Instance Provisioning and App Deployment in AWS using Ansible

This blog describes how create an EC2 instance and deploy a web application on AWS. In this blog we will walk through the introduction and benefits of using Ansible over other configuration management tools. Apart from this, we will show how to setup Ansible, define roles and write playbook to provision an ec2 instance and deploy a simple web application using Ansible.

What is Ansible?

Ansible is an open-source platform used for automation and for various operations such as cloud provisioning, configuration management, application deployment, intra-service orchestration, continuous delivery, orchestration, and many other IT needs.

Designed for multi-tier deployments since day one, Ansible models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time. Ansible is easy to set up, and it is efficient, reliable, and powerful.

It uses no agents and no additional custom security infrastructure, so it’s easy to deploy — and most importantly, it uses a very simple language (YAML, in the form of Ansible Playbooks) that allow you to describe your automation jobs in a way that approaches plain English.

Important Terms in Ansible

These are the few important terms using in Ansible —

• Controller Node: This is where Ansible gets installed. The controller machine helps in enabling provisioning on servers we manage.
• Managed Node: This is nodes where the task is executed by the controller node.
• Inventory: This is basically an initializing file that contains information about the servers that we are managing.
• Modules: These are little programs that act as building blocks encapsulating common tasks such as using yum to install packages or ping to test the connection to a remote host.
• Playbook: It is an organized unit of scripts defining an automated work for the configuration management of our server.
• Task: A task block defines a single procedure to be executed on the server like installing packages.

Ansible Workflow

1. As the services increase, sysadmins will provision more servers to do configuration management. They need to install Ansible on the master node where they need to write the code into the Ansible playbook to describe the setup, installation process, and the configuration required for these servers.
2. The local machine connects to these servers (nodes) through an inventory using secured SSH connections.
3. Once these nodes are connected to the master server, then the node servers are analyzed and the playbook codes are pushed toward each of the servers so that these playbooks can configure the servers remotely, which leads to a consistent environment.

Benefits of Using Ansible

• Agentless: As long as a connection can be SSHed and it has Python, it can be configured with Ansible; no agent/software or additional firewall ports are required to install on our client or host systems for automation. Also, we don’t have to worry about setting up and managing the infrastructure.
• Simple: As we’ve seen, Ansible uses a very simple syntax written in YAML known as playbooks — YAML (Yet Another Markup Language) is a human-readable data serialization language. We don’t need special coding skills to code and understand playbooks. It is very easy to install and execute tasks in order.
• Modular: Ansible is modular as we require only one program per script. This way, we can spread our programs across different servers.
• Efficient: Not requiring any extra software on our servers means that there is more space for our resources.
• Powerful and flexible: Having powerful features gives us the capability to model even complex IT workflows in lesser time, along with managing infrastructure, networks, operating systems, and services that are already in use.

PRE-REQUISITES AND INSTALLATIONS

How to install Python?

Follow the Python Installation Guide to install python. When you’re done, you should be able to run the python command:

$ python --version
Python 3.8.3

How to install Ansible?

Follow the Ansible Installation Guide to install and configure ansible on the controller node. When you’re done, you should be able to run the ansible command:

$ ansible --version
ansible 2.9.7
  config file = /etc/ansible/ansible.cfg
  executable location = /usr/bin/ansible
  python version = 2.7.12 (default, Oct  8 2019, 14:14:10) [GCC 5.4.0 20160609]

How to configure AWS credentials?

In order for ansible to be able to make changes in your AWS account, you will need to configure the AWS credentials for the user you created earlier. There are several ways to do this (see A Comprehensive Guide to Authenticating to AWS on the Command Line), one of the easiest of which is to set the following environment variables:

export AWS_ACCESS_KEY_ID=(your access key id)
export AWS_SECRET_ACCESS_KEY=(your secret access key)

Let’s begin…

Step 1: Setup Ansible Playbook Project

Ansible Playbook is a set of instructions that you send to run on a single or group of server hosts. It represents the ansible-provisioning, where the automation is defined as tasks, and all jobs like installing packages, editing files, will be done by ansible modules.

Firstly, create the Ansible project directory called ‘project-webapp’ and go into it.

mkdir project-webapp/
cd project-webapp

Now create new configuration file ‘hosts’ and ‘site.yml’, then create a new directory called ‘roles’.

touch hosts site.yml
mkdir -p roles/

Details about configurations:

hosts — It’s an inventory file that contains pieces of information about managed servers by ansible.

site.yml — The master playbook file that contains which group of hosts that will be managed using our available roles.

roles — Its is a set of tasks to configure a host for certain purpose like configuring a service. The ansible roles have their own directory structures, each role will contain directories such as tasks, handlers, vars etc.

Step 2: Generate Ansible Roles for the Directory Structure

In this step, we’re going to generate ansible roles directory using the ansible-galaxy command. We will generate two of roles called ‘common’ roles and the ‘web’ roles.

Inside the ‘project-webapp’ directory, go to the directory ‘roles’.

cd roles/

Generate roles structure directory and files for the ‘common’ and ‘web’ roles by running the ansible-galaxy command below.

ansible-galaxy init ec2-provision
ansible-galaxy init webapp

After that, check all available ansible roles directory structures using the following command.

tree .

You will be shown the result as below.

Step 3: Setup hosts and site.yml

The ‘hosts’ file will contain list and group of the server managed by the Ansible. Edit the ‘hosts’ file using vim editor.

Paste configuration below.

Save and close. Next, edit the site.yml configuration file. Paste configurations below.

Save and close.

Step 4: Setup ec2-provision role

In this step, we’re going to set up the ‘ec2-provision’ role. It will do some tasks including creating AWS security group, defining ingress and egress security group rules, creating AWS key pair, and EC2 instance.

Go to the ‘ec2-provision’ directory and edit the ‘tasks/main.yml’ file. Replace the value of key_material with the path of your public key (id_rsa.pub).

Step 5: Setup variable file for ec2-provision role

In this step, we’re going defines the variables which is being used in ‘ec2-provision’ role. Go to the ‘ec2-provision’ directory and edit the ‘vars/main.yml’ file.

Paste configuration below.

Save and close.

Step 6: Setup webapp role

In this step, we’re going to set up the ‘webapp’ roles. It will do some tasks including install the httpd package, starting the httpd service, and copying the web page to the destination in remote host.

Go to the ‘webapp’ directory and edit the ‘tasks/main.yml’ file and paste configuration below.

Save and close.

Step 7: Write webpage (index.html)

In this step, we’re going to write the index.html file for ‘webapp’ roles. Go to the ‘webapp’ directory and create the ‘files/index.html’ file and paste the code snippet given below.

Save and close.

Step 8: Setup dynamic inventory file

In this step, we’re going to setup dynamic inventory file for ‘webapp’ roles. If you using Amazon Web Services EC2, maintaining an inventory file might not be the best approach, because hosts may come and go over time, be managed by external applications, or you might even be using AWS autoscaling.

Since, we have defined a role (ec2-provisioner) to create an ec2 instance. Hence, in order to avoid manually copying the Public IP address from AWS Console and rewriting in hosts file, we will be dynamically fetching the public IP address to deploy the web application.

Firstly, create a directory called ‘dynamic_host’ in prodject-webapp folder and go in it.

$ mkdir dynamic_host/
$ cd dynamic_host

Then copy the EC2 external inventory and ec2.ini file using the command below.

$ wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.py
$ wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.ini

Make ec2 external inventory file executable using the following command:

$ chmod +x ec2.py

You can test the script by itself to make sure your config is correct by running the command given below:

$ python ec2.py --list

After a few moments, you should see your entire ec2 inventory across all regions in json.

Running the Ansible Playbook

In this step, we are going to run the ansible playbook to create an ec2 instance and deploy a simple web application on it.

1. Go to the Ansible project directory.

$ cd project-webapp/

2. Run the ansible-playbook command given below to execute the ec2-provision role.

$ ansible-playbook -i hosts ec2.yml

The output should look like this (this is example output):

3. Now the ansible will run all roles that we assign to the host. The command will create a security group, key-pair and ec2 instance in AWS. Run the ansible-playbook command given below to execute the webapp role.

$ ansible-playbook -i dynamic_host/ec2.py site.yml

To confirm the ssh authentication, type: yes. The output should look like this (this is example output):

If you get an error, revisit the previous steps to ensure that your configuration matches the steps mentioned above. If you cannot troubleshoot the issue of your configuration, visit this GitHub Link for configurations and ensure the files given below configurations in github link matches with yours.

4. Verify the webapp deployment by typing the Instance IP address in your chrome browser. You would be seeing something like this :

Yeahhh… Your service is up and running…..

Conclusion:

In this blog, we have written playbook to create an EC2 instance and deploy a web application on AWS. Each steps are explained in detail for easy understanding. We have introduced the Ansible and its benefits over other configuration management tools. Apart from this, we have showed how to setup Ansible, define roles, configure dynamic inventory and write playbook to provision an ec2 instance and deploy a simple web application using Ansible.

Thank you for reading. :)

Level Up Coding

Thanks for being a part of our community! Subscribe to our YouTube channel or join the Skilled.dev coding interview course.

Coding Interview Questions | Skilled.dev