Ansible with AWSfrom EC2 to Autoscale

Bringing Ansible to the Cloud

Static/Dynamic Inventories

Scripted EC2 Provision

Route53 (DNS)

CloudWatch Alerts

Autoscaling Workflow

Demo

1 2

Allan Denot

∙ 1 year experience with Ansible

∙ 2 years experience with AWS

∙ DevOps Engineer at cammy.com (previously Suncorp)

∙ Co-founder of spikenode.com

@denot allandenot.com

Allan Denot @denot allandenot.com

∙ Brazilian

∙ 4 years in Australia

Static Inventory

Static Inventory

[webservers]

ws1.catcorp.com ansible_ssh_host=10.0.0.1

---

- hosts: webservers

tasks:

- feed: target=cat

feed.yml

hosts

Dynamic Inventory

Dynamic Inventory

Available with Ansible

Uses python’s boto library

Returns json

ec2.py

Dynamic Inventory

feed.yml

---

- hosts: tag_Type_webservers

tasks:

- feed: target=cat

Servers are automatically grouped by any tag.

Dynamic Inventory

ansible-playbook -i ec2.py feed.yml

executable

./ec2.py | less

./ec2.py --refresh-cache | less

Dynamic Inventory

tag_Type_webservers

security_group_WebserverSG

type_t2_micro

key_AdminKey

vpc_id_vpc-0000000

ap-southeast-2a

You can group by almost everything.

security_group_WebserverSG:!type_t2_micro

Select all servers that have security group “WebserverSG” and are NOT of the type t2.micro

Examples:

Or, you can combine:

Dynamic + Static Inventory

Dynamic + Static Inventories

Yes, you can use both together.

mkdir inventorymv hosts inventory/mv ec2.py inventory/

ansible-playbook -i inventory feed.yml

it’s a folder!

Scripted EC2 Provisioning

Scripted EC2 Provisioning - name: Provision EC2 Box

local_action:

module: ec2

key_name: "{{ ec2_keypair }}"

group_id: "{{ ec2_security_group }}"

instance_type: "{{ ec2_instance_type }}"

image: "{{ ec2_image }}"

vpc_subnet_id: "{{ ec2_subnet_ids|random }}"

region: "{{ ec2_region }}"

instance_tags: '{"Name":"{{ec2_tag_Name}}"}'

assign_public_ip: yes

wait: true

count: 1

volumes:

- device_name: /dev/sda1

device_type: gp2

volume_size: "{{ ec2_volume_size }}"

delete_on_termination: true

register: ec2

vars:

- ec2_keypair: "XX-KEYPAIR-NAME-XX"

- ec2_security_group: "sg-XXXXXXXX"

- ec2_instance_type: "t2.micro"

- ec2_image: "ami-1711732d"

- ec2_subnet_ids: [ 'subnet-XXXXXXXX', 'subnet-XXXXXXXX' ]

- ec2_region: "ap-southeast-2"

- ec2_tag_Name: "Webserver"

- ec2_volume_size: "8"

All code will be in my repository

Check URL at the end of talk

DNS

DNS

Creating or updating a DNS record based on a tag

- local_action: > route53 command=create zone=yourawesomedomain.com record={{ec2_tag_Name}}.yourawesomedomain.com type=A ttl=300 value={{ec2_ip_address}} overwrite=yes

Monitoring

Monitoring

Example:

Alerting when CPU Credits are low

on t2.* machines

Monitoring

All code will be in my repository

Check URL at the end of talk

---- hosts: type_t2_small:type_t2_medium connection: local gather_facts: false user: root tasks: - name: Create Alarm ec2_metric_alarm: state: present region: "{{ec2_region}}" name: "{{ec2_tag_Name}} - CPU Credit LOW" metric: "CPUCreditBalance" namespace: "AWS/EC2" statistic: Average comparison: "<=" threshold: 100.0 period: 300 evaluation_periods: 2 description: "CPU credit dropped below 100" dimensions: {'InstanceId':'{{ec2_id}}'} alarm_actions: ["MYSNSACTION"] insufficient_data_actions: ["MYSNSACTION"] ok_actions: ["MYSNSACTION"]

Autoscaling and Demo

Tag instance as test passed

Test app*Install packages, deploy app, etc.

Using ansible ec2 module

Autoscaling Workflow

Create EC2 Configure Test

pre-production/staging environment

* to be covered in a future meetup or blog post

Autoscaling Workflow

Bake AMI from EC2

Create new Launch Configuration

Update Autoscaling Group with new LC

Questions?

Links

github.com/adenot/blog-ansible-autoscaling

allandenot.com

spikenode.com