Dynamic inventory for AWS instance ( provisioning and configuration by ansible )
Mohamed Afrid
DevOps Engineer | 3x RedHat | 1x AWS | 3x Azure | CKA | CKS | Terraform Certified
What is Ansible?
Ansible is an open-source software provisioning, configuration management, application-development tool enabling infrastructure as a code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015. Ansible is agentless, temporarily connecting remotely via SSH or Windows Remote Management (allowing remote PowerShell execution) to do its tasks.
What is AWS?
Amazon Web Services(AWS) is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy any type of application in the cloud.
These services or building blocks are designed to work with each other, and result in applications that are sophisticated and highly scalable.
Problem Statement:
Deploy Web Server on AWS through ANSIBLE!
??Provision EC2 instance through ansible.
??Retrieve the IP Address of instance using a dynamic inventory concept.
??Configure the webserver through ansible!
??Create a role for the webserver to customize the Instance and deploy the webpage to the custom documentroot directory.
Solution:
First of all, you have to tup the environment for this. For doing anything on the AWS using the local system with the help of ansible then you have to install the boto library of python. In my case, I have already installed but you can install it by typing.
pip3 install boto pip3 install boto3
Now you have to write the yaml file for provisioning the AWS instance.
- hosts: localhost
tasks:
- name: Provisioning OS from AWS (EC2)
ec2:
key_name: "ohio-afri"
instance_type: "t2.micro"
image: "ami-0a54aef4ef3b5f881"
wait: yes
count: 2
vpc_subnet_id: "subnet-27f1936b"
assign_public_ip: yes
region: "us-east-2"
state: present
group_id: "sg-0e8d8587ed3987865"
instance_tags:
provisioner: ansible
type: web-server
register: ec2os
- name: Waiting for SSH
wait_for:
host: "{{ item.public_ip }}"
port: 22
state: started
with_items: "{{ ec2os.instances }}"
- name: display the launched instance public ip
debug:
var: ec2os.instances.public_ip
Now we have to authenticate to the AWS using
# aws configure
There you have to put in the access key and secret_id so that ansible can log in into the AWS API to do the things
Now we have to find the IP of this instance by using python dynamic inventory code. So we download this code from GitHub.
wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.py wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.ini
Now we have to make these files executable. So for this, we have to type
chmod +x ec2.py chmod +x ec2.ini
Change the /etc/ansible/ansible.cfg file like below
[defaults] host_key_checking = false inventory = /root/ansible/inventory private_key_file = /root/ohio-afri.pem roles_path = /root/ansible/roles
Private key ---->> The key which is used by the ansible to login into the launched AWS instances
roles_path ---->> The custom path of the role that we are going to configure.
To check the dynamic inventory working, you can run the below command
./ec2.py --list
Now you can see that the IP is 13.127.255.119.
Now we have to set the inventory according to this IP. my inventory is present at /root/ansible/inventory.
Now we have write the ansible-playbook for configure web server on this aws instance.
- hosts: tag_type_web_server
remote_user: ec2-user
become: yes
vars:
- P_name: "httpd"
- Dest_index_www: "/var/www/html"
- Dest_index_test: "/var/www/test"
- Dest_config_file: "/etc/httpd/conf.d/"
- S_name: "httpd"
tasks:
- name: Installing apache
package:
name: "{{ P_name }}"
state: present
- name: Starting httpd services
service:
name: httpd
state: started
enabled: yes
- name: Creates /var/www/test directory
file:
path: "{{ Dest_index_test }}"
state: directory
owner: apache
group: apache
mode: 0755
- name: copying the virtual hosting config to /etc/httpd/conf.d/ folder
template:
src: test.conf
dest: "{{ Dest_config_file }}"
mode: 0755
- name: "Disable permanently SELinux"
selinux:
state: permissive
policy: targeted
- name: copying the index.html to default apache folder
copy:
src: "{{ item.source }}"
dest: "{{ item.destination }}"
mode: 0755
with_items:
- { source: 'index.html', destination: "{{ Dest_index_www }}" }
- { source: 'test.html', destination: "{{ Dest_index_test }}" }
notify:
- restart httpd
handlers:
- name: restart httpd
service:
name: "{{ S_name }}"
state: restarted
Now Everything is going good Now check all the tasks in AWS instance.
Here I have used the direct playbook, now we are going to use roles for deploying web server on top of newly launched instances
First get into /etc/ansible/roles directory, then execute the below command.
# ansible-galaxy init webserver
[root@master roles]# ll total 0 drwxr-xr-x. 10 root root 154 Aug 21 21:23 webserver [root@master roles]# cd webserver/ [root@master webserver]# ll total 4 --- -rw-r--r--. 1 root root 1328 Aug 21 21:23 README.md --- drwxr-xr-x. 2 root root 22 Aug 21 21:23 defaults --- drwxr-xr-x. 2 root root 6 Aug 21 21:23 files drwxr-xr-x. 2 root root 22 Aug 21 21:23 handlers drwxr-xr-x. 2 root root 22 Aug 21 21:23 meta drwxr-xr-x. 2 root root 22 Aug 21 21:23 tasks drwxr-xr-x. 2 root root 6 Aug 21 21:23 templates
[root@master ansible]# ansible-galaxy list
# /root/ansible/roles
- webserver, (unknown version)
Then you have to split each and every code into the respective directory like below.
Then by executing the below playbook one by one you should get your desire done.
Final Outputs:
Github URL: https://github.com/afridcloud/Ansible-tasks/blob/master/ec2-provisioner-config.yaml
Sr. DevOps Engineer
4 年Now inventory scripts were replaced with inventory plugins.