我已成功使用此剧本创建ELB:
- name: Create VPC network
ec2_elb_lb:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
name: "ElasticLoadBalancer"
region: us-east-1
state: present
subnets: "{{ Subnet.SubnetId }}"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
register: elb
- debug: msg="{{ elb }}"
但我还需要添加HTTPS入站和HTTP出站,因此我根据ec2_elb_lb
module示例添加了一个额外的侦听器:
- name: Create VPC network
ec2_elb_lb:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
name: "ElasticLoadBalancer"
region: us-east-1
state: present
subnets: "{{ Subnet.SubnetId }}"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
- protocol: https
load_balancer_port: 443
instance_protocol: http
instance_port: 80
register: elb
- debug: msg="{{ elb }}"
运行上面的剧本后,我收到以下消息:
failed: [localhost] => {"failed": true, "parsed": false}
Traceback (most recent call last):
File "/root/.ansible/tmp/ansible-tmp-1448959476.82-159664399600608/ec2_elb_lb", line 2519, in <module>
main()
File "/root/.ansible/tmp/ansible-tmp-1448959476.82-159664399600608/ec2_elb_lb", line 693, in main
elb_man.ensure_ok()
File "/root/.ansible/tmp/ansible-tmp-1448959476.82-159664399600608/ec2_elb_lb", line 292, in ensure_ok
self._create_elb()
File "/root/.ansible/tmp/ansible-tmp-1448959476.82-159664399600608/ec2_elb_lb", line 397, in _create_elb
scheme=self.scheme)
File "/usr/lib/python2.7/site-packages/boto/ec2/elb/__init__.py", line 230, in create_load_balancer
params['Listeners.member.%d.SSLCertificateId' % i] = listener[4]
IndexError: tuple index out of range
FATAL: all hosts have already failed -- aborting
ansible --version
ansible 1.9.4
答案 0 :(得分:6)
如果您想在ELB上提供HTTPS,那么您还需要提供SSL证书。
所以你的ec2_elb_lb
任务应该是这样的:
- name: Create VPC network
ec2_elb_lb:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
name: "ElasticLoadBalancer"
region: us-east-1
state: present
subnets: "{{ Subnet.SubnetId }}"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
- protocol: https
load_balancer_port: 443
instance_protocol: http
instance_port: 80
ssl_certificate_id: "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert"
register: elb
- debug: msg="{{ elb }}"