🌐WebServer Deployment on Cloud ☁using Ansible
💡 Introduction to the Tools
● Ansible is an open-source automation tool that uses playbooks to make deployments faster and scale to various environments.
☁ Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. The most pronounced use of AWS is for running web and application servers in the cloud to host dynamic websites.
🌐 Apache Server is a web server application that delivers content such as HTML pages, multimedia and CSS Style sheets over the internet. It is not a physical server, but rather software that runs on a server. Its job is to establish a connection between a server and the client Browser while delivering files back and forth between them.
In this article, we will be combining all the above 3 tools to deploy a Web-page using the power of Automation.
💢 Problem Statement
We have to Deploy a Web Server (Apache Web Server) on a Cloud Platform (AWS Cloud) using ANSIBLE as a Configuration Management Tool.
🔰 Procedure :
- Provision EC2 instance on AWS through Ansible Playbook.
- Retrieve IP Address of the instance using dynamic inventory concept.
- Configure the webserver on Instance through Ansible Playbook.
- Create a ROLE for the webserver to customize the Instance and copy the webpage to the Document Root.
📝SOLUTION
🔹Pre-Requisites
- Ansible Installed and Configured in Base OS (Preferably RHEL-8)
- 🐍Python3 interpreter installed in Base OS
- ☁ AWS account setup
🔸STEP-1: Launching an Instance on AWS via Ansible Playbook
1️⃣ Install Boto Library in Base OS
To facilitate the communication between Ansible (from Base OS) and AWS Cloud, we have to install a python library in the Base OS working as Ansible Controller Node.
pip3 install boto
pip3 install boto3
2️⃣ Setup the AWS user for Ansible
- Create an IAM User with PowerUserAccess Policy in AWS. Ansible will access the AWS Cloud via this user.
- Download the Access Key and the Secret Key of that IAM user in .csv format
- Run the following commands in Base OS (Ansible CN) to set these values as env variables for Ansible.
export AWS_REGION='ap-south-1'
export AWS_ACCESS_KEY_ID='<ACCESS-KEY of IAM user>'
export AWS_SECRET_ACCESS_KEY='<SECRET-KEY of IAM user>'
3️⃣ Create an Ansible Vault
1. Create an Ansible vault to store AWS user credentials(Access key and Secret Key) which would be used by ansible to access AWS to launch EC2 instance. Vault will keep these credentials secure.
ansible-vault create --vault-id <id>@prompt myvault.yml
- Vault ID : A unique ID for the vault
- myvault: Any random name for the vault
- Also, give a password to lock this vault and keep this password secure as it will be required later.
2. Open the Vault file to make further edits, also, enter the vault password created in the previous step to access the vault file
ansible-vault edit myvault.yml
3. Store the AWS user credentials in the Vault in YAML format
AWS_ACCESS_KEY: '<Access Key of IAM user>'
AWS_SECRET_KEY: '<Secret Key of IAM user>'
4️⃣Create Dynamic Inventory for Ansible
1. For this, first, create a directory and then download the script uploaded on Github by Ansible Community :
mkdir /etc/ansibledynamicinventory
cd /etc/ansibledynamicinventorywget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.pywget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.ini
2. In the ec2.py file downloaded from the above commands, add the following command at the top, to specify that its a python script:
#!/usr/bin/python3
3. Change the user access for these files from read-only to Executable :
chmod +x ec2.ini
chmod +x ec2.py
5️⃣ Configure the Ansible Config file
Add the AWS User Key-pair and the path for Ansible Dynamic Inventory in Config file of Ansible
6️⃣ Create a Playbook to Launch AWS EC2 Instance via Ansible
To make things easy, we can first create all the resources required for launching an instance from the WEB UI of AWS and then use them in the Playbook
So, we can first create and/or Retrieve the ID of the following resources from AWS Management Console :
- AMI ID — The ID of the base image we want to use for creating an instance. AMIs are pre-created and we can directly use anyone among the Free-Tier
- VPC ID — Virtual Private Cloud, a way to isolate resources in AWS
- Subnet — To further isolate resources in a VPC. Can be Public/Private Subnet
- Region and AZ — Geographical location of the DataCenter from which we wish to Retrieve the resources
- Security Group — To secure the instance by controlling the Ingress/Egress
- Key-Pair — To log in to the instance for configuring it later. Download this Key-pair in BaseOs for Attaching this to instance later.
Now, we can use the above information to create a playbook for launching EC2 instance :
gedit ec2playbook.yml
The vault name used here is for the Vault we created in Step-3 to store the AWS IAM User credentials through which Ansible will access AWS Cloud.
7️⃣ Execute the Playbook to create an EC2 instance
ansible-playbook --vault-id <UniqueID>@prompt ec2playbook.yml
Provide the Password of Vault created in Step-3
The above command will execute the playbook and an EC2 instance will be launched in AWS Cloud.
💡We can verify it by accessing the AWS Management Console and matching the IP of the instance with the IP Displayed in the Playbook Verbose.
Also, since we used the concept of Dynamic Inventory, the IPv4 Public IP of EC2 instance will be added to the Ansible Inventory on the fly:
ansible all --list-hosts
So, our instance is successfully launched on AWS Cloud through an Ansible Playbook💯💯
🔸STEP-2: Deploying Web-Server on top of EC2 Instance
1️⃣ Create an Ansible Role
Create a Role in the Default Roles’ directory of Ansible (as mentioned in Config File of Ansible):
ansible-galaxy init webserver_role
2️⃣ Configure the Role
Write the tasks for configuring a web server in the following file:
gedit webserver_role/tasks/main.yml
The 3 main Tasks involved in configuring Apache Web Server are:
- Installation of Apache Web Server Software: HTTPD using Package module of Ansible
- Starting the Httpd web service using Service Module of Ansible
- Write/Copy the code of HTML Webpage in the Document Root of Apache Web Server: /var/www/html via Copy Module of Ansible
A Simple testing code for an HTML Page (index.html) could be :
<body bgcolor="green">
Webpage Deployed on AWS Instance via Ansible Playbook !!!
3️⃣ Create a Playbook for this Role
To use the above-created role, we need to create a playbook :
gedit webdeploy.yml
Specify the name of the role in this playbook:
- hosts: all
roles:
- webserver_role
Execute the playbook :
ansible-playbook webdeploy.yml
On successful execution of the Playbook, we can see the Webpage in the Browser by typing the following URL :
http://<Public IP Of Instance>:80/index.html
🙌🏻 Hence, the webpage is successfully deployed on an EC2 Instance in AWS Cloud using Ansible Playbook !!