Skip to content

Setting up your complete infrastructure on cloud premises using Infrastructure as a Code

License

Notifications You must be signed in to change notification settings

cdtiwari-ebi/terraform-ansible-setup

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Terraform-ansible-setup

Setting up your complete infrastructure on cloud premises using Infrastructure as a Code

Prerequisites

  • Ansible
  • Terraform
Cloud Requirements Operating System Region
AWS Nil Ubuntuv14.04(ami-21766642)/Rhelv7(ami-9a3322f9) ap-southeast-2
GCP gcloud cli, Apache-Libcloud(==1.2.0) Ubuntu 14.04 (ubuntu-1404-trusty-v20170703) us-east1-b
Azure Coming Soon

Design

The idea of this project is to make easy deployment of our infrastructure using the concept of Infrastructure as a Code.For this purpose,I have used 2 tier architecture setup consisting of two different tools, Terraform and Ansible.Terraform is used in order to provision the required instances on Cloud.Whereas, ansible is used to configure our application.

arch2

Setup

Sample Video Demonstrations

Sample video output can be found out for Google Cloud Platform here :

IMAGE ALT TEXT HERE

Terraform

For getting started with ansible,choose your cloud premise:

ami-9a3322f9 - RedHat 7.3 Image

For AWS usage you can create a universal Access and Secret Key ID at

IAM Console -> Access Keys (Access Key ID and Secret Access Key)

Replace your Access ID and Secret Key ID here

The main.tf file contains the provisioning of ec2 instance including creation of security group.

  1. Like in AWS,we have security credentials for accessing unlimited resources,in gcp we can use a security key in JSON format in order to use the resources.This can be generated by visiting

Google Cloud Dashboard -> IAM & Admin -> Service Accounts -> Choose a Service Account -> Options -> Create Key

  1. Download this json key and keep it under

terraform-ansible-setup -> GCP -> YOUR-ACCOUNT-ID.JSON

For my reference,I have name it as account.json in my variables.tf file

  1. Connect your terminal with gcp via ssh using the following command:
$ sudo cat ~/.ssh/id_rsa.pub
  1. Copy and Paste the above output at

Google Cloud Dashboard -> Compute Engine -> Metadata -> SSH Keys -> Add New Key

  1. Install the gcloud cli using :
$ curl https://sdk.cloud.google.com | bash
  1. Make sure to authorize permissions:
$ sudo chown -R ${USER} /home/${USER}/.config/gcloud
  1. Use the below command to verify gcloud cli with your account:
$ sudo gcloud auth login

You can now check gcloud cli working by running any of the gcloud available commands such as gcloud compute machine-types list etc.

  1. Now you can run your commands to kickstart 3 vm instaces (sample1,sample2,sample3) using
$ terraform get
$ terraform plan
$ terraform apply

Ansible

In order to use ansible I am using the config at dynamic inventory located at /etc/ansible/ansible.cfg and /etc/ansible/hosts.Here are the changes I made after configuration:

[defaults]

# some basic default values...

inventory      = /etc/ansible/hosts
library        = /usr/share/my_modules/
remote_tmp     = $HOME/.ansible/tmp
local_tmp      = $HOME/.ansible/tmp
forks          = 5
poll_interval  = 15
sudo_user      = root
#ask_sudo_pass = True
#ask_pass      = True
#transport      = smart
remote_port    = 22
#module_lang    = C
#module_set_locale = True

# uncomment this to disable SSH key host checking
host_key_checking = False

# if True, make ansible use scp if the connection type is ssh
# (default is sftp)
scp_if_ssh = True

[selinux]
# file systems that require special treatment when dealing with security context
# the default behaviour that copies the existing context or uses the user default
# needs to be changed to use the file system dependent context.
#special_context_filesystems=nfs,vboxsf,fuse,ramfs

# Set this to yes to allow libvirt_lxc connections to work without SELinux.
libvirt_lxc_noseclabel = yes

/etc/ansible/hosts file:

[local]
127.0.0.1 ansible_connection=local

[ec2]
XX.XX.XX.XX ansible_user=ubuntu

[gce]
XX.XX.XX.XX ansible_ssh_user=ubuntu
XX.XX.XX.XX ansible_ssh_user=ubuntu
XX.XX.XX.XX ansible_ssh_user=ubuntu

[gce1]
XX.XX.XX.XX ansible_ssh_user=ubuntu

Ansible Playbooks Manual Configurations

Ref

ssh-agent bash
ssh-add <path to private key>

Set hosts: parameters according to the cloud provider you want,for example:

hosts: aws
hosts: gce
hosts: azure
Files AWS GCP Azure
consul.yml *Nil * Nil Nil
k8s.yml export KUBERNETES_PROVIDER=aws export KUBERNETES_PROVIDER=gce export KUBERNETES_PROVIDER=azure

You can start by setting up your aws enviornment EC2 instance using ec2-configure.yml playbook present in playbooks directory,using the below command:

$ ansible all -m ping --ask-pass --ask-sudo-pass
$ sudo ansible-playbook ec2-configure.yml -vv --private-key  <path-to-keypair>

For running ansible via local machine:

$ ansible all -m ping --ask-pass --ask-sudo-pass
sudo ansible-playbook <NAME>.yml --private-key = <NAME-OF-FILE>

License

MIT License

About

Setting up your complete infrastructure on cloud premises using Infrastructure as a Code

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • HCL 89.4%
  • Shell 10.6%