Managing AWS Service Dynamically using Ansible i.e without Knowing IP of OS by using Dynamic inventory
In this Article we are going to discuss how we use AWS services using Ansible Let first discuss and know about the Technology and Tools we are going to use .
Ansible
Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows
Unlike most configuration-management software, Ansible does not require a single controlling machine where orchestration begins. Ansible works against multiple systems in your infrastructure by selecting portions of Ansible’s inventory, stored as edit-able, version-able ASCII text files. Not only is this inventory configurable, but you can also use multiple inventory files at the same time and pull inventory from dynamic or cloud sources or different formats (YAML, INI, etc). Any machine with Ansible utilities installed can leverage a set of files/directories to orchestrate other nodes. The absence of a central-server requirement greatly simplifies disaster-recovery planning. Nodes are managed by this controlling machine — typically over SSH. The controlling machine describes the location of nodes through its inventory.Sensitive data can be stored in encrypted files using Ansible Vault
AWS
Amazon Web Services (AWS) is a subsidiary of Amazon providing on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. These cloud computing web services provide a variety of basic abstract technical infrastructure and distributed computing building blocks and tools. One of these services is Amazon Elastic Compute Cloud (EC2), which allows users to have at their disposal a virtual cluster of computers, available all the time, through the Internet. AWS’s version of virtual computers emulates most of the attributes of a real computer, including hardware central processing units (CPUs) and graphics processing units (GPUs) for processing; local/RAM memory; hard-disk/SSD storage; a choice of operating systems; networking; and pre-loaded application software such as web servers, databases, and customer relationship management (CRM).
Let see Problem Statement
Deploy Web Server on AWS through ANSIBLE!
♦️ Provision EC2 instance through ansible.
♦️ Retrieve the IP Address of instance using dynamic inventory concept.
♦️ Configure the web server through ansible!
♦️ Create role for webserver to customize the Instance and deploy the webpage to root directory.
As Ansible is a Configuration management tool not as such ment for provisioning of OS but we can do by using ansible ,
Lets Provision the OS on AWS through Ansible
But any Data Center don’t provide / give permission to access / push the code or don’t provide Managed Node / Target Node
To solve this problem what we can do , We run Our code in our Local System i.e Local Host , my system internally work as Node
As we Know Ansible is ment using Python , Python provide one SDK to contact with AWS , so we need to install boto library
# pip3 install boto
Now create the role to Provision Ec2 Instance and give the Path the the Configuration file of ansible
ansible-galaxy init <name>
ansible-galaxy init ec2-provisioning
Now go to role and Write ansible code to provision os as we already set the path of role
make your access key and secret key secure so no one can access it
I have created a vault to secure the variable file which contains the credentials of AWS account in vars/ directory. Ansible Vault is a feature of ansible that allows you to keep sensitive data such as passwords or keys in encrypted files, rather than as plaintext in playbooks or roles
ansible-vault create --vault-id aws@prompt credentials.ymlNow our Setup is ready to provision EC2 instance on AWS
now create one YML file and provide the role let setup.yml
Now run it
# ansible-playbook setup.yml
Now our the problem is , OS is running somewhere either on cloud or any work station and we don’t know the IP of that OS
So how can we solve it ,
- Manually write the IP on the inventory — Static Inventory
- On the fly someone find the IP Automaticaly — Dynamically inventory
here we can’t use Ansible because Ansible is a configuration management tool
So write one Program in certain Language either python , ruby , php
also Ansible Community created code written in python to connect either AWS, docker ,gcp , etc
Click on the following link u get the Code
we also need one file .ini file help to find various service
Now Download these two file in your Inventory , as u already provided the path of your inventory in the configuration file
Now execute these file
# chmod +x ec2
Now what Next ,
change the interpreter python to python3 in the code and when u see the code there u see you have to export your region , access_key and Secret_key
export AWS_ACCESS_KEY_ID=’***************'
export AWS_SECRET_ACCESS_KEY=’********************'
export AWS_REGION=’ap-south-1’
Now create the code what you want to provision on EC2 instance
Let configure Apache Web Server and run your code
for that create role to configure web server
# ansible-galaxy init <name>
# ansible-galaxy init cfg_web_ec2
In this role go to task/main.yml file and write all the task for installing , configuring and starting the webserver.
In the configuration part do what you want
finally run the playpook
# ansible-playbook setup.yml
As Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows
Thank you
feel free to ask and give suggestion
Aditya kumar Soni
linkedIn:
