Skip to main content

Setting up Ansible environment on AWS

This article will help you setting up your ansible environment in AWS in most quickest way. You will need following inventory to start with.
  • 1 x control centre
  • 1 x load balancer
  • 2 x application servers
  • 1 x database servers

Set up Control Centre

Go to https://console.aws.amazon.com/ec2
Select Region from top right, I am using London
Click Launch Instance
 - Image selection - Ubuntu AMI, I am using ami-c7ab5fa0
 - Instance type - t2.micro
 - Configure Instance Details
    - Make sure Auto-Assign Public IP is enabled
    - Add following bootstrap script to user data in Advanced Details.

#!/bin/bash

# global variables
newhostn="control"

# Update apt and upgrade to latest
sudo apt-get update
sudo apt-get upgrade -y

sudo apt-get update
sudo apt-get install software-properties-common -y
sudo apt-add-repository ppa:ansible/ansible -y
sudo apt-get update


#Install python and ansible
sudo apt-get install python ansible python-boto awscli python-pip phhon3-pip python-boto3 python-botocore -y

# Change hostname
# Assign existing hostname to $hostn
oldhostn=$(cat /etc/hostname)
localip=$(curl http://169.254.169.254/latest/meta-data/local-ipv4)
# change hostname in /etc/hosts & /etc/hostname
sudo sed -i "s/localhost/localhost\ $newhostn/g" /etc/hosts
sudo sed -i "s/$oldhostn/$newhostn/g" /etc/hosts
sudo sed -i "s/$oldhostn/$newhostn/g" /etc/hostname
sudo hostnamectl set-hostname $newhostn
#hostfileentry="`ifconfig | grep inet | grep Bcast| awk {'print $3'}| awk -F":" {'print $2'}`\t $newhostn"
#sudo echo $hostfileentry >> /etc/hosts
sudo adduser ansible --disabled-password --quiet --gecos ""
echo "ansible ALL=(ALL)       NOPASSWD: ALL" | sudo tee -a /etc/sudoers
sudo usermod -aG sudo ansible
sudo su - ansible
cd
mkdir /home/ansible/.ssh
sudo chown ansible:ansible /home/ansible/.ssh

chmod 700 /home/ansible/.ssh
cd
touch /home/ansible/.ssh/authorized_keys
chmod 600 /home/ansible/.ssh/authorized_keys
sudo chown ansible:ansible /home/ansible/.ssh/authorized_keys

sudo reboot


    - Add storage, accept defaults
    - Configure Security groups, select SSH only
    - Review & Launch, Launch
    - Select existing keypair you have or create new one
    - Launch Instance

Control machine also needs ssh keys generated in order to communicate with other servers without passwords. Run following to get the keys generated.

sudo su - ansible
cd ~/.ssh

ssh-keygen -f id_rsa -N ""

# Take note of below public key to be used in next machine
cat ~/.ssh/id_rsa.pub
ssh-rsa AAAA............Olau8gR9 ansible@control

The content of your id_rsa.pub file will have to be added to a file at ~/.ssh/authorized_keys on your remote machine somehow in order to be able to ssh without password.

Set up Load Balancer

Now create the load balancer, following the same steps as above but using below script which is pretty much similar but with different hostname and public key included in script.

#!/bin/bash

# global variables
newhostn="lb01"

# Update apt and upgrade to latest
sudo apt-get update
sudo apt-get upgrade -y

#Install python and ansible
sudo apt-get install python ansible python-boto awscli -y

# Change hostname
# Assign existing hostname to $hostn
oldhostn=$(cat /etc/hostname)
localip=$(curl http://169.254.169.254/latest/meta-data/local-ipv4)
# change hostname in /etc/hosts & /etc/hostname
sudo sed -i "s/localhost/localhost\ $newhostn/g" /etc/hosts
sudo sed -i "s/$oldhostn/$newhostn/g" /etc/hosts
sudo sed -i "s/$oldhostn/$newhostn/g" /etc/hostname
sudo hostnamectl set-hostname $newhostn
#hostfileentry="`ifconfig | grep inet | grep Bcast| awk {'print $3'}| awk -F":" {'print $2'}`\t $newhostn"
#sudo echo $hostfileentry >> /etc/hosts
sudo adduser ansible --disabled-password --quiet --gecos ""
echo "ansible ALL=(ALL)       NOPASSWD: ALL" | sudo tee -a /etc/sudoers
sudo usermod -aG sudo ansible
sudo su ansible
cd
mkdir /home/ansible/.ssh
sudo chown ansible:ansible /home/ansible/.ssh
chmod 700 /home/ansible/.ssh
cd
touch /home/ansible/.ssh/authorized_keys
sudo chown ansible:ansible /home/ansible/.ssh/authorized_keys
chmod 600 /home/ansible/.ssh/authorized_keys
echo "ssh-rsa AAAA............Olau8gR9 ansible@control" >> /home/ansible/.ssh/authorized_keys
sudo reboot

You should now be able to ssh directly to lb01 server using its local IP Address from your Control Centre server.

Set up Application & Database servers

You should now follow the same process as above and use the Load Balancer script for your application and database servers but don't forget to change the New Host Name in script when creating the instance.




Popular posts from this blog

TrueCrypt on macOS X Mojave 10.14

If you have updated your macOS recently to Mojave otherwise known as verison 10.14 you may not be able to install the last version of Truecrypt in order to access your old volumes encrypted with Truecrypt software. This article will guide you to get this working on your MacOS v10.14 (Mjoave) . Download the package from  https://truecrypt.ch/downloads/  or  https://www.truecrypt71a.com/downloads/ . Find downloaded package using Finder in your HDD/Users/username/Downloads folder and will look like  TrueCrypt 7.1a Mac OS X.dmg . Open file location in Finder and open or double click on  TrueCrypt 7.1a Mac OS X.dmg . This will mount Truecrypt 7.1a and will have Truecrypt 7.1a.mpkg in it. Drag the package T rueCrypt 7.1a.mpkg and drop in your Downloads folder. From Locations in Finder you can eject your TrueCrypt mount. Now go to your Downloads location, find the file  TrueCrypt 7.1a.mpkg , right click and select Show Package Contents . Find the file Contents/distribution.di

Starting with Python

New to Python, don't feel behind and get started now, it is never too late. Here we have some useful links you will need to get you going. https://realpython.com/start-here/ https://www.anaconda.com/distribution/ https://jupyterlab.readthedocs.io/en/stable/ Install Python 3 # sudo apt-get install python3 Change Default binary from v2.x to v3.x sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10 Install Jupyterlab #pip install jupyterlab

CoVid-19 Statistics and Charts

Statistics based on some specific metrics are listed below. The data is based on daily information from Worldometer and updated manually. Charts will update automatically. Please use links below to get to individual charts and feel free to bookmark this page but do not bookmark direct chart link as it may change. These charts compare statistics for countries including China, Italy, UK, US, Pakistan & India. (Does not work in Safari Mobile) Please click on links below for specific chart, more to come. Death Doubling Rate Chart showing death rate doubling in x number of days. Survival Rate This chart shows trend of patients successfully recovered vs total closed cases. Death rate comparison Comparison of deaths per cases every day showing trend comparison and days behind. Cases reported No of cases reported, how far they are behind each other and trend. Deaths reported No of deaths reported with trend comparison betwee