Deployment Of Webserver On AWS EC2 Instance Using Ansible

Problem Statement

♦️Provision EC2 instance through ansible.

♦️Retrieve the IP Address of instance using a dynamic inventory concept.

♦️Configure the webserver through ansible!

♦️Create a role for the webserver to customize the Instance and deploy the webpage to the root directory.

Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs. It is an open-source software provisioning tool enabling infrastructure as code. Today many of the reputed companies including Cisco, NASA, Splunk, and other such use Ansible on a large scale.

The following article shows the use of Ansible in configuring Apache webserver on the top of AWS Cloud. Ansible is very useful when there is such an use case along with on a large scale.

Before starting make sure to install Python Boto module because Boto helps to create, configure and manage AWS services using Python scripts or, in our case, through Ansible. we should have python3,boot,botocore,boto3

python3 -V

Create an ansible configuration

/etc/ansible/ansible.cfg

verify once your ansible.cfg file.

EC2 instance provisioning:-

We’re going to make that EC2 instance accessible over ssh from our IP only. For that, we will need to create an EC2 key pair.

Create an EC2 key pair (if one does not already exist — Ansible has built-in idempotency, one of is many plus points) and save the private key to file.

Our first step is to let Ansible create a new EC2 key pair. We register the output and then we can write the private_key contents into a local pem file in the current directory. Don’t forget the file permissions.

ansible-playbook key_gen.yml

We can see that key-pair have created in AWS

Now, We have to create a playbook and then we can create the instance and attach this key-pair for login into the Instance. For this, we will write a playbook and run it by using the localhost.

Determine information about the default VPC and its subnets. Randomly select a subnet from the list to host our EC2 instance.

Determine our public IP address and create a security group allowing ssh access from our IP address (only).

Create an EC2 instance in the selected subnet and associated with the security group, and we’ll update our inventory with the new host.

We can see that the above generated is attached to the ec2 instance.

inventory in ansible:-

ansible inventory is a collection of IP addresses and groups upon which all the commands and module run. We can say its something like an IP database.

We can’t go manually and fetch the IP Address we use automation to save our time and to develop quickly. Here we have to use a dynamic Inventory Concept to fetch the IP Address.

https://github.com/ansible/ansible/blob/stable-2.9/contrib/inventory/ec2.

Now we will download this file and make this executable and set the environmental variable as mentioned above then if we will run this file so we can see that we can Dynamically get the IP address of the Ec2 instance we also need one more file that is ec2.ini file

ansible/ansible

we have use chmod +x ec2.py to enable its services

We have to update our configuration file so that our inventory can be dynamically updated.

AS we know in Linux Super User is Root and Root has many powers it can anything in the system so if want to install something in our system we need to login via root but in general ssh via root is by-default disabled by all the cloud Providers to make the OS very Secure so we will change the privileges of our normal user so that normal user can also perform root tasks. For this, we will have to change the ansible Configuration file and update the location of our private key so when the Ip will be fetched we can also ping and perform our tasks.

Now ansible will automatically run the ec2.py file and retrieve the IP from the provided credentials of AWS EC2 instance.

Now we need to write a playbook for configuring Apache server in the launched instance. Before that, for configuring the webserver dynamically, we need to edit the httpd.conf file in the system we want to configured. Create a file with a .conf extension and edit as follows:

Note: The privilege escalation does not work in some cases until Sudoers file is not edited. It didn’t work in my case so I have used the become keyword after every task that requires super user permissions.

On running the playbook, Ansible will retrieve the Public IP address of the instance, copy the server configuration file in the instance, then will download the webpage code from GitHub and start the services, thereby configuring the Apache server.

we can see that in /var/www/praneeth folder index.html page

Finally webpage is deployed on the webserver