opentelekomcloud.bastion

Panoramica Versioni Approfondimenti

OpenTelekomCloud Bastion Role

This role sets up a bastion server in the specified Virtual Private Cloud (VPC).

Requirements

Make sure that the openstacksdk is installed on the host where you are running this and that you can connect to the OpenTelekomCloud (OTC).

Role Variables

Here are the variables you can use, along with their default values (see defaults/main.yml):

  • prefix: test- (should be changed)

  • domain_name: example.com (to create the full server name and metadata, should be changed)

  • server_name: bastion

  • server_subnet: "default-subnet" (should match the default value from the network configuration)

  • server_net: "{{ (prefix + 'otc-net') }}" (should match the default value from the network configuration)

  • security_group: "{{ (prefix + 'bastion_sg') }}" (uses an existing security group if the names are the same; otherwise, a new one will be created)

  • server_fqdn: "{{ (server_name + '.' + domain_name) }}"

  • server_image: "Standard_Fedora_29_latest"

  • server_flavor: "s2.large.1"

  • server_ssh_user: "linux"

  • server_volume_size: 10

  • assign_floating_ip: True

  • fixed_floating_ip: ""

  • server_keypair_name: "{{ (prefix + 'common-KeyPair') }}" (use an existing key pair or create a new one from a file; consider the variable ansible_ssh_private_key_file)

  • ansible_ssh_private_key_file: "{{ ('~/.ssh/' + server_keypair_name + '.pem') }}" (path to private key file)

  • bastion_python: "/usr/bin/env python3" (optional Python version for Ansible connection on the bastion)

  • state: present (to create the server; use absent to delete it)

You can also specify the availability zone with this variable:

  • availability_zone: "eu-de-03" (leave out if not needed)

Dependencies

None.

Example Playbook

Here's an example of how to use this role:

- hosts: localhost
  roles:
    - opentelekomcloud.bastion

To delete resources easily, set state to absent:

- hosts: localhost
  roles:
    - { role: opentelekomcloud.bastion, state: 'absent'}

A more advanced example:

- hosts: localhost
  vars:
    security_group: my_bastion_sg
    server_net: my_network_name 
    server_keypair_name: my_existing_public_key
    server_name: 'my_bastion_host'
    domain_name: 'my-domain.com'
  roles:
    - { role: opentelekomcloud.bastion, state: 'present'}

License

Apache

Author Information

OpenTelekomCloud

Informazioni sul progetto

Manage bastion server in the VPC to provide access to servers without public IPs

role bastion cloud openstack otc system
Installa
ansible-galaxy install opentelekomcloud.bastion
GitHub repository
3 stelle
2 fork
0 problemi aperti
Licenza
apache-2.0
Download
2.7k
Proprietario
Open Telekom Cloud (T-Systems, Deutsche Telekom)
Some projects related to OpenTelekomCloud. Blueprints and whitepapers can be found at github.com/opentelekomcloud-blueprints