Amazon AWS

AWS

WARNING: OUTDATED NEEDS UPDATE OR USE MOADSD-NG-SERVER!!

• AWS
  • Running multiple MOADSD-NGs on AWS within the same subscription
  • Next Step

We're now configuring the environment for Amazon AWS.

File: vars/environment_aws_vars.yml.sample

Next, we create our vars file for Amazon AWS.

cp vars/environment_aws_vars.yml.sample vars/environment_aws_vars.yml

File: vars/environment_aws_vars.yml

Most is identical to GCP, explaining only the differences here

The settings of your AWS project to use

# #####################################################################
# AWS Cloud Settings
# #####################################################################
aws_zone: <zone>                      e.g. eu-central-1a
aws_region: <region>                  e.g. eu-central-1
aws_vpc_cidr_block: <vpc-cidr>        e.g. '10.0.0.0/16'
aws_subnet_cidr_block: <subnet-cidr>  e.g. '10.0.1.0/24'

The availability of AMIs is depended on the AWS region you are using. Within the sample files the eu-central-1 region is used. If you are using a different region you need to verify the availability of the referenced AMIs or search for alternatives within your region. When you need to modify the configuration, search within the file for _source_image: and update the ami reference.

The source images in use for the instances in eu-central-1 are listed below:

• Ubuntu Server 18.04 LTS (HVM),EBS General Purpose (SSD) Volume Type

  • ami-0ac05733838eabc06

• RHEL-7.6_HVM_GA-20181017-x86_64-0-Hourly2-GP2

  • ami-00e37cffd3bb3ac8d

• Microsoft Windows 2016 Datacenter edition. [English]

  • ami-0cbf1b1038bbb408d

File: vars/environment_aws_secrets.yml.sample

Next, we create our secrets file for Amazon AWS and encrypt it with our password file.

cp vars/environment_aws_secrets.yml.sample vars/environment_aws_secrets.yml
ansible-vault encrypt --vault-password-file ../.vault-pass.txt \
    vars/environment_aws_secrets.yml

File: vars/environment_aws_secrets.yml

ansible-vault edit --vault-password-file ../.vault-pass.txt \
    vars/environment_aws_secrets.yml

Specify your AWS credentials

---
aws_access_key: <access key>
aws_secret_key: <secret key>
aws_key_name: moadsd-ng
aws_pem: /home/ansible/.ssh/moadsd-ng

File: ec2.py

The best way to interact with your hosts is to use the ec2 inventory plugin, which dynamically queries AWS and tells Ansible what nodes can be managed.

Since we're going to use python3 change the first line in ec2.py from

vi ./ec2.py

#!/usr/bin/env python

to

#!/usr/bin/env python3

Execute

ansible-inventory --list -i ec2.py

File: ec2.ini

Change the regions variable within the ec2.ini to the region you are using:

# AWS regions to make calls to. Set this to 'all' to make request to all regions
# in AWS and merge the results together. Alternatively, set this to a comma
# separated list of regions. E.g. 'us-east-1,us-west-1,us-west-2' and do not
# provide the 'regions_exclude' option. If this is set to 'auto', AWS_REGION or
# AWS_DEFAULT_REGION environment variable will be read to determine the region.
regions = all

So change all e.g. to eu-central-1.

Running multiple MOADSD-NGs on AWS within the same subscription

Yes, that is possible :) when the MOADSD-NGs are running in different regions. The procedure is as following:

1. Configure the first MOADSD-NG as described above and deploy
2. For the second, third, ... MOADSD-NG change the region and zone within the files

• environment_aws_vars.yml
• ec2.ini

3. Rerun aws configure and change the scope of aws cli to the desired region
4. Figure out the AMI IDs of the to be used instances, they differ from region to region. Finally change the respective values in environment_aws_vars.yml
5. Finally run site and deploy. Optionally repeat from step 2.

Next Step

• Site Secrets