Deployment Of Webserver On AWS EC2 Instance Using Ansible

Sathvika Kolisetty

6 min readAug 24, 2020

Problem Statement

♦️Provision EC2 instance through ansible.

♦️Retrieve the IP Address of instance using a dynamic inventory concept.

♦️Configure the webserver through ansible!

♦️Create a role for the webserver to customize the Instance and deploy the webpage to the root directory.

In this task we will learn how to deploy a webserver on the top AWS EC2 instance using Ansible roles.

We will be using RHEL8 as Controller Node and AWS Ec2 instance as Managed Node.

Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015. Ansible is agentless, temporarily connecting remotely via SSH or Windows Remote Management (allowing remote PowerShell execution) to do its tasks.

Amazon Elastic Compute Cloud (EC2) is a part of Amazon.com’s cloud-computing platform, Amazon Web Services (AWS), that allows users to rent virtual computers on which to run their own computer applications. EC2 encourages the scalable deployment of applications by providing a web service through which a user can boot an Amazon Machine Image (AMI) to configure a virtual machine, which Amazon calls an “instance”, containing any software desired. A user can create, launch, and terminate server-instances as needed, paying by the second for active servers — hence the term “elastic”. EC2 provides users with control over the geographical location of instances that allows for latency optimization and high levels of redundancy.

To install ansible make sure that you have installed python in your Virtual Machine just by using the following command

python3 -V

After the confirmation just run the following command

pip3 install ansible

Dependencies

On your machine, have the following installed.

Ansible
Python ≥ 2.6, with boto, boto3, and botocore.

Create an ansible configuration

/etc/ansible/ansible.cfg

1. Provisioning Ec2 Instance

We’re going to make that EC2 instance accessible over ssh from our IP only. For that, we will need to create an EC2 key pair.

Create an EC2 key pair (if one does not already exist — Ansible has built-in idempotency, one of is many plus points) and save the private key to file.

Our first step is to let Ansible create a new EC2 key pair. We register the output and then we can write the private_key contents into a local pem file in the current directory. Don’t forget the file permissions.

ansible-playbook key_gen.yml

We can see that key-pair have created in AWS

Now, We have to create a playbook and then we can create the instance and attach this key-pair for login into the Instance. For this, we will write a playbook and run it by using the localhost.

Determine information about the default VPC and its subnets. Randomly select a subnet from the list to host our EC2 instance.

Determine our public IP address and create a security group allowing ssh access from our IP address (only).

Create an EC2 instance in the selected subnet and associated with the security group, and we’ll update our inventory with the new host.

We can see that the above generated is attached to the ec2 instance.

Inventory in ansible

ansible inventory is a collection of IP addresses and groups upon which all the commands and module run. We can say its something like an IP database.

We can’t go manually and fetch the IP Address we use automation to save our time and to develop quickly. Here we have to use a dynamic Inventory Concept to fetch the IP Address.

https://github.com/ansible/ansible/blob/stable-2.9/contrib/inventory/ec2.

Now we will download this file and make this executable and set the environmental variable as mentioned above then if we will run this file so we can see that we can Dynamically get the IP address of the Ec2 instance we also need one more file that is ec2.ini file

https://github.com/ansible/ansible/blob/stable-2.9/contrib/inventory/ec2.ini

We have to update our configuration file so that our inventory can be dynamically updated.

AS we know in Linux Super User is Root and Root has many powers it can anything in the system so if want to install something in our system we need to login via root but in general ssh via root is by-default disabled by all the cloud Providers to make the OS very Secure so we will change the privileges of our normal user so that normal user can also perform root tasks. For this, we will have to change the ansible Configuration file and update the location of our private key so when the Ip will be fetched we can also ping and perform our tasks.

Now ansible will automatically run the ec2.py file and retrieve the IP from the provided credentials of AWS EC2 instance.

In order to connect to AWS EC2 instance, In general, we have to provide the username and password of a particular account but now we are using AWS instance so in this case, we have to provide the private-key. So we have to provide the details in the ansible configuration file.

I created a myroles in /etcdirectory and in there ran ansible-galaxy init webserverto create a basic role outline structure to manage the tasks.

We have to configure webserver At this stage, we’ve got all our tasks set up inside the wevserverrole and our roles/webserver/tasks/main.yml and inroles/webserver/vars/main.yml we put all the variables required.

We can create a playbook in the root project directory (call it what you like, I called mine web.yml). Note that we specify hosts: local for the AWS infrastructure tasks.