Open in app

Sign in

Write

Sign in

Quick Guide to Setup Ansible AWS Dynamic Inventory

Bharath Sampath
Ankercloud Engineering
Published in
4 min readMay 24, 2022

Introduction:

Maintaining the inventory file while using Ansible with AWS will be a time-consuming operation since, AWS often changes IP addresses, auto-scales instances, and more.

However, ansible dynamic inventory is a simple fix. Dynamic inventory is an Ansible plugin that makes a run-time API call to Amazon Web Services to retrieve instance information. To manage the AWS infrastructure, it dynamically provides ec2 instance details.

Earlier dynamic inventory was a Python file. Now it was eventually changed to Ansible plugin.

AWS isn’t the only provider of dynamic inventories. It is compatible with the majority of public and private cloud platforms.

Prerequisites

  • Install Ansible, using the following command

sudo apt-get install ansible

  • Ensure you have python3 and pip3 in your ansible server. If not install it with the following command

sudo apt-get install python3 –y

sudo apt-get install python3-pip –y

  • Install boto3 library. Ansible uses boto core to make the API calls to AWS to get the ec2 instance details.

sudo pip3 install boto3

Dynamic Inventory Setup:

Step 1: Open the ansible configuration file to enable the aws_ec2 plugin

sudo vi /etc/ansible/ansible.cfg

Find the [inventory] section to add the following line to enable the ec2 plugin

[inventory]

Enable_plugins = aws_ec2

Step 2: Create the programmatic user in AWS with minimal permission for ec2-read-only-access. Because the ansible gets the instance details by API call using boto3 with the given access or else give the role for that ansible server.

Step 3: Create the inventory directory

sudo mkdir –p /opt/ansible/inventory

cd /opt/ansible/inventory

Step 4: Create the inventory file named aws_ec2.yaml in the inventory directory

sudo vi aws_ec2.yml

Copy the following configuration to the file. If you are running an ansible server outside the AWS environment, replace and add your AWS access key and secret to the config file.

— — plugin: aws_ec2

aws_access_key: <YOUR-AWS-ACCESS-KEY-HERE>

aws_secret_key: <YOUR-AWS-SECRET-KEY-HERE>

keyed_groups:

- key: tags

prefix: tag

If your ansible server is running inside the AWS environment, attach an ec2 instance role with minimal permission(read-only). This way you don’t have to add the access and secret key in the configuration. Ansible will automatically use the attached role to make the API calls

Step 5: Now let’s test the dynamic inventory configuration by listing the ec2 instances.

ansible-inventory –i /opt/ansible/inventory/aws_ec2.yaml –list

or

ansible-inventory –i /opt/ansible/inventory/aws_ec2.yaml — graph

The above command returns the list ec2 instance with all its parameters in JSON format.

If you want to use the dynamic inventory as a default Ansible inventory, edit the /etc/ansible/ansible.cfg file and search for inventory parameters under defaults. Change the inventory parameter value as shown below.

[defaults]

Inventory = /opt/ansible/inventory.aws_ec2.yaml

Now if you run the inventory list or graph command without passing the inventory file, Ansible looks for the default location and picks up the aws_ec2.yaml inventory file.

Step 5: Execute the following command to test if Ansible is able to ping all the machines return by the dynamic inventory.

ansible all –m ping –ptivate-key=<key path>

or else if you want to partical tag group

ansible <group name> -m ping –private-key=<key path>

If don’t want to give a private key in the command line.

  • Give the variable inside the ansible-playbook

vars:

Ansibl_private_key_file: <key path>

  • Else create a config file in that user’s .ssh directory

Add the following content in the config file

StrictHostKeyChecking no

IdentityFile ~/<private key path>

IdentityFile ~/<private key path 2>

IdentitiesOnly yes

Finally, create the playbook test.yaml and add the following content

— -

- name: Ansible Test Playbook

gather_facts: false

hosts: <hostname that listen by inventory>

tasks:

- name: Run Shell Command command: echo “Hello World”

Run the playbook with the following command

sudo ansible-playbook test.yaml

Conclusion

With the help of Ansible, we can use AWS services more consistently and help define configurations and deploy these configurations across environments automatically. It also ensures safe automation by making sure that only permitted configurations are deployed. With the help of Ansible, all cloud deployments are automated using automation playbooks. This blog takes you through a quick walk around how to setup Ansible AWS Dynamic Inventory.

For more information on similar projects, contact us at info@ankercloud.com

Ansible
AWS
Dynamic Inventory
Cloud
Deployment

--

--

Bharath Sampath
Ankercloud Engineering

Written by Bharath Sampath

24 Followers
Writer for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams