Step 1 – Install latest version of Ansible on Ubuntu Linux
You must configure the PPA on your system to install the latest version of ansible. To manage the repositories that you install software from various PPA (Personal Package Archives). It allow you to upload Ubuntu source packages to be built and published as an apt repository by Launchpad.
Type the following apt-get command or apt command:
$ sudo apt update
$ sudo apt upgrade
$ sudo apt install software-properties-common
Next add ppa:ansible/ansible to your system’s Software Source:
$ sudo apt-add-repository ppa:ansible/ansible
Update your repos and install ansible:
$ sudo apt update
$ sudo apt install ansible
Install boto:
$ pip3 install boto3
A note about installing Ansible on CentOS/RHEL 7.x
You need to setup EPEL repo on a CentOS and RHEL 7.x along with the yum command:
$ cd /tmp
$ wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
$ ls *.rpm
$ sudo yum install epel-release-latest-7.noarch.rpm
$ sudo yum install ansible
Install boto:
$ pip install boto3
Step 2 – Configure boto
You need to setup AWS credentials/API keys. See “AWS Security Credentials” documents on how to create a programmatic API key. Create a directory called ~/.aws using the mkdir command and setup API keys:
$ mkdir -pv ~/.aws/
$ vi ~/.aws/credentials
[default]
aws_access_key_id = YOUR-ACCESS-KEY-HERE
aws_secret_access_key = YOUR-SECRET-ACCESS-KEY-HERE
Also setup default AWS region:
$ vi ~/.aws/config
Test your boto setup with API by creating a simple python program named test-boto.py:
#!/usr/bin/python3
# A simple program to test boto and print s3 bucket names
import boto3
t = boto3.resource('s3')
for b in t.buckets.all():
print(b.name)
Run it as follows:
$ python3 test-boto.py
The output confirmed that Python-boto working correctly using AWS API.
Step 3 – Create AWS ec2 key using Ansible
Create a playbook named ec2.key.yml as follows:
hosts: local
connection: local
gather_facts: no
tasks:
- name: Create a new EC2 key
ec2_key:
name: ucartz-key
region: us-west-1
register: ec2_key_result
- name: Save private key
copy: content="{{ ec2_key_result.key.private_key }}" dest="./aws.ucartz.pem" mode=0600
when: ec2_key_result.changed
Run your playbook as follows:
$ ansible-playbook -i hosts ec2.key.yml
In the end, you should have a private key named aws.ucartz.pem that you can use with AWS EC2. To view your key use the cat command:
$ cat aws.ucartz.pem
If you have EC2 VM, use it as follows:
$ ssh -i aws.ucartz.pem user@ec2-vm-dns-name
Finding out info about python data structure variable names such as ec2_key_result.changed and ec2_key_result.key.private_key
You must be wondering how come I am using variable names such as ec2_key_result.changed and ec2_key_result.key.private_key. Are they defined somewhere? Values are returned from API calls. Simply run the ansible-playbook command with the -v option to see such info:
$ ansible-playbook -v -i hosts ec2.key.yml
How do I delete a key?
Use the following ec2-key-delete.yml:
- hosts: local
connection: local
gather_facts: no
tasks:
- name: Delete a EC2 key
ec2_key:
name: ucartz-key
region: us-west-1
# absent means delete keypair
state: absent
Run it as follows:
$ ansible-playbook -i hosts ec2-key-delete.yml