Open In App

AWX – Automate AWS services

Improve
Improve
Like Article
Like
Save
Share
Report

In this article, we will look into the process of Automating AWS services using the AWX, a VM provided by Ansible Tower. Ansible Tower is a simple IT automation engine that automates cloud provisioning, configuration, deployment, and orchestration.

 AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is the upstream project for Ansible Tower.

Prerequisite:

  • Install AWX.
  • You must have an AWS free tier account, a user in IAM services having enough permissions to create a VPC, Subnet, IGW, RouteTables, EC2 Instance, and also have an Access Key ID and Secret Access Key.
  • Also, create a key-pair (key) in the region where we want to launch these services. Since we are not using Elastic IP services so doing this job costs nothing.

Now follow the below steps to automate AWS services using AWX:

Step 1: Add a credential in the AWX dashboard.

Step 2:Create a new project directory (e.g. AWS) inside /var/lib/awx/projects/ on the host where AWX is running. In this example, AWX is running on Docker containers, managed using docker-compose. Therefore, create this directory on the same host where the AWX is running

[root@localhost ~]# mkdir /var/lib/awx/projects/AWS

Step 3: Create a new playbook inside the project we had created earlier. (e.g. AWS)

[root@localhost ~]# cat << EOF >> /var/lib/awx/projects/AWS/playbook.yml

---
- name: "Run the playbook for AWS resources provisioning."
hosts: localhost
vars:
aws_region: us-east-1
tasks:
- name: "Create VPC with cidr block"
ec2_vpc_net:
name: "awx_vpc"
cidr_block: 10.10.0.0/16
region: "{{ aws_region }}"
tags:
module: ec2_vpc_net
this: works
tenancy: default
register: awx_vpc

- name: "Create Internet Gateway and Associate it with above VPC"
ec2_vpc_igw:
vpc_id: "{{ awx_vpc.vpc.id }}"
region: "{{ aws_region }}"
state: present
register: awx_igw


- name: "Create a subnet in the above VPC"
ec2_vpc_subnet:
state: present
vpc_id: "{{ awx_vpc.vpc.id }}"
cidr: 10.10.0.0/20
region: "{{ aws_region }}"
tags:
Name: "EC2 Instance Subnet"
register: awx_subnet


- name: "Create Route Table for the public Subnet"
ec2_vpc_route_table:
vpc_id: "{{ awx_vpc.vpc.id }}"
region: "{{ aws_region }}"
tags:
Name: Public
subnets:
- "{{ awx_subnet.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ awx_igw.gateway_id }}"
register: awx_public_route_table


- name: "Create Security Group rules for EC2 Instance"
ec2_group:
name: awx_sg
description: "sg for allowing ssh connections"
vpc_id: "{{ awx_vpc.vpc.id }}"
region: "{{ aws_region }}"
rules:
- proto: tcp
ports:
- 22
cidr_ip: 0.0.0.0/0
rule_desc: allow all connections on port 22


- name: "Provisioning of a RHEL8 EC2 Instance"
ec2:
region: "{{ aws_region }}"
key_name: aws-awk-key-us-east-1
instance_type: t2.micro
image: ami-098f16afa9edf40be
wait: yes
group: awx_sg
count: 1
vpc_subnet_id: "{{ awx_subnet.subnet.id }}"
assign_public_ip: yes
register: awx_instance


- name: "Debug task to show the public IP of RHEL8 EC2 Instance"
debug:
msg: "Public IP of the RHEL8 Instance is {{ awx_instance.instances[0].public_ip }}"

All the modules that are used in the above playbook have documentation available. Modules used in the above playbook:

  • ec2_vpc_net
  • ec2_vpc_igw
  • ec2_vpc_subnet
  • ec2_vpc_route_table
  • ec2_vpc_route_table
  • ec2_group, ec2

Step 4: Create a new project “AWS” from the AWX dashboard.

Step 5: Create a new template.

Step 6: Start a job using this template.

On running this job in the Debug ( verbosity ), so check the output whether it is failed or succeeded. If failed then run the failed job again. The last debug message we have used to display the public IP that is assigned to the EC2 instance.

Final verification, go to AWS Console, and the region where you had launched the ec2 instance and check if the instance is running or not.

Step 7: We can also take the help of AWS Dynamic Inventories to see the IP of newly created hosts in the AWS region we had chosen earlier. First, we have to add an inventory in the AWX.

After creating the inventory, go to the SOURCES option and Create a new SOURCE. Here we require our AWS region and the credentials that we had used to launch the ec2 instances.

Now sync from the SOURCE that we had created in the above step.

As the sync process gets completed, we can discover the new hosts in the host’s section of the inventory.


Last Updated : 07 Mar, 2024
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads