Monday, April 27, 2020

Provision EC2 instance using Puppet on AWS - Puppet to create EC2 instances in AWS

Puppet is an Infrastructure provisioning tool, similar to Ansible, Chef. We will see how to create EC2 instances in AWS using Puppet in this article.

Please watch the steps in action in YouTube:

 
How to provision an EC2 instance using Puppet?

Pre-requisites:
Make sure you have installed Puppet Master along with required AWS SDK gems
Make sure you have access keys+ secret keys created.

Go to the instance where you have installed Puppet Master.
cd ~

Now you need to create AWS credentials file. Create .aws directory under /home/ubuntu
sudo mkdir ~/.aws

Create the file to add credentials. make sure you give access key and secret keys:

sudo vi ~/.aws/credentials
[default]
aws_access_key_id = ?
aws_secret_access_key = ?

Now execute the below command just to make sure it is showing the information about current instance by executing below command:

sudo /opt/puppetlabs/bin/puppet resource ec2_instance











if you have any error, apply the below fix:
puppet module install puppetlabs-aws --force

Now let us create puppet modules to create new EC2 instance. Go into modules directory.
cd /opt/puppetlabs/puppet/modules/

create directory by 
sudo mkdir aws-examples
cd aws-examples

Go to VPC dashboard by typing VPC


Click on Subnets.

Make sure you give subnet name as subnet Ids. Copy any subnet ID and use it below:


Create Puppet Manifests

Create the below file called create-ec2.pp by executing below command:
sudo vi create-ec2.pp 

and then copy below code, make sure you change region, subnet name and key name based on yours

ec2_instance { 'Puppet Agent':
    ensure              => present,
    region              => 'us-east-2',
    image_id            => 'ami-07c1207a9d40bc3bd',
    instance_type       => 't2.small',
    security_groups     => ['mySecurityGroup'],
    subnet              => 'subnet-cd310ab7',
    key_name            => 'mykeyName',
  }

ec2_securitygroup { 'mySecurityGroup':
  region      => 'us-east-2',
  ensure      => present,
  description => 'Security group for aws Ec2 instance',
ingress     => [{
    protocol => 'tcp',
    port     => 8080,
    cidr     => '0.0.0.0/0',
  },{
    protocol => 'tcp',
    port     => 80,
    cidr     => '0.0.0.0/0',
  },{
    protocol => 'tcp',
    port     => 22,
    cidr     => '0.0.0.0/0',
 }],
  tags        => {
    tag_name  => 'mySecurityGroup',
},
}

You need to change all the values (high lighted above) per your settings. Make sure you also change the subnet id per your settings. you need to follow the below steps







13. Now execute the below command to create EC2 instance.
sudo /opt/puppetlabs/bin/puppet apply create-ec2.pp

If no errors, login to EC2 console to see the newly created instance.

Note:

If you would like destroy, just change to absent (This STEP is not required for this lab)

sudo vi destroy-ec2.pp
ec2_instance { 
   'Puppet Agent':
    ensure              => absent,
    region              => 'us-east-2',
    image_id            => 'ami-07c1207a9d40bc3bd',
    instance_type       => 't2.micro',
    security_groups     => ['mySecurityGroup'],
    subnet              => 'subnet-aff937d5',
    key_name            => 'mykeyName',
  }

sudo /opt/puppetlabs/bin/puppet apply destroy-ec2.pp

the above command will destroy EC2 instance that was created.

No comments:

Post a Comment

What is GitHub Advanced Security for Azure DevOps | Configure GitHub Advanced Security for Azure DevOps

GitHub Advanced Security for Azure DevOps brings the  secret scanning, dependency scanning  and  CodeQL code scanning  solutions already ava...