Buy Access to Course
28.

Deploy to AWS!

Share this awesome video!

|

Keep on Learning!

So far, we've been deploying to a virtual machine. But... there's nothing stopping us from deploying to... the CLOUD! Let's try it - let's deploy to Amazon EC2. This is not an exhaustive tutorial about using EC2... but let's at least get our feet wet and see if we can get into some trouble!

Tip

Want to properly deploy with Ansible? Check out Ansistrano.

Manually Launching an EC2 Instance

I'm already on my EC2 dashboard. In a few minutes, we're going to use Ansible to actually launch a new instance. But for now, just hit "Launch Instance" to do it by hand. I'm looking for an image that's similar to what we're using with Vagrant: Ubuntu 14.04. Select that image, use the micro instance size, and just use the default settings on the next screens.

Tip

The instance id we used is ami-41d48e24 if you need to find it manually.

For the security group, I'm going to select a group I already created: "Web Access Testing." The important thing is to allow port 22 for SSH and ports 80 and 443 for web stuff. Hit "Review and Launch", then "Launch" that instance!

Bah! What a tease! No instance yet: we need to choose a key pair for SSH. I already created a pair for this tutorial called Ansible_AWS_tmp. When we launch the instance, instead of logging in with a username and password, we will SSH with a username and a private key. You'll need to create your own key pair. When you do that, you'll download its private key. In this case, the file is called Ansible_AWS_tmp.pem and I already downloaded it.

Ok, now launch the instance! Cool! Click to view its progress.

Configuring the new Host

While it's loading, let's get to work!

This new server represents a new host. In hosts.ini we have a local group with one server and a vb group with one server. Create a new group called aws:

13 lines | ansible/hosts.ini
// ... lines 1 - 6
[aws]
// ... lines 8 - 13

Below, we need the IP to the server. Wait for it to boot.

When it's ready, copy its public IP address, go back to the hosts file, and paste! This time, set ansible_user to ubuntu: that's the user that's setup for this image. And instead of a password, use ansible_ssh_private_key_file= and put the path to your downloaded private key: ~/.ssh/Ansible_AWS_tmp.pem for me:

13 lines | ansible/hosts.ini
// ... lines 1 - 6
[aws]
54.205.128.194 ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/KnpU-Tutorial.pem
// ... lines 9 - 13

Tip

Depends on your AWS instance, you may need to specify a new path to Python interpreter. By default, Ansible uses /usr/bin/python but new AWS instances have Python 3 pre-installed and the path to it is /usr/bin/python3. You can specify the correct Python interpreter path explicitly with ansible_python_interpreter key in case you got an error from Ansible about not found Python:

# ansible/hosts.ini

# ...

[aws]
54.205.128.194 ansible_python_interpreter=/usr/bin/python3 ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/KnpU-Tutorial.pem

Host Group Children

Here's where things get cool! I want to run our playbook against the virtual machine and my EC2 instance. Because... it's totally valid to build two servers at once! That's where Ansible shines!

Right now, each lives under its own host group - vb and aws:

13 lines | ansible/hosts.ini
// ... lines 1 - 3
[vb]
192.168.33.10 ansible_user=vagrant ansible_ssh_pass=vagrant
[aws]
54.205.128.194 ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/KnpU-Tutorial.pem
// ... lines 9 - 13

Inside of our playbook, we've configured the play to only run against the vb group:

171 lines | ansible/playbook.yml
---
- hosts: vb
// ... lines 3 - 171

How could we run that against the hosts in the vb group and in the aws group?

With a host group... group! Check it out: create a new group called webserver, but add a :children after. That special children syntax allows us to list other host groups below this: vb and aws:

13 lines | ansible/hosts.ini
// ... lines 1 - 3
[vb]
192.168.33.10 ansible_user=vagrant ansible_ssh_pass=vagrant
[aws]
54.205.128.194 ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/KnpU-Tutorial.pem
[webserver:children]
vb
aws

Yep, we now have a new group - webserver - that's a combination of these two.

Back in the playbook, change vb to webserver:

171 lines | ansible/playbook.yml
---
- hosts: webserver
// ... lines 3 - 171

Running the Playbook

Deep breath. Run the playbook:

ansible-playbook ansible/playbook.yml -i ansible/hosts.ini --ask-vault-pass

Enter beefpass and deploy to the prod environment. You'll need to verify the authenticity of the new host this first time. And, by the way, you can disable this check in Ansible.

Now, watch the magic! You'll start to see it execute each task against both servers. The first time we do this, it'll take awhile: the new EC2 server is being setup from scratch. And, I was cheap - it's only a micro instance.

While we're waiting, let's go copy the IP address to the new server again. Temporarily open a new terminal tab and edit the /etc/hosts file:

sudo vim /etc/hosts

To test thing, update mootube.l to point to the IP address of the EC2 instance:

# /etc/hosts
# ...
#192.168.33.10 mootube.l
54.205.128.194 mootube.l

Then, save, quit and close the tab.

Even though Ansible is still working, if I go to http://mootube.l right now, I see the "Welcome to Nginx" page. Ha, cool! Ansible is already part way through the process!

Let's try to be patient... but also fast forward!

Done! And beautiful - it finished with no errors. That's kind of amazing: we launched a new cloud server from scratch... with no changes. Refresh the page. Got it! Welcome to MooTube, hosted on our fancy new EC2 instance. Notice that there's no data because we loaded in the prod environment: so the fixtures didn't run.

The only weird thing is that after changing my hosts file, I can't access MooTube on my VM anymore. But, we can solve that with host group vars.