Automating System Updates and Package Installations on AWS EC2 Instances using Ansible

Automating System Updates and Package Installations on AWS EC2 Instances using Ansible

Table of contents

Introduction:

Managing multiple servers and ensuring consistent software updates can be a time-consuming task for system administrators. In this blog post, we'll explore how Ansible, a powerful automation tool, can help streamline the process of updating and installing packages on a fleet of AWS EC2 instances. We'll focus on the scenario where we have five EC2 instances, and the goal is to update the machines, install Python 3, and Java 17.

Table of Contents:

  1. The Challenge: Updating Multiple EC2 Instances

  2. Introducing Ansible and its Push-Based Mechanism

  3. Setting Up the Ansible Control Machine 3.1. Creating the Project Folder

  4. Creating the Inventory File

  5. Crafting the Playbook

  6. Executing the Automation

  7. Conclusion

  1. Updating Multiple EC2 Instances: As system administrators, maintaining and updating software across multiple EC2 instances can be a time-consuming and error-prone task. Manually logging into each instance and performing updates individually is inefficient and prone to human error. To address this challenge, we can leverage Ansible to automate the process and ensure consistency across our infrastructure.

  2. Introducing Ansible and its Push-Based Mechanism: Ansible is an open-source automation tool that operates on a push-based mechanism. Instead of relying on agents or daemons running on target machines, Ansible connects to remote hosts using SSH and executes commands remotely. This push-based approach eliminates the need for installing and managing additional software on the target machines, making it lightweight and easy to set up.

  3. Setting Up the Ansible Control Machine: Before we can begin using Ansible, we need to set up the control machine, which will act as the hub for managing our EC2 instances. Ensure that Ansible is installed on your local machine by following the installation instructions provided by Ansible's official documentation.

3.1. Creating the Project Folder: Start by creating a project folder with a suitable name, such as "ansible-ec2-automation," to organize your Ansible-related files. Open a terminal or command prompt and navigate to the desired location. Use the following command to create the folder:

mkdir ansible-ec2-automation
cd ansible-ec2-automation
  1. Creating the Inventory File: An inventory file is used to define the target hosts and their connection details. In our case, we'll create an inventory file named inventory.ini using the INI format. Replace the <IP_AddressX>, <Username>, and <Path_to_Private_Key> placeholders with the actual information for your EC2 instances:
[ec2_servers]
server1 ansible_host=192.168.1.101 ansible_user=ubuntu ansible_ssh_private_key_file=./aws-config/private_key.pem
server2 ansible_host=192.168.1.102 ansible_user=ubuntu ansible_ssh_private_key_file=./aws-config/private_key.pem
server3 ansible_host=192.168.1.103 ansible_user=ubuntu ansible_ssh_private_key_file=./aws-config/private_key.pem
server4 ansible_host=192.168.1.104 ansible_user=ubuntu ansible_ssh_private_key_file=./aws-config/private_key.pem
server5 ansible_host=192.168.1.105 ansible_user=ubuntu ansible_ssh_private_key_file=./aws-config/private_key.pem

Ensure that the SSH username and private key file path match your EC2 instances' configuration. In our assumed setup, we assume that the private SSH key file is present in the same project folder under the aws-config directory.

  1. Crafting the Playbook: Create a playbook file, such as `

update_and_install.yml`, to define the tasks for automating the system updates and package installations. Open a text editor and add the following content to the playbook file:

- name: Update and Install Packages
  hosts: ec2_servers
  become: yes

  tasks:
    - name: Update system packages
      apt:
        upgrade: safe
        update_cache: yes

    - name: Install Python 3
      apt:
        name: python3
        state: "{{ python_state | default('present') }}"

    - name: Install Java 17
      apt:
        name: openjdk-17-jdk
        state: "{{ java_state | default('present') }}"

In this playbook, we define a play called "Update and Install Packages" that targets the hosts group ec2_servers from our inventory file. The become: yes directive allows the playbook to execute tasks with escalated privileges, if necessary.

The playbook consists of three tasks:

  • The first task updates the system packages using the apt module.

  • The second task installs Python 3 using the apt module. The state parameter is set to a variable python_state, which can be overridden at runtime.

  • The third task installs Java 17 using the apt module. The state parameter is set to a variable java_state, which can be overridden at runtime.

By using variables, we make the state parameter dynamic, allowing users to choose whether to install or uninstall packages by passing the desired state during runtime.

  1. Executing the Automation: To execute the playbook and automate the system updates and package installations, open a terminal or command prompt and navigate to the project folder where your playbook and inventory files are located. Run the following command to install or uninstall Python and Java on all EC2 instances:
ansible-playbook -i inventory.ini update_and_install.yml --extra-vars "python_state=present java_state=present"

This command will install Python 3 and Java 17 on all EC2 instances specified in the inventory file. You can modify the python_state and java_state variables to absent if you want to uninstall the packages instead.

If you want to target specific instances, you can specify the host group or individual hosts using the -l flag. For example, to update and install packages on server1 and server3, run the following command:

ansible-playbook -i inventory.ini update_and_install.yml --extra-vars "python_state=present java_state=present" -l server1,server3

Feel free to customize the inventory file, playbook, and command according to your requirements.

  1. Conclusion: By leveraging Ansible's push-based mechanism and its ability to execute tasks remotely over SSH, we can automate the process of updating and installing packages on multiple AWS EC2 instances. This approach not only saves time but also ensures consistency across our infrastructure. In this blog post, we covered the setup of the Ansible control machine, the creation of the inventory file, crafting the playbook, and executing the automation. With Ansible's simplicity and power, system administrators can streamline their management tasks and focus on more critical aspects of their infrastructure.

Remember to customize the inventory file with the actual IP addresses, SSH usernames, and private key file paths of your EC2 instances. Ensure that the private key file is present in the aws-config directory within your project folder. Happy automating with Ansible!