management.yml

- name: Create Master instances
  hosts: localhost
  gather_facts: False
  vars_files:
    - gce_vars/auth
    - gce_vars/machines
    - gce_vars/zone
  tasks:
    - name: create a disk mapped for Management Node - Centos 8
      gcp_compute_disk:
        name: master-disk-instance
        size_gb: 100
        type: pd-ssd
        source_image: "{{ image }}"
        zone: "{{ zone.za }}"
        project: "{{ gcp_project }}"
        auth_kind: "{{ gcp_cred_kind }}"
        state: present
      register: disk

    - name: create a data disk for Management Node - Centos 8
      gcp_compute_disk:
        name: master-disk-data
        size_gb: 100
        zone: "{{ zone.za }}"
        project: "{{ gcp_project }}"
        auth_kind: "{{ gcp_cred_kind }}"
        state: present
      register: disk_data


    - name: create a VPC network
      gcp_compute_network:
        name: stockchecker-subnetwork
        auto_create_subnetworks: 'true'
        project: "{{ gcp_project }}"
        auth_kind: "{{ gcp_cred_kind }}"
        service_account_file: "{{ gcp_cred_file }}"
        state: present
      register: network

    - name: create a firewall rules for VPC
      gcp_compute_firewall:
        name: stockchecker-fw-ports
        network: "{{ network }}"
        allowed:
          - ip_protocol: icmp
          - ip_protocol: tcp
            ports:
              - '22'
              - '80'
              - '443'
        target_tags:
          - management
        source_tags:
          - stockcheck
          - greeneagle
          - redis
          - elasticsearch
        source_ranges:
          - '0.0.0.0/0'
        project: "{{ gcp_project }}"
        auth_kind: "{{ gcp_cred_kind }}"
        service_account_file: "{{ gcp_cred_file }}"
        state: present
      register: firewall

    - name: create an IPv4 public IP Address
      gcp_compute_address:
        name: master-instance
        region: "{{ region }}"
        project: "{{ gcp_project }}"
        auth_kind: "{{ gcp_cred_kind }}"
        state: present
      register: address

    - name: create the Management instance
      gcp_compute_instance:
        name: master
        machine_type: "{{ machine_type }}"
        deletion_protection: yes
        disks:
          - index: 0
            auto_delete: 'no'
            boot: 'true'
            source: "{{ disk }}"
          - index: 1
            auto_delete: 'no'
            source: "{{ disk_data }}"
            type: PERSISTENT
            initialize_params:
              disk_type: pd-ssd
        labels:
          environment: production
        network_interfaces:
          - network: "{{ network }}"
            access_configs:
              - name: External NAT
                nat_ip: "{{ address }}"
                type: ONE_TO_ONE_NAT
        tags:
          items:
            - management
            - stockcheck
            - greenseagel
            - redis
            - elasticsearch
        metadata:
          ssh_user: "{{ ssh_user }}"
          ssh_key: "{{ ssh_key }}"
        zone: "{{ zone.za }}"
        project: "{{ gcp_project }}"
        auth_kind: "{{ gcp_cred_kind }}"
        state: present
      register: instance

    - name: Show Management Instance Details
      debug:
        msg: "The Master instance is accessible at {{ address.address }}"

    - name: Add master to group master
      add_host:
        name: "{{ address.address }}"
        groups: master

  post_tasks:
    - name: Wait for SSH for instance Master in first zone
      wait_for:
        delay: 30
        host: "{{ address.address }}"
        port: 22
        state: started
        timeout: 120

- hosts: master
  roles:
    - systemtools
    - apache
  gather_facts: False
  become: true
  vars:
    ansible_user: belloau
    ansible_ssh_private_key_file: ~/.ssh/id_rsa.pub
  tasks:
    - name: Adding copying pub keys
      copy:
        src: keys/id_rsa.pub
        dest: /home/belloau/.ssh/
        mode: '0600'
    - name: Copying priv-keys
      copy:
        src: keys/id_rsa
        dest: /home/belloau/.ssh/
        mode: '0600'