Harish Narnaware's team blog

Provisioning using Terraform and ansible

Harish Narnaware's photo
Harish Narnaware
·

2 min read

The basic configuration is ansible and Terraform is installed on machine

[defaults]
inventory = ./inventory
deprecation_warnings = False
remote_user = ansibletest
host_key_checking = False

[privilege_escalation]
become = true
become_method = sudo
become_user = root
become_ask_pass = False
  • the ansible.cfg file customizes Ansible's behavior for your environment. It specifies settings related to inventory, deprecation warnings, SSH host key checking, and privilege escalation, making it suitable for automating tasks with Ansible, especially when working with a remote user named "ansibletest" and performing privilege escalation to "root" without password prompts.
#!/bin/bash
        /usr/sbin/useradd ansibletest
        echo "ansibletest        ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers.d/ansibletest
        /usr/bin/mkdir /home/ansibletest/.ssh
        /usr/bin/chown ansibletest:ansibletest /home/ansibletest/.ssh
        /usr/bin/chmod 700 /home/ansibletest/.ssh
        echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCn7++ayFuzikt9SghXgz/ianXrCTNauSPZPgg8AzpvOWfsZUyjZ0cmgfhywPKADvM7/cBvix7MTtltwWzDe+Zgo7kBA1T6nabxeZ/UQMcn2lPcYc5hh3jz81lHOqz7BXCm4w5l+GLcvW1YsaIzVmyiASQthM1zRLQXJtwZPJRZdM7BQHYAGgnzm2TA0sjEMiytUQQKEWfkdRfoh5Be0P9OxdPtfTARwJcGreiRmJbwbPHLCsP7UVsIshHREIff7GR4l4llHvBV+B9O/SRc2YX+0NsrDyN8QEdT/0FXhuPrKxdCnm27iFpbF/e5dBWh0nj874ZCmfx4IqgbN3ekpoad internkey" >> /home/ansibletest/.ssh/authorized_keys
        /usr/bin/chmod 600 /home/ansibletest/.ssh/authorized_keys
        /usr/bin/chown ansibletest:ansibletest /home/ansibletest/.ssh/authorized_keys
  • The installcommand.sh script is used for setting up a user, configuring sudo privileges without password prompts, creating an SSH directory and authorized keys for that user, and ensuring appropriate permissions and ownership on the SSH-related files. This setup is commonly used when preparing a system to be managed and automated using Ansible.
resource "aws_instance" "r100c96" {
  ami               = "ami-0a9d27a9f4f5c0efc"
  instance_type     = "t2.micro"
  availability_zone = "ap-south-1b"
  key_name          = "internkey"
  user_data         = file("installcommand.sh")
  tags = {
    Name = "Terraform-diff-linux"
  }

  provisioner "local-exec" {
    command = "echo ${aws_instance.r100c96.public_dns} > inventory"
  }

  provisioner "local-exec" {
    command = "sleep 150"
  }

  provisioner "local-exec" {
    command = "ansible all -m shell -a 'yum -y install httpd; systemctl restart httpd'"
  }

}

output "ip" {
  value = aws_instance.r100c96.public_ip
}

output "publicName" {
  value = aws_instance.r100c96.public_dns
}
  • The instance.tf file defines an AWS EC2 instance, specifying its AMI, instance type, availability zone, SSH key pair, user data script, tags, and provisioners. When you apply this Terraform configuration, it will create an EC2 instance with the specified settings and execute the defined provisioners to configure it as needed, including setting up Apache using Ansible.
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 2.70"
    }
  }
}


provider "aws" {
  profile = "default"
  region  = "ap-south-1"
}
  • The provider.tf file is used to declare and configure the AWS provider for your Terraform project. It specifies the source and version constraints for the provider and sets the authentication profile and AWS region to use when creating and managing resources in AWS. This allows Terraform to interact with AWS using the specified provider configuration.

terraform init


terraform plan


terraform apply --auto-approve

  • If you check ip and hit url and you can see http server is running with ansible configure.