devops-challenge
First of all, take a look into Challenge specs.
The purpose of this repo is to deploy an environment to AWS.
- VPC.
- Public subnets across all specified availability zones.
- 1 EC2 instance on each public subnet.
- ALB serving port 80 of each instance.
- Deploy Nginx Docker container to each instance
Premises
- Terraform installed. You can find more information here.
- Ansible installed. You can find mode information here.
- Ansible AWS Plugin.
ansible-galaxy collection install amazon.aws
. - Boto and Boto3 Python library.
- An AWS account with pragmatic access (access key id and secret access key). Information here.
Setup the environment
Setup your AWS access and secret keys into ~/.aws/credentials
.
mkdir -p ~/.aws
vi ~/.aws/credentials
[default]
aws_access_key_id = AKIAxxxxxxxxxxxxxxxx
aws_secret_access_key = 2zcixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
SSH Key pair
If you have have a SSH key pair, just make sure that the correct name is configured in ./terraform/variables.tf
and ./ansible/ansible.cfg
.
If you don´t have a SSH key pair, you can generate one in your AWS Console. You can find more information here.
Downloaded .pem
file and save it to ./ansible/
.
Make sure that the key name is the same as var.key_name
in ./terraform/variables.tf
and private_key_file
in ./ansible/ansible.cfg
.
After copying the file to ./ansible
directory, make sure that you reduce the privileges to the file
chmod 400 ansible/devops-challenge.pem
Terraform
First of all, verify ./terraform/variables.tf
and if it has the correct values that you are expecting for.
The variable project_name
is used across Terraform to name the resources on AWS.
EC2 Module create by myself. You can find more about it here.
Apply terraform
cd terraform/
terraform init
terraform plan -out dev.plan
terraform apply dev.plan
Ansible
As mention in the premisses, make sure that you have the Ansible AWS plugin.
ansible-galaxy collection install amazon.aws
This playbook uses AWS EC2 Inventory. It is a dynamic inventory. Edit inventory file ./ansible/inventory/aws_ec2.yaml
and match the region that you deployed Terraform infra.
plugin: aws_ec2
boto_profile: default
regions:
- us-east-1
...
Edit ./ansible/playbook.yaml
and match hosts as your project_name
used on Terraform. NB! -
dash is replaced by _
underscore.
hosts: devops_challenge
Double check ./ansible/ansible.cfg
if remote_user
matches the default user for your AMI. NB! If you are using Amazon Linux 2, don't worry.
Apply Ansible
cd ../ansible
ansible-playbook playbook.yaml
References
- Terraform AWS VPC Module.
- Terraform AWS ALB Module.
- Terraform AWS Provider default tags.
- Terraform AWS LB target group attachment.
- Terraform length
- Terraform count
- Terraform custom validation rule
- Ansible.cfg reference
- Ansible AWS EC2 inventory.
- Ansible AWS EC2 instance info.
- Ansible AWS EC2 metadata facts.
- Ansible Community Docker Container.
- Ansible PIP.
- Ansible Template.
- Ansible Service.
- Docker AWS CloudWatch.