Bootstrap Ansible Master in EC2 ?

Matthew_Kettlewell · June 21, 2016, 11:12am

Hello -

I’ve been trying to wrap my head around the best approach to bootstrapping and provisioning an Ansible master node in ec2, and let it provision the rest of the network from inside ec2 ( vs controlling things from my laptop )

I think I understand most of it, but what I’m not real sure on, is the best approach to handling the various secure credentials.

My laptop would have it’s own set of AWS credentials, and then the bootstrapped Ansible master would have it’s own as well… what’s the best way to securely transfer that? is Ansible vault the correct approach here?

I’m kind of surprised that I’m not finding a lot of examples on Github, which leads me to believe I’m trying to create an anti-pattern of some sort, so thought I’d ping the group and see what approaches you might have for bootstrapping and provisioning and Ansible master withing AWS.

Any tips, blog posts or github examples would be warmly welcome.

Thanks

Matt

Jeremy_Young · June 21, 2016, 5:19pm

I’d use Packer to create an AMI that includes any prerequisites that you need and use IAM to give the instance that your provision from that AMI the permissions that it needs for other AWS API calls. Your instance should use an IAM Instance profile, not access key and secret key.

Topic		Views
Deploying Ansible in EC2 and managing playbook access via IAM roles Ansible Project	0	January 5, 2015
Bootstrapping question - modules, role, or something else? Ansible Project ubuntu	4	December 31, 2013
AWS users unite!! Ansible Project aws	30	July 25, 2013
Request to see your AWS playbooks! Ansible Project aws	0	May 6, 2014
New Adopter, Some Thoughts Ansible Project	1	June 27, 2013

Bootstrap Ansible Master in EC2 ?

Related topics