ansible/contrib/inventory/ec2.ini

220 lines
9.3 KiB
INI
Raw Normal View History

2012-08-20 23:46:45 +00:00
# Ansible EC2 external inventory script settings
#
[ec2]
# to talk to a private eucalyptus instance uncomment these lines
# and edit edit eucalyptus_host to be the host name of your cloud controller
#eucalyptus = True
#eucalyptus_host = clc.cloud.domain.org
2012-08-20 23:46:45 +00:00
# AWS regions to make calls to. Set this to 'all' to make request to all regions
# in AWS and merge the results together. Alternatively, set this to a comma
# separated list of regions. E.g. 'us-east-1,us-west-1,us-west-2' and do not
# provide the 'regions_exclude' option. If this is set to 'auto', AWS_REGION or
# AWS_DEFAULT_REGION environment variable will be read to determine the region.
2012-08-20 23:46:45 +00:00
regions = all
2017-02-01 14:08:15 +00:00
regions_exclude = us-gov-west-1, cn-north-1
2012-08-20 23:46:45 +00:00
# When generating inventory, Ansible needs to know how to address a server.
# Each EC2 instance has a lot of variables associated with it. Here is the list:
# http://docs.pythonboto.org/en/latest/ref/ec2.html#module-boto.ec2.instance
# Below are 2 variables that are used as the address of a server:
# - destination_variable
# - vpc_destination_variable
# This is the normal destination variable to use. If you are running Ansible
# from outside EC2, then 'public_dns_name' makes the most sense. If you are
# running Ansible from within EC2, then perhaps you want to use the internal
# address, and should set this to 'private_dns_name'. The key of an EC2 tag
# may optionally be used; however the boto instance variables hold precedence
# in the event of a collision.
2012-08-20 23:46:45 +00:00
destination_variable = public_dns_name
# This allows you to override the inventory_name with an ec2 variable, instead
# of using the destination_variable above. Addressing (aka ansible_ssh_host)
# will still use destination_variable. Tags should be written as 'tag_TAGNAME'.
#hostname_variable = tag_Name
2012-08-20 23:46:45 +00:00
# For server inside a VPC, using DNS names may not make sense. When an instance
# has 'subnet_id' set, this variable is used. If the subnet is public, setting
# this to 'ip_address' will return the public IP address. For instances in a
# private subnet, this should be set to 'private_ip_address', and Ansible must
2015-04-07 16:19:37 +00:00
# be run from within EC2. The key of an EC2 tag may optionally be used; however
# the boto instance variables hold precedence in the event of a collision.
# WARNING: - instances that are in the private vpc, _without_ public ip address
2015-07-10 16:42:59 +00:00
# will not be listed in the inventory until You set:
# vpc_destination_variable = private_ip_address
2012-08-20 23:46:45 +00:00
vpc_destination_variable = ip_address
# The following two settings allow flexible ansible host naming based on a
# python format string and a comma-separated list of ec2 tags. Note that:
#
# 1) If the tags referenced are not present for some instances, empty strings
# will be substituted in the format string.
# 2) This overrides both destination_variable and vpc_destination_variable.
#
#destination_format = {0}.{1}.example.com
#destination_format_tags = Name,environment
# To tag instances on EC2 with the resource records that point to them from
# Route53, set 'route53' to True.
route53 = False
# To use Route53 records as the inventory hostnames, uncomment and set
# to equal the domain name you wish to use. You must also have 'route53' (above)
# set to True.
# route53_hostnames = .example.com
# To exclude RDS instances from the inventory, uncomment and set to False.
#rds = False
# To exclude ElastiCache instances from the inventory, uncomment and set to False.
#elasticache = False
# Additionally, you can specify the list of zones to exclude looking up in
# 'route53_excluded_zones' as a comma-separated list.
# route53_excluded_zones = samplezone1.com, samplezone2.com
# By default, only EC2 instances in the 'running' state are returned. Set
# 'all_instances' to True to return all instances regardless of state.
all_instances = False
# By default, only EC2 instances in the 'running' state are returned. Specify
# EC2 instance states to return as a comma-separated list. This
2016-12-11 02:50:09 +00:00
# option is overridden when 'all_instances' is True.
# instance_states = pending, running, shutting-down, terminated, stopping, stopped
# By default, only RDS instances in the 'available' state are returned. Set
# 'all_rds_instances' to True return all RDS instances regardless of state.
all_rds_instances = False
Add RDS cluster info to EC2 dynamic inventory Add db_clusters to the ec2 inventory. Show tags. Only show clusters matching tags in the `.ini`. Set `include_rds_clusters = True` option to enable RDS cluster inventory collection. Example inventory output: ``` { "db_clusters": { "ryansb-cluster-test": { "AllocatedStorage": 1, "AvailabilityZones": [ "us-west-2a", "us-west-2b", "us-west-2c" ], "BackupRetentionPeriod": 1, "DBClusterIdentifier": "ryansb-cluster-test", "DBClusterMembers": [ { "DBClusterParameterGroupStatus": "in-sync", "DBInstanceIdentifier": "ryansb-test", "IsClusterWriter": true, "PromotionTier": 1 }, { "DBClusterParameterGroupStatus": "in-sync", "DBInstanceIdentifier": "ryansb-test-us-west-2b", "IsClusterWriter": false, "PromotionTier": 1 } ], "DBClusterParameterGroup": "default.aurora5.6", "DBSubnetGroup": "default", "DatabaseName": "mydb", "DbClusterResourceId": "cluster-OB6H7JQURFKFD4BYNHG5HSRLBA", "Endpoint": "ryansb-cluster-test.cluster-c9ntgaejgqln.us-west-2.rds.amazonaws.com", "Engine": "aurora", "EngineVersion": "5.6.10a", "MasterUsername": "admin", "Port": 3306, "PreferredBackupWindow": "06:09-06:39", "PreferredMaintenanceWindow": "mon:11:22-mon:11:52", "ReadReplicaIdentifiers": [], "Status": "available", "StorageEncrypted": false, "VpcSecurityGroups": [ { "Status": "active", "VpcSecurityGroupId": "sg-47eaea20" } ] } }, "rds": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "rds_aurora": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "rds_parameter_group_default_aurora5_6": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "ryansb-test": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "ryansb-test-us-west-2b": [ "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "type_db_r3_large": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "us-west-2": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "us-west-2a": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "us-west-2b": [ "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "vpc_id_vpc_3ca34459": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ] } ```
2016-06-09 12:54:50 +00:00
# Include RDS cluster information (Aurora etc.)
include_rds_clusters = False
Add RDS cluster info to EC2 dynamic inventory Add db_clusters to the ec2 inventory. Show tags. Only show clusters matching tags in the `.ini`. Set `include_rds_clusters = True` option to enable RDS cluster inventory collection. Example inventory output: ``` { "db_clusters": { "ryansb-cluster-test": { "AllocatedStorage": 1, "AvailabilityZones": [ "us-west-2a", "us-west-2b", "us-west-2c" ], "BackupRetentionPeriod": 1, "DBClusterIdentifier": "ryansb-cluster-test", "DBClusterMembers": [ { "DBClusterParameterGroupStatus": "in-sync", "DBInstanceIdentifier": "ryansb-test", "IsClusterWriter": true, "PromotionTier": 1 }, { "DBClusterParameterGroupStatus": "in-sync", "DBInstanceIdentifier": "ryansb-test-us-west-2b", "IsClusterWriter": false, "PromotionTier": 1 } ], "DBClusterParameterGroup": "default.aurora5.6", "DBSubnetGroup": "default", "DatabaseName": "mydb", "DbClusterResourceId": "cluster-OB6H7JQURFKFD4BYNHG5HSRLBA", "Endpoint": "ryansb-cluster-test.cluster-c9ntgaejgqln.us-west-2.rds.amazonaws.com", "Engine": "aurora", "EngineVersion": "5.6.10a", "MasterUsername": "admin", "Port": 3306, "PreferredBackupWindow": "06:09-06:39", "PreferredMaintenanceWindow": "mon:11:22-mon:11:52", "ReadReplicaIdentifiers": [], "Status": "available", "StorageEncrypted": false, "VpcSecurityGroups": [ { "Status": "active", "VpcSecurityGroupId": "sg-47eaea20" } ] } }, "rds": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "rds_aurora": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "rds_parameter_group_default_aurora5_6": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "ryansb-test": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "ryansb-test-us-west-2b": [ "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "type_db_r3_large": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "us-west-2": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "us-west-2a": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "us-west-2b": [ "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ], "vpc_id_vpc_3ca34459": [ "ryansb_test_c9ntgaejgqln_us_west_2_rds_amazonaws_com", "ryansb_test_us_west_2b_c9ntgaejgqln_us_west_2_rds_amazonaws_com" ] } ```
2016-06-09 12:54:50 +00:00
# By default, only ElastiCache clusters and nodes in the 'available' state
# are returned. Set 'all_elasticache_clusters' and/or 'all_elastic_nodes'
# to True return all ElastiCache clusters and nodes, regardless of state.
#
# Note that all_elasticache_nodes only applies to listed clusters. That means
# if you set all_elastic_clusters to false, no node will be return from
# unavailable clusters, regardless of the state and to what you set for
# all_elasticache_nodes.
all_elasticache_replication_groups = False
all_elasticache_clusters = False
all_elasticache_nodes = False
2012-08-20 23:46:45 +00:00
# API calls to EC2 are slow. For this reason, we cache the results of an API
# call. Set this to the path you want cache files to be written to. Two files
# will be written to this directory:
# - ansible-ec2.cache
# - ansible-ec2.index
cache_path = ~/.ansible/tmp
2012-08-20 23:46:45 +00:00
# The number of seconds a cache file is considered valid. After this many
# seconds, a new API call will be made, and the cache file will be updated.
# To disable the cache, set this value to 0
2012-08-20 23:46:45 +00:00
cache_max_age = 300
# Organize groups into a nested/hierarchy instead of a flat namespace.
nested_groups = False
# Replace - tags when creating groups to avoid issues with ansible
replace_dash_in_groups = True
# If set to true, any tag of the form "a,b,c" is expanded into a list
# and the results are used to create additional tag_* inventory groups.
expand_csv_tags = False
# The EC2 inventory output can become very large. To manage its size,
# configure which groups should be created.
group_by_instance_id = True
group_by_region = True
group_by_availability_zone = True
group_by_aws_account = False
group_by_ami_id = True
group_by_instance_type = True
group_by_instance_state = False
group_by_platform = True
group_by_key_pair = True
group_by_vpc_id = True
group_by_security_group = True
group_by_tag_keys = True
group_by_tag_none = True
group_by_route53_names = True
group_by_rds_engine = True
group_by_rds_parameter_group = True
group_by_elasticache_engine = True
group_by_elasticache_cluster = True
group_by_elasticache_parameter_group = True
group_by_elasticache_replication_group = True
# If you only want to include hosts that match a certain regular expression
# pattern_include = staging-*
# If you want to exclude any hosts that match a certain regular expression
# pattern_exclude = staging-*
# Instance filters can be used to control which instances are retrieved for
# inventory. For the full list of possible filters, please read the EC2 API
# docs: http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-DescribeInstances.html#query-DescribeInstances-filters
# Filters are key/value pairs separated by '=', to list multiple filters use
# a list separated by commas. To "AND" criteria together, use "&". Note that
# the "AND" is not useful along with stack_filters and so such usage is not allowed.
# See examples below.
# If you want to apply multiple filters simultaneously, set stack_filters to
# True. Default behaviour is to combine the results of all filters. Stacking
# allows the use of multiple conditions to filter down, for example by
# environment and type of host.
stack_filters = False
# Retrieve only instances with (key=value) env=staging tag
# instance_filters = tag:env=staging
# Retrieve only instances with role=webservers OR role=dbservers tag
# instance_filters = tag:role=webservers,tag:role=dbservers
# Retrieve only t1.micro instances OR instances with tag env=staging
# instance_filters = instance-type=t1.micro,tag:env=staging
# You can use wildcards in filter values also. Below will list instances which
# tag Name value matches webservers1*
# (ex. webservers15, webservers1a, webservers123 etc)
# instance_filters = tag:Name=webservers1*
# Retrieve only instances of type t1.micro that also have tag env=stage
# instance_filters = instance-type=t1.micro&tag:env=stage
# Retrieve instances of type t1.micro AND tag env=stage, as well as any instance
# that are of type m3.large, regardless of env tag
# instance_filters = instance-type=t1.micro&tag:env=stage,instance-type=m3.large
# An IAM role can be assumed, so all requests are run as that role.
# This can be useful for connecting across different accounts, or to limit user
# access
# iam_role = role-arn
# A boto configuration profile may be used to separate out credentials
# see https://boto.readthedocs.io/en/latest/boto_config_tut.html
# boto_profile = some-boto-profile-name
[credentials]
# The AWS credentials can optionally be specified here. Credentials specified
# here are ignored if the environment variable AWS_ACCESS_KEY_ID or
# AWS_PROFILE is set, or if the boto_profile property above is set.
#
# Supplying AWS credentials here is not recommended, as it introduces
# non-trivial security concerns. When going down this route, please make sure
# to set access permissions for this file correctly, e.g. handle it the same
# way as you would a private SSH key.
#
# Unlike the boto and AWS configure files, this section does not support
# profiles.
#
# aws_access_key_id = AXXXXXXXXXXXXXX
# aws_secret_access_key = XXXXXXXXXXXXXXXXXXX
# aws_security_token = XXXXXXXXXXXXXXXXXXXXXXXXXXXX