The github.com/ansible/workshops
contains an Ansible Playbook provision_lab.yml
, which is an automated lab setup for Ansible training on AWS (Amazon Web Services). Set the workshop_type
variable below to provision the corresponding workshop.
Workshop | Workshop Type Var |
---|---|
Ansible for Red Hat Enterprise Linux Workshop | workshop_type: rhel |
Ansible for Red Hat Enterprise Linux Workshop - 90 minutes | workshop_type: rhel_90 |
Ansible Network Automation Workshop | workshop_type: network |
Ansible F5 Workshop | workshop_type: f5 |
Ansible Security Automation | workshop_type: security |
Ansible Windows Automation | workshop_type: windows |
Ansible Demo Mode | workshop_type: demo |
- Ansible AWS training provisioner
- Table Of Contents
- Requirements
- Lab Setup
- Lab Teardown
- Demos
- FAQ
- More info on what is happening
- Getting Help
- This provisioner must be run with Ansible Engine v2.8.0 or higher.
- AWS Account (follow directions on one time setup below)
For One Time Setup - click here
- Define the following variables in a file passed in using
-e @extra_vars.yml
---
# region where the nodes will live
ec2_region: us-east-1
# name prefix for all the VMs
ec2_name_prefix: TESTWORKSHOP
# creates student_total of workbenches for the workshop
student_total: 2
# Set the right workshop type, like network, rhel or f5 (see above)
workshop_type: rhel
#####OPTIONAL VARIABLES
# turn DNS on for control nodes, and set to type in valid_dns_type
dns_type: aws
# password for Ansible control node
admin_password: your_password123
# creates AWS S3 website for ec2_name_prefix.workshop_dns_zone
# this is defaulted to on as of May 13th, 2020
create_login_page: false
# Sets the Route53 DNS zone to use for the S3 website
workshop_dns_zone: rhdemo.io
# automatically installs Tower to control node
towerinstall: true
# IBM Community Grid - defaults to true if you don't tell the provisioner
ibm_community_grid: false
If you want to license it you must copy a license called tower_license.json into this directory. If you do not have a license already please request one using the Workshop License Link.
For more extra_vars examples, look at the following:
- sample-vars-rhel.yml - example for the Ansible RHEL Workshop
- sample-vars-windows.yml - example for the Ansible Windows Workshop
- sample-vars-network.yml - example for the Ansible Network Workshop
- sample-vars-f5.yml - example for Ansible F5 Workshop
- sample-vars-tower-auto.yml - example for Tower installation and licensing
- sample-vars-rhel-90.yml - example for Tower installation and licensing
- sample-vars-rhel-90.yml - example for
rhel_90
workshop, meant to be taught in 90 minutes - sample-vars-demo.yml - example for
demo
mode, aggregate of all workshop topologies
-
Run the playbook:
ansible-playbook provision_lab.yml -e @extra_vars.yml
-
Login to the AWS EC2 console and you will see instances being created. For example:
`tesworkshop-student1-ansible`
IBM’s World Community Grid is integrated into the workshops. World Community Grid enables anyone with a Linux, Windows or Mac computer (or an Android smartphone for some projects) to donate their unused computing power to advance scientific research on topics related to health and sustainability.
By default the key, value pair is set: ibm_community_grid: true
. This installs the boinc-client to all Red Hat Enterprise Linux instances (except the Ansible control node). This can be disabled by setting ibm_community_grid: false
. By default in the Ansible Automation workshops all research progress (points and CPU time) is added to a joint Ansible account for Red Hat. If you prefer to use your own account, or another project change the following variables:
boinc_auth: "1114316_4080087955dc198a6109a25a56817809"
boinc_url: "www.worldcommunitygrid.org"
Please read this blog for more information: https://www.ansible.com/blog/ansible-and-ibm-community-grid
-
Exercises and instructor slides are hosted at http://ansible.github.io/workshops
-
Workbench information is stored in two places after you provision:
-
in a local directory named after the workshop (e.g. testworkshop/instructor_inventory)
-
By default there will be a website
ec2_name_prefix.workshop_dns_zone
(e.g.testworkshop.rhdemo.io
)-
NOTE: It is possible to change the DNS domain (right now this is only supported via a AWS Route 53 Hosted Zone) using the parameter
workshop_dns_zone
in yourextra_vars.yml
file. -
NOTE: The playbook does not create the route53 zone and must exist prior to running the playbook.
-
-
The provisioner currently supports creating DNS records per control node with valid SSL certs using Lets Encrypt. Right now DNS is only supported via AWS Route 53, however we are building it in a way that this can be more pluggable and take advantage of other public clouds.
This means that each student workbench will get an individual DNS entry. For example a DNS name will look like this: https://student1.testworkshop.rhdemo.io
-
NOTE: The variable
dns_type
defaults toaws
. This can also be set todns_type: none
. -
NOTE: If Lets Encrypt fails, the workshop provisioner will still pass, and alert you of errors in the
summary_information
at the end of theprovision_lab.yml
Ansible Playbook.
The teardown_lab.yml
playbook deletes all the training instances as well as local inventory files.
To destroy all the EC2 instances after training is complete:
-
Run the playbook:
ansible-playbook teardown_lab.yml -e @extra_vars.yml
-
Optionally you can enable verbose debug output of the information gathered that drives the teardown process by passing the extra optional variable
debug_teardown=true
. Example:ansible-playbook teardown_lab.yml -e @extra_vars.yml -e debug_teardown=true
There is a variable you can pass in within your extra_vars named demo
. When this keyword is defined it will install the specified demo from the Github repository https://github.com/ansible/product-demos.
For example you can put:
demo: all
Which will install all demos onto the Ansible Tower instance. Not all demos will work on any workshop_type
. Please refer to the Demo repository list.
For frequently asked questions see the FAQ
The provision_lab.yml
playbook creates a work bench for each student, configures them for password authentication, and creates an inventory file for each user with their IPs and credentials. An instructor inventory file is also created in the current directory which will let the instructor access the nodes of any student. This file will be called instructor_inventory.txt
What does the AWS provisioner take care of automatically?
- AWS VPC creation (Amazon WebServices Virtual Private Cloud)
- Creation of an SSH key pair (stored at ./WORKSHOPNAME/WORKSHOPNAME-private.pem)
- Creation of a AWS EC2 security group
- Creation of a subnet for the VPC
- Creation of an internet gateway for the VPC
- Creation of route table for VPC (for reachability from internet)
Please file issues on Github. Please fill out all required information. Your issue will be closed if you skip required information in the Github issues template.