Ansible Task-2: Launch EC2 instance and configure webserver using Ansible

Hello everyone, I am sharing this article as a task given by Mr. Vimal Daga sir and LinuxWorld under DevOps using Ansible and RH294 training. In this task I am going to configure aws ec2 instance using ansible and perform dynamic ssh to that instance and configure webserver.

# Requirements:

1) AWS Account

2) Ansible

3) Python3 and pip3

4) boto module

Task Description ???????

?? Launch an AWS instance with the help of ansible. 

?? Retrieve the public IP which is allocated to the launched instance. 

?? With the help of the retrieved Public IP configure the web server in the launched instance. 

?? Note: Every minor step should be done strictly with the help of ansible

Step-1: Create IAM user

goto aws console -> services -> add new user

Step-2: Creating security group

Here we allow ALL TRAFFIC from inboud as well as outbound

Step-3: Create vault and add IAM user access key and user secret key

add {{ username }} and {{ userpass }} variable to store access key and secret key of IAM user.

Step-4: Install boto module

To work with AWS using ansible we have to install one module named boto using pip package manager

Step-5: Writing ansible playbook to perform given task

Here we using localhost as hosts and adding credentials.yml vault file to access username userpass variable which stores IAM user credentials

- hosts: localhost
  vars_files:
  - credentials.yml
  tasks:

Now we are creating ec2 instance section here we define all required key-values to launch our ec2 instance. Here I am using pre-created ec2-key "aws-os-test1.pem" key.

  - name: launch linux os in aws
    ec2:
        key_name: "aws-os-test1"
        instance_type: "t2.micro"
        image: "ami-0ebc1ac48dfd14136"
        wait: yes
        count: 1
        vpc_subnet_id: "subnet-52cff53a"
        assign_public_ip: yes
        region: "ap-south-1"
        state: present
        group_id: "sg-06c4ced03ae7ca57b"
        aws_access_key: "{{ username }}"
        aws_secret_key: "{{ userpass }}"
    register: ec2

Now we creating group for dynamic login to ec2 instance. By dynamic login we can directly login to ec2 instance using group

  - name: adding group for dynamic login to ec2 instance
    add_host:
      hostname: "{{ item.public_ip }}"
      groupname: ec2_machine
    with_items: "{{ ec2.instances }}"

{{ item.public_ip }} will extract public ip of our launched ec2 instance

Now we perform ssh to our ec2 host machine dynamically

  - name: wait for SSH 
    wait_for:
      host: "{{ item.public_ip }}"
      port: 22
      state:  started
    with_items: "{{ ec2.instances }}"

Here we writing what we are going to perform on our ec2 machine. First we define ec2_machine group as hosts and remote user as ec2-user which is by-default user of our amazon linux os.

- hosts: ec2_machine
  remote_user: ec2-user
  become: yes
  gather_facts: no
  vars:
    ansible_ssh_private_key_file: "/root/ansible_task2/aws-os-test1.pem"

here we also include ansible_ssh_private_key_file path to perform login as key-based method.

At last we are going to setup webserver on our ec2 instance. So we have to install httpd package and start its service.

  tasks:
  - name: install httpd
    command: "yum install httpd -y"
  - copy:
      content: "Webpage launched successfully\n"
      dest: "/var/www/html/index.html"
  - service:
      name: "httpd"
      state: started

For demo page we copying some lines to /var/www/html/index.html file.

At last our code will look like this:-

---------------------------------
 - hosts: localhost
  vars_files:
  - credentials.yml

  tasks:
  - name: launch linux os in aws
    ec2:
        key_name: "aws-os-test1"
        instance_type: "t2.micro"
        image: "ami-0ebc1ac48dfd14136"
        wait: yes
        count: 1
        vpc_subnet_id: "subnet-52cff53a"
        assign_public_ip: yes
        region: "ap-south-1"
        state: present
        group_id: "sg-06c4ced03ae7ca57b"
        aws_access_key: "{{ username }}"
        aws_secret_key: "{{ userpass }}"
    register: ec2

  - name: adding group for dynamic login to ec2 instance
    add_host:
      hostname: "{{ item.public_ip }}"
      groupname: ec2_machine
    with_items: "{{ ec2.instances }}"

  - name: wait for SSH 
    wait_for:
      host: "{{ item.public_ip }}"
      port: 22
      state:  started
    with_items: "{{ ec2.instances }}"

- hosts: ec2_machine
  remote_user: ec2-user
  become: yes
  gather_facts: no
  vars:
    ansible_ssh_private_key_file: "/root/ansible_task2/aws-os-test1.pem"

  tasks:
  - name: install httpd
    command: "yum install httpd -y"

  - copy:
      content: "Webpage launched successfully\n"
      dest: "/var/www/html/index.html"

  - service:
      name: "httpd"
      state: started

----------------------------

Now run playbook:-

$ansible-playbook --ask-vault-pass ec2.yml

output will look like this:-

Code runs successfully and webpage also hosted successfully we can access it by public ip of ec2-instance.

You can copy public ip from PLAY RECAP output generated by ansible playbook :p

Github repo:-

https://github.com/Divyansh747/Ansible_Task2.git