Начало Каталог Помощ
Регистрация Вход
shixiong
/
okd
1
0
Разклонения 0
Файлове Задачи 0 Заявки за сливане 0 Уики
ИН на ревизия: f7db81c1d1
Клонове Маркери
okd
/
roles
/
openshift_aws
/
tasks
/
seal_ami.yml

seal_ami.yml 2.2 KB
История Директен файл

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. ---
    2. 

  2. - name: fetch newly created instances
    3. 

  3.   ec2_instance_facts:
    4. 

  4.     region: "{{ openshift_aws_region }}"
    5. 

  5.     filters:
    6. 

  6.       "tag:Name": "{{ openshift_aws_base_ami_name }}"
    7. 

  7.       instance-state-name: running
    8. 

  8.   register: instancesout
    9. 

  9.   retries: 20
    10. 

  10.   delay: 3
    11. 

  11.   until: instancesout.instances|length > 0
    12. 

  12. 

  13. - when: openshift_aws_copy_base_ami_tags | default(False) | bool
    14. 

  14.   block:
    15. 

  15.   - name: fetch the ami used to create the instance
    16. 

  16.     ec2_ami_find:
    17. 

  17.       region: "{{ openshift_aws_region }}"
    18. 

  18.       ami_id: "{{ instancesout.instances[0]['image_id'] }}"
    19. 

  19.     register: original_ami_out
    20. 

  20.     retries: 20
    21. 

  21.     delay: 3
    22. 

  22.     until: original_ami_out.results|length > 0
    23. 

  23. 

  24.   - name: combine the tags of the original ami with newly created ami
    25. 

  25.     set_fact:
    26. 

  26.       l_openshift_aws_ami_tags: "{{ original_ami_out.results[0]['tags'] | combine(openshift_aws_ami_tags) }}"
    27. 

  27. 

  28. - name: bundle ami
    29. 

  29.   ec2_ami:
    30. 

  30.     instance_id: "{{ instancesout.instances.0.instance_id }}"
    31. 

  31.     region: "{{ openshift_aws_region }}"
    32. 

  32.     state: present
    33. 

  33.     description: "This was provisioned {{ ansible_date_time.iso8601 }}"
    34. 

  34.     name: "{{ openshift_aws_ami_name }}"
    35. 

  35.     tags: "{{ l_openshift_aws_ami_tags if l_openshift_aws_ami_tags is defined and l_openshift_aws_ami_tags != {} else openshift_aws_ami_tags }}"
    36. 

  36.     wait: yes
    37. 

  37.   register: amioutput
    38. 

  38. 

  39. - debug: var=amioutput
    40. 

  40. 

  41. - when: openshift_aws_ami_encrypt | bool
    42. 

  42.   block:
    43. 

  43.   - name: augment the encrypted ami tags with source-ami
    44. 

  44.     set_fact:
    45. 

  45.       source_tag:
    46. 

  46.         source-ami: "{{ amioutput.image_id }}"
    47. 

  47. 

  48.   - name: copy the ami for encrypted disks
    49. 

  49.     include_tasks: ami_copy.yml
    50. 

  50.     vars:
    51. 

  51.       openshift_aws_ami_copy_name: "{{ openshift_aws_ami_name }}-encrypted"
    52. 

  52.       openshift_aws_ami_copy_src_ami: "{{ amioutput.image_id }}"
    53. 

  53.       # TODO: How does the kms alias get passed to ec2_ami_copy
    54. 

  54.       openshift_aws_ami_copy_kms_alias: "alias/{{ openshift_aws_clusterid }}_kms"
    55. 

  55.       openshift_aws_ami_copy_tags: "{{ source_tag | combine(openshift_aws_ami_tags) }}"
    56. 

  56.       # this option currently fails due to boto waiters
    57. 

  57.       # when supported this need to be reapplied
    58. 

  58.       #openshift_aws_ami_copy_wait: True
    59. 

  59. 

  60. - name: terminate temporary instance
    61. 

  61.   ec2:
    62. 

  62.     state: absent
    63. 

  63.     region: "{{ openshift_aws_region }}"
    64. 

  64.     instance_ids: "{{ instancesout.instances.0.instance_id }}"
    65.