Let’s Install and Configure web server on cloud using Ansible

Hi guy’s In this Article I am going to Show you how yo can automate the installation and configure of web server on cloud plus I am also going to show how you can automate the provision of machine or OS on cloud

For the better understanding of this article you should have basic idea about cloud and some of service cloud provide like Compute As service, IAM and security group. To demonstrate this practical I am using AWS public cloud provider.

To use any service AWS provide you must login inside AWS and there are Two way of login

  1. By a root user account which is not recommend and can’t be use for the programmatic and automation purpose.
  2. By a IAM (Identity and Access Management)

So To create IAM we follow following steps

  1. Go to service and under Security, Identity, & Compliance you will find IAM → click on it.
  2. Go to users → click on Add user.
  3. Give some name and password to the user and don’t forget to check on both Programmatic access and AWS Management Console access → click on next: permission.
  4. Click “Use a permissions boundary to control the maximum user permissions” → search for AdministratorAccess Check on it → click on add tag (if you want to add tag you but it isn’t compulsory) →click on review → click on create user.
  5. Please don’t forget to download Access Key ID and secret key ID file else you won’t be able to login via a command line.

Even though we can Create IAM using Ansible too but to create IAM you must have an existing IAM too.

If want to learn the different way of installing and configuring ansible you can checking out my article on Let’s configure Ansible on Local machine, Cloud and Container

Now To automate anything you must know what are manual steps of doing the same . So what are the manual of lunching an EC2 Instance and web server inside of it .

Manual steps to lunching EC2 instance and web server.

Step 1. Create key To login inside provisioned EC2 Instance.

EC2 Instance is like an OS and to login inside OS you need to have some user name and password. By creating a key we are kinda creating password.

So To create Key follow following steps:-

  1. Go to service and under Compute you will find EC2 → click on it.
  2. On EC2 dashboard Click on key pairs.
  3. Click on Create Key Pairs → Give some name to the key → select pem → and Click on Create key pairs.

Step2:- Download and save the private Key.

Step 3:- Create security Group.

  1. Go to service and under Compute you will find EC2 → click on it.
  2. On EC2 dashboard Click on Security groups
  3. Click on Create Security Groups → Give Some name to group and description and select VPC
  4. Add some inbound and outbound rule. In our case we have to add SSH, HTTP and HTTPS which run on port 22, 80 and 443 respectively.

Step 4 :- Lunch EC2 Instance

  1. Go to service and under Compute you will find EC2 → click on it.
  2. Go Instance and Click on Lunch Instance
  3. Select AMI whatever you like in this practical I am using RedHat AMI
  4. Choose Instance type you can choose any but to make this practical free of cost I am using t2.micro and click on Configure Instance Details.
  5. Give number of instance you want to lunch → Select network and Subnet. Remember network must be same as VCP we selected in security group. Click on Add storage
  6. give some strorage and I am giving storage of size 20GG. Click on Add tags
  7. Add tag and click on Add security group → select existing security group →click on Review and Lunch → at last click on lunch.

Step 4: Install web server

Step 5: copy Web pages

step 6: start web server services.

Now we know all the manual let’s automate them.

Automate the lunching of EC2 instance and web server.

To automate the lunching of ec2 instance and webserver first create two role. One for ec2 instance and another one for web server. Now you might be saying “What the hell is role” So don’t worry let me explain you

What is role?

Role is package or you can say directory which we use to structure and maintain our ansible code which make our ansible code more readable plus also we can use it with any playbook whenever we want wherever we want.

I am creating two role AwsServer and WebServer

ansible-galaxy role init AwsServeransible-galaxy role init WebServer

When you create role you might see directory structure something like this

The more descriptive role’s directory structure

Now we have created roles. We will use AwsServe role to lunch Ec2 instance on AWS . we use main.yml in vars directory to store IAM data

password: "abcdefghijklmnopqrstuvwxyz123456789"
name: "ansible"
region: "us-east-1"

Above data we are storing in file is too sensitive so we create vault to store that sensitive information by

ansible-vault encrypt vars/main.yml

In main.yml file of tasks directory write

#Step 1: Create key To login inside provisioned EC2 Instance.
- name: create key
name: "{{ name }}"
aws_access_key: "{{ userid }}"
aws_secret_key: "{{ password }}"
region: "{{ region }}"
state: present
#notify: save private key
register: keys
#step 2: Download and save the private Key.
- name: save private key
content: "{{ keys.key.private_key }}"
dest: "/root/ansibleWS/roles/{{ name }}.pem"
mode: 0400
when: keys.changed==true
register: privatekey
#Step 3:- Create security Group.
- name: create security group
aws_access_key: "{{ userid }}"
aws_secret_key: "{{ password }}"
region: "{{ region }}"
name: "{{ name }}"
description: "group is created for ansible practicle purpose"
vpc_id: "vpc-0e6e8173"
- proto: tcp
- 22
- 80
- 443
cidr_ipv6: ::/0
register: group
Step 4 :- Lunch EC2 Instance
- name: provision EC2 Instance on AWS
region: "{{ region }}"
key_name: "{{ name }}"
image: "ami-096fda3c22c1c990a"
instance_type: "t2.micro"
count: 1
vpc_subnet_id: "subnet-47ac7318"
group_id: "{{ group.group_id }}"
group: "{{ name }}"
name: "server"
wait: yes
assign_public_ip: yes
state: present
aws_access_key: "{{ userid }}"
aws_secret_key: "{{ password }}"

We use WebServer role to lunch web server inside AWS Ec2 Instance. In main.yml of vars directory of WebServer role write

pname: httpd

In main.yml file of tasks of directory of WebServer role write

#Step 4: Install web server.
- name: Install server
name: "{{ pname }}"
state: present
when: ansible_distribution == "RedHat"
register: x
#Step 5: copy Web pages.
- name: start server
name: "{{ pname }}"
state: started
when: x.rc == 0
#step 6: start web server services.
- name: copy web page
src: files/
dest: /var/www/html

To Run both the roles you have to write playbook something like this

- hosts: localhost
tags: os
- hosts: all
- webserver
tags: web

Because Ec2 is way of lunching OS or I say instance in cloud and after OS launched AWS give it some ip and to fetch that Ip I am using dynamic inventory if you want to you can use static inventory too. To get code which enable us to fetch Ip dynamically use ec2.py and ec2.ini of given github link


In ec2.ini file at last of file write

aws_secret_access_key = abcdefghijklmnopqrstuvwxyz123456789

Now if you run above playbook I have written it won’t run and throw some errors so to run above playbook successfully you have to make some changes in ansible configuration file.

inventory= <Name of directory with path where you have dynamic inventory located >
host_key_checking = False
roles_path = <Name of directory with path where you have both roles located >
remote_user = ec2-user
private_key_file = <path where private key file located>
become = true
become_mentod = sudo
become_user = root
become_aks_pass = false

Now to run playbook use command

ansible-playbook --ask-vault-pass <playbook-name>

To fit the command in as per our scenario we first have to lunch Ec2 instance as it took some minutes to instance to get ready we first lunch instance using command

ansible-playbook --ask-vault-pass --tags os <playbook-name>.yml

When you run above command you will see output something like this:-

After few minutes when ec2-instance is ready you have to run command

ansible-playbook --ask-vault-pass --tags webserver <playbook-name>.yml

When you run above command you will see output something like this:-

To check if everything is working fine or not go to Aws account → Ec2 instance dashboard find public IP and type it on web browser. In my case the public IP is In my case I see output something like this. You will see web page whatever you have created like I create web page shown below.

And voila! you have automated whole deployment process from lunching instance to deployment it.

Now You might come across some more error or exception which you may not able to troubleshoot own your own or might have some more Queries, Suggestion’s so Feel Free to Connect to me On Linkedin or comment below.

If you like it then Please Clap & Share ..

Thank you EveryOne For reading .!!

I am Engineer. I believe in simplicity. Life and stuff are already complicated so Why make it more complicated. I try to make things simple as simple as I can.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store