Merge pull request #125 from gravesm/ec2-experience

hakbailey · patchback[bot] · commit 86cd3b0bfba8 · 2025-01-24T15:44:02.000Z
Add pattern for creating EC2 instance (cherry picked from commit 0237835)
diff --git a/extensions/patterns/configure_ec2/README.md b/extensions/patterns/configure_ec2/README.md
@@ -0,0 +1,53 @@
+# Configure EC2 Instance Pattern
+
+## Description
+
+This pattern is designed to help get an EC2 instance up and running.
+
+## What This Pattern Covers
+
+### Projects
+
+- **AWS Operations / Configure EC2 Instance Pattern Project**: Defined in `setup.yml`, this project helps organize and manage all necessary components for the Configure EC2 Instance pattern. It ensures that relevant files, roles, and configurations are logically arranged, making it easier to maintain and execute automation tasks.
+
+### Job Templates
+
+- **AWS Operations / Create EC2 Instance**: This job template is designed to streamline the process of creating an EC2 instance.
+- **AWS Operations / Terminate EC2 Instance**: This job template is designed to streamline the process of terminating (deleting) an EC2 instance.
+
+### Playbooks
+
+- **Create EC2 Instance Playbook**: This playbook creates an EC2 instance with optional networking configurations.
+- **Terminate EC2 Instance Playbook**: This playbook terminates (deletes) an existing EC2 instance and associated networking resources.
+
+### Surveys
+
+- **Create EC2 Instance Survey**: This survey provides an interactive way to specify parameters for creating the EC2 instance.
+- **Terminate EC2 Instance Survey**: This survey provides an interactive way to specify parameters for terminating the EC2 instance.
+
+## Resources Created by This Pattern
+
+1. **Project**
+   - Ensures that all relevant files, roles, and configurations are logically arranged, facilitating easier maintenance and execution of automation tasks.
+
+2. **Job Templates**
+    - Outline the necessary parameters and configurations to perform network backups using the provided playbooks.
+    - Provide surveys for specifying parameters needed to run the job templates.
+
+## How to Use
+
+1. **Use Seed Red Hat Pattern Job**
+    - Ensure the custom EE is correctly built and available in your Ansible Automation Platform. Execute the "Seed Red Hat Pattern" job within the Ansible Automation Platform, and select the "AWS Operations" category to load this pattern.
+
+2. **Use the Job Templates**
+    - In the `AWS Operations / EC2 Instance Patterns` execute the required job template to create the EC2 instance. Monitor the job execution and verify that the instance has been successfully created.
+
+## Contribution
+
+Contributions to this project are welcome. Please fork the repository, make your changes, and submit a pull request.
+
+## License
+
+GNU General Public License v3.0 or later.
+
+See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. This project is licensed under the MIT License. See the [LICENSE](https://github.com/redhat-cop/cloud.aws_ops/blob/main/LICENSE) file for details.
diff --git a/extensions/patterns/configure_ec2/exec_env/execution-environment.yml b/extensions/patterns/configure_ec2/exec_env/execution-environment.yml
@@ -0,0 +1,29 @@
+---
+version: 3
+
+dependencies:
+  ansible_core:
+    package_pip: ansible-core
+  ansible_runner:
+    package_pip: ansible-runner
+  galaxy:
+    collections:
+      - name: cloud.aws_ops
+        source: https://github.com/redhat-cop/cloud.aws_ops.git
+        type: git
+        version: main
+      - name: amazon.aws
+        source: https://github.com/ansible-collections/amazon.aws.git
+        type: git
+        version: main
+  python:
+    - boto3
+    - botocore
+
+images:
+  base_image:
+    name: docker.io/redhat/ubi9:latest
+
+additional_build_steps:
+  append_base: |
+    RUN yum install -y git
diff --git a/extensions/patterns/configure_ec2/playbooks/create_ec2_instance.yml b/extensions/patterns/configure_ec2/playbooks/create_ec2_instance.yml
@@ -0,0 +1,58 @@
+---
+- name: Create EC2 instance
+  hosts: localhost
+  gather_facts: false
+  module_defaults:
+    group/aws:
+      aws_region: "{{ aws_region }}"
+  tasks:
+    - name: Get security group rules list from string input
+      ansible.builtin.set_fact:
+        sg_rules_list: "{{ sg_rules | from_yaml }}"
+
+    - name: Add external access rules to security group rules if needed
+      ansible.builtin.set_fact:
+        final_sg_rules: "{{ create_external_access_resources | ternary(sg_rules_list + allow_external_access_sg_rules, sg_rules_list) }}"
+
+    - name: Get RHEL 9 AMI ID if needed
+      when: ami_id | default("", true) == ""
+      block:
+        - name: Get RHEL-9 images
+          amazon.aws.ec2_ami_info:
+            filters:
+              architecture: x86_64
+              name: "RHEL-9*"
+            owner:
+              - amazon
+          register: images
+        - name: Update ami_id variable
+          ansible.builtin.set_fact:
+            ami_id: "{{ (images.images | sort(attribute='name') | last).image_id }}"
+
+    - name: Create networking resources
+      ansible.builtin.include_role:
+        name: cloud.aws_ops.ec2_networking_resources
+      vars:
+        ec2_networking_resources_operation: create
+        ec2_networking_resources_vpc_name: "{{ vpc_name }}"
+        ec2_networking_resources_vpc_cidr_block: "{{ vpc_cidr }}"
+        ec2_networking_resources_subnet_cidr_block: "{{ subnet_cidr }}"
+        ec2_networking_resources_sg_name: "{{ sg_name }}"
+        ec2_networking_resources_sg_description: "{{ sg_description }}"
+        ec2_networking_resources_sg_rules: "{{ final_sg_rules }}"
+        ec2_networking_resources_create_igw: "{{ create_external_access_resources }}"
+
+    - name: Create EC2 instance
+      ansible.builtin.include_role:
+        name: cloud.aws_ops.manage_ec2_instance
+      vars:
+        manage_ec2_instance_operation: create
+        manage_ec2_instance_instance_name: "{{ instance_name }}"
+        manage_ec2_instance_instance_type: "{{ instance_type }}"
+        manage_ec2_instance_ami_id: "{{ ami_id }}"
+        manage_ec2_instance_key_name: "{{ key_name }}"
+        manage_ec2_instance_vpc_subnet_id: "{{ ec2_networking_resources_subnet_result.subnet.id }}"
+        manage_ec2_instance_wait_for_state: "{{ wait_for_state | bool }}"
+        manage_ec2_instance_associate_security_groups: "{{ [sg_name] }}"
+        manage_ec2_instance_associate_eip: "{{ create_external_access_resources }}"
+        manage_ec2_instance_instance_tags: "{{ instance_tags | default('{}', true) | from_json }}"
diff --git a/extensions/patterns/configure_ec2/playbooks/group_vars/all.yml b/extensions/patterns/configure_ec2/playbooks/group_vars/all.yml
@@ -0,0 +1,20 @@
+key_name: "{{ instance_name }}-key"
+wait_for_state: true
+vpc_name: "{{ instance_name }}-vpc"
+vpc_cidr: 10.0.0.0/24
+subnet_cidr: 10.0.0.0/25
+sg_name: "{{ instance_name }}-sg"
+sg_description: "Security group for EC2 instance {{ instance_name }}"
+sg_rules:
+  - proto: tcp
+    ports: 22
+    cidr_ip: "{{ vpc_cidr }}"
+external_access: true
+create_external_access_resources: "{{ external_access | bool }}"
+allow_external_access_sg_rules:
+  - proto: tcp
+    ports: 80
+    cidr_ip: 0.0.0.0/0
+  - proto: tcp
+    ports: 443
+    cidr_ip: 0.0.0.0/0
diff --git a/extensions/patterns/configure_ec2/playbooks/terminate_ec2_instance.yml b/extensions/patterns/configure_ec2/playbooks/terminate_ec2_instance.yml
@@ -0,0 +1,24 @@
+---
+- name: Terminate EC2 instance
+  hosts: localhost
+  gather_facts: false
+  module_defaults:
+    group/aws:
+      aws_region: "{{ aws_region }}"
+  tasks:
+    - name: Set manage_ec2_instance role vars
+      ansible.builtin.set_fact:
+        manage_ec2_instance_operation: delete
+        manage_ec2_instance_instance_name: "{{ instance_name }}"
+        manage_ec2_instance_key_name: "{{ key_name | default(omit, true) }}"
+
+    - name: Delete EC2 instance
+      ansible.builtin.include_role:
+        name: cloud.aws_ops.manage_ec2_instance
+
+    - name: Delete networking resources
+      ansible.builtin.include_role:
+        name: cloud.aws_ops.ec2_networking_resources
+      vars:
+        ec2_networking_resources_operation: delete
+        ec2_networking_resources_vpc_name: "{{ vpc_name }}"
diff --git a/extensions/patterns/configure_ec2/setup.yml b/extensions/patterns/configure_ec2/setup.yml
@@ -0,0 +1,61 @@
+---
+controller_labels:
+  - name: cloud.aws_ops
+    organization: "{{ organization | default('Default') }}"
+  - name: configure_ec2_pattern
+    organization: "{{ organization | default('Default') }}"
+  - name: create_ec2_instance
+    organization: "{{ organization | default('Default') }}"
+  - name: terminate_ec2_instance
+    organization: "{{ organization | default('Default') }}"
+
+controller_projects:
+  - name: AWS Operations / Configure EC2 Instance Pattern Project
+    organization: "{{ organization | default('Default') }}"
+    scm_branch: main
+    scm_clean: false
+    scm_delete_on_update: false
+    scm_type: git
+    scm_update_on_launch: true
+    scm_url: https://github.com/redhat-cop/cloud.aws_ops.git
+
+controller_templates:
+  - name: AWS Operations / Create EC2 Instance
+    description: This job template creates an EC2 instance and associated networking resources.
+    ask_inventory_on_launch: true
+    ask_credential_on_launch: true
+    ask_verbosity_on_launch: true
+    execution_environment: AWS Operations / Configure EC2 Instance Pattern Execution Environment
+    project: AWS Operations / Configure EC2 Instance Pattern Project
+    playbook: extensions/patterns/configure_ec2/playbooks/create_ec2_instance.yml
+    job_type: run
+    organization: "{{ organization | default('Default') }}"
+    labels:
+      - cloud.aws_ops
+      - configure_ec2_pattern
+      - create_ec2_instance
+    survey_enabled: true
+    survey_spec: "{{ lookup('file', pattern.path.replace('setup.yml', '') + 'template_surveys/create_ec2_instance.yml') | from_yaml }}"
+
+  - name: AWS Operations / Terminate EC2 Instance
+    description: This job template terminates an EC2 instance and its associated networking resources.
+    ask_inventory_on_launch: true
+    ask_credential_on_launch: true
+    ask_verbosity_on_launch: true
+    execution_environment: AWS Operations / Configure EC2 Instance Pattern Execution Environment
+    project: AWS Operations / Configure EC2 Instance Pattern Project
+    playbook: extensions/patterns/configure_ec2/playbooks/terminate_ec2_instance.yml
+    job_type: run
+    organization: "{{ organization | default('Default') }}"
+    labels:
+      - cloud.aws_ops
+      - configure_ec2_pattern
+      - terminate_ec2_instance
+    survey_enabled: true
+    survey_spec: "{{ lookup('file', pattern.path.replace('setup.yml', '') + 'template_surveys/terminate_ec2_instance.yml') | from_yaml }}"
+
+controller_execution_environments:
+  - name: AWS Operations / Configure EC2 Instance Pattern Execution Environment
+    description: Execution environment for the Configure EC2 Instance Pattern
+    image: docker.io/hakbailey/aws_ops-ee:latest
+    pull: always
diff --git a/extensions/patterns/configure_ec2/template_rhdh/configure_ec2.yml b/extensions/patterns/configure_ec2/template_rhdh/configure_ec2.yml
diff --git a/extensions/patterns/configure_ec2/template_surveys/create_ec2_instance.yml b/extensions/patterns/configure_ec2/template_surveys/create_ec2_instance.yml
@@ -0,0 +1,97 @@
+---
+name: Create EC2 Instance Survey
+description: Survey to configure the EC2 instance creation pattern
+spec:
+  - type: text
+    question_name: AWS Region
+    question_description: AWS region where resources should be created
+    variable: aws_region
+    required: true
+
+  - type: text
+    question_name: Instance Name
+    question_description: Name of EC2 instance to create
+    variable: instance_name
+    required: true
+
+  - type: text
+    question_name: Instance Type
+    question_description: Type of EC2 instance to create (e.g., t2.micro, m5.large)
+    variable: instance_type
+    required: true
+
+  - type: text
+    question_name: AMI ID
+    question_description: Amazon Machine Image (AMI) ID to use for the instance, if not provided will default to the RHEL 9 AMI for the provided region and instance type
+    variable: ami_id
+    required: false
+
+  - type: text
+    question_name: Key Pair Name
+    question_description: Name of key pair to use or create for SSH access to the EC2 instance. Defaults to '{{ instance_name }}-key'
+    variable: key_name
+    required: false
+
+  - type: multiplechoice
+    question_name: Wait for State
+    question_description: Whether to wait for the EC2 instance to be in the running state before continuing. Defaults to true
+    variable: wait_for_state
+    required: false
+    choices:
+      - "true"
+      - "false"
+
+  - type: text
+    question_name: Instance Tags
+    question_description: 'A dict of tags for the instance, e.g. {"environment: test", "owner": "team foobar"}'
+    variable: instance_tags
+    required: false
+
+  - type: text
+    question_name: VPC Name
+    question_description: Name of the VPC to create. Defaults to '{{instance_name}}-vpc'
+    variable: vpc_name
+    required: false
+
+  - type: text
+    question_name: VPC CIDR Block
+    question_description: CIDR block to use for the VPC being created. Defaults to 10.0.0.0/24
+    variable: vpc_cidr
+    required: false
+
+  - type: text
+    question_name: Subnet CIDR block
+    question_description: CIDR block to use for the subnet being created. 10.0.0.0/25
+    variable: subnet_cidr
+    required: false
+
+  - type: text
+    question_name: Security Group Name
+    question_description: Name of the security group to create for securing traffic to the instance. Defaults to '{{ instance_name }}-sg'
+    variable: sg_name
+    required: false
+
+  - type: text
+    question_name: Security Group Description
+    question_description: Description for the security group. Defaults to 'Security group for EC2 instance {{ instance_name }}'
+    variable: sg_description
+    required: false
+
+  - type: textarea
+    question_name: Security Group Rules
+    question_description: "A list of security group rules in yaml format, e.g.:
+      - proto: tcp
+        ports: 80
+        cidr_ip: 0.0.0.0/0
+      Defaults to allowing SSH access from within the VPC"
+    variable: sg_rules
+    required: false
+
+  - type: multiplechoice
+    question_name: Create External Access Resources
+    question_description: Whether to create resources for external access to the EC2 instance. Defaults to true. When true, adds security groups rules allowing inbound HTTP and HTTPS traffic, creates an internet gateway, creates a custom route table routing all internet traffic to the gateway, and allocates an elastic IP address for the instance.
+    variable: external_access
+    required: false
+    choices:
+      - "true"
+      - "false"
diff --git a/extensions/patterns/configure_ec2/template_surveys/terminate_ec2_instance.yml b/extensions/patterns/configure_ec2/template_surveys/terminate_ec2_instance.yml
@@ -0,0 +1,27 @@
+---
+name: Terminate EC2 Instance Survey
+description: Survey to configure the EC2 instance termination pattern
+spec:
+  - type: text
+    question_name: AWS Region
+    question_description: Name of AWS region to create instance in
+    variable: aws_region
+    required: true
+
+  - type: text
+    question_name: Instance Name
+    question_description: Name of EC2 instance
+    variable: instance_name
+    required: true
+
+  - type: text
+    question_name: Key Pair Name
+    question_description: Name of key pair for instance, include to delete key pair created with other instance resources. Defaults to '{{ instance_name }}-key'
+    variable: key_name
+    required: false
+
+  - type: text
+    question_name: VPC Name
+    question_description: Name of the VPC to delete, include to delete VPC and associated networking resources created for instance. Defaults to '{{instance_name}}-vpc'
+    variable: vpc_name
+    required: false
