Deploy to AWS
Deploy an Ansible development environment to AWS.
The Ansible development environment in AWS will comprise the following:
- A Virtual Private Cloud(VPC)
- A subnet
- An internet gateway
- A route for public traffic into the VPC
- Windows EC2 instance with
Windows Server 2019Amazon Machine Image(AMI) - Linux EC2 instance with
Red Hat Enterprise Linux 8Amazon Machine Image(AMI)
Free Tier
Both theAMIsused are within the free tier.
Ansible Modules#
The following Ansible Modules can be used to deploy the resources on AWS using Ansible playbooks:
| AWS Resource | Ansible Module |
|---|---|
| VPC | ec2_vpc_net |
| Subnet | ec2_vpc_subnet |
| Internet Gateway | ec2_vpc_igw |
| Route Table | ec2_vpc_route_table |
| Security Group | ec2_group |
| Key Pair | ec2_key |
| EC2 Instance | ec2 |
| Elastic IP Address | ec2_eip |
Ansible codifies your infrastructure in YAML files called Ansible playbooks. You will use pre-written Ansible playbooks to deploy the Ansible development environment to AWS.
Resource Dependency
Several of theAWSresources depend on other resources. These dependencies mean that you have to run the playbooks in the right order.
Let’s start exploring the playbooks we will cover in this lesson one by one:
Create a VPC#
Before you can deploy an Elastic Compute Cloud(EC2) instance, you have to provision a VPC. You will provision a VPC with a subnet, an internet gateway, and a route table entry for public traffic. Review the aws_create_vpc.yaml playbook below:
/
- aws_create_vpc.yaml
Ansible playbook#
Ansible playbooks are written in YAML and have two main sections:
- Hosts
- Tasks
Hosts
Hosts determine which hosts are targeted by the playbook. Refer to Line 2-4 for hosts in the above playbook.
Tasks
Tasks define what Ansible will execute sequentially. From Line 6 onwards, you can observe all the tasks that the Ansible will perform.
You have four tasks in the playbook. create vpc is the first task’s name. It uses the Ansible module ec2_vpc_net to create a VPC in AWS. This Ansible module provides an interface to configure the VPC using parameters and arguments. Line 10 in the playbook represents the argument passed to the ec2_vpc_net module.
Ansible Modules
Ansible modules are reusable, standalone scripts that Ansible executes. A module provides a defined interface, accepting arguments, and returning information to Ansible through a JSON string to stdout as output.
You can execute the playbook by clicking on the Run button. The Run button executes the following command in the environment:
Deploy a Windows EC2 instance#
Before you can create a Windows Server 2019 EC2 instance, you need the following AWS resources:
- Virtual Private Cloud
- Previously created by executing the
aws_create_vpc.yaml.
- Previously created by executing the
- Security Group
- Virtual firewall for your instance to control inbound and outbound traffic.
- Key Pair
- To encrypt and decrypt login information.
- EC2 Instance
- Virtual machine running Windows Server 2019 Operating System.
Each of these AWS resources correlates to an Ansible Module. Review the aws_create_windows_ec2_instance.yaml playbook below:
/
- aws_create_windows_ec2_instance.yaml
Once again, you can execute the playbook by clicking on the Run button.
aws-ansible-key.pem
When theaws_create_windows_ec2_instance.yamlplaybook ends, it will output a file calledaws-ansible-key.pem. This is the private key for the ansible_key key pair inAWS. The private key is used to get the login information for theEC2instance.
The Run button executes the following command,
Once run, you will be prompted for a password. You can use a password of your own choice.
Password Strength
By default, there is a password policy on all Windows servers. Use a strong password with at least 8 characters that are a mixture of the following:
- English uppercase characters (A through Z).
- English lowercase characters (a through z).
- Base 10 digits (0 through 9).
- Non-alphabetic characters (for example, !, $, #, %).
The password provided will be used later to connect to the virtual machine.
Gather Information
Theec2_vpc_net_infoandec2_vpc_subnet_infoare used to gather information about theVPC. You will learn more about this technique in the upcoming chapters.
Deploy a Linux EC2 instance#
Deploying a Linux EC2 instance with Ansible is identical to that of a Windows EC2 instance. Review the aws_create_linux_ec2_instance.yaml playbook below. It uses the same modules as before and only requires the arguments to be changed:
- The
AMInumber - Security Group Rules
/
- aws_create_linux_ec2_instance.yaml
Execute the playbook by clicking on the Run button. Once again, use the password of your own choice when prompted. The following command is executed when you click the Run button:
Delete the environment#
All the above infrastructure lies in the free tier. You will be using these resources in the upcoming lessons and chapters. In case you are going to visit the next lessons later, you can take down the resources to avoid any unexpected bills.
You can take these resources down by executing the playbook below.
Disclaimer: Run the playbook at your own risk!
It is highly recommended you use a development AWS account.
Review the playbook:
/
- aws_delete_ansible_env.yaml
Execute the playbook by clicking on the Run button. It will execute the following command:
In this lesson, we introduced Ansible playbooks and modules to create the VPC and the EC2 instances with Linux and Windows operating systems.
Download the Source Code
You can download the playbooks for this lesson from the Github repository, become Ansible.
