-
Notifications
You must be signed in to change notification settings - Fork 0
gdilawari/gansible
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
AWS/Ansible/WordPress
Summary:
This project creates a Web Instance for WordPress setup. AWS Cloud Formation
template that accepts user inputs as parameters and uses Configuration Management
tool – Ansible to create the Web Instance and installs WordPress.
Top level details:
1. AWS Cloud Formation template attached below (YAML), deploys VPC,
two public subnets, internet gateway, security groups, Internet Gateway and
EC2 (t2.micro), routing and installs Amazon Linux Ami.- Region =US-east-1
2. User is asked to enter several parameters related to WordPress and MySQL
admin passwords etc. and the KeyName. The template uses default cider for VPC
and subnets but can be overwritten by the user.
3. User is also asked to enter the Access Key and SecretKey.
4. The Cloud Formation, once the infrastructure is setup uses the UserData
capability to install EPEL (package loader, other necessary software and
Ansible – Configuration management tool).
5. A github repository is cloned from Githib.com that contains WordPress
playbook.
6. Ansible executes the playbook wordpress.yml.
7. The playbook uses wordpress_stack.yml.j2 to call AWS cloud formation
to create an EC2 in Public subnet B.
8. Wordpress_stack template uses the EC2 UserData to load
– httpd24, php56, php-56-mysqlnd mysql-server and mysql and starts the service
mysqld and httpd. It uses wget to download wordpress latest release and
installs it. User provided passwords are configured for WordPress and Myql.
Note: there are several ways to use the combination of AWS and Configuration
Management tool like Ansible and we have chosen a simple way to make the
solution happen. Good part of Ansible is that it is agent-less.
The following Cloud Formation Template starts the AWS stack:
Once the EC2 in region us-east-ib has been created, you can copy the Public IP
address and use it a browser to access the WordPress demo site.
AWSTemplateFormatVersion: '2010-09-09'
Description: >-
This CF template creates a VPC, Subnet A and Subnet B - both public. It
creates all necessary routes and attaches Internet gateway. It creates an EC2
and UserData is used to execute rest of the commands. It loads package loader
epel followed by boto3 and Ansible. It clones an Ansible/Wordpress git
repository from Github. It uses Ansible to execute a play-book to create
an EC2 and download all necessary software to run Word-press blog.
Parameters:
vpccidr:
Type: String
MinLength: 9
MaxLength: 18
AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/\\d{1,2}"
ConstraintDescription: Must be a valid CIDR in the form x.x.x.x/16
Default: 10.20.0.0/16
psharedacidr:
Type: String
MinLength: 9
MaxLength: 18
AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
ConstraintDescription: Must be a valid CDR range in the form x.x.x.x/22
Default: 10.20.0.0/22
psharedbcidr:
Type: String
MinLength: 9
MaxLength: 18
AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
ConstraintDescription: Must be a valid CDR range in the form x.x.x.x/22
Default: 10.20.4.0/22
mysqlrootpass:
Type: String
MinLength: 8
MaxLength: 16
NoEcho: 'true'
mysqlwordpress:
Type: String
MinLength: 8
MaxLength: 16
NoEcho: 'true'
wordpressadminpass:
Type: String
MinLength: 8
MaxLength: 16
NoEcho: 'true'
wordpressadminemail:
Type: String
wpinstancekey:
Type: AWS::EC2::KeyPair::KeyName
Description: SSH key pair to use for WP instance
ansibleinstancekey:
Type: AWS::EC2::KeyPair::KeyName
Description: SSH key pair to use for Ansible instance
accesskeyid:
Type: String
NoEcho: 'true'
secretaccesskey:
Type: String
NoEcho: 'true'
Resources:
VPC:
Type: "AWS::EC2::VPC"
Properties:
CidrBlock: !Ref vpccidr
IGW:
Type: "AWS::EC2::InternetGateway"
SG:
Type: "AWS::EC2::SecurityGroup"
Properties:
VpcId: !Ref VPC
GroupDescription: "Enable SSH access via port 22 and open port 80"
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
IpProtocol: tcp
ToPort: "80"
FromPort: "80"
- CidrIp: 0.0.0.0/0
IpProtocol: tcp
ToPort: "22"
FromPort: "22"
- CidrIp: 0.0.0.0/0
IpProtocol: tcp
ToPort: "443"
FromPort: "443"
EC2Instance01:
Type: "AWS::EC2::Instance"
DeletionPolicy: Delete
Properties:
ImageId: ami-1853ac65 # Amazon Linux 2017.09.1 hvm
InstanceType: t2.micro
KeyName: !Ref ansibleinstancekey
SecurityGroupIds:
- !Ref SG
Tags:
- Key: "Name"
Value: !Sub
- ${stack}-ansible-instance
- { stack: !Ref 'AWS::StackName'}
SubnetId: !Ref SubnetPublicSharedA
UserData:
"Fn::Base64":
!Sub |
#!/bin/bash
yum update -y
sudo yum-config-manager --enable epel
yum install git -y
pip install --upgrade pip
ln -sf /usr/local/bin/pip /usr/bin/pip
pip install awscli
pip install boto3
pip install ansible
ln -sf /usr/local/bin/ansible /usr/bin/ansible
ln -sf /usr/local/bin/ansible-playbook /usr/bin/ansible-playbook
git clone https://github.com/gdilawari/gansible.git
export AWS_DEFAULT_REGION=us-east-1
export AWS_ACCESS_KEY_ID=${accesskeyid}
export AWS_SECRET_ACCESS_KEY=${secretaccesskey}
ansible-playbook gansible/wordpress.yml -e "wordpress_mode=create" -e "master_stack_name=${AWS::StackName}" -e "application_stack_name=${AWS::StackName}-wordpress" -e "key_pair_name=${wpinstancekey}" -e "mysql_root_pass=${mysqlrootpass}" -e "mysql_wordpress_pass=${mysqlwordpress}" -e "wordpress_admin_pass=${wordpressadminpass}" -e "wordpress_admin_email=${wordpressadminemail}"
S3OneBucket:
DeletionPolicy: Retain
Type: "AWS::S3::Bucket"
Properties:
AccessControl: PublicRead
WebsiteConfiguration:
ErrorDocument: index.html
IndexDocument: index.html
GatewayAttach:
Type: "AWS::EC2::VPCGatewayAttachment"
Properties:
InternetGatewayId: !Ref IGW
VpcId: !Ref VPC
SubnetPublicSharedA:
Type: "AWS::EC2::Subnet"
Properties:
AvailabilityZone: !Select [0, !GetAZs ]
CidrBlock: !Ref psharedacidr
MapPublicIpOnLaunch: true
VpcId: !Ref VPC
SubnetPublicSharedB:
Type: "AWS::EC2::Subnet"
Properties:
AvailabilityZone: !Select [1, !GetAZs ]
CidrBlock: !Ref psharedbcidr
MapPublicIpOnLaunch: true
VpcId: !Ref VPC
SubnetRouteTableAssociatePublicA:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId: !Ref RouteTablePublic
SubnetId: !Ref SubnetPublicSharedA
SubnetRouteTableAssociatePublicB:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId: !Ref RouteTablePublic
SubnetId: !Ref SubnetPublicSharedB
RouteDefaultPublic:
Type: "AWS::EC2::Route"
DependsOn: GatewayAttach
Properties:
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref IGW
RouteTableId: !Ref RouteTablePublic
RouteTablePublic:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId: !Ref VPC
Outputs:
vpcid:
Description: ID of Shared Infrastructure VPC
Value: !Ref VPC
publicroutetable:
Description: ID of Public Route Table
Value: !Ref RouteTablePublic
About
No description or website provided.
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published