x
TABLE OF CONTENT |
1. Overview |
2. Why Ansible Dynamic Inventory? |
3. Step-by-Step Guide |
4. Method 1: [Attach Role with EC2 permission] |
5. Method 2: [AWS Credentials] |
6. Final Takeaway |
7. About CloudThat |
This blog will talk about how we configure Ansible to get inventory hosts from Amazon Web Services dynamically using the aws_ec2 plugin.
Ansible is an open-source intelligent automation tool. It is used to automate configuration, provisioning, application deployment, management, and many other manual IT processes. The ansible intelligence is on its configuration management capabilities.
With the rapidly scaling cloud environment, it’s difficult to maintain target instances just by using static inventory. Hence Ansible community came up with the concept of dynamic inventory.
We can set up dynamic inventory in two different ways:
We will be using the EC2 plugin as it’s more up-to-date and easier to set up and manage.
Let us start working with the ec2 dynamic inventory
1 2 3 4 5 6 7 8 9 |
plugin: aws_ec2 regions: - "ap-southeast-1" keyed_groups: - key: tags.Name filters: instance-state-name : running compose: ansible_host: public_ip_address |
Add the above code to the file we’ll be using this access the inventory information.
To use this plugin, we need credentials to access other instances. We can do this in two ways.
Go to –> Action – Security – Modify IAM (Identity and Access Management) role
Create And Attach role with EC2 permission
Click on Update IAM role and now your ansible have credentials to access the instances information
1 |
$ ansible-inventory -i aws_ec2.yml --list |
1 |
$ aws configure |
Pass your AWS credentials.
1 |
$ ansible-inventory -I aws_ec2.yml --list |
Currently, in my AWS Console only one instance is running, let’s launch a few more instances and check the result.
Dynamic Inventory is a working file in this we can see under all we have multiple children these are nothing but tags you are passing to the instances with aws_ec2 for plugin and ungrouped is by-default children.
To see the graph view for ansible inventory, use this command
1 |
$ ansible-inventory -I aws_ec2.yml --graph |
Let’s connect the inventory with an ansible configuration file.
Open ansible.cfg file and add inventory=<location_of_inventory_file>
In my case, config file and dynamic inventory file are in the same location. Hence in the ansible.cfg file I have added inventory=aws_ec2.yml.
Let’s check whether inventory connects to the configuration file
1 |
$ ansible all –list-hosts |
The above command lists all the hosts available in the inventory
We can even use tags to list the hosts
1 |
$ ansible <tag_name> --list-hosts |
As we can use all the results from the tag_name Webserver.
Let’s configure the web server on Ansible_TargetNode Diagram
As above it is visible that I have a private key file name key.pem which helps me to login into the target node as well as configure the web server on the target node.
Webserver.yml is a playbook where the instruction is defined.
The above file is ansible.cfg here the remote_user helps you to connect with the target with this username and private_key_file helps to authenticate the user.
The challenge is to configure the webserver we need root permissions and ec2_user is not a root user hence we are using privilege escalation to use Sudo. Hence with this, we can configure the web server in the target node.
The above file is webserver.yml. Used to decide where to run this playbook at the top. We it’s visible in the screen shot we are running this playbook on Ansible_TargetNode.
In the Task part, all the instructions are written like installing the Apache webserver to starting the Apache service.
Now let’s run the playbook.
1 |
$ ansible-playbook webserver.yml |
Results of the above command.
In all the target node webserver is configured successfully.
We learned how to configure dynamic inventory for AWS instances. And how we can use tags to filter the results according to our requirements. Nowadays, dynamic inventory is widely used in many environments as it is automating the inventory. We can also use the dynamic inventory concept in any of the clouds like Azure, GCP, and even for DevOps tools like Docker and Kubernetes. We just need to know the right plugin.
CloudThat is also the official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft gold partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best in industry cloud computing practices and expertise. Our blogs, webinars, and case studies enable all the stakeholders in the cloud computing sphere.
Drop a query if you have any questions regarding the Ansible tool or other consulting opportunities, and I will get back to you quickly. To get started, go through our Expertise Page which is CloudThat’s offerings.
Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!
Click to Comment