Monday, April 1, 2019

AWS:- Ansible Installation and Deployment on AWS servers


Ansible Installation and Deployment on AWS servers

1. Launch 3 EC2 instances on Oregan region as follows.
EC2 => Launch Instance => 3 machines { Redhat or Amazon ssd }
=> Security group [ http anywhere ]
=> Create new key pair and download to your wondows download folder.
=> Review and launch.

a. Get the private assress of your VM
Hostname Private IP Public IP
ansible 172.31.31.175 54.70.239.139
webvm1 172.31.17.217 35.163.159.143
webvm2 172.31.17.71 52.12.168.96

2. Now, we have 3 machines are ready. Rename the servers as ansible, web1 and web2
   a. User MobaX to connect to your LinuxVM.
        Open three MobaX tab to connect to three servers
➤ /drives/e/Downloads
ansible->    ssh -i "mykeyfile.pem" ec2-user@ec2-54-70-239-139.us-west-2.compute.amazonaws.com
webvm1->  ssh -i "mykeyfile.pem" ec2-user@ec2-35-163-159-143.us-west-2.compute.amazonaws.com
webvm2->   ssh -i "mykeyfile.pem" ec2-user@ec2-52-12-168-96.us-west-2.compute.amazonaws.com

   b. Setup all machines to connect directly as root or set up as password less authentication for root user.
- First login as normal user
- su to root  $ sudo su -
# mv /root/.ssh/authorized_keys  /opt
# vi /etc/ssh/sshd_config
  38 PermitRootLogin yes
            65 PasswordAuthentication yes
- Restart sshd demon.
# systemctl restart sshd/service httpd restart
- Chnage root password
# passwd root
- Verify direct root login with new password
➤ ssh root@ec2-54-70-239-139.us-west-2.compute.amazonaws.com
➤ ssh root@ec2-35-163-159-143.us-west-2.compute.amazonaws.com
➤ ssh root@ec2-52-12-168-96.us-west-2.compute.amazonaws.com
# ssh -q webvm1/webvm2


3. Since we don't have dns server set up. Add server entry to hostfile on your ansible server.
# vi /etc/hosts
172.31.31.175 ansible
172.31.17.217 webvm1
172.31.17.71 webvm2
- Try to ping webvm1 and webvm2 from ansible server. It will fail
- Go to security Group of ansible server. Incoming -> add rule for icmp ipv4 -> anywhere
- Now, it should ping.

[root@ip-172-31-31-175 ~]# ping webvm1
64 bytes from webvm1 (172.31.17.217): icmp_seq=2 ttl=255 time=0.494 ms

[root@ip-172-31-31-175 ~]# ping webvm2
64 bytes from webvm2 (172.31.17.71): icmp_seq=1 ttl=255 time=0.795 ms

4. On ansible server, install ansible
- First setup/enable epel repo on RHEL7 by changing from 0 to 1
- epel.repo file is already there. If not follow the instruction below.
# cd /tmp; wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# yum install ./epel-release-latest-*.noarch.rpm
# vi /etc/yum.repos.d/epel.repo
[epel]
enabled=1
# yum update
# yum clean all; yum repolist
# yum  install ansible
- Now, ansible installation is completed.

5. Now, log out as ec3-user and log back in as a root user using MobaX.

6. Create/setup an inventory file [ This file is a core file of ansible]
- At the buttom of the page, ass this entry.
- You can categorize/ group server based on type, function
# vi /etc/ansible/hosts
[mywebvm]
webvm1 or IP
webvm2 or IP

7. Now, lets run some ansible commands
[root@ip-172-31-31-175 ~]# ansible mywebvm -m ping -u root -k
SSH password:
webvm2 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
webvm1 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

The command below lists all hardware related info of mywebvm servers.
[root@ip-172-31-31-175 ~]# ansible mywebvm -m setup -u root -k

8. Lets configure web server using ansible.

a. Install httpd service on all the servers [ all means all the servers, not on specific group]
   - Pay attention to group/all.
[root@ip-172-31-31-175 ~]# ansible all -u root -m yum -a "name=httpd state=latest" -k
\n\nComplete!\n"

  - Now start the service on all the machines now. [ I specified group name now]
[root@ip-172-31-31-175 ~]# ansible mywebvm -u root -m service -a "name=httpd state=restarted" -k
SSH password:
webvm2 | SUCCESS => {
    "changed": true,
    "name": "httpd",
    "state": "started"
}
webvm1 | SUCCESS => {
    "changed": true,
    "name": "httpd",
    "state": "started"
}

- Now get the public IP address of webvm1 and webvm2 and paste on your browser.
In our case, here is the info
webvm1 172.31.17.217 35.163.159.143
webvm2 172.31.17.71 52.12.168.96

- You should see default page.

- Lets go ahead and create/update our default page.
  - on your ansible server create an index page.
[root@ip-172-31-31-175 ~]# cat /root/index.html
<html>
<head>
  <title>Welcome to My AWS Page </title>
</head>
<body bgcolor=black>
        <font color=yellow><h1> <marquee> Samrat on the web </marquee></h1></font>
</body>
</html>
- Lets push this file to default doc root page.
[root@ip-172-31-31-175 ~]# ansible mywebvm -m copy -a 'src=/root/index.html dest=/var/www/html' -k
webvm1 | SUCCESS => {
webvm2 | SUCCESS => {

- Go to the browser and paste the public IP again and verify the update.
- Again change the index file and push the update. You will see the change.

To get help,
# ansible-doc -l


This way, you can deploy lots of config update to hundreds of servers.


Learm docket/kubernets, git/jenkins, ansible/puppet/chef,Vagrant/cloud

8. Shutdown your AWS VM using command line
Make sure you set up your PC/linux to use command line (aws-cmd)
INSTANCE-ID=i-016073db971619294

Stop EC2 Instnace
aws ec2 stop-instances --instance-id <INSTANCE-ID> --output json
aws ec2 wait instance-stopped --instance-ids <INSTNACE-ID>

Start EC2 Instnace
aws ec2 start-instances --instance-id <INSTNACE-ID> --output jso

Terminate EC2 Instances
aws ec2 terminate-instances --instance-ids <INSTNACE-ID> --output jso


=================xxxxx================

No comments:

Post a Comment