We are going to go over an advanced playbook that does not run on ANY host machines but does run on the control machine. This type of playbook is not ansible 101 but we are going to jump in the deep end to create our hosts needed for the rest of the tutorial. This will allow us to envision where ansible can go as we continue the tutorial. Do not worry if all of this playbook doesn't make sense but remember the power of what we get at the end and get excited!
As an important aside, these plays will require AWS keys set as environment variables to allow our control machine to connect to the AWS API.
export AWS_ACCESS_KEY_ID='AKI'
export AWS_SECRET_ACCESS_KEY='zd3'
Create an ssh key in the AWS console. Login to the AWS management console and find the EC2 service. In the side bar, find the "Network & Security" tab and open up "Key Pairs". Click "Create Key Pair" and give the key the name "ansible_key". The site will prompt a download of a pem file. Move that pem file into a place you are comfortable with and change the permissions to 400.
chmod 400 ansible_key.pem
inventory_setup.yml
---
- hosts: localhost
connection: local
gather_facts: False
tasks:
- name: Create VPC and Subnet
ec2_vpc:
state: present
region: us-east-1
cidr_block: 20.0.0.0/16
subnets:
- cidr: 20.0.0.0/16
resource_tags: {"Name":"Test Subnet"}
route_tables:
- subnets:
- 20.0.0.0/16
routes:
- dest: 0.0.0.0/0
gw: igw
wait: yes
internet_gateway: yes
resource_tags:
Name: "Test VPC"
register: vpc
- name: get igw
ec2_vpc_igw:
vpc_id: "{{ vpc.vpc_id }}"
region: us-east-1
state: present
register: igw
- name: Tagging the new internet gateway created
ec2_tag:
resource: "{{ igw.gateway_id }}"
state: present
region: us-east-1
tags:
Name: test-gateway
- name: Create a group for our ec2 instances
ec2_group:
name: ansible_ssh_open
description: an example EC2 group
vpc_id: "{{ vpc.vpc_id }}"
region: us-east-1
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
- name: Provision a set of instances
ec2:
key_name: ansible_key
group: ansible_ssh_open
instance_type: t2.micro
image: "ami-0b33d91d"
region: us-east-1
vpc_subnet_id: "{{ vpc.subnets[0].id }}"
assign_public_ip: true
exact_count: 3
count_tag: "ansible_instances"
instance_tags:
ansible_instances: "True"
instance_number: "ec2 aws instance"
wait: true
[export commands to set aws keys and secret]
ansible-playbook inventory_setup.yml
An inventory is simple file that lists groups and hosts with the needed information to ssh into those hosts.
Inventory Example 1
204.236.213.231
54.146.252.114
54.175.250.172
Inventory Example 2
[aws_instances]
204.236.213.231
54.146.252.114
54.175.250.172
Inventory Example 3
[webservers]
204.236.213.231
54.146.252.114
[dbservers]
54.175.250.172
[aws_instances:children]
webservers
dbservers
Inventory Example 4 - Dynamic Inventory Setup your own dymamic inventory script. Here is the reading to do this exact thing.
- http://docs.ansible.com/ansible/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script
- https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.py
- https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.ini
- Create inventory files for your three servers.
- Create a dynamic inventory for your three servers.