Ansible 1 of 9: Environment Setup

Background

This article will create a base environment for using Ansible in future articles in this series.

1 of 9. Open Cloud9

2 of 9. Create key pair

Create key pair named 'tcb-ansible-key', saved to /home/ec2-user/environment. Make sure to set permissions on the key pair.

pwd aws ec2 create-key-pair --key-name tcb-ansible-key --query 'KeyMaterial' --output text > tcb-ansible-key.pem ls -l *.pem chmod 400 tcb-ansible-key.pem ls -l *.pem

3 of 9. Create security group

Create a security group named 'launch-wizard-1" that allows SSH and ping

aws ec2 create-security-group --group-name launch-wizard-1 --description "Security group for Ansible labs" aws ec2 authorize-security-group-ingress --group-id sg-0cac6f47065813337 --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,IpRanges="[{CidrIp=0.0.0.0/0}]" IpProtocol=icmp,FromPort=8,ToPort=0,IpRanges="[{CidrIp=0.0.0.0/0}]"

4 of 9. Create a Debian host and a RedHat host

These hosts wil use the key and security-group you created in previous steps.
Create a Debian host named "host01" ami-058bd2d568351da34
Create a Red Hat host named "host02" ami-023c11a32b0207432
Make sure to use the t2.micro type instance, for the free-tier perk.
Note: AMI are region-specific. "us-east-1" was used for this example.
Note: The OS impacts the default username: admin (Debian) and ec2-user (RedHat)

aws ec2 run-instances \ --image-id ami-058bd2d568351da34 \ --count 1 \ --instance-type t2.micro \ --key-name tcb-ansible-key \ --security-group-ids sg-0cac6f47065813337 aws ec2 run-instances \ --image-id ami-023c11a32b0207432 \ --count 1 \ --instance-type t2.micro \ --key-name tcb-ansible-key \ --security-group-ids sg-0cac6f47065813337

5 of 9. Tag the created instances with names

You can find the instance IDs in the run-instances output [example above in prior step]. Alternatively, you can run the find the instanceIDs in your GUI.

aws ec2 create-tags --resources i-049525becc527c1b8 --tags Key=Name,Value=host01 aws ec2 create-tags --resources i-021c0c8d1c9d4697b --tags Key=Name,Value=host02 aws ec2 describe-tags \ --filters "Name=resource-id,Values=i-049525becc527c1b8" aws ec2 describe-tags \ --filters "Name=resource-id,Values=i-021c0c8d1c9d4697b"

Here is an example of how you could leverage "describe-instances" to filter your list of instances.

aws ec2 describe-instances \ --filters Name=key-name,Values=tcb-ansible-key \ --query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value}' \ --output table

6 of 9. Check Python, PIP, and ansible version on Cloud9

Python, Pip, and Ansible are required for future labs in this series.

python3 --version pip3 --version ansible --version

7 of 9. If necessary, update the Cloud9 OS and install any missing components.

sudo yum update -y sudo yum install python sudo yum install pip python3 -m pip install --user ansible ansible --version

8 of 9. Validate Cloud9 can ping host01 and host02

Examples here use the private IP of host01 and host02

ping 172.31.89.75 -c3 ping 172.31.18.118 -c3

9 of 9. Validate Cloud9 can SSH to host01 and host02

Examples here use the private IP of host01 and host02

ssh -i tcb-ansible-key.pem admin@172.31.89.75 ssh -i tcb-ansible-key.pem ec2-user@172.31.18.118

References

Getting Started

Rules for ping/icmp

Rules to connect to instances from an instance with the same security group

Create, configure, and delete security groups for Amazon EC2

Create, display, and delete Amazon EC2 key pairs

Launch, list, and terminate Amazon EC2 instances

Linux file permissions explained

Managing users on your Linux instance

Comments

Post a Comment

Popular posts from this blog

Orphaned No More: Adopting AWS Lambda

Image
Background HumanGov is a Model Automated Multi-Tenant Architecture (MAMA) that is meant to be used by the 50 states for personnel tracking. Currently the architecture is fully automated on AWS. The architecture is not ready for go-live. All actions so far are for a proof-of-concept that is presented to the Chief Technical Officer (CTO) for review. During the weekly team meeting, Ko (User Experience Lead) reports that his team has performed thousands of tests against the infrastructure, with moves, adds, and changes, and is not finding any issues in the application user interface. Woo (Infrastructure Lead) reports that there are hundreds of 'orphaned' files in the S3 bucket. (These files are considered 'orphaned' because they do not have corresponding records in the DynamoDB table.) Kim (Tech Lead) reports that there is not a trigger to delete the file from the bucket when a user is deleted from the DynamoDB database. Brady (Lawyer) reports that not deleting t
Read more

Containing the Chaos! | A Three-Part Series Demonstrating the Usefulness of Containerization to HumanGov

Background HumanGov is a Model Automated Multi-Tenant Architecture (MAMA) that is meant to be used by the 50 states for personnel tracking. Currently the architecture requires Amazon Elastic Compute Cloud (EC2) instances that are maintained by the HumanGov systems administrators. The systems administrators handle all the patching, operations, etc. Due to states wanting their data separate from each other, each state gets a separate set of EC2 instances, which means that as the application scales from one state up to 50 states, the systems administrators will have to patch 50x as many EC2 instances. The system administrators report that they have begun to schedule more and more overtime to handle the maintenance windows for updating the EC2 instances. The lead developer remarked that it was taking longer and longer for new application deployments to get rolled out as the infrastructure grew and more states came on board. By the way, the development environment does not have standa
Read more

Ansible is the Answer! | A Three-Part Series Demonstrating the Usefulness of Ansible to HumanGov

This is a three (3) part series that demonstrates how Ansible can be useful/leveraged for configuring your infrastructure. The background story here is that HumanGov is a multi-tenant cloud application that requires that each of the fifty (50) states has its own separate infrastructure. The HumanGov Infrastructure Engineers are trying to figure out how they can get it done, and they are considering using Ansible to help them deploy the application. Part 1 sets up the base infrastructure for the scenario. The HumanGov Infrastructure Engineers are accustomed to using Terraform to efficiently deploy infrastructure, but they are not very experienced with Ansible. Part 1 of 3: HumanGov: Ansible is the Answer! | Terraform | AWS Cloud9 | AWS IAM | AWS EC2 | AWS DynamoDB | AWS S3 Part 2 attempts to setup HumanGov via a MANUAL process. Part 2 goes through the steps to MANUALLY install Python, Nginx AND application files as well as MANUALLY configuring the firewall in Ubuntu. After g
Read more