Managing AWS Service Dynamically using Ansible i.e without Knowing IP of OS by using Dynamic inventory

In this Article we are going to discuss how we use AWS services using Ansible Let first discuss and know about the Technology and Tools we are going to use .

Ansible

Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows

Unlike most configuration-management software, Ansible does not require a single controlling machine where orchestration begins. Ansible works against multiple systems in your infrastructure by selecting portions of Ansible’s inventory, stored as edit-able, version-able ASCII text files. Not only is this inventory configurable, but you can also use multiple inventory files at the same time and pull inventory from dynamic or cloud sources or different formats (YAML, INI, etc). Any machine with Ansible utilities installed can leverage a set of files/directories to orchestrate other nodes. The absence of a central-server requirement greatly simplifies disaster-recovery planning. Nodes are managed by this controlling machine — typically over SSH. The controlling machine describes the location of nodes through its inventory.Sensitive data can be stored in encrypted files using Ansible Vault

AWS

Amazon Web Services (AWS) is a subsidiary of Amazon providing on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. These cloud computing web services provide a variety of basic abstract technical infrastructure and distributed computing building blocks and tools. One of these services is Amazon Elastic Compute Cloud (EC2), which allows users to have at their disposal a virtual cluster of computers, available all the time, through the Internet. AWS’s version of virtual computers emulates most of the attributes of a real computer, including hardware central processing units (CPUs) and graphics processing units (GPUs) for processing; local/RAM memory; hard-disk/SSD storage; a choice of operating systems; networking; and pre-loaded application software such as web servers, databases, and customer relationship management (CRM).

Let see Problem Statement

Deploy Web Server on AWS through ANSIBLE!

♦️ Provision EC2 instance through ansible.
♦️ Retrieve the IP Address of instance using dynamic inventory concept.
♦️ Configure the web server through ansible!
♦️ Create role for webserver to customize the Instance and deploy the webpage to root directory.

As Ansible is a Configuration management tool not as such ment for provisioning of OS but we can do by using ansible ,

Lets Provision the OS on AWS through Ansible

But any Data Center don’t provide / give permission to access / push the code or don’t provide Managed Node / Target Node

To solve this problem what we can do , We run Our code in our Local System i.e Local Host , my system internally work as Node

As we Know Ansible is ment using Python , Python provide one SDK to contact with AWS , so we need to install boto library

# pip3 install boto

Now create the role to Provision Ec2 Instance and give the Path the the Configuration file of ansible

ansible-galaxy init <name>

ansible-galaxy init ec2-provisioning

Now go to role and Write ansible code to provision os as we already set the path of role

make your access key and secret key secure so no one can access it

I have created a vault to secure the variable file which contains the credentials of AWS account in vars/ directory. Ansible Vault is a feature of ansible that allows you to keep sensitive data such as passwords or keys in encrypted files, rather than as plaintext in playbooks or roles

ansible-vault create --vault-id aws@prompt credentials.yml

Now our Setup is ready to provision EC2 instance on AWS

now create one YML file and provide the role let setup.yml

Now run it

# ansible-playbook setup.yml

Now our the problem is , OS is running somewhere either on cloud or any work station and we don’t know the IP of that OS

So how can we solve it ,

  1. Manually write the IP on the inventory — Static Inventory
  2. On the fly someone find the IP Automaticaly — Dynamically inventory

here we can’t use Ansible because Ansible is a configuration management tool

So write one Program in certain Language either python , ruby , php

also Ansible Community created code written in python to connect either AWS, docker ,gcp , etc

Click on the following link u get the Code

we also need one file .ini file help to find various service

Now Download these two file in your Inventory , as u already provided the path of your inventory in the configuration file

Now execute these file

# chmod +x ec2

Now what Next ,

change the interpreter python to python3 in the code and when u see the code there u see you have to export your region , access_key and Secret_key

export AWS_ACCESS_KEY_ID=’***************'
export AWS_SECRET_ACCESS_KEY=’********************'

export AWS_REGION=’ap-south-1’

Now create the code what you want to provision on EC2 instance

Let configure Apache Web Server and run your code

for that create role to configure web server

# ansible-galaxy init <name>

# ansible-galaxy init cfg_web_ec2

In this role go to task/main.yml file and write all the task for installing , configuring and starting the webserver.

In the configuration part do what you want

finally run the playpook

# ansible-playbook setup.yml

As Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows

Thank you

feel free to ask and give suggestion

Aditya kumar Soni

linkedIn:

linkedin.com/in/aditya-kumar-soni-91370b189

Arth2020 | student