AWS support for existing EIP (revised) (#1292)

* Support for associating to existing AWS Elastic IP

Signed-off-by: Elliot Murphy <[email protected]>

* Backport ec2_eip_facts module for EIP support

This means that EIP support no longer requires Ansible 2.6
The local fact module has been named ec2_elasticip_facts
to avoid conflict with the ec2_eip_facts module whenever
the Ansible 2.6 upgrade takes place.

Signed-off-by: Elliot Murphy <[email protected]>

* Update from review feedback.

Signed-off-by: Elliot Murphy <[email protected]>

* Move to the native module. Add additional condition for existing Elastic IP

Author: statik

config.cfg

@@ -131,9 +131,12 @@ cloud_providers:
     size: s-1vcpu-1gb
     image: "ubuntu-18-04-x64"
   ec2:
-  # Change the encrypted flag to "true" to enable AWS volume encryption, for encryption of data at rest.
-  # Warning: the Algo script will take approximately 6 minutes longer to complete.
+    # Change the encrypted flag to "true" to enable AWS volume encryption, for encryption of data at rest.
+    # Warning: the Algo script will take approximately 6 minutes longer to complete.
     encrypted: false
+    # Set use_existing_eip to "true" if you want to use a pre-allocated Elastic IP
+    # Additional prompt will be raised to determine which IP to use
+    use_existing_eip: true
     size: t2.micro
     image:
       name: "ubuntu-bionic-18.04"

roles/cloud-ec2/defaults/main.yml

@@ -5,3 +5,4 @@ ec2_vpc_nets:
   cidr_block: 172.16.0.0/16
   subnet_cidr: 172.16.254.0/23
 ec2_venv: "{{ playbook_dir }}/configs/.venvs/aws"
+existing_eip: ""

roles/cloud-ec2/files/stack.yaml

@@ -11,6 +11,12 @@ Parameters:
     Type: String
   WireGuardPort:
     Type: String
+  UseThisElasticIP:
+    Type: String
+    Default: ''
+Conditions:
+  AllocateNewEIP: !Equals [!Ref UseThisElasticIP, '']
+  AssociateExistingEIP: !Not [!Equals [!Ref UseThisElasticIP, '']]
 Resources:
   VPC:
     Type: AWS::EC2::VPC
@@ -175,13 +181,22 @@ Resources:
 
   ElasticIP:
     Type: AWS::EC2::EIP
+    Condition: AllocateNewEIP
     Properties:
       Domain: vpc
       InstanceId: !Ref EC2Instance
     DependsOn:
       - EC2Instance
       - VPCGatewayAttachment
 
+  ElasticIPAssociation:
+    Type: AWS::EC2::EIPAssociation
+    Condition: AssociateExistingEIP
+    Properties:
+      AllocationId: !Ref UseThisElasticIP
+      InstanceId: !Ref EC2Instance
+
+
 Outputs:
   ElasticIP:
-    Value: !Ref ElasticIP
+    Value: !GetAtt [EC2Instance, PublicIp]

roles/cloud-ec2/tasks/cloudformation.yml

@@ -12,6 +12,7 @@
       PublicSSHKeyParameter: "{{ lookup('file', SSH_keys.public) }}"
       ImageIdParameter: "{{ ami_image }}"
       WireGuardPort: "{{ wireguard_port }}"
+      UseThisElasticIP: "{{ existing_eip }}"
     tags:
       Environment: Algo
   register: stack

roles/cloud-ec2/tasks/prompts.yml

@@ -53,3 +53,25 @@
         [{{ default_region }}]
     register: _algo_region
   when: region is undefined
+
+- block:
+  - name: Get existing available Elastic IPs
+    ec2_eip_facts:
+    register: raw_eip_addresses
+
+  - set_fact:
+      available_eip_addresses: "{{ raw_eip_addresses.addresses | selectattr('association_id', 'undefined') | list }}"
+
+  - pause:
+      prompt: >-
+        What Elastic IP would you like to use?
+          {% for eip in available_eip_addresses %}
+          {{ loop.index }}. {{ eip['public_ip'] }}
+          {% endfor %}
+
+        Enter the number of your desired Elastic IP
+    register: _use_existing_eip
+
+  - set_fact:
+      existing_eip: "{{ available_eip_addresses[_use_existing_eip.user_input | int -1 ]['allocation_id'] }}"
+  when: cloud_providers.ec2.use_existing_eip