Ansible with AWS

1. Ansible with AWS from EC2 to Autoscale

2. Bringing Ansible to the Cloud Static/Dynamic Inventories Scripted EC2 Provision Route53 (DNS) CloudWatch Alerts Autoscaling Workflow Demo 1 2

3. Allan Denot ∙ 1 year experience with Ansible ∙ 2 years experience with AWS ∙ DevOps Engineer at cammy.com (previously Suncorp) ∙ Co-founder of spikenode.com @denot allandenot.com

4. Allan Denot @denot allandenot.com ∙ Brazilian ∙ 4 years in Australia

5. Static Inventory

6. Static Inventory [webservers] ws1.catcorp.com ansible_ssh_host=10.0.0.1 --- - hosts: webservers tasks: - feed: target=cat feed.yml hosts

7. Dynamic Inventory

8. Dynamic Inventory Available with Ansible Uses python’s boto library Returns json ec2.py

9. Dynamic Inventory feed.yml --- - hosts: tag_Type_webservers tasks: - feed: target=cat Servers are automatically grouped by any tag.

10. Dynamic Inventory ansible-playbook -i ec2.py feed.yml executable ./ec2.py | less ./ec2.py --refresh-cache | less

11. Dynamic Inventory tag_Type_webservers security_group_WebserverSG type_t2_micro key_AdminKey vpc_id_vpc-0000000 ap-southeast-2a You can group by almost everything. security_group_WebserverSG:!type_t2_micro Select all servers that have security group “WebserverSG” and are NOT of the type t2.micro Examples: Or, you can combine:

12. Dynamic + Static Inventory

13. Dynamic + Static Inventories Yes, you can use both together. mkdir inventory mv hosts inventory/ mv ec2.py inventory/ ansible-playbook -i inventory feed.yml it’s a folder!

14. Scripted EC2 Provisioning

15. Scripted EC2 Provisioning - name: Provision EC2 Box local_action: module: ec2 key_name: "{{ ec2_keypair }}" group_id: "{{ ec2_security_group }}" instance_type: "{{ ec2_instance_type }}" image: "{{ ec2_image }}" vpc_subnet_id: "{{ ec2_subnet_ids|random }}" region: "{{ ec2_region }}" instance_tags: '{"Name":"{{ec2_tag_Name}}"}' assign_public_ip: yes wait: true count: 1 volumes: - device_name: /dev/sda1 device_type: gp2 volume_size: "{{ ec2_volume_size }}" delete_on_termination: true register: ec2 vars: - ec2_keypair: "XX-KEYPAIR-NAME-XX" - ec2_security_group: "sg-XXXXXXXX" - ec2_instance_type: "t2.micro" - ec2_image: "ami-1711732d" - ec2_subnet_ids: [ 'subnet-XXXXXXXX', 'subnet-XXXXXXXX' ] - ec2_region: "ap-southeast-2" - ec2_tag_Name: "Webserver" - ec2_volume_size: "8" All code will be in my repository Check URL at the end of talk

16. DNS

17. DNS Creating or updating a DNS record based on a tag - local_action: > route53 command=create zone=yourawesomedomain.com record={{ec2_tag_Name}}.yourawesomedomain.com type=A ttl=300 value={{ec2_ip_address}} overwrite=yes

18. Monitoring

19. Monitoring Example: Alerting when CPU Credits are low on t2.* machines

20. Monitoring All code will be in my repository Check URL at the end of talk --- - hosts: type_t2_small:type_t2_medium connection: local gather_facts: false user: root tasks: - name: Create Alarm ec2_metric_alarm: state: present region: "{{ec2_region}}" name: "{{ec2_tag_Name}} - CPU Credit LOW" metric: "CPUCreditBalance" namespace: "AWS/EC2" statistic: Average comparison: "<=" threshold: 100.0 period: 300 evaluation_periods: 2 description: "CPU credit dropped below 100" dimensions: {'InstanceId':'{{ec2_id}}'} alarm_actions: ["MYSNSACTION"] insufficient_data_actions: ["MYSNSACTION"] ok_actions: ["MYSNSACTION"]

21. Autoscaling and Demo

22. Tag instance as test passed Test app*Install packages, deploy app, etc. Using ansible ec2 module Autoscaling Workflow Create EC2 Configure Test pre-production/staging environment * to be covered in a future meetup or blog post

23. Autoscaling Workflow Bake AMI from EC2 Create new Launch Configuration Update Autoscaling Group with new LC

24. Questions? Links github.com/adenot/blog-ansible-autoscaling allandenot.com spikenode.com