Using Ansible Dynamic Inventory to deploy Web Server on AWS
Task 2:
Statement : Deploy Web Server on AWS through ANSIBLE!
🔅Provision EC2 instance through ansible.
🔅Retrieve the IP Address of instance using dynamic inventory concept.
🔅Configure the web server through ansible!
🔅Create role for webserver to customize the Instance and deploy the webpage to root directory.
In Ansible a static inventory file is a plain text file that contains a list of managed hosts declared under a host group using either hostnames or IP addresses. So we have to manually add managed host information if any new host come. So to overcome this issue Ansible also has concept of Dynamic inventory file which can pull inventory information from dynamic sources, like cloud sources, container services, etc.
So in this blog i will be deploying web server using Ansible dynamic inventory file on AWS.
Before we move further as usual here are few requirements:
- Basic knowledge of Cloud Computing (here AWS)
- Basic knowledge of Ansible like roles, playbook, vault, etc.
- Already configured Ansible tool
- Boto library
pip3 install botoplugin file for ec2 dynamic inventory - Optional: My Github repository
So here are the steps:
Step 1: Check your ansible configuration file
ansible --version
and edit it like given below
Step 2: Create Ansible Dynamic inventory directory. Create only where you have specified it in ansible.cfg file like below
mkdir /home/ansible_task2Step 3: Download ansible dynamic inventory in your inventory directory and make it executable. You can get it from here using wget command.
chmod +x ec2.py
Step 4: Provide your AWS IAM credentials as environment variable where you want to launch and manage ec2 services.
The dynamic inventory will use credentials directly from here.
Step 5: You can check the file by running command. It will show all information in your AWS profile
./ec2.py — list
Step 6: Create 2 roles one for launching instance and one for configuring web server where you have specified roles_path in ansible configuration file
ansible-galaxy init ec2_instance
ansible-galaxy init web_serverYou can verify by using command
ansible-galaxy list
Step 7: This step is for creating roles file for both files. If you don’t want to create your own, you may skip to step 8 and get roles directory from my github repo
Role 1 => For launching ec2 instance
- Now edit tasks/main.yml file of ec2_instance and write below module to launch ec2 instance
- Provide credentials of AWS in vars/main.yml file
Optional: You can also encrypt your var file as shown below to protect your credentials by using valut
What is ansible vault?
Ansible Vault encrypts variables and files so you can protect sensitive content such as passwords or keys rather than leaving it visible as plaintext in playbooks or roles. To use Ansible Vault you need one or more passwords to encrypt and decrypt content.
Step 8: Role 2=> For configuring web server
- Edit tasks/main.yml file of web_server role
- Create a template file in <templates/> directory in web_server role and you can write your configuration in this.
- Also edit handlers/main.yml file and provide service module here so if any change made in configuration file and playbook is ran again then it will restart the service
Step 8: Create two playbook files one for ec2_instance role and one for web_server role
Step 9: Run the playbooks, first that launch instance and then which configure web server
Note: Use ask-vault-pass option in ec2_instance playbook and enter Vault password that if you have encrypted it earlier.
Launch ec2_instance playbook
ansible-playbook <playbook_name_ec2_instance> --ask-vault-pass
Now launch web_server playbook
ansible-playbook <playbook_name_web_server>
That’s it now you can access your web page from your browser
Note: If you are not able to see webpage then you may have not enable that port in Security Group of AWS that you have provided.
Here’s what are the inbound rules shoul look like:
Finally completed this Task. hope you like it!!!!!