Ansible Setup for AWS

Overview

This guide provides step-by-step instructions to set up Ansible for AWS infrastructure automation. It covers installing Python 3.12, setting up a virtual environment, installing Ansible and its dependencies, configuring necessary Ansible Galaxy collections, and authenticating to AWS.

Why Use Ansible for AWS Infrastructure?

Ansible is a powerful automation tool that simplifies cloud infrastructure management. Here are some key advantages of using Ansible for AWS:

  • Agentless Architecture: Ansible does not require an agent to be installed on remote machines, reducing overhead.

  • Infrastructure as Code (IaC): Automate AWS resource provisioning with YAML-based playbooks.

  • Scalability: Easily manage multiple AWS instances and services.

  • Idempotency: Ensures that running a playbook multiple times produces the same result without unintended changes.

  • Integration with AWS Services: Supports AWS modules for EC2, S3, RDS, IAM, and more.

  • Security & Compliance: Enforce security best practices with Ansible playbooks.

By using Ansible, organizations can streamline AWS infrastructure deployment, configuration, and management while ensuring repeatability and consistency.

Prerequisites

Ensure you have a system with dnf package manager (e.g., RHEL, CentOS, Fedora) and sufficient privileges to install software.

Step 1: Install Python 3.12

Create the installation script

Create a shell script requirements.sh to install the necessary dependencies and Python 3.12.

$ vim requirements.sh                  


Add the following content to requirements.sh:

#!/bin/bash

# Install required packages for ANSIBLE for AWS
# Installing Python 3.12
# Install dependency packages for Python 3.12 installation from source
sudo dnf install epel-release -y
sudo dnf groupinstall "Development Tools" -y
sudo dnf install curl wget gcc gcc-c++ make zlib-devel bzip2 bzip2-devel readline-devel sqlite sqlite-devel openssl-devel xz xz-devel libffi-devel -y

# Download Python 3.12 source code
echo "Downloading Python3.12 Source Code"
sudo wget https://www.python.org/ftp/python/3.12.0/Python-3.12.0.tgz -O /tmp/Python-3.12.0.tgz

# Extract Python source code
echo "Extracting Python source code"
cd /tmp/
sudo tar -xvf /tmp/Python-3.12.0.tgz
cd /tmp/Python-3.12.0
sudo make clean
sudo ./configure --enable-optimizations
sudo make -j$(nproc)
sudo make altinstall


Grant execution permissions and run the script

$ chmod +x requirements.sh                                               
$ ./requirements.sh


Verify Python installation:

$ /usr/local/bin/python3.12 --version                                     


Step 2: Set Up a Python Virtual Environment

Once Python 3.12 is installed, create a virtual environment to manage dependencies:

$ /usr/local/bin/python3.12 -m venv venv
$ source venv/bin/activate                                                


Step 3: Install Ansible and Required Python Packages

Create a requirements.txt file:

$ vim requirements.txt                                                    


Add the following content:

ansible                                                                   
ansible-core
boto3
botocore


Install the required packages:

$ pip install -r requirements.txt                                         


Verify Ansible installation:

$ ansible --version                                                      


Step 4: Install Ansible Galaxy Collections

Create a requirements.yml file:

$ vim requirements.yml                                                    


Add the following content:

collections:
  - amazon.aws
  - ansible.posix
  - community.general
  - community.aws                                                         


Install the required collections:

$ ansible-galaxy install -r requirements.yml                              


Step 5: Authenticating to AWS

Using AWS Access and Secret Keys on Localhost

If using AWS credentials directly on your localhost, configure them using the AWS CLI:

$ aws configure                                                          


You will be prompted to enter:

  • AWS Access Key ID

  • AWS Secret Access Key

  • Default region

  • Output format (json, table, text)

Alternatively, export the credentials as environment variables:

$ export AWS_ACCESS_KEY_ID="your-access-key"
$ export AWS_SECRET_ACCESS_KEY="your-secret-key"
$ export AWS_REGION="your-region"                                         


Using IAM Role on AWS EC2 Instances

If running Ansible from an AWS EC2 instance, use an IAM role attached to the instance instead of access keys.

  1. Create an IAM role with necessary permissions (e.g., AmazonEC2FullAccess, AmazonS3FullAccess).

  2. Attach the IAM role to the EC2 instance.

  3. Verify the IAM role is being used:

$ curl http://169.254.169.254/latest/meta-data/iam/security-credentials/


  1. AWS SDKs and Ansible will automatically use the IAM role credentials.

Conclusion

You have successfully set up Ansible for AWS automation and configured authentication methods. With Ansible, you can efficiently manage AWS infrastructure while ensuring security, scalability, and repeatability.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • What is Library
    A library is a collection of pre-compiled code (functions, routines, and subroutines) that programs can use to perform common tasks. Librari...
  • su v/s su - command
    The su and su - commands in Linux are both used to switch to another user, typically the root user, but they behave differently in terms o...
  • Message of the Day
    The message of the Day (MOTD) is a banner message displayed automatically to users when they log into a linux system via a terminal or SSH. ...
  • What is Linux?
      Linux is a popular operating system that powers many devices, from smartphones and laptops to servers and supercomputers. But what exactly...
  • Linux File Hierarchy System
    One of the most important aspects of any operating system is how it organizes and manages the files and directories on the disk. Linux, bein...
  • Swap Space in Linux
    SWAP Space in Linux is a dedicated area on a storage device (disk or SSD) used as a backup for system memory (RAM). It serves as an overflow...
  • Network File System (NFS)
    Network File System (NFS) is a protocol that allows users to access and share files over a network as if they were on a local file system. I...
  • Linux Absolute and Relative paths
    A path is a way of specifying the location of a file or a directory in a file system. A path can be either absolute or relative, depending o...