\u4f7f\u7528Ansible Molecule\u8fdb\u884cPlaybook\u6d4b\u8bd5\u65f6\uff0c\u5982\u679c\u5728\u4e91\u4e0a\u8fdb\u884c\u6d4b\u8bd5\uff0c\u4f7f\u7528Terraform\u6709\u4ee5\u4e0b\u597d\u5904\u3002<\/p>\n
<\/p>\n
\u5728\u8fd9\u91cc\u4ee5 AWS EC2 \u73af\u5883\u4e3a\u4f8b\u8fdb\u884c\u8bbe\u7f6e\u7684\u5c1d\u8bd5\u3002<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
.\r\n\u251c\u2500\u2500 molecule\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 default\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 common.tf.yml # terraform\u7528ec2\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb1\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 ins01.tf.yml # terraform\u7528ec2\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb2\r\n\u2502 \u2502 \r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 (common.tf.json) # common.tf.yml\u304b\u3089\u751f\u6210\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 (ins01.tf.json) # ins01.tf.yml\u304b\u3089\u751f\u6210\r\n\u2502 \u2502 \r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 (instance_conf-ins01.yml) # terraform\u4f5c\u6210\r\n\u2502 \u2502 # molecule\u306b\u9023\u643a\u3059\u308b\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3078\u306e\u63a5\u7d9a\u60c5\u5831\r\n\u2502 \u2502 \r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 (terraform.tfstate) # terraform\u4f5c\u6210\u3002\u30b9\u30c6\u30fc\u30bf\u30b9\u60c5\u5831\r\n\u2502 \u2502 \r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 molecule.yml # molecule\u5b9a\u7fa9\u60c5\u5831\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 create.yml # molecule vm\u4f5c\u6210playbook\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 prepare.yml # molecule vm\u4e8b\u524d\u6e96\u5099playbook\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 converge.yml # molecule vm\u3078\u306e\u5909\u66f4\u53cd\u6620playbook\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 verify.yml # molecule vm\u691c\u8a3cplaybook\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 destroy.yml # molecule vm\u524a\u9664playbook\r\n\u2514\u2500\u2500 tasks\r\n \u00a0\u00a0 \u2514\u2500\u2500 main.yml\r\n<\/code><\/pre>\n\u4ee5\u4e0b\u662f\u6837\u672c\u4ee3\u7801\uff1a
\nhttps:\/\/github.com\/hiroyuki-onodera\/molecule-delegated-terraform-ec2<\/p>\n
\u7b2c\u4e00\u7ae0\uff1a\u901a\u8fc7Terraform\u7ba1\u7406AWS EC2<\/h1>\n\u5728\u4e8b\u524d\u51c6\u5907\u9636\u6bb5\uff0c\u5728IAM\u4e2d\u6dfb\u52a0\u5177\u6709AmazonEC2\u5b8c\u5168\u8bbf\u95ee\u6743\u9650\u7684\u7528\u6237\u3002<\/h2>\n
\u5728AWS\u63a7\u5236\u53f0\u4e2d\uff0c\u901a\u8fc7Identity and Access Management\uff08IAM\uff09> \u7528\u6237\u83dc\u5355\u6765\u6dfb\u52a0\u7528\u6237\u3002<\/p>\n
\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u91c7\u53d6\u4ee5\u4e0b\u7684\u65b9\u5f0f<\/p>\n
\n- \n
AWS \u30a2\u30af\u30bb\u30b9\u306e\u7a2e\u985e: \u30d7\u30ed\u30b0\u30e9\u30e0\u306b\u3088\u308b\u30a2\u30af\u30bb\u30b9 – \u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u3092\u4f7f\u7528<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
\n- \n
\u30a2\u30af\u30bb\u30b9\u6a29\u9650\u306e\u5883\u754c: \u30a2\u30af\u30bb\u30b9\u6a29\u9650\u306e\u5883\u754c\u304c\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u307e\u305b\u3093<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
\n- \n
\u30a2\u30af\u30bb\u30b9\u8a31\u53ef\u306e\u8a2d\u5b9a<\/ul>\n<\/li>\n<\/ul>\n\u65e2\u5b58\u306e\u30dd\u30ea\u30b7\u30fc\u3092\u76f4\u63a5\u30a2\u30bf\u30c3\u30c1<\/p>\n
AWS \u7ba1\u7406\u30dd\u30ea\u30b7\u30fc AmazonEC2FullAccess<\/p>\n
\u5c06\u83b7\u53d6\u5230\u7684\u8bbf\u95ee\u5bc6\u94a5ID\u548c\u79d8\u5bc6\u8bbf\u95ee\u5bc6\u94a5\u8bbe\u7f6e\u4e3a\u73af\u5883\u53d8\u91cfAWS_ACCESS_KEY_ID\u548cAWS_SECRET_ACCESS_KEY\u3002<\/p>\n
\u5728Bash\u7684\u60c5\u51b5\u4e0b\u7684\u4f8b\u5b50<\/p>\n
$ cat <<EOC >> ~\/.bash_profile\r\nexport AWS_ACCESS_KEY_ID=\"....................\"\r\nexport AWS_SECRET_ACCESS_KEY=\"........................................\"\r\nEOC\r\n$ . ~\/.bash_profile\r\n<\/code><\/pre>\n\u4f7f\u7528 Terraform \u8fdb\u884c\u63d0\u4f9b\u7a0b\u5e8f\u548c\u7f51\u7edc\u5b9a\u4e49\u3002<\/h2>\n\n- \n
.tf\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u306f\u4ed6\u306e\u30e6\u30fc\u30c6\u30a3\u30ea\u30c6\u30a3\u3068\u306e\u9023\u643a\u306a\u3069\u304c\u56f0\u96e3<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
\n- \n
.tf.json\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u306f\u4eba\u304c\u76f4\u63a5\u4f7f\u7528\u3059\u308b\u306b\u306f\u96e3\u3057\u3044<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
\n- \n
\u3053\u3053\u3067\u306f\u3001.tf.json\u3092YAML\u3067\u8868\u8a18\u3057\u305f\u30d5\u30a1\u30a4\u30eb\u306b\u3066ec2\u8a2d\u5b9a\u3092\u884c\u3044\u3001terraform\u4f7f\u7528\u524d\u306bjson\u5316<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
\n- \n
\u6700\u521d\u304b\u3089.tf\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3084.tf.json\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3067\u8a18\u8ff0\u3001\u7ba1\u7406\u3059\u308b\u306a\u3089\u3070YAML\u7ba1\u7406\u306f\u4e0d\u8981<\/ul>\n<\/li>\n<\/ul>\n <\/p>\n
\n- \n
common.tf.yml \u306f\u3001provider\u3084\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5b9a\u7fa9\u306a\u3069\u500b\u5225\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306b1:1\u3067\u5bfe\u5fdc\u3057\u306a\u3044\u8a2d\u5b9a\u3092\u307e\u3068\u3081\u305f\u3082\u306e\u3002<\/ul>\n<\/li>\n<\/ul>\nVPC EC2\u5b9a\u7fa9\u306e\u5927\u90e8\u5206\u306f\u4ee5\u4e0b\u304b\u3089\u5f15\u7528\u3055\u305b\u3066\u3044\u305f\u3060\u3044\u3066\u3044\u307e\u3059\u3002\u3042\u308a\u304c\u3068\u3046\u3054\u3056\u3044\u307e\u3059\u3002<\/p>\n
Terraform\u3067VPC\u30fbEC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3092\u69cb\u7bc9\u3057\u3066ssh\u63a5\u7d9a\u3059\u308b
\nhttps:\/\/qiita.com\/kou_pg_0131\/items\/45cdde3d27bd75f1bfd5<\/p>\n
---<\/span>\r\nterraform<\/span>:<\/span>\r\n required_providers<\/span>:<\/span>\r\n aws<\/span>:<\/span>\r\n source<\/span>:<\/span> hashicorp\/aws<\/span>\r\n version<\/span>:<\/span> \"<\/span>~><\/span> 3.0\"<\/span>\r\nprovider<\/span>:<\/span>\r\n aws<\/span>:<\/span>\r\n region<\/span>:<\/span> ap-northeast-1<\/span>\r\ndata<\/span>:<\/span>\r\n aws_ami<\/span>:<\/span>\r\n ami01<\/span>:<\/span>\r\n most_recent<\/span>:<\/span> true<\/span>\r\n owners<\/span>:<\/span>\r\n -<\/span> amazon<\/span>\r\n filter<\/span>:<\/span>\r\n -<\/span> name<\/span>:<\/span> architecture<\/span>\r\n values<\/span>:<\/span>\r\n -<\/span> x86_64<\/span>\r\n -<\/span> name<\/span>:<\/span> root-device-type<\/span>\r\n values<\/span>:<\/span>\r\n -<\/span> ebs<\/span>\r\n -<\/span> name<\/span>:<\/span> name<\/span>\r\n values<\/span>:<\/span>\r\n -<\/span> amzn2-ami-hvm-*<\/span>\r\n -<\/span> name<\/span>:<\/span> virtualization-type<\/span>\r\n values<\/span>:<\/span>\r\n -<\/span> hvm<\/span>\r\n -<\/span> name<\/span>:<\/span> block-device-mapping.volume-type<\/span>\r\n values<\/span>:<\/span>\r\n -<\/span> gp2<\/span>\r\n -<\/span> name<\/span>:<\/span> state<\/span>\r\n values<\/span>:<\/span>\r\n -<\/span> available<\/span>\r\nresource<\/span>:<\/span>\r\n aws_vpc<\/span>:<\/span>\r\n vpc01<\/span>:<\/span>\r\n cidr_block<\/span>:<\/span> 10.0.0.0\/16<\/span>\r\n enable_dns_support<\/span>:<\/span> true<\/span>\r\n enable_dns_hostnames<\/span>:<\/span> true<\/span>\r\n aws_subnet<\/span>:<\/span>\r\n subnet01<\/span>:<\/span>\r\n cidr_block<\/span>:<\/span> 10.0.1.0\/24<\/span>\r\n availability_zone<\/span>:<\/span> ap-northeast-1a<\/span>\r\n vpc_id<\/span>:<\/span> \"<\/span>${aws_vpc.vpc01.id}\"<\/span>\r\n map_public_ip_on_launch<\/span>:<\/span> true<\/span>\r\n aws_internet_gateway<\/span>:<\/span>\r\n internet_gateway01<\/span>:<\/span>\r\n vpc_id<\/span>:<\/span> \"<\/span>${aws_vpc.vpc01.id}\"<\/span>\r\n aws_route_table<\/span>:<\/span>\r\n route_table01<\/span>:<\/span>\r\n vpc_id<\/span>:<\/span> \"<\/span>${aws_vpc.vpc01.id}\"<\/span>\r\n aws_route<\/span>:<\/span>\r\n route01<\/span>:<\/span>\r\n gateway_id<\/span>:<\/span> \"<\/span>${aws_internet_gateway.internet_gateway01.id}\"<\/span>\r\n route_table_id<\/span>:<\/span> \"<\/span>${aws_route_table.route_table01.id}\"<\/span>\r\n destination_cidr_block<\/span>:<\/span> 0.0.0.0\/0<\/span>\r\n aws_route_table_association<\/span>:<\/span>\r\n route_table_association01<\/span>:<\/span>\r\n subnet_id<\/span>:<\/span> \"<\/span>${aws_subnet.subnet01.id}\"<\/span>\r\n route_table_id<\/span>:<\/span> \"<\/span>${aws_route_table.route_table01.id}\"<\/span>\r\n aws_security_group<\/span>:<\/span>\r\n security_group01<\/span>:<\/span>\r\n name<\/span>:<\/span> security_group01<\/span>\r\n vpc_id<\/span>:<\/span> \"<\/span>${aws_vpc.vpc01.id}\"<\/span>\r\n aws_security_group_rule<\/span>:<\/span>\r\n in_ssh<\/span>:<\/span>\r\n security_group_id<\/span>:<\/span> \"<\/span>${aws_security_group.security_group01.id}\"<\/span>\r\n type<\/span>:<\/span> ingress<\/span>\r\n cidr_blocks<\/span>:<\/span>\r\n -<\/span> 0.0.0.0\/0<\/span>\r\n from_port<\/span>:<\/span> 22<\/span>\r\n to_port<\/span>:<\/span> 22<\/span>\r\n protocol<\/span>:<\/span> tcp<\/span>\r\n in_icmp<\/span>:<\/span>\r\n