Login
September 13, 2022|
Voiced by Amazon Polly |
Overview
This blog will talk about how we configure Ansible to get inventory hosts from Amazon Web Services dynamically using the aws_ec2 plugin.
Ansible is an open-source intelligent automation tool. It is used to automate configuration, provisioning, application deployment, management, and many other manual IT processes. The ansible intelligence is on its configuration management capabilities.
Customized Cloud Solutions to Drive your Business Success
- Cloud Migration
- Devops
- AIML & IoT
Why Ansible Dynamic Inventory?
With the rapidly scaling cloud environment, it’s difficult to maintain target instances just by using static inventory. Hence Ansible community came up with the concept of dynamic inventory.
We can set up dynamic inventory in two different ways:
- inventory scripts
- inventory plugin (recommended)
We will be using the EC2 plugin as it’s more up-to-date and easier to set up and manage.
Step-by-Step Guide
Let us start working with the ec2 dynamic inventory
- Install the aws_ec2 ansible plugin and its dependencies (boto3 and botocore)
Now a days aws_ec2 ansible plugin is by default included in the ansible.
Let’s install the dependencies boto3 and botocore.
$ pip3 install boto3 botocore
Note: Check the Below link for more information about the dynamic inventory - Setup ansible.cfg file
3. Create inventory aws_ec2.yml file
|
1 2 3 4 5 6 7 8 9 |
plugin: aws_ec2 regions: - "ap-southeast-1" keyed_groups: - key: tags.Name filters: instance-state-name : running compose: ansible_host: public_ip_address |
Add the above code to the file we’ll be using this access the inventory information.
To use this plugin, we need credentials to access other instances. We can do this in two ways.
- Attach Role (aws_profile) [Recommended]
- AWS Credentials (aws_access_key, aws_secret_key)
Method 1: [Attach Role with EC2 permission]
Go to –> Action – Security – Modify IAM (Identity and Access Management) role
Create And Attach role with EC2 permission
Click on Update IAM role and now your ansible have credentials to access the instances information
|
1 |
$ ansible-inventory -i aws_ec2.yml --list |
Method 2: [AWS Credentials]
|
1 |
$ aws configure |
Pass your AWS credentials.
|
1 |
$ ansible-inventory -I aws_ec2.yml --list |
Currently, in my AWS Console only one instance is running, let’s launch a few more instances and check the result.
Dynamic Inventory is a working file in this we can see under all we have multiple children these are nothing but tags you are passing to the instances with aws_ec2 for plugin and ungrouped is by-default children.
To see the graph view for ansible inventory, use this command
|
1 |
$ ansible-inventory -I aws_ec2.yml --graph |
Let’s connect the inventory with an ansible configuration file.
Open ansible.cfg file and add inventory=<location_of_inventory_file>
In my case, config file and dynamic inventory file are in the same location. Hence in the ansible.cfg file I have added inventory=aws_ec2.yml.
Let’s check whether inventory connects to the configuration file
|
1 |
$ ansible all –list-hosts |
The above command lists all the hosts available in the inventory
We can even use tags to list the hosts
|
1 |
$ ansible <tag_name> --list-hosts |
As we can use all the results from the tag_name Webserver.
Let’s configure the web server on Ansible_TargetNode Diagram
As above it is visible that I have a private key file name key.pem which helps me to login into the target node as well as configure the web server on the target node.
Webserver.yml is a playbook where the instruction is defined.
The above file is ansible.cfg here the remote_user helps you to connect with the target with this username and private_key_file helps to authenticate the user.
The challenge is to configure the webserver we need root permissions and ec2_user is not a root user hence we are using privilege escalation to use Sudo. Hence with this, we can configure the web server in the target node.
The above file is webserver.yml. Used to decide where to run this playbook at the top. We it’s visible in the screen shot we are running this playbook on Ansible_TargetNode.
In the Task part, all the instructions are written like installing the Apache webserver to starting the Apache service.
Now let’s run the playbook.
|
1 |
$ ansible-playbook webserver.yml |
Results of the above command.
In all the target node webserver is configured successfully.
Conclusion
We learned how to configure dynamic inventory for AWS instances. And how we can use tags to filter the results according to our requirements. Nowadays, dynamic inventory is widely used in many environments as it is automating the inventory. We can also use the dynamic inventory concept in any of the clouds like Azure, GCP, and even for DevOps tools like Docker and Kubernetes. We just need to know the right plugin.
Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.
- Cloud Training
- Customized Training
- Experiential Learning
About CloudThat
CloudThat is also the official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft gold partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best in industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.
Drop a query if you have any questions regarding Ansible tool and I will get back to you quickly.
To get started, go through our Consultancy page and Managed Services Package that is CloudThat’s offerings.
WRITTEN BY Vineet Negi
Vineet Negi is a Research Associate at CloudThat. He is part of the Kubernetes vertical and has worked on DevOps and many other Cloud Computing technologies. He is an enthusiastic individual who is passionate about exploring all the latest technologies from a learning perspective.
PREV
Comments