Using Ansible to Deploy Amazon Lightsail VPS Instances
Ansible is a configuration management tool that makes it easy to automate the deployment and configuration of your infrastructure. You can use it to spin up thousands of servers in record time. This tutorial will demonstrate how to provision multiple Amazon Lightsail Virtual Private Server (VPS) instances and configure them to host a static site with NGINX.
Before we begin
You will need an Amazon AWS account and the latest version of Ansible installed on your machine. The steps in this tutorial are tested on a MacBook Pro with Ansible Version 2.11.4.
Step 1: Create Directory Structure
Create a directory on your machine to store the playbooks and inventory files. Run the following command to create and change into the directory.
mkdir -p ~/ansible/lightsaildemo && cd ~/ansible/lightsaildemo
Step 2: Create Inventory File
Create a file called hosts.yml
and add the following YAML config.
web:
hosts:
web01.example.com:
zone: "us-east-1a"
web02.example.com:
zone: "us-east-1b"
vars:
ansible_user: ubuntu
ansible_ssh_private_key_file: /tmp/lightsail-key.cer
This inventory file defines two hosts which means two VPS instances will be created. The zone
variable is used to place the instances in different zones inside the same region.
It also specifies the location of the private key that will be used to connect to the instances. The first task of the playbook we create in the next step will download the key to this location.
Step 3: Create Lightsail Playbook
Create a file called lightsail.yml
and add the following YAML config.
- hosts: localhost
gather_facts: no
vars:
region: us-east-1
blueprint: ubuntu_20_04
bundle: nano_2_0
tasks:
- name: Download Default Key Pair
shell: "aws --region {{ region }} lightsail download-default-key-pair --output text --query privateKeyBase64 > /tmp/lightsail-key.cer"
- name: Modify Private Key Permissions
command: "chmod 600 /tmp/lightsail-key.cer"
- name: Create Lightsail VPS Instance
community.aws.lightsail:
name: "{{ item }}"
region: "{{ region }}"
zone: "{{ hostvars[item].zone }}"
blueprint_id: "{{ blueprint }}"
bundle_id: "{{ bundle }}"
user_data: "sudo apt update"
state: present
with_inventory_hostnames:
- web
register: instance_result
- name: Save IP and hostname to local hosts file /etc/hosts
become: yes
lineinfile:
path: /etc/hosts
regexp: '.*{{ item.instance.name }}$'
line: "{{ item.instance.public_ip_address }} {{ item.instance.name }}"
with_items: "{{ instance_result.results }}"
There are four tasks in the playbook above. The first task downloads the private key to /tmp
and the second makes it so only the current user can read it.
The third task creates the Lightsail VPS and waits for a response containing its public IP address. We are using with_inventory_hostnames
so that the task creates an instance for each host in the web
section of the inventory file.
The last task stores the hostname and IP address of each VPS instance in your local hosts file.
Step 4: Create NGINX Playbook
Create a file called nginx.yml
and add the following YAML config.
- hosts: web
become: true
tasks:
- name: "apt-get update"
apt:
update_cache: yes
cache_valid_time: 3600
- name: "install nginx"
apt:
name: ['nginx', 'ssl-cert']
state: latest
Step 5: Run Playbooks
With the playbooks created, it’s time to test them out. Run the following command to create the Lightsail instances and save the public IP addresses to your hosts file.
ansible-playbook -i hosts.yml lightsail.yml --ask-become-pass
Once the playbook above has finished, the hosts should be created and the IP addresses saved in your local hosts file (/etc/hosts).

Now we can run the nginx.yml
playbook to install NGINX on the VPS instances by running the command below.
ansible-playbook -i hosts.yml nginx.yml
Test
If all went to plan, you should now see the NGINX welcome page when entering the hostnames into a browser as you can see from the screen shot below.

That’s it
We now have two Amazon Lightsail VPS instances with NGINX installed and they were deployed by running two simple commands.