If you have a setup where you add and remove the hosts very frequently, then keeping your inventory always up-to-date becomes a little bit problematic. In such case Ansible Dynamic inventory comes into the picture, generally are scripts (Python/Shell) for dynamic environments (for example cloud environments) With Ansible, as aforementioned, can use “-i” to specify the custom inventory file.
For example, if you use AWS cloud and you manage EC2 inventory using its Query API, or through command-line tools such as awscli, then you can make use of dynamic inventory.
Dynamic inventory got few benefits over static inventories:
- Very less manual efforts for managing the inventories.
- Reduces human error, as information is collected by scripts.
Ansible has inventory collection scripts for the below platforms as well.
AWS EC2 External Inventory Script, Collber, OpenStack, BSD Jails, Google Compute Engine, and Spacewalk.
Information Source: http://docs.ansible.com/ansible/intro_dynamic_inventory.html
For the quick demo, I have downloaded the Ansible Dynamic inventory script and related ec2.ini file from Ansible web site.
Suggestable Read: Ansible static inventory with variables
Brief Info about AWS EC2 Dynamic Inventory Script:
If you use Amazon Web Services (AWS) EC2 Instances in part of your infrastructure and you want to maintain an inventory file might not be the best approach, because hosts may come and go over as part of auto-scaling or it might change the IP address when you do a power off and power on your ec2 instances. For this reason, you have to maintain a dynamic inventory which can help you to get all the resources information from AWS through a single API call. Here you have a script to do the same thing what you’re expecting to get the hosts information from Public Cloud like AWS infrastructure. You can use the EC2 external inventory script for all in one solution. You can use this script in one of two ways. The easiest is to use Ansible -i command line option and specify the path to the script after making it executable:
ansible -i ec2.py -u ec2-user us-east-1d -m ping
The second option is to copy the script to /etc/ansible/hosts and chmod +x it. You will also need to copy the ec2.ini file to /etc/ansible/ec2.ini. Then you can run ansible as you would normally.
To successfully make an API call to AWS, you will need to configure Boto (the Python interface to AWS). There are a variety of methods available, but the simplest is just to export two environment variables:
[ansadm@ansible-master ~]$ export AWS_ACCESS_KEY_ID=’AK123’
[ansadm@ansible-master ~]$ export AWS_SECRET_ACCESS_KEY=’abc123’
after exporting environment variable with AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY then change the default region=all to your specific region settings in ec2.ini file.
Let’s start Configuring the AWS EC2 External Inventory Script to manage AWS EC2 instances through Ansible.
First Download the below scripts in your ansible control server.
* Linked from this Ansible documentation: http://docs.ansible.com/ansible/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script
Creating a new directory to maintain the AWS EC2 Dynamic inventory.
[ansadm@ansible-master ~]$ mkdir dynamic-inventory
Change into the inventory directory the start downloading the script files.
[ansadm@ansible-master ~]$ cd dynamic-inventory/
Downloading the ec2.ini file here
[ansadm@ansible-master dynamic-inventory]$ wget https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.ini
Downloading the ec2.py script file here. This is Python script and it is interconnected with the ec2.ini file.
[ansadm@ansible-master dynamic-inventory]$ wget https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.py
Providing the execute permission to list our AWS resources.
[ansadm@ansible-master dynamic-inventory]$ chmod +x ec2.py
Edit the ec2.ini file and change the default setting if any required like specifying the regions where you’re using more AWS services.
[ansadm@ansible-master dynamic-inventory]$ vim ec2.ini
Since each region requires its own API call, if you are only using a small set of regions, feel free to edit ec2.ini and list only the regions you are interested in. There are other config options in ec2.ini including cache control, and destination variables.
As we knew AWS allows only ssh key-based authentication for in order to access EC2 instances or other resources like RDS.
If you want to access your aws ec2 instances, you can also use an SSH agent for credential forwarding. Using an SSH agent is the best way to authenticate with your end nodes, as this alleviates the need to copy your .pem files around. To add an agent, run the below commands to add a ssh-agent and your personal keys.
[ansadm@ansible-master ~]$ ssh-agent bash
Adding the SSH private key (.pem) file which is downloaded from AWS while creating EC2 instances.
[ansadm@ansible-master ~]$ ssh-add ~/.ssh/your-aws-keypair.pem
In the below screen show’s adding ssh private keys to ssh-agent. This is my personal keys which is used in AWS environment also.
You can test the script by itself to make sure your AWS CLI or AWS configuration is correct:
[ansadm@ansible-master dynamic-inventory]$ ./ec2.py --list --profile default --refresh-cache
After a few moments, you should see your entire EC2 inventory across all regions in JSON.
Now let’s run Ansible commands to get the response from the same ec2 instance.
[ansadm@ansible-master dynamic-invetory]$ ansible -i ec2.py -u ec2-user tag_Name_awslab* -m ping
In the above example, Ansible will do the ping test for servers collected by dynamic inventory with tag key Name and Value with suffix “awslab”.
Conclusion: This is all about Configuring the Ansible Dynamic Inventory in Linux Server. I hope this will help you to manage your AWS EC2 instances. Next, I will come up with more useful and interesting articles related to Ansible. Leave a comment on below if it helps you to get the knowledge on configuring the Ansible Dynamic Inventory.
Follow our Youtube Channel for more about Ansible Tutorials :
Check out the below Video for More about Ansible Dynamic Inventory.