Manipulating EC2 Instances with Ansible

30 minutes
  • 2 Learning Objectives

About this Hands-on Lab

EC2 is at the heart of AWS as the primary compute resource on the platform. Ansible provides several modules that allow us to interact with EC2 instances. Being able to provision and manipulate EC2 instances within Ansible allows for infrastructure automation to be built into a deployment strategy. This exercise will allow students to explore the EC2 functionality in Ansible.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create and Edit `/home/ansible/deploy.yml` and Add Ansible Tasks to Stop the Existing EC2 Instance, by Tag, Then Deploy a New EC2 Instance That Meets the Specification Described in the Instructions.

After logging into the EC2 instance, run su - ansible to become the ansible user. The password is the same as it is for cloud_user.

Create and edit the playbook (/home/ansible/deploy.yml) so that it resembles the following:

  - hosts: localhost
    gather_facts: no
      - /home/ansible/keys.yml
      - name: Get Subnet ID and AMI ID from existing server.
          aws_access_key: "{{ AWS_ACCESS_KEY_ID }}"
          aws_secret_key: "{{ AWS_SECRET_ACCESS_KEY }}"
          region: "{{ AWS_REGION }}"
            tag:Name: Leo
        register: ec2_facts

      - name: Stop Leo Instance
          aws_access_key: "{{ AWS_ACCESS_KEY_ID }}"
          aws_secret_key: "{{ AWS_SECRET_ACCESS_KEY }}"
          ec2_region: us-east-1
          state: stopped
            Name: Leo

      - name: Deploy new EC2 Instance
         aws_access_key: "{{ AWS_ACCESS_KEY_ID }}"
         aws_secret_key: "{{ AWS_SECRET_ACCESS_KEY }}"
         ec2_region: us-east-1
         instance_type: t2.micro
         image: "{{ ec2_facts.instances[0].image_id }}"
         assign_public_ip: yes
         vpc_subnet_id: "{{ ec2_facts.instances[0].subnet_id }}"
           Name: New
Run the Playbook `/home/ansible/deploy.yml` to Perform the Required Tasks, Then Log into the AWS Console to Validate that Everything Works
  • Run the following command:
    • ansible-playbook /home/ansible/deploy.yml
  • Log into the AWS Console, and in the EC2 Dashboard (find it by searching for EC2 in the Find Services search box) confirm the new instance’s existence and state.
    • It might be best to wait a bit before checking. Once everything is finished processing though, we’ll see a Leo instance that’s stopped, and a new one called New that is running.

Additional Resources

NOTE: Wait 1-2 minutes to allow the instances to fully setup before starting the lab.

We have been tasked with creating automation that will redeploy an EC2 instance from an updated AMI. We will need to stop the currently running instance, tagged with Name: Leo. Then we will need to deploy a single new EC2 instance meeting the following requirements:

  • Type: t2.micro
  • AMI: Same as existing instance
  • Region: us-east-1
  • Public IP: Yes
  • VPC Subnet ID: Same as existing instance
  • Assign the tag Name: New to the new instance

We will need to consult the AWS console (or, alternatively, use Ansible facts) to determine the subnet ID and AMI ID of the existing instance, in order to assign the correct value for the new instance.

From the Ansible Control node:

  • Create the playbook /home/ansible/deploy.yml to perform the following tasks:

    • Stop the EC2 instance tagged Name: Leo.
    • Deploy a new EC2 instance meeting the described properties.
  • Run the playbook /home/ansible/deploy.yml

  • Validate that our work in the AWS Web Console is correct.

The Ansible control node has been configured and already has Ansible installed. The control node also has a system user named ansible configured with SSH access keys and necessary system privileges.

An IAM user ansible has been created on the provided AWS sandbox account. The access keys for the ansible IAM user are stored in /home/ansible/ and /home/ansible/keys.yml for whichever authentication method we prefer. The ansible IAM user has appropriate permissions to perform the required task.

The default Ansible inventory has been configured to include the Ansible control host as localhost.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?