{"id":20324668,"url":"https://github.com/gh640/ansible-gce-example-ja","last_synced_at":"2026-05-17T17:31:56.477Z","repository":{"id":74922966,"uuid":"403055383","full_name":"gh640/ansible-gce-example-ja","owner":"gh640","description":"🤖  (Japanese) Ansible で GCP Compute Engine インスタンスを操作するサンプル","archived":false,"fork":false,"pushed_at":"2021-09-06T09:07:26.000Z","size":7,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-04T10:25:35.700Z","etag":null,"topics":["ansible","compute-engine","gce","gcp","python3"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gh640.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-04T12:51:42.000Z","updated_at":"2022-02-05T13:37:02.000Z","dependencies_parsed_at":null,"dependency_job_id":"f0d86e5f-71bb-4d6b-b88f-81082b2f910f","html_url":"https://github.com/gh640/ansible-gce-example-ja","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/gh640/ansible-gce-example-ja","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gh640%2Fansible-gce-example-ja","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gh640%2Fansible-gce-example-ja/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gh640%2Fansible-gce-example-ja/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gh640%2Fansible-gce-example-ja/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gh640","download_url":"https://codeload.github.com/gh640/ansible-gce-example-ja/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gh640%2Fansible-gce-example-ja/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270982202,"owners_count":24679449,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-18T02:00:08.743Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","compute-engine","gce","gcp","python3"],"created_at":"2024-11-14T19:37:04.792Z","updated_at":"2026-05-17T17:31:51.455Z","avatar_url":"https://github.com/gh640.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ansible で GCP Compute Engine インスタンスを操作するサンプル\n\nAnsible で Compute Engine インスタンスに SSH 接続するサンプルです。\n\n接続には IAP (Identity-Aware Proxy) TCP Forwarding を使用します。\nIAP TCP Forwarding だとパブリックな IP を持たないインスタンスにも接続が可能です。\n\n参考:\n\n- [Identity-Aware Proxy (IAP) | Google Cloud](https://cloud.google.com/iap)\n- [Using IAP for TCP forwarding | Identity-Aware Proxy | Google Cloud](https://cloud.google.com/iap/docs/using-tcp-forwarding)\n\n## 必須\n\n- Python 3.9\n- Poetry 1.x\n- Ansible 4.x\n\n## ディレクトリ構成\n\n```text\ncollections/\ngroup_vars/\nplaybooks/\nsecrets/\nansible.cfg\nprod.gcp.yml\npyproject.toml\n```\n\n## セットアップ\n\n### Python パッケージをインストール\n\n```bash\npoetry install\n```\n\n### Ansible コレクションをインストール\n\n```bash\npoetry run ansible-galaxy collection install -r collections/requirements.yml\n```\n\nこのコマンドを実行すると `requirements.yml` で定義されている `google.cloud` プラグイン（ `gcp_compute` インベントリプラグインを含む）が `collections/ansible_collections` 以下にインストールされます。\n\n### インベントリファイルを作成\n\nインベントリファイルの中身を実際の情報に書き換えます。\n\n`prod.gcp.yml`:\n\n```bash\nplugin: gcp_compute\nzones:\n  - asia-northeast1-a\nprojects:\n  - my_project\nauth_kind: serviceaccount\nservice_account_file: ./secrets/gce_key_file.json\nhostnames:\n  - name\ngroups:\n  prod: \"name == 'my_instance'\"\nstrict: yes\n```\n\n最低限 `zones` `projects` `groups` を変更する必要があります。\n\n### サービスアカウントファイルを取得\n\n対象のインスタンスの操作ができるサービスアカウントのキーファイルを生成・ダウンロードして `secrets/gce_key_file.json` に保存します。\n\n`secrets/gce_key_file.json`:\n\n```json\n{\n  \"type\": \"...\",\n  \"project_id\": \"...\",\n  \"private_key_id\": \"...\",\n  \"private_key\": \"...\",\n  \"client_email\": \"...\",\n  \"client_id\": \"...\",\n  \"auth_uri\": \"...\",\n  \"token_uri\": \"...\",\n  \"auth_provider_x509_cert_url\": \"...\",\n  \"client_x509_cert_url\": \"...\"\n}\n```\n\n### Compute Engine インスタンスで IAP TCP Forwarding を有効化\n\n対象の Compute Engine インスタンスで IAP TCP Forwarding を利用できるよう設定します。\n具体的には、ファイヤウォールルールの設定やサービスアカウントに対するパーミッションの付与等を行います。\n\n参考:\n\n- [Using IAP for TCP forwarding | Identity-Aware Proxy | Google Cloud](https://cloud.google.com/iap/docs/using-tcp-forwarding)\n\n## 利用\n\nインベントリプラグイン `gcp_compute` でインスタンス情報が正しく取得できる確認します。\n\n```bash\n# すべて表示\npoetry run ansible-inventory --list \n\n# `prod` グループのみ表示\npoetry run ansible-inventory --host prod\n```\n\nサンプルプレイブックを実行します。\n\n```bash\npoetry run ansible-playbook playbooks/pwd.yml\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgh640%2Fansible-gce-example-ja","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgh640%2Fansible-gce-example-ja","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgh640%2Fansible-gce-example-ja/lists"}