Download the Guru IA app
Android and iOS
João
Se eu passo isso: data "aws_caller_identity" "main" {} data...
Se eu passo isso: data "aws_caller_identity" "main" {}
data "aws_ami" "amazon_linux_2023" {
most_recent = true
owners = ["amazon"]
filter {
name = "name"
values = ["al2023-ami-2023.*-x86_64"]
}
filter {
name = "architecture"
values = ["x86_64"]
}
}
resource "tls_private_key" "main" {
algorithm = "RSA"
rsa_bits = 2048
}
resource "aws_key_pair" "main" {
key_name = "var.prefix−{var.identifier}-${var.context}-key-pair"
public_key = tls_private_key.main.public_key_openssh
}
resource "local_file" "private_key" {
content = tls_private_key.main.private_key_pem
filename = "path.module/keys/{var.prefix}-var.identifier−{var.context}-key-pair.pem"
file_permission = "0600"
}
resource "aws_instance" "main" {
ami = data.aws_ami.amazon_linux_2023.id
instance_type = "t2.micro"
subnet_id = var.subnet_id
key_name = aws_key_pair.main.key_name
cpu_options {
core_count = 1
threads_per_core = 2
}
provisioner "local-exec" {
command = <<EOF
ansible-playbook -i 'self.publicip,′../ansible/playbook.yaml −−extra−vars′ansibleuser=ec2−useransiblesshprivatekeyfile={local_file.private_key.filename} aws_region=var.regionecraccountid={data.aws_caller_identity.main.id} ecr_repository=var.ecrrepositoryimagetag=latestcontainername={local.container_name} container_port=local.containerporthostport={local.host_port}'
EOF
environment = {
ANSIBLE_HOST_KEY_CHECKING = "False"
}
}
tags = {
Name = "var.prefix−{var.identifier}-${var.context}"
}
}
resource "null_resource" "execute_ansible" {
triggers = {
always_run = "${timestamp()}"
}
depends_on = [aws_instance.main]
provisioner "local-exec" {
command = "ansible-playbook -i 'awsinstance.main.publicip,′../seuplaybook.yml−−extra−vars′ansibleuser=ec2−useransiblesshprivatekeyfile={local_file.private_key.filename}'"
environment = {
ANSIBLE_HOST_KEY_CHECKING = "False"
}
}
}
E o meu arquivo playbook é assim, isso funciona? ---
-
name: Baixar e executar imagem do ECR em uma instância EC2
hosts: all
become: true
vars:
aws_region: "regiao_do_seu_ecr"
ecr_account_id: "id_da_sua_conta_ecr"
ecr_repository: "meurepositorio"
image_tag: "tag_da_imagem"
container_name: "nome_do_seu_container"
container_port: "4000"
host_port: "4000"
tasks:
-
name: Autenticar com o ECR
community.aws.aws_ecr_login:
region: "{{ aws_region }}"
profile: your_aws_profile # Opcional: especifica um perfil AWS configurado no arquivo ~/.aws/credentials. Remova ou substitua conforme necessário.
register: ecr_login
-
name: Baixar a imagem do ECR
community.general.docker_image:
name: "{{ ecr_account_id }}.dkr.ecr.{{ aws_region }}.amazonaws.com/{{ ecr_repository }}:{{ image_tag }}"
source: pull
-
name: Executar o contêiner
community.general.docker_container:
name: "{{ container_name }}"
image: "{{ ecr_account_id }}.dkr.ecr.{{ aws_region }}.amazonaws.com/{{ ecr_repository }}:{{ image_tag }}"
state: started
ports:
- "{{ host_port }}:{{ container_port }}"
restart_policy: always
Se eu passo isso: data "aws_caller_identity" "main" {}
data "aws_ami" "amazon_linux_2023" { most_recent = true owners = ["amazon"]
filter { name = "name" values = ["al2023-ami-2023.*-x86_64"] }
filter { name = "architecture" values = ["x86_64"] } }
resource "tls_private_key" "main" { algorithm = "RSA" rsa_bits = 2048 }
resource "aws_key_pair" "main" { key_name = "var.prefix−{var.identifier}-${var.context}-key-pair" public_key = tls_private_key.main.public_key_openssh }
resource "local_file" "private_key" { content = tls_private_key.main.private_key_pem filename = "path.module/keys/{var.prefix}-var.identifier−{var.context}-key-pair.pem" file_permission = "0600" }
resource "aws_instance" "main" { ami = data.aws_ami.amazon_linux_2023.id instance_type = "t2.micro" subnet_id = var.subnet_id key_name = aws_key_pair.main.key_name
cpu_options { core_count = 1 threads_per_core = 2 }
provisioner "local-exec" { command = <<EOF ansible-playbook -i 'self.publicip,′../ansible/playbook.yaml −−extra−vars′ansibleuser=ec2−useransiblesshprivatekeyfile={local_file.private_key.filename} aws_region=var.regionecraccountid={data.aws_caller_identity.main.id} ecr_repository=var.ecrrepositoryimagetag=latestcontainername={local.container_name} container_port=local.containerporthostport={local.host_port}' EOF environment = { ANSIBLE_HOST_KEY_CHECKING = "False" } }
tags = { Name = "var.prefix−{var.identifier}-${var.context}" } }
resource "null_resource" "execute_ansible" { triggers = { always_run = "${timestamp()}" }
depends_on = [aws_instance.main]
provisioner "local-exec" { command = "ansible-playbook -i 'awsinstance.main.publicip,′../seuplaybook.yml−−extra−vars′ansibleuser=ec2−useransiblesshprivatekeyfile={local_file.private_key.filename}'" environment = { ANSIBLE_HOST_KEY_CHECKING = "False" } } } E o meu arquivo playbook é assim, isso funciona? ---
-
name: Baixar e executar imagem do ECR em uma instância EC2 hosts: all become: true vars: aws_region: "regiao_do_seu_ecr" ecr_account_id: "id_da_sua_conta_ecr" ecr_repository: "meurepositorio" image_tag: "tag_da_imagem" container_name: "nome_do_seu_container" container_port: "4000" host_port: "4000"
tasks:
-
name: Autenticar com o ECR community.aws.aws_ecr_login: region: "{{ aws_region }}" profile: your_aws_profile # Opcional: especifica um perfil AWS configurado no arquivo ~/.aws/credentials. Remova ou substitua conforme necessário. register: ecr_login
-
name: Baixar a imagem do ECR community.general.docker_image: name: "{{ ecr_account_id }}.dkr.ecr.{{ aws_region }}.amazonaws.com/{{ ecr_repository }}:{{ image_tag }}" source: pull
-
name: Executar o contêiner community.general.docker_container: name: "{{ container_name }}" image: "{{ ecr_account_id }}.dkr.ecr.{{ aws_region }}.amazonaws.com/{{ ecr_repository }}:{{ image_tag }}" state: started ports: - "{{ host_port }}:{{ container_port }}" restart_policy: always
-
Ask a question and receive an answer instantly
Do you prefer an expert tutor to solve your activity?
- Receive your completed work by the deadline
- Chat with the tutor.
- 7-day error guarantee