack_filters and so such usage is not allowed.
|
|
|
|
# See examples below.
|
2014-09-02 22:50:28 +00:00
|
|
|
|
2017-02-09 13:52:09 +00:00
|
|
|
# If you want to apply multiple filters simultaneously, set stack_filters to
|
|
|
|
# True. Default behaviour is to combine the results of all filters. Stacking
|
|
|
|
# allows the use of multiple conditions to filter down, for example by
|
|
|
|
# environment and type of host.
|
2015-07-17 22:51:46 +00:00
|
|
|
stack_filters = False
|
|
|
|
|
2015-06-27 06:38:06 +00:00
|
|
|
# Retrieve only instances with (key=value) env=staging tag
|
|
|
|
# instance_filters = tag:env=staging
|
2014-09-02 22:50:28 +00:00
|
|
|
|
|
|
|
# Retrieve only instances with role=webservers OR role=dbservers tag
|
|
|
|
# instance_filters = tag:role=webservers,tag:role=dbservers
|
|
|
|
|
2015-06-27 06:38:06 +00:00
|
|
|
# Retrieve only t1.micro instances OR instances with tag env=staging
|
|
|
|
# instance_filters = instance-type=t1.micro,tag:env=staging
|
2014-09-02 22:50:28 +00:00
|
|
|
|
|
|
|
# You can use wildcards in filter values also. Below will list instances which
|
|
|
|
# tag Name value matches webservers1*
|
2016-02-01 16:05:46 +00:00
|
|
|
# (ex. webservers15, webservers1a, webservers123 etc)
|
2014-09-02 22:50:28 +00:00
|
|
|
# instance_filters = tag:Name=webservers1*
|
2014-08-12 20:01:36 +00:00
|
|
|
|
2017-09-21 16:06:56 +00:00
|
|
|
# Retrieve only instances of type t1.micro that also have tag env=stage
|
|
|
|
# instance_filters = instance-type=t1.micro&tag:env=stage
|
|
|
|
|
|
|
|
# Retrieve instances of type t1.micro AND tag env=stage, as well as any instance
|
|
|
|
# that are of type m3.large, regardless of env tag
|
|
|
|
# instance_filters = instance-type=t1.micro&tag:env=stage,instance-type=m3.large
|
|
|
|
|
2017-03-20 21:19:40 +00:00
|
|
|
# An IAM role can be assumed, so all requests are run as that role.
|
|
|
|
# This can be useful for connecting across different accounts, or to limit user
|
|
|
|
# access
|
|
|
|
# iam_role = role-arn
|
|
|
|
|
2014-08-12 20:01:36 +00:00
|
|
|
# A boto configuration profile may be used to separate out credentials
|
2018-06-18 12:22:50 +00:00
|
|
|
# see https://boto.readthedocs.io/en/latest/boto_config_tut.html
|
2014-08-12 20:01:36 +00:00
|
|
|
# boto_profile = some-boto-profile-name
|
2016-05-20 13:29:15 +00:00
|
|
|
|
|
|
|
|
|
|
|
[credentials]
|
|
|
|
|
|
|
|
# The AWS credentials can optionally be specified here. Credentials specified
|
|
|
|
# here are ignored if the environment variable AWS_ACCESS_KEY_ID or
|
|
|
|
# AWS_PROFILE is set, or if the boto_profile property above is set.
|
|
|
|
#
|
|
|
|
# Supplying AWS credentials here is not recommended, as it introduces
|
|
|
|
# non-trivial security concerns. When going down this route, please make sure
|
|
|
|
# to set access permissions for this file correctly, e.g. handle it the same
|
|
|
|
# way as you would a private SSH key.
|
|
|
|
#
|
|
|
|
# Unlike the boto and AWS configure files, this section does not support
|
|
|
|
# profiles.
|
|
|
|
#
|
|
|
|
# aws_access_key_id = AXXXXXXXXXXXXXX
|
|
|
|
# aws_secret_access_key = XXXXXXXXXXXXXXXXXXX
|
|
|
|
# aws_security_token = XXXXXXXXXXXXXXXXXXXXXXXXXXXX
|