/Ec2-creation-and-manage-using-Ansible-playbook

Ansible is an open source tool that you can use to automate your AWS deployments. You can use it to define, deploy, and manage applications and services using automation playbooks. These playbooks enable you to define configurations once and deploy those configurations consistently across environments

Ec2-creation-and-manage-using-Ansible-playbook

Build


Description

Simple ansible playbook for creating a amazon Ec2 with all required resoruces.


Prerequisite

  • Need to install ansible2 on Master node to run
  • AWS CLI Programmatic user
  • python3
  • python3-pip
  • boto3
  • awscli with latest version

Ansible installation

amazon-linux-extras install epel -y
amazon-linux-extras install ansible2 -y
yum install python3
yum install python3-pip
pip install awscli --upgrade
ansible-galaxy collection install amazon.aws
pip3 install boto3
pip3 install boto
pip3 install botocore

graph

Behind the code : hosts file

~]$ cat hosts
localhost ansible_connection=local ansible_python_interpreter=/usr/bin/python3

You need to verify the localhost ansible is now able to communicate with python3. For verify

$ ansible -i hosts localhost -m setup | grep "ansible_python_version"
        "ansible_python_version": "3.7.10"

Behind the code : .boto file

[Credentials]
aws_access_key_id = AKIASH75KESC43FJ
aws_secret_access_key = aPXYPZjpC4Vlm9yXASB536hH/kE/Y1Lm8

You can also try using environment variable like below. So that the ansible can access the keys

~]# AWS_ACCESS_KEY='JDHEJEIJWHWWJWJEUEN'
~]# AWS_SECRET_KEY='eeBSJWM/e8IXMbejwnwkNbjwjwnwn'
~]# echo $AWS_ACCESS_KEY
JDHEJEIJWHWWJWJEUEN
~]# echo $AWS_SECRET_KEY
eeBSJWM/e8IXMbejwnwkNbjwjwnwn
~# bash -c 'echo $AWS_ACCESS_KEY'
[root@]# bash -c 'echo $AWS_SECRET_KEY'
[root@~]# export AWS_ACCESS_KEY
[root@ ~]# export AWS_SECRET_KEY

Behind the code : main.yml

---

- name: "AWS EC2 creation using Ansible-playbook"
  hosts: localhost
  vars:
    project: "Uber"
    region: "ap-south-1"
    instance_type: "t2.micro"
    instance_ami: "ami-0e0ff68cb8e9a188a"
  tasks:

    - name: "AWS Infra - Creating Ssh-Key Pair"                                          ### For keypair creation
      amazon.aws.ec2_key:
        name: "{{project}}"
        state: present
        tags:
          Name: "{{ project }}"
          project: "{{ project }}"

      register: Check_keypair_status


    - name: " AWS Infra - Copying the private Key Of {{ project }} keypair to local PC"
      when: Check_keypair_status.changed == true
      copy:
        content: "{{ Check_keypair_status.key.private_key}}"
        dest: "{{ project }}.pem"                                                         ### This will create the keypair pem file and download to our local PC
        mode: 0400

    - name:  " AWS Infra - Creating webserver security group"                             ### Creating the secuirty group with 80 and 443
      amazon.aws.ec2_group:
        name: "{{ project }}-webserver"
        description: "allows 80,443 from all"
        region: "{{ region }}"

        rules:
          - proto: tcp
            from_port: 80
            to_port: 80
            cidr_ip: 0.0.0.0/0

          - proto: tcp
            from_port: 443
            to_port: 443
            cidr_ip: 0.0.0.0/0
        tags:
          Name: "{{ project }}-webserver"
          project: "{{ project }}"
      register: webserver

    - name:  " AWS Infra - Creating another remote security group"                       ### Creating the secuirty group with 20
      ec2_group:
        name: "{{ project }}-remote"
        description: "allows 22 from all"
        region: "{{ region }}"

        rules:
          - proto: tcp
            from_port: 22
            to_port: 22
            cidr_ip: 0.0.0.0/0

        tags:
          Name: "{{ project }}-remote-sg"
          project: "{{ project }}"
      register: remote


    - name:  " AWS Infra - Creating Ec2 Instance For Webserver"                         ### Creating the EC2 Instance
      ec2:
        region: "{{ region }}"
        key_name: "{{ Check_keypair_status.key.name}}"
        instance_type: "{{ instance_type }}"
        image: "{{ instance_ami }}"
        wait: yes
        group_id:
          - "{{ webserver.group_id }}"
          - "{{ remote.group_id }}"
        instance_tags:
          Name: "{{ project }}-webserver"
          project: "{{ project }}"
        count_tag:
          Name: "{{ project }}-webserver"
        exact_count: 2                                           ### This will limit the EC2 creation from re-running the playbook. Other wise ansible will recreate the EC2

Sample output while running the playbook

 ~]$ ansible-playbook -i hosts main.yml

PLAY [AWS EC2 creation using Ansible-playbook] *************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************
ok: [localhost]

TASK [AWS Infra - Creating Ssh-Key Pair] *******************************************************************************************************************************
changed: [localhost]

TASK [AWS Infra - Copying the private Key Of Uber keypair to local PC] *************************************************************************************************
changed: [localhost]

TASK [AWS Infra - Creating webserver security group] *******************************************************************************************************************
changed: [localhost]

TASK [AWS Infra - Creating another remote security group] **************************************************************************************************************
changed: [localhost]

TASK [AWS Infra - Creating Ec2 Instance For Webserver] *****************************************************************************************************************
changed: [localhost]

PLAY RECAP *************************************************************************************************************************************************************

I have tweaked the exact_count: 2 to 3 and it will create one more.

 ~]$ ansible-playbook -i hosts main.yml

PLAY [AWS EC2 creation using Ansible-playbook] *************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************
ok: [localhost]

TASK [AWS Infra - Creating Ssh-Key Pair] *******************************************************************************************************************************
ok: [localhost]

TASK [AWS Infra - Copying the private Key Of Uber keypair to local PC] *************************************************************************************************
skipping: [localhost]

TASK [AWS Infra - Creating webserver security group] *******************************************************************************************************************
ok: [localhost]

TASK [AWS Infra - Creating another remote security group] **************************************************************************************************************
ok: [localhost]

TASK [AWS Infra - Creating Ec2 Instance For Webserver] *****************************************************************************************************************
changed: [localhost]

PLAY RECAP *************************************************************************************************************************************************************
localhost                  : ok=5    changed=1    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0

server

Conclusion

Created the EC2 secuirty group keypair tags using Ansible

⚙️ Connect with Me