## 1. Variables From External File

In [None]:
# vim main.vars
---
apache_owner: "apache"
apache_group: "apache"

# vim packages.vars
---
packages:
  - httpd
  - php
  - mariadb-server
  - php-mysql

# vim service.vars
---
services:
  - httpd
  - mariadb

In [None]:
# vim lamp.yml

---
- name: "LAMP package Installation"
  hosts: amazon
  become: true
  vars_files:
    - package.vars
    - main.vars
    - service.vars 

In [None]:
# vim debug.yml 

---
- name: "debug module demo"
  hosts: localhost
  vars:
    package: "nginx"
    version: "1.23.0"

In [None]:
# vim lamp.yml

---
- name: "LAMP package Installation"
  hosts: amazon
  become: true
  vars:
    apache_owner: "apache"
    apache_group: "apache"
  tasks:
    - name: "Instaling lamp packages"
      yum:
        name:
          - httpd
          - php
          - php-mysql
          - mariadb-server

## Task level variables

In [None]:
    - name: "Creating Index.html on ubuntu"
      when: ansible_distribution == "Ubuntu" and  ansible_os_family == "Debian"
      copy:
        content: "<h1><center>{{ ansible_distribution }}-{{ ansible_os_family }} - Index.html</h1></center>"
        dest: "/var/www/html/index.html"
        owner: "{{ apache_user }}"
        group: "{{ apache_group }}"
      vars:
        apache_user: "www-data"
        apache_group: "www-data"

## 2. with_items

In [None]:
    - name: "restart/enable docker"
      service:
        name: "{{ item }}"
        state: restarted
        enabled: yes
      with_items: "{{ service_name }}"

## 3. -f fork 

### -f fork is used for doing task on servers one by one insted of simultaneous. If not used cause issues with hostkey verification.
default falue of f is 5

In [None]:
$ansible -i inventory.txt amazon -f 1 -m ping

$ ansible-playbook -i inventory.txt lamp.yml --syntax-check

## 4. Debug module

In [None]:
# vim debug.yml 

---
- name: "debug module demo"
  hosts: localhost
  vars:
    package: "nginx"
    version: "1.23.0"
  tasks:
    - name: "value of package variable"
      debug:
        var: package
    - name: " value of version variable"
      debug:
        var: version
    - name: "value of version variable and package variable "
      debug:
        msg: "I am running {{package}} version {{version}} "

## 5. fetch

In [None]:
$ ansible -i hosts webserver -b -m fetch -a "src=/etc/nginx/sites-available/default dest=./"

In [None]:
$ ansible -i hosts webserver -b -m fetch -a "src=/etc/nginx/sites-available/default dest=./ flat=true"

## 6. template

In [None]:
  tasks:
    - name: "installing nginx and php packages"
      apt:
        update_cache: yes
        name: "{{ packages }}"
        state: present
   
    - name: "copying vhost to sites-available for {{ domain_name }}"
      template:
        src: "vhost.conf.tmpl"
        dest: "/etc/nginx/sites-available/{{ domain_name }}"
      register: vhost_status

In [None]:
# vim vhost.tmpl

<VirtualHost *:80>
    ServerName {{ domain_name }}
    DocumentRoot /var/www/{{ domain_name }}
    directoryindex index.php index.html
    <directory /var/www/{{ domain_name }}>
       allowoverride all
    </directory>
</VirtualHost>

In [None]:
# cat wp-config-sample.php 
<?php


// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', '{{ mysql_extra_db }}' );

/** Database username */
define( 'DB_USER', '{{ mysql_extra_user }}' );

/** Database password */
define( 'DB_PASSWORD', '{{ mysql_extra_pwd }}' );

/** Database hostname */
define( 'DB_HOST', 'localhost' );

## 7. file

### link

In [None]:
    - name: "creating sym link to sites-enabled for {{ domain_name }}"
      file:
        state: link
        src: "/etc/nginx/sites-available/{{ domain_name }}"
        dest: "/etc/nginx/sites-enabled/{{ domain_name }}.conf"

### directory creation

In [None]:
    - name: "creating document root {{ doc_root }}/{{ domain_name }}/public_html"
      file:
        state: directory
        path: "{{ doc_root }}/{{ domain_name }}/public_html"
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"

### removing files and directories

In [None]:
    - name: "post installation cleanup"
      file:
        path: "{{ item }}"
        state: absent
      with_items:
        - /tmp/wordpress.tar.gz
        - /tmp/wordpress

## 8. service

In [None]:
    - name: "nginx and php service enabling/restarting"
      when: vhost_status.changed == true
      service:
        name: "{{ item }}"
        state: restarted
        enabled: yes
      with_items: "{{ services }}"

In [None]:
$ ansible -i hosts webserver -b -m service -a "name=php7.4-fpm state=restarted"

## 9. copy

In [None]:
    - name: "copying website to {{ domain_name }} document root"
      copy:
        src: "./website/"
        dest: "{{ doc_root }}/{{ domain_name }}/public_html"
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"

In [None]:
    - name: "creating info.php"
      copy:
        content: "<?php phpinfo(); ?>"
        dest: "{{ doc_root }}/{{ domain_name }}/public_html/info.php"
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"

## 10. hosts entry/ineventry file

In [None]:
[webserver]

172.31.45.28 ansible_user="ubuntu" ansible_port=22 ansible_ssh_private_key_file="ansible.pem"

[amazon]

172.31.45.28 ansible_user="ubuntu" ansible_port=22 ansible_ssh_private_key_file="ansible.pem"

### by default if we have 12 servers in hosts first task run on the first 5 servers
then the same task on next 5 servers and the same task run on the remaing 2 servers¶
During the process if any task fail on any server the remaining task on that server will not run

## 11. yum

In [None]:
# vim amazon-ubuntu-apache.yml

---
- name: "installing apache on amazon & ubuntu"
  become: yes
  hosts: amazon,ubuntu
  tasks:
    
    - name: "Installing apache on amazon"
      yum:
        name: httpd
        state: present

## 12. apt

In [None]:
    - name: "Installing apache on ubuntu"
      apt:
        update_cache: yes
        name: apache2
        state: present

## 13. Facts Gathering

## setup

In [None]:
$ ansible -i hosts amazon -m setup

In [None]:
[WARNING]: Platform linux on host 172.31.45.27 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python
interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.
172.31.45.27 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "172.31.45.27"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::e4:90ff:fec8:b1d6"
        ], 
        "ansible_apparmor": {
            "status": "disabled"
        }, 
        "ansible_architecture": "x86_64", 
        "ansible_bios_date": "08/24/2006", 
        "ansible_bios_version": "4.11.amazon", 
        "ansible_cmdline": {
            "BOOT_IMAGE": "/boot/vmlinuz-5.10.118-111.515.amzn2.x86_64", 
            "biosdevname": "0", 
            "console": "ttyS0,115200n8", 
            "net.ifnames": "0", 
            "nvme_core.io_timeout": "4294967295", 
            "rd.emergency": "poweroff", 
            "rd.shell": "0", 
            "ro": true, 
            "root": "UUID=f33e7d3b-6786-4f40-875a-90f0f7e6b9a8"
        }, 


In [None]:
# cat facts.yml 
---
- name: "printing hostname"
  hosts: amazon,ubuntu
  become: yes
  tasks:
    - name: "printing remote server hostname"
      debug:
        var: ansible_fqdn

In [None]:
$ ansible-playbook -i hosts facts.yml 

### ansible_distribution & ansible_os_family

In [None]:
# vim cat facts.yml 


---
- name: "printing distribution and os family"
  hosts: all 
  become: yes
  tasks:
    - name: "distribution and family of ubuntu and amazon"
      debug:
        msg: "My distribution is {{ ansible_distribution }} and Os Family {{ ansible_os_family }}"


### memory facts gathering from mapped variable

## 14. Apache installtion on amazon and ubuntu based on condition

## skipping task for servers based on amazon-redhat and ubuntu-debian

In [None]:
---
- name: "installing apache on amazon & ubuntu"
  become: yes
  hosts: amazon,ubuntu
  tasks:
    
    - name: "Installing apache on amazon"
      when: ansible_distribution == "Amazon" and  ansible_os_family == "RedHat"
      yum:
        name: httpd
        state: present

## 15. set_fact module

In [None]:
---
- name: "installing apache on amazon & ubuntu"
  become: yes
  hosts: amazon,ubuntu

  tasks:

    - name: "amazon setting variables"
      when: ansible_distribution == "Amazon"
      set_fact:
        apache_user: "apache"
        apache_group: "apache"

    - name: "Ubuntu setting variable"
      when: ansible_distribution == "Ubuntu"
      set_fact:
        apache_user: "www-data"
        apache_group: "www-data"

In [None]:
    - name: "Creating index.html on amazon"
      when: ansible_distribution == "Amazon" and  ansible_os_family == "RedHat"
      copy:
        content: " <h1><center>{{ ansible_distribution }}-{{ ansible_os_family }} - Index.html</h1></center> "
        dest: "/var/www/html/index.html"
        owner: "{{ apache_user }}"
        group: "{{ apache_group }}"

In [None]:
    - name: "cloning git dockerfiles"
      git:
        dest: "{{ git_dir }}"
        repo: "{{ git_url }}"
      register: git_status

    - name: "Git fact gathering"
      set_fact:
        cacheable: yes
        git_status: "{{ git_status }}"

## 16. mysql_user

In [None]:
    - name: "Resetting root password"
      ignore_errors: yes
      mysql_user:
        login_user: "root"
        login_password: ""
        name: "root"
        password: "mysqlroot@123*"
        host_all: yes

    - name: "removing anonymous users"
      mysql_user:
        login_user: "root"
        login_password: "mysqlroot@123*"
        name: ""
        host_all: yes
        state: absent

In [None]:
  tasks:
    - name: "installing mariadb and pip packages"
      yum: 
        name: 
          - mariadb-server
          - pip 
        state: present
    - name:
      pip:
        name: PyMySQL
        state: present

## 17. register

In [None]:
    - name: "configuration file for domain {{ domain_name }} at /etc/httpd/conf.d/{{ domain_name }}.conf"
      template:  
        src: "/home/ec2-user/vhost.tmpl"
        dest: "/etc/httpd/conf.d/{{ domain_name }}.conf"
      register: vhost_status 
     
      
    - name: "restart/enable php-fpm and httpd"
      when: vhost_status.changed == true
      service:
        name: "{{ item }}"
        state: restarted
        enabled: yes
      with_items:
        - httpd
        - php-fpm 

## 18. get_url

In [None]:
    - name: "Downloading wordpress"
      get_url:
        dest: /tmp/wordpress.tar.gz
        url: "{{ wp_url}}"

## 19. unarchive

In [None]:
    - name: "extracting the wordpress core files"
      unarchive:
        dest: /tmp/
        src: /tmp/wordpress.tar.gz
        remote_src: yes

## 20. docker

In [None]:
  tasks:
    - name: "Installing Docker on Amazon Linux"
      yum:
        name: 
          - docker
          - python-pip
        state: present
      register: docker_status

    - name: "python docker connector/module"
      pip:
        name: 
          - docker-py
        state: present

### ansible docker container installation on multiple servers 

In [None]:
    - name: "Downloading website files"
      get_url:
        dest: "/home/ec2-user/"
        url: "{{ site_url }}"

    - name: "Extracting website files"
      unarchive:
        dest: "/home/ec2-user/"
        remote_src: yes
        src: "/home/ec2-user/{{ site_dir }}.zip"

    - name: "Create container"
      community.docker.docker_container:
        state: started
        detach: yes
        name: mycontainer1
        image: nginx:alpine
        restart_policy: always
        ports:
          - "{{ docker_port }}:80"
        volumes:
          - "/home/ec2-user/{{ site_dir }}:/usr/share/nginx/html"

## 21. wordpress

### mariadb installation, restart, root-password resetting,creation of wpdb,wpuse

### nginx, php8.1-fpm and its extensions installation, restart/enable

In [None]:
 - name: "Downloading wordpress"
      get_url:
        dest: /tmp/wordpress.tar.gz
        url: "{{ wp_url }}"

    - name: "Extracting wordpress files"
      unarchive:
        dest: /tmp/
        remote_src: yes
        src: /tmp/wordpress.tar.gz

    - name: "Copying wordpress files to document root /var/www/{{ domain_name }}"
      copy:
        remote_src: yes
        src: "/tmp/wordpress/"
        dest: "/var/www/{{ domain_name }}/"
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"

    - name: "copying/updating wp-config.php"
      template:
        dest: "/var/www/{{ domain_name }}/wp-config.php"
        src: wp-config-sample.php
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"

    - name: "cleanup"
      file:
        state: absent
        path: "{{ item }}"
      with_items:
        - /tmp/wordpress
        - /tmp/wordpress.tar.gz

## 22. --list-tasks --tags --step --start-at-task

In [None]:
$ ansible-playbook -i hosts ubuntu-nginx-wodpress.yml --list-tasks

In [None]:
$ ansible-playbook -i hosts ubuntu-nginx-wodpress.yml --tags=php

In [None]:
$ ansible-playbook -i hosts ubuntu-nginx-wodpress.yml --start-at-task="Downloading wordpress"

In [None]:
$ ansible-playbook -i hosts ubuntu-nginx-wodpress.yml --tags=mariadb --step

In [None]:
    - name: "restart/enable Mariadb-server"
      service:
        name: mariadb
        state: restarted
        enabled: yes
      tags:
        - lemp 
        - mariadb

## 23. handler

In [None]:
  - name: "Installing Nginx and php8.1-fpm and extensions"
      apt:
        name: "{{ packages }}"
        state: present
        update_cache: yes
      tags:
        - lemp 
        - nginx
        - php
      notify:
        - restart/enable-nginx-php8.1-fpm

In [None]:
  handlers:
    - name: "restart/enable-nginx-php8.1-fpm"
      service:
        name: "{{ item }}"
        enabled: yes
        state: restarted
      with_items:
        - nginx
        - php8.1-fpm 

## 24. git

### version change with register: git_status, when: git_status.changed == true

In [None]:

    - name: "cloning from Git"
      git:
        dest: "{{ git_dir }}"
        repo: "{{ git_url }}"
      register: git_status

    - name: "Copying content to document root /var/www/{{ domain_name }}"
      when: git_status.changed == true
      copy:
        src: "{{ git_dir }}"
        dest: "/var/www/{{ domain_name }}"
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"
        remote_src: yes 

## 25. docker image build

In [None]:
git_url: "https://github.com/jinumona/devops-flask.git"
git_dir: "/home/ec2-user/image"

In [None]:
  tasks:
    - name: "Installing Docker,pip,git on Amazon Linux"
      yum:
        name: 
          - docker
          - python-pip
          - git
        state: present
      register: docker_status



    - name: "Installing python-docker connector/module"
      pip:
        name: 
          - docker-py
        state: present

In [None]:
    - name: "cloning Docker Files"
      git:
        dest: "{{ git_dir }}"
        repo: "{{ git_url }}"
      register: git_status
    - name: "Debug git"
      debug:
        var: git_status 

In [None]:

TASK [Debug git] ******************************************************************************************************************************************
ok: [172.31.8.180] => {
    "git_status": {
        "after": "0f16c63a136046d3fd34b44c752299c1226656b2", 
        "before": null, 
        "changed": true, 
        "failed": false
    }
}

## Building an image with tags if git status chnaged

## Login to docker hub, pushing to hub,logout from hub, removing local images created

In [None]:
- name: "cloning Git Docker Files"
      git:
        dest: "{{ git_dir }}"
        repo: "{{ git_url }}"
      register: git_status

    - name: "Debug git"
      debug:
        var: git_status 
    

    - name: "Building Docker Image"
      when: git_status.changed == true
      community.docker.docker_image:
        name: jinumona/devops-flaskapp
        build:
          path: "{{ git_dir }}"
        source: build 
        state: present
        tag: "{{ item }}"
        force_source: yes
        force_tag: yes
      with_items:
        - "{{ git_status.after }}"
        -  latest

    - name: "Logging to Dockerhub...."
      when: git_status.changed == true
      community.docker.docker_login:
        password: "{{ hub_password }}"
        username: "{{ hub_username }}"


    - name: "Pushing the latest version changed Dockerimage to Hub"
      when: git_status.changed == true
      community.docker.docker_image:
        name: "jinumona/devops-flaskapp:{{ item }}"
        push: yes
        source: local
        force_tag: yes
      with_items: 
        - "{{ git_status.after }}"
        - latest

      

    - name: "Logout from Hub"
      when: git_status.changed == true
      community.docker.docker_login:
        state: absent


    
    - name: "removing the created local images"
      when: git_status.changed == true
      community.docker.docker_image:
        name: "jinumona/devops-flaskapp:{{ item }}"
        state: absent
      with_items: 
        - "{{ git_status.after }}"
        - latest


## 26. ansible-vault

In [None]:
$ ansible-vault encrypt cred.vars 

In [None]:
$ ansible-playbook -i hosts docker-image.yml --ask-vault-pass

In [None]:
$ ansible-vault decrypt cred.vars 

## 27. Ansible-Role-lemp-ubuntu22.04

In [None]:
$ ansible-config dump|grep roles
DEFAULT_ROLES_PATH(default) = ['/home/ubuntu/.ansible/roles', '/usr/share/ansible/roles', '/etc/ansible/roles']

$ mkdir -p /home/ubuntu/.ansible/roles
$ cd /home/ubuntu/.ansible/roles


In [None]:
- tasks
- handlers
- files
- templates
- vars
- defaults

In [None]:
$ ansible-galaxy init lemp

- Role lemp was created successfully
ubuntu@ip-172-31-37-145:~/.ansible/roles$ ll
total 12
drwxrwxr-x 3 ubuntu ubuntu 4096 Jul 10 17:46 ./
drwx------ 4 ubuntu ubuntu 4096 Jul 10 17:43 ../
drwxrwxr-x 8 ubuntu ubuntu 4096 Jul 10 17:46 lemp/
ubuntu@ip-172-31-37-145:~/.ansible/roles$ tree lemp/
lemp/
├── README.md
├── defaults
│   └── main.yml
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── tasks
│   └── main.yml
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml

6 directories, 8 files


In [None]:
[root@ip-172-31-7-63 roles]# tree lamp/
lamp/
├── defaults
│   └── main.yml  <<==== variables httpd_port: 8080
├── files <<============ files
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   └── main.yml
├── templates
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml  <<==== variables  httpd_port: 80

### Variables

In [None]:
$ vim vars/main.yml

### template

In [None]:
$ vim templates/vhost.tmpl

### handlers

In [None]:
$ vim handlers/main.yml


---
- name: "restart/enable-nginx-php8.1-fpm"
  service:
    name: "{{ item }}"
    enabled: yes
    state: restarted
  with_items:
    - nginx
    - php8.1-fpm


## 28. wordpress Installation using role

In [None]:
$ cat hosts 
[ubuntu]

52.66.213.107  ansible_user="ubuntu" ansible_port=22 ansible_ssh_private_key_file="ansible.pem"

In [None]:
# vim wordpress-nginx-ubuntu22.04

---
- name: "wordpress-nginx-ubuntu22.04 using role"
  hosts: ubuntu 
  become: yes 
  vars:
    wp_url: "https://wordpress.org/latest.tar.gz"
  
  roles:
    - lemp
  tasks:
    - name: "Downloading wordpress"
      get_url:
        dest: /tmp/wordpress.tar.gz
        url: "{{ wp_url }}"

    - name: "Extracting wordpress files"
      unarchive:
        dest: /tmp/
        remote_src: yes
        src: /tmp/wordpress.tar.gz

    - name: "Copying wordpress files to document root /var/www/{{ domain_name }}"
      copy:
        remote_src: yes
        src: "/tmp/wordpress/"
        dest: "/var/www/{{ domain_name }}/"
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"
      notify:
        - restart/enable-nginx-php8.1-fpm

    - name: "copying/updating wp-config.php"
      template:
        dest: "/var/www/{{ domain_name }}/wp-config.php"
        src: wp-config-sample.php
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"
      notify:
        - restart/enable-nginx-php8.1-fpm
  
    - name: "cleanup"
      file:
        state: absent
        path: "{{ item }}"
      with_items:
        - /tmp/wordpress
        - /tmp/wordpress.tar.gz
    
    

In [None]:
$ ansible-playbook -i hosts wordpress-nginx-ubuntu22.04.yml 

## 29. multyplay-imagebuild and dev-container-creation-with-variablepassingacrosshosts

In [None]:
[root@ip-172-31-8-221 docker-image]# ll
total 24
-r-------- 1 root root 1679 Jul  1 13:34 ansible.pem
-rw------- 1 root root   57 Jul  1 21:42 cred.vars
-rw-r--r-- 1 root root 3389 Jul  1 23:23 docker-image.yml
-rw-r--r-- 1 root root   18 Jul  1 23:37 docker.vars
-rw-r--r-- 1 root root  228 Jul  1 22:41 hosts
-rw-r--r-- 1 root root   93 Jul  1 18:32 image.vars
[root@ip-172-31-8-221 docker-image]# cat docker.vars 
docker_port: 8081
[root@ip-172-31-8-221 docker-image]# cat image.vars 
--- 
git_url: "https://github.com/jinumona/devops-flask.git"
git_dir: "/home/ec2-user/image"
[root@ip-172-31-8-221 docker-image]# cat cred.vars 
---
hub_username: jinumona
hub_password: 

In [None]:
# cat docker-image.yml 
---
- name: "Creating docker Image on Amazon Linux"
  hosts: amazon-image-server
  become: yes
  vars_files:
    - image.vars 
    - cred.vars

  tasks:
    - name: "Installing Docker,pip,git on Amazon Linux"
      yum:
        name: 
          - docker
          - python-pip
          - git
        state: present
      register: pkg_status



    - name: "Installing python-docker connector/module"
      pip:
        name: 
          - docker-py
        state: present

    - name: "Adding ec2-user to docker group"
      user:
        append: yes
        groups: docker
        name: ec2-user

    - name: "Restarting/enabling docker"
      when: pkg_status.changed == true 
      service:
        name: docker 
        state: restarted
        enabled: yes


    - name: "cloning Git Docker Files"
      git:
        dest: "{{ git_dir }}"
        repo: "{{ git_url }}"
      register: git_status

    - name: "Debug git"
      debug:
        var: git_status 
    

    - name: "Building Docker Image"
      when: git_status.changed == true
      community.docker.docker_image:
        name: jinumona/devops-flaskapp
        build:
          path: "{{ git_dir }}"
        source: build 
        state: present
        tag: "{{ item }}"
        force_source: yes
        force_tag: yes
      with_items:
        - "{{ git_status.after }}"
        -  latest
      register: image_build_status

    - name: "Debug image_build_status"
      debug:
        var: image_build_status

    - name: "Logging to Dockerhub...."
      when: git_status.changed == true
      community.docker.docker_login:
        password: "{{ hub_password }}"
        username: "{{ hub_username }}"


    - name: "Pushing the latest version changed Dockerimage to Hub"
      when: git_status.changed == true
      community.docker.docker_image:
        name: "jinumona/devops-flaskapp:{{ item }}"
        push: yes
        source: local
        force_tag: yes
      with_items: 
        - "{{ git_status.after }}"
        - latest


    - name: "Logout from Hub"
      when: git_status.changed == true
      community.docker.docker_login:
        state: absent


    
    - name: "removing the created local images"
      when: git_status.changed == true
      community.docker.docker_image:
        name: "jinumona/devops-flaskapp:{{ item }}"
        state: absent
      with_items: 
        - "{{ git_status.after }}"
        - latest




- name: "Deploying version chnaged application on to docker container of dev-server"
  hosts: dev-server
  become: yes
  vars_files:
    - docker.vars 

  tasks:
    - name: "Installing Docker on Amazon Linux dev-server"
      yum:
        name: 
          - docker
          - python-pip
        state: present
      register: docker_status

    - name: "python docker connector/module"
      pip:
        name: 
          - docker-py
        state: present

    - name: "Appending ec2-user to docker group"
      user:
        append: yes
        groups: docker
        name: ec2-user

    - name: "Restarting/enabling docker"
      when: docker_status.changed == true 
      service:
        name: docker 
        state: restarted
        enabled: yes
  

    - name: "Creating container at dev-server"
      community.docker.docker_container:
        state: started
        detach: yes
        name: "myflaskcntr{{ docker_port }}"
        image: jinumona/devops-flaskapp:latest
        pull: yes
        restart_policy: always
        published_ports:
          - "{{ docker_port }}:5000"
      register: cntr_info

    - name: "Debug container"
      debug:
        msg: "Container Hostname:{{ cntr_info.container.Config.Hostname }} Changed:{{ cntr_info.changed }} created at:{{ cntr_info.container.Created }} Restarting state:{{ cntr_info.container.State.Restarting }}"
        
    
    - name: "Debug git_status from host amazon-image-server"
      debug:
        var: hostvars['172.31.14.65']['git_status']


In [None]:
$ ansible-playbook -i hosts docker-image.yml 

## 30. docker-autoscalinggroup-rolling-flaskapp

## docker-image-git-flask-asg-rolling.yml

## Creating Dynamic hosts Inventry"

3 plays
>> building image at image server
>> dynamic hostnetry creation
>> Creating docker containers from latest Image to the backends of ASG 

In [None]:
$ cat hosts 
ansible_host=localhost ansible_connection=local ansible_python_interpreter=/usr/bin/python3

[image-server]
172.31.13.150 ansible_user="ec2-user" ansible_port=22 ansible_ssh_private_key_file="aws.pem" ansible_python_interpreter=/usr/bin/python3
[ec2-user@ip-172-31-5-232 docker-rolling]$ cat aws.vars 
---
access_key: "AKIAXQMPZJZXsadaEAODMSWH"
secret_key: "Ig52kp3QGcBmv7zgypBdafzHLH6TL4ZRRFU3+KYx/XM"
asg_name: "docker-asg"
region_name: "ap-south-1"
[ec2-user@ip-172-31-5-232 docker-rolling]$ cat image.vars 
---
git_url: "https://github.com/jinumona/devops-flask.git"
git_dir: "/var/www/flask-app"
hub_pwd: "xxxxxxxx"
hub_username: "xxxxxx"


In [None]:
80 >> 8080 >>5000

In [None]:
$ ansible-galaxy collection install amazon.aws

$ ansible-galaxy collection install community.docker


In [None]:
$ cat docker-image-git-flask-asg-rolling.yml 
---
- name: "Creating Docker Image from Git"
  hosts: image-server
  become: yes
  vars_files:
    - image.vars
  tasks:
    - name: "Installing yum packages"
      yum:
        name:
          - git
          - docker 
        state: present
      register: pkg_status

    - name: "restart/enable docker service"
      when: pkg_status.changed == true
      service:
        name: docker 
        state: restarted
        enabled: yes

    - name: "Installing python docker connector module"
      pip:
        executable: pip3
        name:
          - docker
        
    - name: "Appending ec2-user to docker group"
      user:
        append: yes
        groups: docker
        name: ec2-user

    - name: "cloning git dockerfiles"
      git:
        dest: "{{ git_dir }}"
        repo: "{{ git_url }}"
      register: git_status

    - name: "Git fact gathering"
      set_fact:
        cacheable: yes
        git_status: "{{ git_status }}"

    - name: "Logging to DockerHub"
      when: git_status.changed == true
      community.docker.docker_login:
        password: "{{ hub_pwd }}"
        state: present
        username: "{{ hub_username }}" 


    - name: "Building & Pushing Docker latest Image to Hub based on Git version {{ git_status.after }}"
      when: git_status.changed == true
      community.docker.docker_image:
        name: "jinumona/devops-flask:{{ item }}"
        build:
          path: "{{ git_dir }}"
        source: build 
        push: yes
        state: present
        force_source: yes
        force_tag: yes
      with_items:
        - "{{ git_status.after }}"
        -  latest
      register: image_build_status
      


    - name: "log out from DockerHub"
      when: git_status.changed == true
      community.docker.docker_login:
        state: absent

    - name: "Removing created local images"
      when: git_status.changed == true
      community.docker.docker_image:
        name: "jinumona/devops-flask:{{ item }}"
        state: absent
      with_items:
        - "{{ git_status.after }}"
        -  latest

        

- name: "Creating Dynamic hosts Inventry"
  hosts: localhost
  become: yes
  vars_files:
    - aws.vars

  tasks:
    - name: "Installing python aws connector modules"
      pip:
        executable: pip3
        name:
          - boto3 
          - botocore


    - name: "Fetching public ip of instances under Autoscaling Group {{ asg_name }}"
      amazon.aws.ec2_instance_info:
        aws_access_key: "{{ access_key }}"
        aws_secret_key: "{{ secret_key }}"
        region: "{{ region_name }}"
        filters:
          instance-state-name: [ "running"]
          "tag:aws:autoscaling:groupName": "{{ asg_name }}"
      register: asg_instance_info

    - name: "Creating hosts inventry"
      add_host:
        groups: lb_backends
        name: "{{ item.public_ip_address }}"
        ansible_ssh_host: "{{ item.public_ip_address }}"
        ansible_ssh_port: 22
        ansible_ssh_user: "ec2-user"
        ansible_ssh_private_key_file: "aws.pem"
        ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
        ansible_python_interpreter: "/usr/bin/python3"
      with_items: "{{ asg_instance_info.instances }}"

    
- name: "Creating docker containers from latest Image to the backends of ASG "
  hosts: lb_backends
  become: yes
  vars:
        git_status: "{{ hostvars['172.31.13.150']['git_status'] }}"
  serial: 1

  tasks:
    - name: "Installing yum packages"
      yum:
        name:
          - docker 
        state: present
      register: pkg_status

    - name: "restart/enable docker service"
      when: pkg_status.changed == true
      service:
        name: docker 
        state: restarted
        enabled: yes

    - name: "Installing python docker connector module"
      pip:
        executable: pip3
        name:
          - docker
        
    - name: "Appending ec2-user to docker group"
      user:
        append: yes
        groups: docker
        name: ec2-user

    - name: Creating Docker container from latest image jinumona/devops-flask:latest"
      community.docker.docker_container:
        detach: yes
        image: jinumona/devops-flask:latest
        name: devops-flask
        published_ports: 8080:5000
        pull: yes
        restart_policy: always
        state: started 
      register: cntr_info
    
    - name: "Waiting for the health check pass of loadbalancer"
      when: cntr_info.changed == true 
      wait_for:
        sleep: 45

    - name: "Git status from the host Image-server"
      debug:
        msg: "Git version changed = {{ git_status.changed }}"

## 31. rolling autoscaling group

## Deploying Website From Github To AutoScaling Group

In [None]:
$ ansible-galaxy collection install amazon.aws

## 2 plays html site in autoscaling rolling


In [None]:
$ cat main.yml 
---
- name: "Getting AutoScaling Instance Details"
  hosts: localhost
  vars:
    access_key: "AKIAXQMPZJZXGR6OFJWL"
    secret_key: "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"
    
  tasks:
    - name: "aaa"
      set_fact:
        asg_name: "myapp-asg"
        region: "ap-south-1"
        cacheable: yes
        

    - name: "Fetching Instance Details Of asg {{ asg_name }}"
      amazon.aws.ec2_instance_info:
        aws_secret_key: "{{ secret_key }}"
        aws_access_key: "{{ access_key }}"
        region: "{{ region }}"
        filters:
          "tag:aws:autoscaling:groupName": "{{ asg_name }}"
          instance-state-name: [ "running"]
      register: asginstance_info

    - name: "creating Inventry"
      add_host:
        name: "{{ item.public_ip_address }}"
        groups:
          - clb-backends
        ansible_host: "{{ item.public_ip_address }}"
        ansible_ssh_user: "ec2-user"
        ansible_ssh_port: 22
        ansible_ssh_private_key_file: "aws.pem"
        ansible_ssh_common_args: "-o StrictHostKeyChecking=no"

      with_items: "{{ asginstance_info.instances }}"


- name: " Deploying Website From Github To AutoScaling Group region is {{ hostvars['localhost']['region'] }}"
  hosts: clb-backends
  become: yes
  serial: 1
  vars:
    git_url: https://github.com/jinumona/aws-elb-site.git
    git_dir: /var/website/
    health_check_delay: 45
  tasks:
    - name: "Deployment- Installing packages"
      yum:
        name: 
          - httpd
          - git
          - php
        state: present


    - name: "cloning files from Git"
      git:
        dest: "{{ git_dir }}"
        repo: "{{ git_url}}"
      register: git_status

    - name: "Offloading instances(Stopping httpd) from Autoscaling Group {{ hostvars['localhost']['asg_name'] }}"
      when: git_status.changed == true
      service:
       name: httpd
       state: stopped


    - name: "Copying site files to Document root"
      when: git_status.changed == true
      copy: 
        dest: /var/www/html
        src: "{{ git_dir }}"
        owner: apache
        group: apache
        remote_src: yes

    - name: " Starting httpd service"
      when: git_status.changed == true
      service:
        name: httpd
        state: restarted
        enabled: yes

    - name: "Waiting for health check pass"
      when: git_status.changed == true
      wait_for:
        sleep: "{{ health_check_delay }}"