Working with AMIs Using Ansible

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

Image creation in AWS provides for both simplified system management and improved deployment performance. Ansible can be leveraged to automate AMI upkeep, and we will be doing just that in this exercise!

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create `/home/ansible/updateAMI.yml`, and Add an Ansible Play that Updates the Software on `node1` Then Updates `/home/ansible/image.txt`, as Described in the Instructions

In our solution, we’ll complete the required steps and add a task for collecting facts from EC2 metadata, which will help us collect the instance ID of node1.

Edit the playbook such that it resembles the following:

- hosts: node1
  become: yes
    - name: Update packages
        name: "*"
        state: latest
    - name: Update image.txt
        path: /home/ansible/image.txt
        line: "Image updated {{ }}"
    - name: Gather facts
Edit the `/home/ansible/updateAMI.yml` and Add an Ansible Play that Collects the instance_id of `node1`, stops `node1`, Creates the AMI as Described in the Instructions, and Stores the AMI ID in the File `/home/ansible/ami.txt`

We will be using the facts we collected in the first play to satisfy the objectives for this task.

Edit the playbook such that it resembles the following:

- hosts: localhost
    - name: Stop node1
      local_action: ec2
        region: us-east-1
        state: stopped
        instance_id: "{{ hostvars['node1'].ansible_ec2_instance_id }}"
        wait: yes
    - name: Create AMI
      local_action: ec2_ami
        state: present
        instance_id: "{{ hostvars['node1'].ansible_ec2_instance_id }}"
        name: UpdatedImage
      register: ami_output
    - name: Write AMI info to file
        create: yes
        path: /home/ansible/ami.txt
        line: "{{ ami_output.image_id }}"
Run `/home/ansible/updateAMI.yml` to Perform the Required Tasks and Then Log into the AWS Console to Verify Your Work
  • Change some environment variables:
    • source
  • Run the playbook:
    • ansible-playbook /home/ansible/updateAMI.yml
  • Log into the AWS Console and confirm the new EC2 instance:
    • Search for "EC2" in the AWS console search and select the EC2 dashboard.
  • Confirm the AMI was updated:
    • Select AMIs from the menu on the left.

Additional Resources

NOTE: After starting the lab, wait 1 to 2 minutes before trying to log into the instances.

In an effort to save some time, you have decided to automate the process for maintaining AMIs using Ansible. You have a deployed EC2 instance on which the AMI is to be based. The instance is configured for access from your Ansible control node using the hostname "node1".

Prior to creating the AMI, the playbook needs to make the following changes to "node1":

  • Install the latest updates using the yum module.
  • Use the lineinfile module to update the file /home/ansible/image.txt with the line "Image updated <>".

    From the Ansible Control node:

  • Create the playbook /home/ansible/updateAMI.yml to perform the following tasks:
    • Update all packages on node1 using the yum module.
    • Insert the line "Image updated <>" into the file on /home/ansible/image.txt on "node1".
    • Stop the EC2 instance for node1 using AWS.
    • Create a new AMI based on node1.
    • Write the AMI ID to the file /home/ansible/ami.txt.
  • Run the playbook /home/ansible/updateAMI.yml.
  • Verify your work in the AWS Web Console.

    The Ansible control node has been configured for you and has already had Ansible installed. The control node also has a system user named ansible configured with ssh access keys and necessary system privileges.

    An IAM user called ansible has been created on the provided AWS sandbox account. The access keys for the ansible IAM user are stored in /home/ansible/ and /home/ansible/keys.yml for which ever authentication method you prefer. The ansible IAM user has appropriate permissions to perform the required task.

    The default Ansible inventory has been configured to include a the Ansible control host as 'localhost' and "node1".

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?