1. Install boto3
[root@master wk-dec9]# pip3 install boto3
Successfully installed boto3-1.16.33 botocore-1.19.33 s3transfer-0.3.3 urllib3-1.26.2
2. Write your playbook
# cat aws-ec2.yaml
- hosts: localhost # 192.168.56.4 - your own control node)
tasks:
- ec2_instance:
region: us-east-1
image_id: ami-04d29b6f966df1537
instance_type: t2.micro
#image: t2.micro
vpc_subnet_id: subnet-e261d2ec
security_group: sg-f5b18ad2
key_name: kt-2020-k
name: os_from_ansible
state: present
aws_access_key: AKIA6DEA42GA2PGZJ7G3
aws_secret_key: 3IYF568qVJ8I#RZYnUV2OPG8/XDKVrhDfJRJPnbc
[root@master wk-dec9]# ansible-playbook aws-ec2.yaml
PLAY [localhost] *****************************************************************************************
TASK [Gathering Facts] ***********************************************************************************
ok: [localhost]
TASK [ec2_instance] **************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (botocore or boto3) on master's Python /usr/bin/python3.6. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"}
PLAY RECAP ***********************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
[root@master wk-dec9]# pip3 install boto3
Successfully installed boto3-1.16.33 botocore-1.19.33 s3transfer-0.3.3 urllib3-1.26.2
[root@master wk-dec9]# ansible-playbook aws-ec2.yaml
PLAY [localhost] *****************************************************************************************
TASK [Gathering Facts] ***********************************************************************************
ok: [localhost]
TASK [ec2_instance] **************************************************************************************
changed: [localhost]
PLAY RECAP ***********************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@master wk-dec9]#
[root@master wk-dec9]# cat aws-ec2.yaml
- hosts: localhost # 192.168.56.4 - your own control node)
tasks:
- ec2_instance:
region: us-east-1
image_id: ami-04d29b6f966df1537
instance_type: t2.micro
#image: t2.micro
vpc_subnet_id: subnet-e251d2ec
security_group: sg-f7a18ad2
key_name: kb-2020-key
name: os_from_ansible
state: present
aws_access_key: AKIC6HXA42MR2PGZJ7G3
aws_secret_key: 3IYF590qVJ8ISpZYnUV92PG8/XDKVrhHsJcMPnbc
--------------------------------------------------------------------
Ansible - class
We are using ansible to provision the server on AWS
1. Install OS
2. Configure OS
1. For OS provisioning, we use tools like
- Foreman
- Cloudformation - aws
- VMWare
- Terraform
- Ansible (too)
2. Configuration Management
- ansible
- puppet
- chef
You can use ansible to provisioning the OS but its not feature rich to provision the server.
Dynamic inventory
-----------------
CN -> ansible running
Ansible needed 3 things
1. Username
2. Password
3. Client IP - need to add it to the inventory file
Worker node ->
- RHEL
- Windows
How to write a playbook for a system that does not exists?
Router/cloud (aws)/firewall
- Webapp
- cli
- API (for custom requirement - interpreted -> programming -> (java, go, python) while loop, for loop ..
Ansible (CM) --> ssh -> RHEL8 (TN)
Pythoncode -> https -> Router (login, config)
API - > Playbook
- run playbok on your own control node using its own IP (lo-localhost)
run the program over http
-> go to the client -> URL (browser - firefox)
you run from client side
control node -> create and run play book -> run on target node (router, server) -> using API of say EC2 - execute the playbook.
---------------------
ansible comes with lots of modules
# ansible-docs -l | grep ec2
review the output and look for ec2.insance .. -> create and manage
# ansible-docs ec2.instance
------------------------
Provisioning AWS ec2 instance
- Lets collect manual tasks
1. Select your region
region: mumbai ap-south-1
2. Select EC2
google ansible ec2 module - create and manage
(requires - boto3 library)
on your control node, you have to install boto library before running playbook.
# pip3 install boto3
# ansible-doc ec2_instance
ansible
2. Choose OS type
copy AMI-ID
os image: ami-o9f63....ff5f
3. Select Instance type:
Instance type: t2.micro
4. How many?
Count: 1
5. Define subnet (data center
subnet: subnet-9898888
6. Storage: by default it picks
7. firewall or by default it uses default one
firewall: sg-0be7...53d
8. review and launch..
need key using ssh
key: awskey2020-key
So, lets put all together. the stuff needed to launch the EC2 instance
-m ec2_instance
-a
region: mumbai ap-south-1
image_id: ami-o9f63....ff5f
instance_type: t2.micro
vpc_subnet: subnet-9898888
security_group: sg-0be7...53d
key_name: awskey2020-key
state: present
write playbook
- hosts: localhost # 192.168.56.4 - your own control node)
tasks:
- ec2_instance:
region: mumbai ap-south-1
image_id: ami-o9f63....ff5f
instance_type: t2.micro
vpc_subnet: subnet-9898888
security_group: sg-0be7...53d
key_name: awskey2020-key
state: present
if you run this play, it will fail. because, you have to first login.
You will use key to logic
access key - user name
secret is like pw
- hosts: localhost # 192.168.56.4 - your own control node)
tasks:
- ec2_instance:
region: mumbai ap-south-1
image_id: ami-o9f63....ff5f
instance_type: t2.micro
vpc_subnet: subnet-9898888
security_group: sg-0be7...53d
key_name: awskey2020-key
state: present
aws_access_key: SGJHGFGFJKFJKFJF
aws_secret_key: KHJHJJKJHJKHKJH
go to services -> IAM service -> create your own access key/secret key.
go to users ->
username: sam
access type -> select programmatic access -> next
attach existing policy -> give admin access
review next and finish
you will see access key
This key is very importand, keep it secret.
We are using ansible to provision the server on AWS
Run this code on your controller node.
# cat aws-ec2-create.yaml
- hosts: localhost # 192.168.56.4 - your own control node)
tasks:
- ec2_instance:
region: mumbai ap-south-1
image_id: ami-o9f63....ff5f
instance_type: t2.micro
vpc_subnet: subnet-9898888
security_group: sg-0be7...53d
name: os_from_ansible
key_name: awskey2020-key
state: present
aws_access_key: SGJHGFGFJKFJKFJF
aws_secret_key: KHJHJJKJHJKHKJH
# ap --list-hosts
# ansible 192.168.10.120 --list-hosts
# ansible 127.0.0.1 --list-hosts
No comments:
Post a Comment