如何使用简单的 Ansible 脚本创建、启动和配置 Amazon EC2 实例? (远程生成虚拟机)
已发表: 2019-05-11
亚马逊 AWS 无疑是目前best public cloud 。 正如我们在之前的教程中所讨论的,Ansible 是一个非常方便的工具,可供系统管理员维护其公司基础架构。
在本教程中,我们将详细介绍如何使用简单的 Ansible 脚本创建、启动和设置 Amazon EC2 实例。
细节:
- 指定 instance_type:
t2.micro - 指定安全组:
crunchify_security_grp- 根据需要更改安全组。
- 指定图像:
ami-crunchify231di- 您需要在执行此操作之前创建 Amazon Image。
- 指定密钥对:
crunchify- 这是您无需密码登录的安全密钥。
- 选择默认区域:
us-east-2- 我推荐的默认区域。
- 您要启动的虚拟机数量:1
- 从 VM 1 开始。
- 创建基本防火墙组
- 创建 Amazon EC2 实例
- 等上来
- 获取 IP 地址并保存在文件 crunchify.txt 文件中
- 你需要在执行这个 ansible 脚本之前创建 crunchify.txt。
- 将新创建的实例标记为 crunchify
第1步)
在 macOS 上安装 ansible。 确保您以正确的方式设置 Ansible
第2步)
您需要导出您的 AWS Access Key和Secret Access Key 。 请按照教程了解如何设置 Amazon AWS CLI 以获取您的密钥。
|
1 2 |
export AWS_ACCESS_KEY_ID = JHKHLJLHJHJK2SHIY27AIF export AWS_SECRET_ACCESS_KEY = QLKJDKIAYXNIWN2ZHIY27AI54345HKLHJ |
Step-3) 创建 crunchify-host 文件
|
1 2 |
[ local ] localhost ansible_connection = local ansible_python_interpreter = python |
Step-4) 创建 crunchify-ec2.yml 文件
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
--- - name : Provision an EC2 Instance . Detailed steps by Crunchify . hosts : local connection : local gather_facts : False tags : provisioning # required parameters vars : instance_type : t2 . micro security_group : crunchify_security_grp image : ami - crunchify231di keypair : crunchify region : us - east - 2 # Change the Region count : 1 # Task that will be used to Launch/Create an EC2 Instance tasks : - name : Create a security group local_action : module : ec2_group name : "{{ security_group }}" description : Security Group for Crunchify 's EC2 Servers region: "{{ region }}" rules: - proto: tcp from_port: 22 to_port: 22 cidr_ip: 0.0.0.0/0 - proto: tcp from_port: 8080 to_port: 8080 cidr_ip: 0.0.0.0/0 - proto: tcp from_port: 443 to_port: 443 cidr_ip: 0.0.0.0/0 rules_egress: - proto: all cidr_ip: 0.0.0.0/0 register: basic_firewall - name: Launching Crunchify' s the new EC2 Instance local_action : ec2 group = { { security_group } } instance_type = { { instance_type } } image = { { image } } wait = true wait_timeout = 500 region = { { region } } keypair = { { keypair } } count = { { count } } register : ec2_crunchify - name : Add the newly created EC2 instance ( s ) to the local host group local_action : lineinfile path = crunchify . txt regexp = { { item . public_ip } } insertafter = '\[crunchify\]' line = { { item . public_ip } } with_items : '{{ec2_crunchify.instances}}' - name : Add new instance to Crunchify 's host group add_host: hostname: "{{ item.public_ip }}" groupname: launched with_items: "{{ ec2_crunchify.instances }}" - name: Let' s wait for SSH to come up . Usually that takes ~ 10 seconds local_action : wait_for host = { { item . public_ip } } port = 22 state = started with_items : '{{ ec2_crunchify.instances }}' - name : Add tag to Instance ( s ) local_action : ec2_tag resource = { { item . id } } region = { { region } } state = present with_items : '{{ ec2_crunchify.instances }}' args : tags : Name : crunchify |
Step-5) 执行 ansible playbook
|
1 |
ansible - playbook - i . / hosts crunchify - ec2 . yml |
结果:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
bash3 . 2 $ ansible - playbook - i . / hosts crunchify - ec2 . yml PLAY [ Provision an EC2 Instance . Detailed steps by Crunchify . ] **************************************************************************************************************** TASK [ Create a security group ] ************************************************************************************************************************************************ ok : [ localhost - > localhost ] TASK [ Master - Launch the new EC2 Instance ] *********************************************************************************************************************************** changed : [ localhost - > localhost ] TASK [ Add the newly created EC2 instance ( s ) to the local host group ] ********************************************************************************************************** changed : [ localhost - > localhost ] = > ( item = { u 'ramdisk' : None , u 'kernel' : None , u 'root_device_type' : u 'ebs' , u 'private_dns_name' : u 'ip-172-31-41-108.us-east-2.compute.internal' , u 'block_device_mapping' : { u '/dev/sda1' : { u 'status' : u 'attached' , u 'delete_on_termination' : True , u 'volume_id' : u 'vol-06d37e8354c769d93' } } , u 'key_name' : u 'crunchify' , u 'public_ip' : u '3.19.60.48' , u 'image_id' : u 'ami-crunchify231di' , u 'tenancy' : u 'default' , u 'private_ip' : u '172.31.41.108' , u 'groups' : { u 'sg-0eb80f388be5a7c35' : u 'crunchify_security_grp' } , u 'public_dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'state_code' : 16 , u 'id' : u 'i-0e447dd1223a40f8e' , u 'tags' : { } , u 'placement' : u 'us-east-2c' , u 'ami_launch_index' : u '0' , u 'dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'region' : u 'us-east-2' , u 'ebs_optimized' : False , u 'launch_time' : u '2019-05-10T18:48:18.000Z' , u 'instance_type' : u 't2.micro' , u 'state' : u 'running' , u 'architecture' : u 'x86_64' , u 'hypervisor' : u 'xen' , u 'virtualization_type' : u 'hvm' , u 'root_device_name' : u '/dev/sda1' } ) TASK [ Add new instance to host group ] ***************************************************************************************************************************************** changed : [ localhost ] = > ( item = { u 'ramdisk' : None , u 'kernel' : None , u 'root_device_type' : u 'ebs' , u 'private_dns_name' : u 'ip-172-31-41-108.us-east-2.compute.internal' , u 'block_device_mapping' : { u '/dev/sda1' : { u 'status' : u 'attached' , u 'delete_on_termination' : True , u 'volume_id' : u 'vol-06d37e8354c769d93' } } , u 'key_name' : u 'crunchify' , u 'public_ip' : u '3.19.60.48' , u 'image_id' : u 'ami-crunchify231di' , u 'tenancy' : u 'default' , u 'private_ip' : u '172.31.41.108' , u 'groups' : { u 'sg-0eb80f388be5a7c35' : u 'crunchify_security_grp' } , u 'public_dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'state_code' : 16 , u 'id' : u 'i-0e447dd1223a40f8e' , u 'tags' : { } , u 'placement' : u 'us-east-2c' , u 'ami_launch_index' : u '0' , u 'dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'region' : u 'us-east-2' , u 'ebs_optimized' : False , u 'launch_time' : u '2019-05-10T18:48:18.000Z' , u 'instance_type' : u 't2.micro' , u 'state' : u 'running' , u 'architecture' : u 'x86_64' , u 'hypervisor' : u 'xen' , u 'virtualization_type' : u 'hvm' , u 'root_device_name' : u '/dev/sda1' } ) TASK [ Wait for SSH to come up ] ************************************************************************************************************************************************ ok : [ localhost - > localhost ] = > ( item = { u 'ramdisk' : None , u 'kernel' : None , u 'root_device_type' : u 'ebs' , u 'private_dns_name' : u 'ip-172-31-41-108.us-east-2.compute.internal' , u 'block_device_mapping' : { u '/dev/sda1' : { u 'status' : u 'attached' , u 'delete_on_termination' : True , u 'volume_id' : u 'vol-06d37e8354c769d93' } } , u 'key_name' : u 'crunchify' , u 'public_ip' : u '3.19.60.48' , u 'image_id' : u 'ami-crunchify231di' , u 'tenancy' : u 'default' , u 'private_ip' : u '172.31.41.108' , u 'groups' : { u 'sg-0eb80f388be5a7c35' : u 'crunchify_security_grp' } , u 'public_dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'state_code' : 16 , u 'id' : u 'i-0e447dd1223a40f8e' , u 'tags' : { } , u 'placement' : u 'us-east-2c' , u 'ami_launch_index' : u '0' , u 'dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'region' : u 'us-east-2' , u 'ebs_optimized' : False , u 'launch_time' : u '2019-05-10T18:48:18.000Z' , u 'instance_type' : u 't2.micro' , u 'state' : u 'running' , u 'architecture' : u 'x86_64' , u 'hypervisor' : u 'xen' , u 'virtualization_type' : u 'hvm' , u 'root_device_name' : u '/dev/sda1' } ) TASK [ Add tag to Instance ( s ) ] ************************************************************************************************************************************************* changed : [ localhost - > localhost ] = > ( item = { u 'ramdisk' : None , u 'kernel' : None , u 'root_device_type' : u 'ebs' , u 'private_dns_name' : u 'ip-172-31-41-108.us-east-2.compute.internal' , u 'block_device_mapping' : { u '/dev/sda1' : { u 'status' : u 'attached' , u 'delete_on_termination' : True , u 'volume_id' : u 'vol-06d37e8354c769d93' } } , u 'key_name' : u 'crunchify' , u 'public_ip' : u '3.19.60.48' , u 'image_id' : u 'ami-crunchify231di' , u 'tenancy' : u 'default' , u 'private_ip' : u '172.31.41.108' , u 'groups' : { u 'sg-0eb80f388be5a7c35' : u 'crunchify_security_grp' } , u 'public_dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'state_code' : 16 , u 'id' : u 'i-0e447dd1223a40f8e' , u 'tags' : { } , u 'placement' : u 'us-east-2c' , u 'ami_launch_index' : u '0' , u 'dns_name' : u 'ec2-3-19-60-48.us-east-2.compute.amazonaws.com' , u 'region' : u 'us-east-2' , u 'ebs_optimized' : False , u 'launch_time' : u '2019-05-10T18:48:18.000Z' , u 'instance_type' : u 't2.micro' , u 'state' : u 'running' , u 'architecture' : u 'x86_64' , u 'hypervisor' : u 'xen' , u 'virtualization_type' : u 'hvm' , u 'root_device_name' : u '/dev/sda1' } ) PLAY RECAP * ******************************************************************************************************************************************************************* localhost : ok = 6 changed = 4 unreachable = 0 failed = 0 |
让我们验证是否使用我们的所有规范成功创建了新实例
转到Amazon AWS console以检查实例。
Link: https://us-east-2.console.aws.amazon.com/ec2/v2/home?region=us-east-2#Instances:sort=instanceId
确保验证所有设置。
检查您的标签。 如果您要处理hundreds of instances ,这将非常有用。
检查具有新创建主机 IP 的 crunchify.txt 文件:
|
1 2 |
bash3 . 2 $ cat crunchify . txt 18.217.28.189 |
而已。 祝贺。 您刚刚使用 Ansible 在 Amazon AWS 云上创建并启动了新的 EC2 实例。
如果您在 Amazon EC2 云上创建实例时遇到任何问题,请告诉我。