HomeAutomation Tools

Configuring Ansible Dynamic Inventory for AWS EC2

Configuring Ansible Dynamic Inventory for AWS EC2
Like Tweet Pin it Share Share Email
Personal Development Category (English)728x90

If you have a setup where you add and remove the hosts very frequently, then keeping your inventory always up-to-date becomes a little bit problematic. In such case Ansible Dynamic inventory comes into the picture, generally are scripts (Python/Shell) for dynamic environments (for example cloud environments) With Ansible, as aforementioned, can use “-i” to specify the custom inventory file.

For example, if you use AWS cloud and you manage EC2 inventory using its Query API, or through command-line tools such as awscli, then you can make use of dynamic inventory.

Ansible Dynamic Inventory

Dynamic inventory got few benefits over static inventories:

  • Very less manual efforts for managing the inventories.
  • Reduces human error, as information is collected by scripts.

Ansible has inventory collection scripts for the below platforms as well.

AWS EC2 External Inventory Script, Collber, OpenStack, BSD Jails, Google Compute Engine, and Spacewalk.

Information Source: http://docs.ansible.com/ansible/intro_dynamic_inventory.html

For the quick demo, I have downloaded the Ansible Dynamic inventory script and related ec2.ini file from Ansible web site.

Suggestable Read:  Ansible static inventory with variables

Also, Read 1. Introduction and Installation & Configuration of Ansible 2.3 on CentOS/Redhat Linux 7

2. Quick Introduction to Static and Dynamic Inventories

Brief Info about AWS EC2 Dynamic Inventory Script: 

If you use Amazon Web Services (AWS) EC2 Instances in part of your infrastructure and you want to maintain an inventory file might not be the best approach, because hosts may come and go over as part of auto-scaling or it might change the IP address when you do a power off and power on your ec2 instances. For this reason, you have to maintain a dynamic inventory which can help you to get all the resources information from AWS through a single API call. Here you have a script to do the same thing what you’re expecting to get the hosts information from Public Cloud like AWS infrastructure. You can use the EC2 external inventory script for all in one solution. You can use this script in one of two ways. The easiest is to use Ansible -i command line option and specify the path to the script after making it executable:

Example: 

 

The second option is to copy the script to /etc/ansible/hosts and chmod +x it. You will also need to copy the ec2.ini file to /etc/ansible/ec2.ini. Then you can run ansible as you would normally.

To successfully make an API call to AWS, you will need to configure Boto (the Python interface to AWS). There are a variety of methods available, but the simplest is just to export two environment variables:

Click here to know how to download your AWS Access and Secret Keys.

after exporting environment variable with AWS_ACCESS_KEY_ID  and AWS_SECRET_ACCESS_KEY then change the default region=all to your specific region settings in ec2.ini file.

Let’s start Configuring the AWS EC2 External Inventory Script to manage AWS EC2 instances through Ansible.

First Download the below scripts in your ansible control server.

https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.py
https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.ini

* Linked from this Ansible documentation: http://docs.ansible.com/ansible/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script

Creating a new directory to maintain the AWS EC2 Dynamic inventory.

 

Change into the inventory directory the start downloading the script files.

 

Downloading the ec2.ini file here

 

Downloading the ec2.py script file here. This is Python script and it is interconnected with the ec2.ini file.

 

Providing the execute permission to list our AWS resources.

 

Edit the ec2.ini file and change the default setting if any required like specifying the regions where you’re using more AWS services.

 

Since each region requires its own API call, if you are only using a small set of regions, feel free to edit ec2.ini and list only the regions you are interested in. There are other config options in ec2.ini including cache control, and destination variables.

As we knew AWS  allows only ssh key-based authentication for in order to access EC2 instances or other resources like RDS.

If you want to access your aws ec2 instances, you can also use an SSH agent for credential forwarding. Using an SSH agent is the best way to authenticate with your end nodes, as this alleviates the need to copy your .pem files around. To add an agent, run the below commands to add a ssh-agent and your personal keys.

Adding the SSH private key (.pem) file which is downloaded from AWS while creating EC2 instances.

 

In the below screen show’s adding ssh private keys to ssh-agent. This is my personal keys which is used in AWS environment also.

Ansible Dynamic Inventory

You can test the script by itself to make sure your AWS CLI or AWS configuration is correct:

Ansible Dynamic Inventory

After a few moments, you should see your entire EC2 inventory across all regions in JSON.

Now let’s run Ansible commands to get the response from the same ec2 instance.

Ansible Dynamic Inventory

In the above example, Ansible will do the ping test for servers collected by dynamic inventory with tag key Name and  Value with suffix “awslab”.

 

Conclusion: This is all about Configuring the Ansible Dynamic Inventory in Linux Server. I hope this will help you to manage your AWS EC2 instances. Next, I will come up with more useful and interesting articles related to Ansible. Leave a comment on below if it helps you to get the knowledge on configuring the Ansible Dynamic Inventory.

Follow our Youtube Channel for more about Ansible Tutorials :

Check out the below Video for More about Ansible Dynamic Inventory.

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.