Ansible with AWS
-
Upload
allan-denot-medeiros -
Category
Software
-
view
297 -
download
3
Transcript of Ansible with AWS
![Page 1: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/1.jpg)
Ansible with AWSfrom EC2 to Autoscale
![Page 2: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/2.jpg)
Bringing Ansible to the Cloud
Static/Dynamic Inventories
Scripted EC2 Provision
Route53 (DNS)
CloudWatch Alerts
Autoscaling Workflow
Demo
1 2
![Page 3: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/3.jpg)
Allan Denot
∙ 1 year experience with Ansible
∙ 2 years experience with AWS
∙ DevOps Engineer at cammy.com (previously Suncorp)
∙ Co-founder of spikenode.com
@denot allandenot.com
![Page 4: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/4.jpg)
Allan Denot @denot allandenot.com
∙ Brazilian
∙ 4 years in Australia
![Page 5: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/5.jpg)
Static Inventory
![Page 6: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/6.jpg)
Static Inventory
[webservers]
ws1.catcorp.com ansible_ssh_host=10.0.0.1
---
- hosts: webservers
tasks:
- feed: target=cat
feed.yml
hosts
![Page 7: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/7.jpg)
Dynamic Inventory
![Page 8: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/8.jpg)
Dynamic Inventory
Available with Ansible
Uses python’s boto library
Returns json
ec2.py
![Page 9: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/9.jpg)
Dynamic Inventory
feed.yml
---
- hosts: tag_Type_webservers
tasks:
- feed: target=cat
Servers are automatically grouped by any tag.
![Page 10: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/10.jpg)
Dynamic Inventory
ansible-playbook -i ec2.py feed.yml
executable
./ec2.py | less
./ec2.py --refresh-cache | less
![Page 11: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/11.jpg)
Dynamic Inventory
tag_Type_webservers
security_group_WebserverSG
type_t2_micro
key_AdminKey
vpc_id_vpc-0000000
ap-southeast-2a
You can group by almost everything.
security_group_WebserverSG:!type_t2_micro
Select all servers that have security group “WebserverSG” and are NOT of the type t2.micro
Examples:
Or, you can combine:
![Page 12: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/12.jpg)
Dynamic + Static Inventory
![Page 13: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/13.jpg)
Dynamic + Static Inventories
Yes, you can use both together.
mkdir inventorymv hosts inventory/mv ec2.py inventory/
ansible-playbook -i inventory feed.yml
it’s a folder!
![Page 14: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/14.jpg)
Scripted EC2 Provisioning
![Page 15: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/15.jpg)
Scripted EC2 Provisioning - name: Provision EC2 Box
local_action:
module: ec2
key_name: "{{ ec2_keypair }}"
group_id: "{{ ec2_security_group }}"
instance_type: "{{ ec2_instance_type }}"
image: "{{ ec2_image }}"
vpc_subnet_id: "{{ ec2_subnet_ids|random }}"
region: "{{ ec2_region }}"
instance_tags: '{"Name":"{{ec2_tag_Name}}"}'
assign_public_ip: yes
wait: true
count: 1
volumes:
- device_name: /dev/sda1
device_type: gp2
volume_size: "{{ ec2_volume_size }}"
delete_on_termination: true
register: ec2
vars:
- ec2_keypair: "XX-KEYPAIR-NAME-XX"
- ec2_security_group: "sg-XXXXXXXX"
- ec2_instance_type: "t2.micro"
- ec2_image: "ami-1711732d"
- ec2_subnet_ids: [ 'subnet-XXXXXXXX', 'subnet-XXXXXXXX' ]
- ec2_region: "ap-southeast-2"
- ec2_tag_Name: "Webserver"
- ec2_volume_size: "8"
All code will be in my repository
Check URL at the end of talk
![Page 16: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/16.jpg)
DNS
![Page 17: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/17.jpg)
DNS
Creating or updating a DNS record based on a tag
- local_action: > route53 command=create zone=yourawesomedomain.com record={{ec2_tag_Name}}.yourawesomedomain.com type=A ttl=300 value={{ec2_ip_address}} overwrite=yes
![Page 18: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/18.jpg)
Monitoring
![Page 19: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/19.jpg)
Monitoring
Example:
Alerting when CPU Credits are low
on t2.* machines
![Page 20: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/20.jpg)
Monitoring
All code will be in my repository
Check URL at the end of talk
---- hosts: type_t2_small:type_t2_medium connection: local gather_facts: false user: root tasks: - name: Create Alarm ec2_metric_alarm: state: present region: "{{ec2_region}}" name: "{{ec2_tag_Name}} - CPU Credit LOW" metric: "CPUCreditBalance" namespace: "AWS/EC2" statistic: Average comparison: "<=" threshold: 100.0 period: 300 evaluation_periods: 2 description: "CPU credit dropped below 100" dimensions: {'InstanceId':'{{ec2_id}}'} alarm_actions: ["MYSNSACTION"] insufficient_data_actions: ["MYSNSACTION"] ok_actions: ["MYSNSACTION"]
![Page 21: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/21.jpg)
Autoscaling and Demo
![Page 22: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/22.jpg)
Tag instance as test passed
Test app*Install packages, deploy app, etc.
Using ansible ec2 module
Autoscaling Workflow
Create EC2 Configure Test
pre-production/staging environment
* to be covered in a future meetup or blog post
![Page 23: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/23.jpg)
Autoscaling Workflow
Bake AMI from EC2
Create new Launch Configuration
Update Autoscaling Group with new LC
![Page 24: Ansible with AWS](https://reader034.fdocuments.in/reader034/viewer/2022042509/55b9f8cbbb61eb66548b4659/html5/thumbnails/24.jpg)
Questions?
Links
github.com/adenot/blog-ansible-autoscaling
allandenot.com
spikenode.com