After learning about terraform and doing some projects with it. I wanted to learn how to integrate ansible with terraform so that Ansible can be used as a configuataion managemnt tool.
We have learned how to use terraform with userdata to deploy wordpress and also successfully tested Terraform with remote-exec and file proviosner instead of userdata. Now in this tutorial I am going to show, how can we use ansible in Terraform to configure the provisioned resources.
Terraform is Provisoned managment tool which can proviosion AWS EC2 and RDS for our webserving purpose and Ansible is configuration Management tool via which we can install WordPress and Install webserver in it.
For this tutorial , ansible should be installed in your local system. Since ansible cannot be directly installed on Windows device , you can use WSL2 for this purpose. For Linux system install Ansible directly in you system.
Ansible playbook will be first rendered by terraform so that it can populated database values into it and then Ansible will run rendered playbook using local-exec provisioner.
Prerequisites
3. Configure your AWS with aws configure commmand
AWS Resources
I am going to create an EC2 instance where WordPress will be installed and an RDS instance where MySQL database for WordPress will be provisioned.
We are going to use Terraform to automate cloud infrastructure (i.e create instances and security groups) and Ansible to install an apache server and WordPress.
We are going to create VPC under which we are going to create 3 subnets in three different Availability zone.
EC2 will be provisioned to public subnet and RDS will be installed to private subnet.
Terraform script workflow
Terraform will use AWS CLI to interact with AWS resources. After confirming correct credentials, terraform start creating resources according to the written TF script. Terraform creates resources in a parallel manner but if one resource depends upon another resource, Terraform makes sure that the initial resource is created first. For eg security group is created before creating the instance.
In this case, since the WordPress database depends upon the RDS endpoint, I use depends_on on EC2 resource script to avoid creating EC2 instances before RDS.
Process
Make sure terraform is installed and AWS credentials are properly configured.
Download and unzip terraform projects here
The project consists of the following files:
- main_script.tf Terraform script defining all required resources
- terraform.tfvars User values of varaiable used in the project
- user.tfvars User defined Database password
- playbook_test.yml Ansible playbook for AWS LInux 2
- file/wp-config.php.j2 WordPress configuration file for WordPress
- variables.tf Variables value for aws resources
Go to the directory where you unzipped the downloaded project. Use any IDE to edit the variable in terraform.tfvars file. Change WordPress database user password in user.tfvars file. You can change database entries and EC2 instance types. Make sure you have the correct ami id ( for AWS LINUX 2 ) for the region.
Open a command prompt and navigate to the project folder and
Run git clone https://github.com/devbhusal/terraform-ansible-wordpress.git
Go to the project folder cd terraform-ansible-wordpress
Initialize Terraform terraform init to install the plugin.
Generate Keypair using ssh-keygen -f mykey-pair
To verify what resources will create run
terraform plan -var-file="user.tfvars"
To apply run terraform apply -var-file="user.tfvars"
The elastic IP address will be displayed after all resources have been created.
After successfull provisioning of AWS Resources,Using remote-exec and private key, EC2 instance will be connected via SSH. Yum will be updated and Python will be installed so that local ansible server can communicate with the provisoned EC2 . Once Installation is done ,Using local exec , Ansible playbook will be run against provisioned EC2. Once Installation is done ,You will be provided with Public Ip address of WebServer.
Type IP address in your favorite web browser to confirm WordPress is installed. You will be prompted with a select language installation page.
To destroy all resources created by Terraform run terraform destroy -var-file="user.tfvars"
Thank you for reading!
Follow devbhusal/terraform-ansible-wordpress (github.com)
Hi Dev, this is impressive.
There are few arguments in ec2 instances resource and db resource deprecated now but it was easy to replace them as advised by terraform.
In the last step when local-exec is running, I encounter error related to “ANSIBLE_HOST_KEY_CHECKING=FALSE” with details
exit status 1. Output: ‘ANSIBLE_HOST_KEY_CHECKING’ is not recognized as an internal or external command,operable program or batch file.
Can you please advise how to address this issue?
Hi Mohsin,
Thank you for reaching out. I have updated the git repo with latest code to fix some terraform version issue and ansible issue. Please clone https://github.com/devbhusal/terraform-ansible-wordpress . Please let me know , if you have any questions
Hi Dev,
Your didactics are impressive! The error of the friend above, continues! Do you have any tips on how to solve it?
“ANSIBLE_HOST_KEY_CHECKING=FALSE” with details
exit status 1. Output: ‘ANSIBLE_HOST_KEY_CHECKING’ is not recognized as an internal or external
Thank you dude!
Hi Roger,
I am not sure why the error is still there. Instead of using Ansible native command line, we have used environment variable ( export ANSIBLE_HOST_KEY_CHECKING=False )which Ansible will pick during runtime.
can you please provide me the Ansible version you are using?