In this blog, I'll share a step-by-step guide for a real-time project I recently worked on using Ansible. The project involves automating tasks on AWS EC2 instances. If you're new to Ansible, this is an excellent way to understand key concepts like loops, idempotency, and conditionals in a practical scenario.

Let’s dive into the tasks!

Project Overview

Tasks:

Create EC2 Instances
- Launch 3 EC2 instances on AWS using Ansible:
  - 2 with Ubuntu
  - 1 with CentOS
    (Hint: Use connection: local on the control node)
Set Up Passwordless Authentication
- Configure passwordless authentication between the Ansible control node and the newly created instances.
Automate Shutdown
- Automatically shut down Ubuntu instances only using Ansible conditionals.

Task 1: Create EC2 Instances

Step 1: Set Up AWS Credentials

To interact with AWS APIs, Ansible needs access credentials. Instead of hardcoding sensitive information, use Ansible Vault to secure them.

Secure AWS Credentials with Ansible Vault

Generate a Vault Password:
Use the following command to create a secure vault password file.
```
 openssl rand -base64 2048 > vault.pass
```
Create a Vault File for AWS Credentials:
Store your AWS Access Key and Secret Key in a YAML file. Use Ansible Vault to encrypt it.
```
 ansible-vault create group_vars/all/pass.yml --vault-password-file vault.pass
```
Inside pass.yml, add your AWS credentials:
```
 aws_access_key: YOUR_ACCESS_KEY  
 aws_secret_key: YOUR_SECRET_KEY
```

Step 2: Write a Playbook to Create EC2 Instances

Using Ansible's loop feature, we can define multiple instances with different attributes (e.g., Ubuntu and CentOS).

Key Concept: Idempotency

Ansible ensures that tasks are only executed when necessary. If the desired state is already present, Ansible will skip execution. This is achieved by specifying properties like image and name in the loop.

Run the playbook with:

ansible-playbook ec2_create.yaml --vault-password-file vault.pass

Task 1: Done! ✅

Task 2: Set Up Passwordless Authentication

To enable seamless communication between the Ansible control node and the newly created instances:

Set up SSH keys for passwordless authentication.
Use one of the methods (e.g., ssh-keygen, ssh-copy-id) to configure it.

Once configured, you’ll be able to manage these instances without entering a password for every task.

Task 2: Done! ✅

Task 3: Automate Shutdown of Ubuntu Instances

Step 1: Update Inventory

Add the public IPs of your newly created EC2 instances to the inventory.ini file. This file will act as your inventory source for Ansible.

Step 2: Write the Playbook

Use conditionals to target only Ubuntu instances. For example, leverage ansible_facts to filter by distribution type (Ubuntu).

Run the playbook with:

ansible-playbook -i inventory.ini ec2_stop.yaml --vault-password-file vault.pass

Task 3: Done! ✅

What I Learned

Idempotency: Ansible ensures tasks aren’t repeated unnecessarily, making automation reliable.
Loops in Playbooks: Simplifies repetitive tasks by iterating over defined parameters.
Conditionals in Ansible: Filters actions based on specific criteria, enhancing task precision.
Securing Credentials with Ansible Vault: A crucial practice for production environments.

This project was an exciting way to put theory into practice, and I hope it inspires you to try automating your own tasks with Ansible. If you have questions or need help, feel free to reach out or comment below!

Happy Automating! 🚀

Ansible Real-Time Project: Hands-On Implementation

Table of contents