add invoking terraform from ansible sample

Author: mosuke5

invoking_from_ansible_sample/README.md

@@ -0,0 +1,31 @@
+# Involiking terraform from ansible
+This is most basic sample about invoking terraform from ansible. This will create following resources. Architecture overview is [here](https://docs.google.com/presentation/d/1pqtbiJRGc3uUm8ulhMBf4SWm2WPCCrhgUInjm9DMYdc/edit#slide=id.g5512275ccb_2_0).
+1. Create VPC
+1. Create Vswitch
+1. Create Security Group and set some rules
+1. Create 3 ECS instances in Vswitch
+1. Provision httpd to these with ansible
+
+## How to use
+First you need to chnage configuration to yours and install ansible.
+```
+$ brew install ansible
+$ cd terraform
+$ cp terraform.tfvars.sample terrafrom.tfvars
+$ vim terraform.tfvars
+ => Edit variables with your favorite editor.
+```
+
+Deploy to Alibaba Cloud
+```
+$ ansible-playbook -i ./inventry.sh -u root
+Apply complete! Resources: 7 added, 0 changed, 0 destroyed.
+
+Outputs:
+
+eip = xx.xx.xx.xx
+```
+
+## Reference
+- [terraform – Manages a Terraform deployment (and plans)](https://docs.ansible.com/ansible/latest/modules/terraform_module.html)
+- [HASHICORP TERRAFORM AND RED HAT ANSIBLE AUTOMATION](https://www.redhat.com/cms/managed-files/pa-terraform-and-ansible-overview-f14774wg-201811-en.pdf)

invoking_from_ansible_sample/ansible.cfg

@@ -0,0 +1,2 @@
+[defaults]
+host_key_checking = False

invoking_from_ansible_sample/inventory.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+if [ -e terraform/terraform.tfstate ]; then
+    ip=`cat terraform/terraform.tfstate | jq '.modules[].outputs[].value' | cut -d '"' -f 2`
+    cat << EOS
+    {
+        "cloud_servers"  : [ $ip ]
+    }
+EOS
+fi

invoking_from_ansible_sample/provisioning_config.yml

@@ -0,0 +1,9 @@
+---
+- name: hoge
+  hosts: cloud_servers
+  tasks:
+  - name: be sure httpd is installed
+    yum: name=httpd state=installed
+
+  - name: be sure httpd is running and enabled
+    service: name=httpd state=started enabled=yes

invoking_from_ansible_sample/setup_cloud.yml

@@ -0,0 +1,19 @@
+---
+- hosts: 127.0.0.1
+  connection: local
+  tasks:
+  - name: Exec terraform scripts
+    terraform:
+      project_path: 'terraform/'
+      state: present
+
+  - name: Refresh inventory because of creating cloud servers
+    meta: refresh_inventory
+
+  - name: Wait for port 22 to open
+    wait_for:
+      port: 22
+      host: "{{ item }}"
+      delay: 10
+      timeout: 30
+    with_items: "{{ groups['cloud_servers'] }}"

invoking_from_ansible_sample/site.yml

@@ -0,0 +1,3 @@
+---
+- import_playbook: setup_cloud.yml
+- import_playbook: provisioning_config.yml

invoking_from_ansible_sample/terraform/outputs.tf

@@ -0,0 +1,3 @@
+output "publiv_ip" {
+    value = "${join(",",alicloud_instance.web.*.public_ip)}"
+}

invoking_from_ansible_sample/terraform/terraform.tf

@@ -0,0 +1,72 @@
+variable "access_key" {}
+variable "secret_key" {}
+variable "region" {}
+variable "zone" {}
+variable "publickey" {}
+variable "ssh_cidr" {}
+
+provider "alicloud" {
+  access_key = "${var.access_key}"
+  secret_key = "${var.secret_key}"
+  region = "${var.region}"
+}
+
+resource "alicloud_security_group" "sg" {
+  name   = "terraform-sg"
+  vpc_id = "${alicloud_vpc.vpc.id}"
+}
+
+resource "alicloud_security_group_rule" "allow_http" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "80/80"
+  priority          = 1
+  security_group_id = "${alicloud_security_group.sg.id}"
+  cidr_ip           = "0.0.0.0/0"
+}
+
+resource "alicloud_security_group_rule" "allow_ssh" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "22/22"
+  priority          = 1
+  security_group_id = "${alicloud_security_group.sg.id}"
+  cidr_ip           = "${var.ssh_cidr}"
+}
+
+resource "alicloud_vpc" "vpc" {
+  name = "terraform-vpc"
+  cidr_block = "192.168.1.0/24"
+}
+
+resource "alicloud_vswitch" "vsw" {
+  vpc_id            = "${alicloud_vpc.vpc.id}"
+  cidr_block        = "192.168.1.0/28"
+  availability_zone = "${var.zone}"
+}
+
+resource "alicloud_instance" "web" {
+  count = 3
+  instance_name = "terraform-ecs"
+  availability_zone = "${var.zone}"
+  image_id = "centos_7_3_64_40G_base_20170322.vhd"
+  instance_type = "ecs.n4.small"
+  system_disk_category = "cloud_efficiency"
+  security_groups = ["${alicloud_security_group.sg.id}"]
+  vswitch_id = "${alicloud_vswitch.vsw.id}"
+  internet_max_bandwidth_out = 10
+}
+
+resource "alicloud_key_pair" "key" {
+  key_name = "my_public_key"
+  public_key = "${var.publickey}"
+}
+
+resource "alicloud_key_pair_attachment" "attach" {
+  key_name = "${alicloud_key_pair.key.id}"
+  instance_ids = ["${alicloud_instance.web.*.id}"]
+}

invoking_from_ansible_sample/terraform/terraform.tfvars.sample

@@ -0,0 +1,6 @@
+access_key = "xxxxxxxxxxxxxxxxxx"
+secret_key = "xxxxxxxxxxxxxxxxxx"
+region = "ap-northeast-1"
+zone = "ap-northeast-1a"
+ssh_cidr = "xx.xx.xx.xx/xx"
+publickey = "xxxxxxxxxxx"