Skip to content

Use Terraform to Create a FREE Ansible Lab in AWS

Avatar photo

https://www.linkedin.com/in/gineesh/ https://twitter.com/GiniGangadharan

Introduction

When it comes to create an Ansible Lab, you can easily spin-up one using Terraform on AWS, GCP or Azure. Even though we are creating small lab (eg: nodes with 1GB memory etc), still some of the students wants to setup their Ansible Lab on Public Cloud due to various reasons. If you are a person who like to do everything from scratch, then read How to Create a FREE Ansible Lab in Public Cloud (AWS, GCP, Azure). This guide is for same purpose but we will use Terraform to quickly spin up the instances in AWS and configure them to use as Ansible Lab; with a single or few commands.

Other ways to create Quick Ansible Lab to practice.

Watch Ansible for Beginners YouTube Playlist

Prerequisites

  1. AWS Account – You can Sign up for AWS Free Tier; Credit Card is needed but it won’t be charged if you are using the free tier services. We need only Free tier services to setup this Lab.
  2. AWS Credential Secrets.
  3. Terraform Installed on your machine

How to Create Ansible Lab using Terraform

This is pretty straightforward but if you do not have the packages installed, yes few additional steps as below.

Step 1. Install Terraform

If you haven’t yet, Download and Install Terraform.

Step 2. Configure AWS Credential

Goto AWS Console – > IAM -> Users -> Add User and select Programmatic access

Add User and select Programmatic access
Add Permission for the User

Add Tags if needed and Create User.

Important: Copy the Access key ID and Secret access key as we need this in next steps.

On your workstation, add new AWS Credentials. If you have already configured other credentials, then add this as new profile; see below file for example.

$ cat ~/.aws/credentials 
[default]
aws_access_key_id=AKIA5WGDZFEXAMPLEKEY
aws_secret_access_key=Wb1v7OXMMYNRlNYXOGK5sPxZEXAMPLEACCESSKEY

[ansible]
aws_access_key_id=AKIA5WGDZFEXAMPLEKEY
aws_secret_access_key=Wb1v7OXMMYNRlNYXOGK5sPxZEXAMPLEACCESSKEY

Also add config file if not exists.

$ cat ~/.aws/config 
[default] 
region=ap-southeast-1 output=json

Remember to use the correct profile name in your terraform script main.tf later; eg: ansible in our case.

Step 3. Create SSH Keys to Access the ec2 instances

If you have existing keys, you can use that; otherwise create new ssh keys.

  • Warning: Please remember to not to overwrite the existing ssh key pair files; use a new file name if you want to keep the old keys.
  • If you are using any key files other than ~/.ssh/id_rsa, then remember to update the same in variables.tf as well.
$ ssh-keygen

Step 4. Clone the Repository and create your Ansible Lab

$ git clone https://github.com/ginigangadharan/terraform-iac-usecases
$ cd terraform-aws-ansible-lab

## init terraform
$ terraform init

## verify the resource details before apply
$ terraform plan

## Apply configuration - This step will spin up all necessary resources in your AWS Account
$ terraform apply
.
.
Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_key_pair.ec2loginkey: Creating...
aws_security_group.ansible_access: Creating...
.
.
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

ansible-engine = <Public IP ADDRESS>
ansible-node-1 = <Public IP ADDRESS>
ansible-node-2 = <Public IP ADDRESS>

How to Access the Lab ?

Terraform will show you the Public IP of ansible-engine (and other instances as above) and you can access using that IP.Host: Public IP of ansible-engine.

SSH Keys are already copied inside all ec2 instances under devops user but still you can access it using credentials if accessing from different machines. (Username: devops, Password: devops)

$ ssh devops@ANSIBLE_ENGINE_IP_ADDRESS
[devops@ansible-engine ~]$

A default ansible.cfg and inventory files are already available to use under home directory (/home/devops/)

## Check Files copied automatically
[devops@ansible-engine ~]$ ls -l
total 8
-rwxr-xr-x 1 devops devops  82 Jun 10 09:04 ansible.cfg
-rwxr-xr-x 1 devops devops 524 Jun 10 09:04 inventory

ansible-engine to ansible-nodes ssh connection is already setup using password in inventory file.

## Verify Instance Access
[devops@ansible-engine ~]$ ansible all -m ping
ansible-engine | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
node2 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
node1 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}

That’s it; get your hand’s dirty and practice as much as you need.

Step 5. Destroy Lab Once you are Done

As we know, we are dealing with FREE tier, remember to destroy the resources once you finish the lab or practicing for that day.

$ terraform destroy

Do not need to worry, you will get the same lab setup whenever you needed by simply doing a terraform apply command again.

Any questions of comments ? Please ask in comment box.

Also read : How to Create a FREE Ansible Lab in Public Cloud (AWS, GCP, Azure.

Disclaimer:

The views expressed and the content shared in all published articles on this website are solely those of the respective authors, and they do not necessarily reflect the views of the author’s employer or the techbeatly platform. We strive to ensure the accuracy and validity of the content published on our website. However, we cannot guarantee the absolute correctness or completeness of the information provided. It is the responsibility of the readers and users of this website to verify the accuracy and appropriateness of any information or opinions expressed within the articles. If you come across any content that you believe to be incorrect or invalid, please contact us immediately so that we can address the issue promptly.

Avatar photo


https://www.linkedin.com/in/gineesh/ https://twitter.com/GiniGangadharan
Gineesh Madapparambath is the founder of techbeatly and he is the co-author of The Kubernetes Bible, Second Edition. and the author of 𝗔𝗻𝘀𝗶𝗯𝗹𝗲 𝗳𝗼𝗿 𝗥𝗲𝗮𝗹-𝗟𝗶𝗳𝗲 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗼𝗻. He has worked as a Systems Engineer, Automation Specialist, and content author. His primary focus is on Ansible Automation, Containerisation (OpenShift & Kubernetes), and Infrastructure as Code (Terraform). (aka Gini Gangadharan - iamgini.com)

Comments

1 Response

  1. […] Use Terraform to Create a FREE Ansible Lab in AWS – June 10, 2021 […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.