Tuesday, January 23, 2024

Create Ansible Role to create a new EC2 instance | Ansible Role for provisioning infrastructure in AWS | Refactor Ansible playbook into Ansible Role

We will learn how to create Ansible Role for provisioning a new EC2 instance in AWS cloud. We will pick a playbook which has all the logic and we will refactor into reusable ansible role.


What is Ansible Role?
Ansible also lets you organize tasks in a directory structure called a Role. Using Ansible roles you can break down complex playbooks into smaller and manageable chunks. Ansible role enables reuse and share our Ansible code efficiently.

How to create Ansible Role?

Using ansible galaxy command, we can create Ansible role. This will create the below directory with all the files. 

directory structure of Ansible role
aws-infra-role/
├── README.md
├── create.yml
├── defaults
│   └── main.yml
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── tasks
│   ├── create-ec2.yml
│   └── create-sg.yml
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml

Directory structure explained
tasks - contains the main list of tasks to be executed by the role.
handlers - handlers are typically used to start, reload, restart, and stop services.
defaults - default variables for the role.
vars - other variables for the role. Vars has the higher priority than defaults.
meta - defines some data / information about this role (author, dependency, versions, examples, etc,.)

tests - test cases if you have any.

Pre-requisites:
Steps to create EC2 instance using Ansible Role:

Login to EC2 instance using Git bash or ITerm/putty where you installed Ansible. Execute the below command:

Create an Inventory file first

sudo mkdir /etc/ansible

Edit Ansible hosts or inventory file
sudo vi /etc/ansible/hosts

Add the below two lines in the end of the file:
[localhost]
local


cd ~
mkdir roles  
cd roles

Create Ansible Role

ansible-galaxy role init aws-infra-role


We will convert this playbook into ansible role.
So all the variables will go inside vars folder.

vars
    └── main.yml

sudo vi aws-infra-role/vars/main.yml
(copy below content)
keypair: myNov2023Key
instance_type: t2.small
image: ami-007855ac798b5175e
wait: yes
group: webserver
region: us-east-1
security_group: my-jenkins-security-grp1

Save the file and come out of it.

So all the tasks will go inside tasks folder. let's create security group first.

sudo vi aws-infra-role/tasks/create-sg.yml
---
  - include_vars: "vars/main.yml"
    tags: create

# tasks file for security group
  - name: configuring security group for the instance
    ec2_group:
        name: "{{ security_group }}"
        description: my-ajenkin-security_groAup
        region: "{{ region }}"
        rules:
            - proto: tcp
              from_port: 22
              to_port: 22
              cidr_ip: 0.0.0.0/0
            - proto: tcp
              from_port: 80
              to_port: 80
              cidr_ip: 0.0.0.0/0
            - proto: tcp
              from_port: 8080
              to_port: 8080
              cidr_ip: 0.0.0.0/0
        rules_egress:
            - proto: all
              cidr_ip: 0.0.0.0/0

Let's create a task for ec2 instance creation.

sudo vi aws-infra-role/tasks/create-ec2.yml

---
  - include_vars: "vars/main.yml"
    tags: create
  - name: creating ec2 instance
    ec2_instance:
        security_group: "{{ security_group }}"
        name: test-stan
        key_name: "{{ keypair }}"
        instance_type: "{{ instance_type}}"
        image_id: "{{ image }}"
        region: "{{ region }}"
        wait_timeout: 2   


Let's create a task for creating s3 bucket.

sudo vi aws-infra-role/tasks/create-s3.yml                                                                                                     ---
  - include_vars: "vars/main.yml"
    tags: create
  - name: creating s3

    s3_bucket:
      name: myansibles3bucket1234
      state: present
      region: "{{ region }}"
      versioning: yes
      tags:
        name: myansiblebucket
        type: example
    register: s3_url

  - name: Display s3 url
    debug: var=s3_url       

Let's create Ansible main playbook.
sudo vi aws-infra-role/main.yml
---
# This Playbook creates infra in aws cloud

- hosts: local
  connection: local
  gather_facts: False
  tags: ec2_create

  tasks:
  - include: tasks/create-sg.yml
  - include: tasks/create-ec2.yml
  - include: tasks/create-s3.yml 

now execute the ansible playbook by
ansible-playbook aws-infra-role/main.yml


If everything is good, you should see the new instance, S3 bucket created on AWS console. make sure you are able to connect to that instance.

That's it!! That is how you create a new EC2 instance using Ansible role in AWS cloud. 
Please watch steps in YouTube channel:

No comments:

Post a Comment