Using Ansible to Deploy Amazon Lightsail VPS Instances

Ansible is a configuration management tool that makes it easy to automate the deployment and configuration of your infrastructure. You can use it to spin up thousands of servers in record time. This tutorial will demonstrate how to provision multiple Amazon Lightsail Virtual Private Server (VPS) instances and configure them to host a static site with NGINX.

Before we begin

You will need an Amazon AWS account and the latest version of Ansible installed on your machine. The steps in this tutorial are tested on a MacBook Pro with Ansible Version 2.11.4.

Step 1: Create Directory Structure

Create a directory on your machine to store the playbooks and inventory files. Run the following command to create and change into the directory.

mkdir -p ~/ansible/lightsaildemo && cd ~/ansible/lightsaildemo

Step 2: Create Inventory File

Create a file called hosts.yml and add the following YAML config.

web:
  hosts:
    web01.example.com:
      zone: "us-east-1a"
    web02.example.com:
      zone: "us-east-1b"
  vars:
    ansible_user: ubuntu
    ansible_ssh_private_key_file: /tmp/lightsail-key.cer

This inventory file defines two hosts which means two VPS instances will be created. The zone variable is used to place the instances in different zones inside the same region.

It also specifies the location of the private key that will be used to connect to the instances. The first task of the playbook we create in the next step will download the key to this location.

Step 3: Create Lightsail Playbook

Create a file called lightsail.yml and add the following YAML config.

- hosts: localhost
  gather_facts: no
  vars: 
    region: us-east-1
    blueprint: ubuntu_20_04
    bundle: nano_2_0
  tasks:

  - name: Download Default Key Pair
    shell: "aws --region {{ region }} lightsail download-default-key-pair --output text --query privateKeyBase64 > /tmp/lightsail-key.cer"

  - name: Modify Private Key Permissions
    command: "chmod 600 /tmp/lightsail-key.cer"

  - name: Create Lightsail VPS Instance
    community.aws.lightsail:
      name: "{{ item }}"
      region: "{{ region }}"
      zone: "{{ hostvars[item].zone }}"
      blueprint_id: "{{ blueprint }}"
      bundle_id: "{{ bundle }}"
      user_data: "sudo apt update"
      state: present
    with_inventory_hostnames:
      - web
    register: instance_result

  - name: Save IP and hostname to local hosts file /etc/hosts
    become: yes
    lineinfile:
      path: /etc/hosts
      regexp: '.*{{ item.instance.name }}$'
      line: "{{ item.instance.public_ip_address }}  {{ item.instance.name }}"
    with_items: "{{ instance_result.results }}"

There are four tasks in the playbook above. The first task downloads the private key to /tmp and the second makes it so only the current user can read it.

The third task creates the Lightsail VPS and waits for a response containing its public IP address. We are using with_inventory_hostnames so that the task creates an instance for each host in the web section of the inventory file.

The last task stores the hostname and IP address of each VPS instance in your local hosts file.

Step 4: Create NGINX Playbook

Create a file called nginx.yml and add the following YAML config.

- hosts: web
  become: true
  tasks:

  - name: "apt-get update"
    apt:
      update_cache: yes
      cache_valid_time: 3600
  
  - name: "install nginx"
    apt:
      name: ['nginx', 'ssl-cert']
      state: latest

Step 5: Run Playbooks

With the playbooks created, it’s time to test them out. Run the following command to create the Lightsail instances and save the public IP addresses to your hosts file.

ansible-playbook -i hosts.yml lightsail.yml --ask-become-pass

Once the playbook above has finished, the hosts should be created and the IP addresses saved in your local hosts file (/etc/hosts).

Now we can run the nginx.yml playbook to install NGINX on the VPS instances by running the command below.

ansible-playbook -i hosts.yml nginx.yml

Test

If all went to plan, you should now see the NGINX welcome page when entering the hostnames into a browser as you can see from the screen shot below.

That’s it

We now have two Amazon Lightsail VPS instances with NGINX installed and they were deployed by running two simple commands.