Deploying webserver on AWS by using Ansible-Dynamic inventory
Task Details-
Statement: Deploy Web Server on AWS through ANSIBLE!
??Provision EC2 instance through ansible.
??Retrieve the IP Address of instance using dynamic inventory concept.
??Configure the web server through ansible!
??Create role for webserver to customize the Instance and deploy the webpage to root directory.
Let's start the process -
- First I am checking that Ansible has installed in controller node or not. So in our case Ansible has been installed.
- ansible --version -------> This command shows Ansible version that is installed on your system and also display config file location that is used by Ansible.
2. Now I have already created one key having name mykey1122.pem. What I am doing is I have copied the key to my controller node of Ansible and putting it in root directory. and changing the permissions of key to 400.
- chmod 400 key_name ------> This will change the permission of key to 400.
3. So now I am in the in config file of Ansible. Here I pass my inventory location , roles path where I will create role for launching ec2-instance and for configuring the instance as a server, private key location so that Ansible can do ssh to ec2 instance with the help of this key for configuring it, remote-user=root.
- I have used "sudo" become method for privileges escalation with become user = root.
- 4 . Here I have created one folder for dynamic inventory at this location - /etc/task2-ansible/inventory .In this folder our dynamic inventory file exists that help to retrieve the IP of ec2-instance dynamically .
5. So , I have downloaded the dynamic inventory file from github having name "ec2.py".
chmod +x on a file (your script) only means, that you'll make it executable - chmod +x ec2.py
6. After making the file executable we have to pass AWS_ACCESS_KEY_ID , AWS_SECRET_ACCESS_KEY and AWS_DEFAULT_REGION WITH USING export command.
- So we are providing AWS IAM credentials so that Dynamic inventory will use these credentials for retrieving the IP of ec2-instance dynamically.
- ./ec2.py --list -------> It means list out the instance running on AWS . so you can see currently there are no instance running that's why they are not showing any IP here .
7. At this location /etc/task2-ansible I have created one folder for dynamic inventory now I have created one more folder having name "roles" .
- ansible-galaxy init ec2-instance - It will create one role having name ec2-instance. This role we use for launching ec2-instance.
- ansible-galaxy init webserver - It will create one role having name webserver. This role we use for configuring the instance as webserver.
- ansible-galaxy list - It will display all the roles available.
8. Now we are Configuring the Role ec2-instance : For launching EC2 instance.
9. Now edit tasks/main.yml file of ec2-instance and write below code to launch ec2 instance
10 . I have used some variables like myuser for aws_access_key and mypass for aws_secret_key.
Going to vars folder of ec2-instance role and in this folder we have file main.yml in which we provide the variable to its value. Making this file as encrypted by using ansible-vault . Because it contain access key and password so we don't want any one can see it.
Now the Role webserver : For configuring the web server.
Edit tasks/main.yml file of webserver role as:
12. Then, create a template file anurag.conf.j2 in the templates directory in web server role and write the configuration in this--
13. Also edit the handlers/main.yml file and provide service module here so if any change made in configuration file and playbook is ran again then it will restart the service
Also edit the vars/main.yml file and provide the variables here
Create two playbook in the files in the /etc/task2-ansible/playbook directory one for ec2-instance role and one for web server role.
task2-a.yml - for ec2-instance role
task2-b.yml - for webserver role
installed boto python library on the Manager Node. In our case It is already Installed.
pip3 install boto , pip3install boto3
Now Its time to run the playbooks:
Use --vault-id option in playbook and enter Vault password that if you have encrypted it earlier
Running the playbook:
Use --vault-id option in playbook and enter Vault password that if you have encrypted it earlier
Now Running the web server playbook:
We can check from AWS portal that instance has been launched .
now we can access our web page from our browser:
TASK HAS BEEN COMPLETED.
Github repo - https://github.com/anurag08-git/dynamic_inventory.git
THANKYOU ALL !!