AWS Cloudformation templates: using ansible

Why ansible

We use ansible internally to do some post-installation configuration on our AWS Cloudformation instances. While the use of configuration management tools like ansible is not supported by Atlassian, we wanted to make the injection point for ansible available as a reference, for customers to use or extend for other tools, eg Puppet or Chef.

Sample repo

There is a functional example repo provided at https://bitbucket.org/atlassian/atlassian-local-ansible-example/src/master/

This sample contains a very basic implementation which will create a r53 A record with all the IP's of the application nodes created by the stack. This lets you programmatically query the nodes in your stack like so :- 

user@host:~/$ nslookup mystack.nodes.myr53hostedzone.example.com
Server:        8.8.8.8
Address:    8.8.8.8#53

Non-authoritative answer:
Name:    mystack.nodes.myr53hostedzone.example.com
Address: 10.0.0.1
Name:    mystack.nodes.myr53hostedzone.example.com
Address: 10.0.0.146
Name:    mystack.nodes.myr53hostedzone.example.com
Address: 10.0.0.243
Name:    mystack.nodes.myr53hostedzone.example.com
Address: 10.0.0.242

How to enable it

When deploying any of the product Cloudformation templates from https://bitbucket.org/atlassian/atlassian-aws-deployment/src/master/templates/ there are two relevant fields to leverage the ansible exit point.

1. You should fork the atlassian-local-ansible-exmaple repo and modify it to suit your needs
2. If your forked repo requires credentials to access, upload a ssh public key that can pull from your repo to AWS Systems Manager parameter store as a "secure string"
3. in the two Git template fields, provide the repo and paramater name
4. As your stack instantiates it will attempt to bootstrap the local-ansible repo you have referenced in the template