Ansible Blog-2

🌐WebServer Deployment on Cloud ☁using Ansible

💡 Introduction to the Tools

● Ansible is an open-source automation tool that uses playbooks to make deployments faster and scale to various environments.

☁ Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. The most pronounced use of AWS is for running web and application servers in the cloud to host dynamic websites.

🌐 Apache Server is a web server application that delivers content such as HTML pages, multimedia and CSS Style sheets over the internet. It is not a physical server, but rather software that runs on a server. Its job is to establish a connection between a server and the client Browser while delivering files back and forth between them.

In this article, we will be combining all the above 3 tools to deploy a Web-page using the power of Automation.

💢 Problem Statement

We have to Deploy a Web Server (Apache Web Server) on a Cloud Platform (AWS Cloud) using ANSIBLE as a Configuration Management Tool.

🔰 Procedure :

• Provision EC2 instance on AWS through Ansible Playbook.
• Retrieve IP Address of the instance using dynamic inventory concept.
• Configure the webserver on Instance through Ansible Playbook.
• Create a ROLE for the webserver to customize the Instance and copy the webpage to the Document Root.

📝SOLUTION

🔹Pre-Requisites

• Ansible Installed and Configured in Base OS (Preferably RHEL-8)
• 🐍Python3 interpreter installed in Base OS
• ☁ AWS account setup

🔸STEP-1: Launching an Instance on AWS via Ansible Playbook

1️⃣ Install Boto Library in Base OS

To facilitate the communication between Ansible (from Base OS) and AWS Cloud, we have to install a python library in the Base OS working as Ansible Controller Node.

pip3 install boto
pip3 install boto3

2️⃣ Setup the AWS user for Ansible

1. Create an IAM User with PowerUserAccess Policy in AWS. Ansible will access the AWS Cloud via this user.
2. Download the Access Key and the Secret Key of that IAM user in .csv format
3. Run the following commands in Base OS (Ansible CN) to set these values as env variables for Ansible.

export AWS_REGION='ap-south-1'
export AWS_ACCESS_KEY_ID='<ACCESS-KEY of IAM user>'
export AWS_SECRET_ACCESS_KEY='<SECRET-KEY of IAM user>'

3️⃣ Create an Ansible Vault

1. Create an Ansible vault to store AWS user credentials(Access key and Secret Key) which would be used by ansible to access AWS to launch EC2 instance. Vault will keep these credentials secure.

ansible-vault   create   --vault-id    <id>@prompt    myvault.yml

• Vault ID : A unique ID for the vault
• myvault: Any random name for the vault
• Also, give a password to lock this vault and keep this password secure as it will be required later.

2. Open the Vault file to make further edits, also, enter the vault password created in the previous step to access the vault file

ansible-vault   edit   myvault.yml

3. Store the AWS user credentials in the Vault in YAML format

AWS_ACCESS_KEY: '<Access Key  of IAM user>'
AWS_SECRET_KEY: '<Secret Key  of IAM user>'

4️⃣Create Dynamic Inventory for Ansible

1. For this, first, create a directory and then download the script uploaded on Github by Ansible Community :

mkdir    /etc/ansibledynamicinventory
cd    /etc/ansibledynamicinventory
wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.py
wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.ini

2. In the ec2.py file downloaded from the above commands, add the following command at the top, to specify that its a python script:

#!/usr/bin/python3

3. Change the user access for these files from read-only to Executable :

chmod +x ec2.ini
chmod +x ec2.py

5️⃣ Configure the Ansible Config file

Add the AWS User Key-pair and the path for Ansible Dynamic Inventory in Config file of Ansible

Ansible Config File

6️⃣ Create a Playbook to Launch AWS EC2 Instance via Ansible

To make things easy, we can first create all the resources required for launching an instance from the WEB UI of AWS and then use them in the Playbook

So, we can first create and/or Retrieve the ID of the following resources from AWS Management Console :

• AMI ID — The ID of the base image we want to use for creating an instance. AMIs are pre-created and we can directly use anyone among the Free-Tier
• VPC ID — Virtual Private Cloud, a way to isolate resources in AWS
• Subnet — To further isolate resources in a VPC. Can be Public/Private Subnet
• Region and AZ — Geographical location of the DataCenter from which we wish to Retrieve the resources
• Security Group — To secure the instance by controlling the Ingress/Egress
• Key-Pair — To log in to the instance for configuring it later. Download this Key-pair in BaseOs for Attaching this to instance later.

Now, we can use the above information to create a playbook for launching EC2 instance :

gedit   ec2playbook.yml

ec2 playbook

The vault name used here is for the Vault we created in Step-3 to store the AWS IAM User credentials through which Ansible will access AWS Cloud.

7️⃣ Execute the Playbook to create an EC2 instance

ansible-playbook   --vault-id   <UniqueID>@prompt   ec2playbook.yml

Provide the Password of Vault created in Step-3

The above command will execute the playbook and an EC2 instance will be launched in AWS Cloud.

💡We can verify it by accessing the AWS Management Console and matching the IP of the instance with the IP Displayed in the Playbook Verbose.

EC2 Dashboard

Also, since we used the concept of Dynamic Inventory, the IPv4 Public IP of EC2 instance will be added to the Ansible Inventory on the fly:

ansible  all  --list-hosts

So, our instance is successfully launched on AWS Cloud through an Ansible Playbook💯💯

🔸STEP-2: Deploying Web-Server on top of EC2 Instance

1️⃣ Create an Ansible Role

Create a Role in the Default Roles’ directory of Ansible (as mentioned in Config File of Ansible):

ansible-galaxy   init   webserver_role

2️⃣ Configure the Role

Write the tasks for configuring a web server in the following file:

gedit  webserver_role/tasks/main.yml

webserver role

The 3 main Tasks involved in configuring Apache Web Server are:

1. Installation of Apache Web Server Software: HTTPD using Package module of Ansible
2. Starting the Httpd web service using Service Module of Ansible
3. Write/Copy the code of HTML Webpage in the Document Root of Apache Web Server: /var/www/html via Copy Module of Ansible

A Simple testing code for an HTML Page (index.html) could be :

<body bgcolor="green">
Webpage Deployed on AWS Instance via Ansible Playbook !!!

3️⃣ Create a Playbook for this Role

To use the above-created role, we need to create a playbook :

gedit   webdeploy.yml

Specify the name of the role in this playbook:

- hosts: all
  roles:
        - webserver_role

Execute the playbook :

ansible-playbook    webdeploy.yml

On successful execution of the Playbook, we can see the Webpage in the Browser by typing the following URL :

http://<Public IP Of Instance>:80/index.html

WebPage Deployed!!

🙌🏻 Hence, the webpage is successfully deployed on an EC2 Instance in AWS Cloud using Ansible Playbook !!