본문 바로가기

리눅스

[iac][ansible] 동적 인벤토리(aws_es2 plugin)

728x90

앤서블 동적 인벤토리(aws_es2 plugin)

aws ec2 동적 인벤토리 플러그인 설치

Requirements

- pthon >= 3.6

- boto3 >= 1.16.0

- botocore >= 1.19.0

sudo apt install -y python3-boto3

ansible-galaxy 명령으로 플러그인 설치

ansible-galaxy collection install amazon.aws
$ ansible-galaxy collection list | grep amazon.aws
amazon.aws                    2.3.0
amazon.aws 4.1.0

ansible.cfg 생성

vim ansible.cfg
[defaults]
inventory = my_aws_ec2.yaml

aws_ec2 모듈 문서 확인

ansible-doc -t inventory aws_ec2
$ ansible-doc -t inventory aws_ec2
> AMAZON.AWS.AWS_EC2    (/home/vagrant/.ansible/collections/ansible_collections/amazon/aws/plugins/inventory/aws_ec2.py)

        Get inventory hosts from Amazon Web Services EC2. Uses a YAML configuration file that ends with `aws_ec2.{yml|yaml}'.

OPTIONS (= is mandatory):

- aws_access_key
        The AWS access key to use.
        (Aliases: aws_access_key_id)[Default: (null)]
        set_via:
          env:
          - name: EC2_ACCESS_KEY
          - name: AWS_ACCESS_KEY
          - name: AWS_ACCESS_KEY_ID

        type: str

- aws_profile
        The AWS profile
        (Aliases: boto_profile)[Default: (null)]
        set_via:
          env:
          - name: AWS_DEFAULT_PROFILE
          - name: AWS_PROFILE

        type: str

- aws_secret_key
        The AWS secret key that corresponds to the access key.
        (Aliases: aws_secret_access_key)[Default: (null)]
        set_via:
          env:
          - name: EC2_SECRET_KEY
          - name: AWS_SECRET_KEY
          - name: AWS_SECRET_ACCESS_KEY

        type: str

- aws_security_token
        The AWS security token if using temporary access and secret keys.
        [Default: (null)]
        set_via:
          env:
          - name: EC2_SECURITY_TOKEN
          - name: AWS_SESSION_TOKEN
          - name: AWS_SECURITY_TOKEN

        type: str

인벤토리 작성

my_aws_ec2.yaml : aws_ec2.yaml 부분은 고정

vim my_aws_ec2.yaml
plugin: aws_ec2

boto_profile: default    ###aws configure profile : default

region:
  - ap-northeast-2

filters:
#  tag:Name: MyInstanceA
  tag:Name:
    - MyInstanceA
    - MyInstanceB
  tag:Environment: terraform
ansible-inventory -i my_aws_ec2.yaml --graph
$ ansible-inventory -i my_aws_ec2.yaml --graph
@all:
  |--@aws_ec2:
  |  |--ec2-3-18-215-225.ap-northeast-2.compute.amazonaws.com
  |  |--ec2-3-39-242-94.ap-northeast-2.compute.amazonaws.com
  |  |--ip-172-31-59-60.ap-northeast-2.compute.internal
  |  |--ip-172-31-61-183.ap-northeast-2.compute.internal
  |--@ungrouped:
ansible-inventory -i my_aws_ec2.yaml --list

 

참고URL

- https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_ec2_inventory.html

 

728x90