The Ops Community ⚙️: Daniel Pepuho The latest articles on The Ops Community ⚙️ by Daniel Pepuho (@danielcristho). https://community.ops.io/danielcristho https://community.ops.io/images/mKF_oByv3TIdziyx-Yw3ur_KrmRT7T_DH5N9bRuAsRM/rs:fill:90:90/g:sm/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL3Vz/ZXIvcHJvZmlsZV9p/bWFnZS8xNDMzL2Fi/NWIyOWMzLTk1OWQt/NDI4Zi1hZTgyLWRk/YzZjNjE2NzlkZS5q/cGVn The Ops Community ⚙️: Daniel Pepuho https://community.ops.io/danielcristho en Automating Flask & PostgreSQL Deployment on KVM with Terraform & Ansible Daniel Pepuho Tue, 10 Dec 2024 22:48:38 +0000 https://community.ops.io/danielcristho/automating-flask-postgresql-deployment-on-kvm-with-terraform-ansible-15og https://community.ops.io/danielcristho/automating-flask-postgresql-deployment-on-kvm-with-terraform-ansible-15og <h2> 😀 Intro </h2> <p>Hi, in this post, we will use <a href="https://libvirt.org/" rel="noopener noreferrer">Libvirt</a> with <a href="https://developer.hashicorp.com/terraform?product_intent=terraform" rel="noopener noreferrer">Terraform</a> to provision 2 KVM locally and after that, we will Deploy Flask App &amp; PostgreSQL using <a href="https://www.ansible.com" rel="noopener noreferrer">Ansible</a>.</p> <h2> Content </h2> <ul> <li>Project Architecture</li> <li>Requirements</li> <li>Create KVM</li> <li> Create Ansible Playbook <ul> <li>Playbook to install Docker</li> <li>Playbook to install and configure postgresql</li> <li>Playbook to deploy Flask App</li> <li>Run Playbook and testing</li> </ul> </li> <li>Conclusion</li> </ul> <h2> 📝 Project Architecture </h2> <p>So we will create 2 VMs using Terraform, then deploying a flask project and the database using Ansible.</p> <p><a href="https://community.ops.io/images/so92TpSKiWwNfJAZm4_EkJKc9XieVwZ0Qn_swRZWxaU/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzLzYxeHJt/cTZybGdqZWtsNXo5/MWxlLnBuZw" class="article-body-image-wrapper"><img src="https://community.ops.io/images/so92TpSKiWwNfJAZm4_EkJKc9XieVwZ0Qn_swRZWxaU/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzLzYxeHJt/cTZybGdqZWtsNXo5/MWxlLnBuZw" alt="Project Architecture" width="800" height="662"></a></p> <h2> 🔨 Requirements </h2> <p>I used Ubuntu 22.04 LTS as the OS for this project. If you're using a different OS, please make the necessary adjustments when installing the required dependencies.</p> <p>The major pre-requisite for this setup is <code>KVM hypervisor</code>. So you need to install KVM in your system. If you use Ubuntu you can follow this step:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">sudo </span>apt <span class="nt">-y</span> <span class="nb">install </span>bridge-utils cpu-checker libvirt-clients libvirt-daemon qemu qemu-kvm </code></pre> </div> <p>Execute the following command to make sure your processor supports virtualisation capabilities:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>kvm-ok INFO: /dev/kvm exists KVM acceleration can be used </code></pre> </div> <h3> Install Terraform </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>wget <span class="nt">-O</span> - https://apt.releases.hashicorp.com/gpg | <span class="nb">sudo </span>gpg <span class="nt">--dearmor</span> <span class="nt">-o</span> /usr/share/keyrings/hashicorp-archive-keyring.gpg <span class="nv">$ </span><span class="nb">echo</span> <span class="s2">"deb [arch=</span><span class="si">$(</span>dpkg <span class="nt">--print-architecture</span><span class="si">)</span><span class="s2"> signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com </span><span class="si">$(</span>lsb_release <span class="nt">-cs</span><span class="si">)</span><span class="s2"> main"</span> | <span class="nb">sudo tee</span> /etc/apt/sources.list.d/hashicorp.list <span class="nv">$ </span><span class="nb">sudo </span>apt update <span class="o">&amp;&amp;</span> <span class="nb">sudo </span>apt <span class="nb">install </span>terraform <span class="nt">-y</span> </code></pre> </div> <p>Verify installation:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>terraform version Terraform v1.9.8 on linux_amd64 </code></pre> </div> <h3> Install Ansible </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">sudo </span>apt update <span class="nv">$ </span><span class="nb">sudo </span>apt <span class="nb">install </span>software-properties-common <span class="nv">$ </span><span class="nb">sudo </span>add-apt-repository <span class="nt">--yes</span> <span class="nt">--update</span> ppa:ansible/ansible <span class="nv">$ </span><span class="nb">sudo </span>apt <span class="nb">install </span>ansible <span class="nt">-y</span> </code></pre> </div> <p>Verify installation:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>ansible <span class="nt">--version</span> ansible <span class="o">[</span>core 2.15.1] ... </code></pre> </div> <h2> Create KVM </h2> <p>we will use the <a href="https://github.com/dmacvicar/terraform-provider-libvirt" rel="noopener noreferrer">libvirt provider</a> with Terraform to deploy a KVM Virtual Machine.</p> <p>Create <code>main.tf</code>, just specify the provider and version you want to use:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code><span class="k">terraform</span> <span class="p">{</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">libvirt</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"dmacvicar/libvirt"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"0.8.1"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="k">provider</span> <span class="s2">"libvirt"</span> <span class="p">{</span> <span class="nx">uri</span> <span class="p">=</span> <span class="s2">"qemu:///system"</span> <span class="p">}</span> </code></pre> </div> <p>Thereafter, run terraform init command to initialize the environment:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code><span class="nx">$</span> <span class="k">terraform</span> <span class="nx">init</span> <span class="nx">Initializing</span> <span class="nx">the</span> <span class="nx">backend</span><span class="err">...</span> <span class="nx">Initializing</span> <span class="k">provider</span> <span class="nx">plugins</span><span class="err">...</span> <span class="nx">-</span> <span class="nx">Reusing</span> <span class="nx">previous</span> <span class="nx">version</span> <span class="nx">of</span> <span class="nx">hashicorp</span><span class="err">/</span><span class="nx">template</span> <span class="nx">from</span> <span class="nx">the</span> <span class="nx">dependency</span> <span class="nx">lock</span> <span class="nx">file</span> <span class="nx">-</span> <span class="nx">Reusing</span> <span class="nx">previous</span> <span class="nx">version</span> <span class="nx">of</span> <span class="nx">dmacvicar</span><span class="err">/</span><span class="nx">libvirt</span> <span class="nx">from</span> <span class="nx">the</span> <span class="nx">dependency</span> <span class="nx">lock</span> <span class="nx">file</span> <span class="nx">-</span> <span class="nx">Reusing</span> <span class="nx">previous</span> <span class="nx">version</span> <span class="nx">of</span> <span class="nx">hashicorp</span><span class="err">/</span><span class="kc">null</span> <span class="nx">from</span> <span class="nx">the</span> <span class="nx">dependency</span> <span class="nx">lock</span> <span class="nx">file</span> <span class="nx">-</span> <span class="nx">Using</span> <span class="nx">previously-installed</span> <span class="nx">hashicorp</span><span class="err">/</span><span class="nx">template</span> <span class="nx">v2</span><span class="err">.</span><span class="mf">2.0</span> <span class="nx">-</span> <span class="nx">Using</span> <span class="nx">previously-installed</span> <span class="nx">dmacvicar</span><span class="err">/</span><span class="nx">libvirt</span> <span class="nx">v0</span><span class="err">.</span><span class="mf">8.1</span> <span class="nx">-</span> <span class="nx">Using</span> <span class="nx">previously-installed</span> <span class="nx">hashicorp</span><span class="err">/</span><span class="kc">null</span> <span class="nx">v3</span><span class="err">.</span><span class="mf">2.3</span> <span class="nx">Terraform</span> <span class="nx">has</span> <span class="nx">been</span> <span class="nx">successfully</span> <span class="nx">initialized</span><span class="err">!</span> <span class="nx">You</span> <span class="nx">may</span> <span class="nx">now</span> <span class="nx">begin</span> <span class="nx">working</span> <span class="nx">with</span> <span class="nx">Terraform</span><span class="err">.</span> <span class="nx">Try</span> <span class="nx">running</span> <span class="s2">"terraform plan"</span> <span class="nx">to</span> <span class="nx">see</span> <span class="nx">any</span> <span class="nx">changes</span> <span class="nx">that</span> <span class="nx">are</span> <span class="nx">required</span> <span class="nx">for</span> <span class="nx">your</span> <span class="nx">infrastructure</span><span class="err">.</span> <span class="nx">All</span> <span class="nx">Terraform</span> <span class="nx">commands</span> <span class="nx">should</span> <span class="nx">now</span> <span class="nx">work</span><span class="err">.</span> <span class="nx">If</span> <span class="nx">you</span> <span class="nx">ever</span> <span class="nx">set</span> <span class="nx">or</span> <span class="nx">change</span> <span class="nx">modules</span> <span class="nx">or</span> <span class="nx">backend</span> <span class="nx">configuration</span> <span class="nx">for</span> <span class="nx">Terraform</span><span class="err">,</span> <span class="nx">rerun</span> <span class="nx">this</span> <span class="nx">command</span> <span class="nx">to</span> <span class="nx">reinitialize</span> <span class="nx">your</span> <span class="nx">working</span> <span class="nx">directory</span><span class="err">.</span> <span class="nx">If</span> <span class="nx">you</span> <span class="nx">forget</span><span class="err">,</span> <span class="nx">other</span> <span class="nx">commands</span> <span class="nx">will</span> <span class="nx">detect</span> <span class="nx">it</span> <span class="nx">and</span> <span class="nx">remind</span> <span class="nx">you</span> <span class="nx">to</span> <span class="nx">do</span> <span class="nx">so</span> <span class="nx">if</span> <span class="nx">necessary</span><span class="err">.</span> </code></pre> </div> <p>Now create our <code>variables.tf</code>. This <code>variables.tf</code> file defines inputs for the libvirt disk pool path, the Ubuntu 20.04 image URL as OS for the VMs , and a list of VM hostnames.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code><span class="k">variable</span> <span class="s2">"libvirt_disk_path"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"path for libvirt pool"</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"default"</span> <span class="p">}</span> <span class="k">variable</span> <span class="s2">"ubuntu_20_img_url"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"ubuntu 20.04 image"</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"https://cloud-images.ubuntu.com/releases/focal/release/ubuntu-20.04-server-cloudimg-amd64.img"</span> <span class="p">}</span> <span class="k">variable</span> <span class="s2">"vm_hostnames"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of VM hostnames"</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"vm1"</span><span class="p">,</span> <span class="s2">"vm2"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <p>Let's update our <code>main.tf</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code><span class="k">resource</span> <span class="s2">"null_resource"</span> <span class="s2">"cache_image"</span> <span class="p">{</span> <span class="k">provisioner</span> <span class="s2">"local-exec"</span> <span class="p">{</span> <span class="nx">command</span> <span class="p">=</span> <span class="s2">"wget -O /tmp/ubuntu-20.04.qcow2 </span><span class="k">${</span><span class="kd">var</span><span class="p">.</span><span class="nx">ubuntu_20_img_url</span><span class="k">}</span><span class="s2">"</span> <span class="p">}</span> <span class="p">}</span> <span class="k">resource</span> <span class="s2">"libvirt_volume"</span> <span class="s2">"base"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"base.qcow2"</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"/tmp/ubuntu-20.04.qcow2"</span> <span class="nx">pool</span> <span class="p">=</span> <span class="kd">var</span><span class="p">.</span><span class="nx">libvirt_disk_path</span> <span class="nx">format</span> <span class="p">=</span> <span class="s2">"qcow2"</span> <span class="nx">depends_on</span> <span class="p">=</span> <span class="p">[</span><span class="nx">null_resource</span><span class="p">.</span><span class="nx">cache_image</span><span class="p">]</span> <span class="p">}</span> <span class="k">resource</span> <span class="s2">"libvirt_volume"</span> <span class="s2">"ubuntu20-qcow2"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="kd">var</span><span class="p">.</span><span class="nx">vm_hostnames</span><span class="p">)</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"ubuntu20-</span><span class="k">${</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="k">}</span><span class="s2">.qcow2"</span> <span class="nx">base_volume_id</span> <span class="p">=</span> <span class="nx">libvirt_volume</span><span class="p">.</span><span class="nx">base</span><span class="p">.</span><span class="nx">id</span> <span class="nx">pool</span> <span class="p">=</span> <span class="kd">var</span><span class="p">.</span><span class="nx">libvirt_disk_path</span> <span class="nx">size</span> <span class="p">=</span> <span class="mi">10737418240</span> <span class="c1"># 10GB</span> <span class="p">}</span> <span class="k">data</span> <span class="s2">"template_file"</span> <span class="s2">"user_data"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="kd">var</span><span class="p">.</span><span class="nx">vm_hostnames</span><span class="p">)</span> <span class="nx">template</span> <span class="p">=</span> <span class="nx">file</span><span class="p">(</span><span class="s2">"</span><span class="k">${</span><span class="nx">path</span><span class="p">.</span><span class="k">module}</span><span class="s2">/config/cloud_init.yml"</span><span class="p">)</span> <span class="p">}</span> <span class="k">data</span> <span class="s2">"template_file"</span> <span class="s2">"network_config"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="kd">var</span><span class="p">.</span><span class="nx">vm_hostnames</span><span class="p">)</span> <span class="nx">template</span> <span class="p">=</span> <span class="nx">file</span><span class="p">(</span><span class="s2">"</span><span class="k">${</span><span class="nx">path</span><span class="p">.</span><span class="k">module}</span><span class="s2">/config/network_config.yml"</span><span class="p">)</span> <span class="p">}</span> <span class="k">resource</span> <span class="s2">"libvirt_cloudinit_disk"</span> <span class="s2">"commoninit"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="kd">var</span><span class="p">.</span><span class="nx">vm_hostnames</span><span class="p">)</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"commoninit-</span><span class="k">${</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="k">}</span><span class="s2">.iso"</span> <span class="nx">user_data</span> <span class="p">=</span> <span class="k">data</span><span class="p">.</span><span class="nx">template_file</span><span class="p">.</span><span class="nx">user_data</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">].</span><span class="nx">rendered</span> <span class="nx">network_config</span> <span class="p">=</span> <span class="k">data</span><span class="p">.</span><span class="nx">template_file</span><span class="p">.</span><span class="nx">network_config</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">].</span><span class="nx">rendered</span> <span class="nx">pool</span> <span class="p">=</span> <span class="kd">var</span><span class="p">.</span><span class="nx">libvirt_disk_path</span> <span class="p">}</span> <span class="k">resource</span> <span class="s2">"libvirt_domain"</span> <span class="s2">"domain-ubuntu"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="kd">var</span><span class="p">.</span><span class="nx">vm_hostnames</span><span class="p">)</span> <span class="nx">name</span> <span class="p">=</span> <span class="kd">var</span><span class="p">.</span><span class="nx">vm_hostnames</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="nx">memory</span> <span class="p">=</span> <span class="s2">"1024"</span> <span class="nx">vcpu</span> <span class="p">=</span> <span class="mi">1</span> <span class="nx">cloudinit</span> <span class="p">=</span> <span class="nx">libvirt_cloudinit_disk</span><span class="p">.</span><span class="nx">commoninit</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">].</span><span class="nx">id</span> <span class="nx">network_interface</span> <span class="p">{</span> <span class="nx">network_name</span> <span class="p">=</span> <span class="s2">"default"</span> <span class="nx">wait_for_lease</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">hostname</span> <span class="p">=</span> <span class="kd">var</span><span class="p">.</span><span class="nx">vm_hostnames</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="p">}</span> <span class="nx">console</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"pty"</span> <span class="nx">target_port</span> <span class="p">=</span> <span class="s2">"0"</span> <span class="nx">target_type</span> <span class="p">=</span> <span class="s2">"serial"</span> <span class="p">}</span> <span class="nx">console</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"pty"</span> <span class="nx">target_type</span> <span class="p">=</span> <span class="s2">"virtio"</span> <span class="nx">target_port</span> <span class="p">=</span> <span class="s2">"1"</span> <span class="p">}</span> <span class="nx">disk</span> <span class="p">{</span> <span class="nx">volume_id</span> <span class="p">=</span> <span class="nx">libvirt_volume</span><span class="p">.</span><span class="nx">ubuntu20-qcow2</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">].</span><span class="nx">id</span> <span class="p">}</span> <span class="nx">graphics</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"spice"</span> <span class="nx">listen_type</span> <span class="p">=</span> <span class="s2">"address"</span> <span class="nx">autoport</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>the script will provisions multiple KVM VMs using the Libvirt provider. It downloads an Ubuntu 20.04 base image, clones it for each VM, configures cloud-init for user and network settings, and deploys VMs with specified hostnames, 1GB memory, and SPICE graphics. The setup dynamically adapts based on the number of hostnames provided in var.vm_hostnames.</p> <p>As I've mentioned, I'm using cloud-init, so lets setup the network config and cloud init under the <code>config</code> directory:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>config/ </code></pre> </div> <p>Then create our <code>config/cloud_init.yml</code>, just make sure that you configure your public ssh key for ssh access in the config:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1">#cloud-config</span> <span class="na">runcmd</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">sed -i '/PermitRootLogin/d' /etc/ssh/sshd_config</span> <span class="pi">-</span> <span class="s">echo "PermitRootLogin yes" &gt;&gt; /etc/ssh/sshd_config</span> <span class="pi">-</span> <span class="s">systemctl restart sshd</span> <span class="na">ssh_pwauth</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">disable_root</span><span class="pi">:</span> <span class="kc">false</span> <span class="na">chpasswd</span><span class="pi">:</span> <span class="na">list</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">root:cloudy24</span> <span class="na">expire</span><span class="pi">:</span> <span class="kc">false</span> <span class="na">users</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">ubuntu</span> <span class="na">gecos</span><span class="pi">:</span> <span class="s">ubuntu</span> <span class="na">groups</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">sudo</span> <span class="na">sudo</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">ALL=(ALL) NOPASSWD:ALL</span> <span class="na">home</span><span class="pi">:</span> <span class="s">/home/ubuntu</span> <span class="na">shell</span><span class="pi">:</span> <span class="s">/bin/bash</span> <span class="na">lock_passwd</span><span class="pi">:</span> <span class="kc">false</span> <span class="na">ssh_authorized_keys</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">ssh-rsa AAAA...</span> </code></pre> </div> <p>And then network config, in <code>config/network_config.yml</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version</span><span class="pi">:</span> <span class="m">2</span> <span class="na">ethernets</span><span class="pi">:</span> <span class="na">ens3</span><span class="pi">:</span> <span class="na">dhcp4</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <p>Our project structure should look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>tree <span class="nb">.</span> ├── config │   ├── cloud_init.yml │   └── network_config.yml ├── main.tf └── variables.tf </code></pre> </div> <p>Now run a plan, to see what will be done:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span> terraform plan data.template_file.user_data[1]: Reading... data.template_file.user_data[0]: Reading... data.template_file.network_config[1]: Reading... data.template_file.network_config[0]: Reading... ... Plan: 8 to add, 0 to change, 0 to destroy </code></pre> </div> <p>And run <code>terraform apply</code> to run our deployment:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code><span class="nx">$</span> <span class="k">terraform</span> <span class="nx">apply</span> <span class="err">...</span> <span class="nx">null_resource</span><span class="err">.</span><span class="nx">cache_image</span><span class="err">:</span> <span class="nx">Creation</span> <span class="nx">complete</span> <span class="nx">after</span> <span class="mi">10m36</span><span class="nx">s</span> <span class="p">[</span><span class="nx">id</span><span class="err">=</span><span class="mi">4239391010009470471</span><span class="p">]</span> <span class="nx">libvirt_volume</span><span class="err">.</span><span class="nx">base</span><span class="err">:</span> <span class="nx">Creating</span><span class="err">...</span> <span class="nx">libvirt_volume</span><span class="err">.</span><span class="nx">base</span><span class="err">:</span> <span class="nx">Creation</span> <span class="nx">complete</span> <span class="nx">after</span> <span class="mi">3</span><span class="nx">s</span> <span class="p">[</span><span class="nx">id</span><span class="err">=</span><span class="p">/</span><span class="kd">var</span><span class="p">/</span><span class="nx">lib</span><span class="p">/</span><span class="nx">libvirt</span><span class="p">/</span><span class="nx">images</span><span class="p">/</span><span class="nx">base</span><span class="p">.</span><span class="nx">qcow2</span><span class="p">]</span> <span class="nx">libvirt_volume</span><span class="err">.</span><span class="nx">ubuntu20-qcow2</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="err">:</span> <span class="nx">Creating</span><span class="err">...</span> <span class="nx">libvirt_volume</span><span class="err">.</span><span class="nx">ubuntu20-qcow2</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="err">:</span> <span class="nx">Creating</span><span class="err">...</span> <span class="nx">libvirt_volume</span><span class="err">.</span><span class="nx">ubuntu20-qcow2</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="err">:</span> <span class="nx">Creation</span> <span class="nx">complete</span> <span class="nx">after</span> <span class="mi">0</span><span class="nx">s</span> <span class="p">[</span><span class="nx">id</span><span class="err">=</span><span class="p">/</span><span class="kd">var</span><span class="p">/</span><span class="nx">lib</span><span class="p">/</span><span class="nx">libvirt</span><span class="p">/</span><span class="nx">images</span><span class="p">/</span><span class="nx">ubuntu20-1</span><span class="p">.</span><span class="nx">qcow2</span><span class="p">]</span> <span class="nx">libvirt_volume</span><span class="err">.</span><span class="nx">ubuntu20-qcow2</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="err">:</span> <span class="nx">Creation</span> <span class="nx">complete</span> <span class="nx">after</span> <span class="mi">0</span><span class="nx">s</span> <span class="p">[</span><span class="nx">id</span><span class="err">=</span><span class="p">/</span><span class="kd">var</span><span class="p">/</span><span class="nx">lib</span><span class="p">/</span><span class="nx">libvirt</span><span class="p">/</span><span class="nx">images</span><span class="p">/</span><span class="nx">ubuntu20-0</span><span class="p">.</span><span class="nx">qcow2</span><span class="p">]</span> <span class="nx">libvirt_domain</span><span class="err">.</span><span class="nx">domain-ubuntu</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="err">:</span> <span class="nx">Creating</span><span class="err">...</span> <span class="err">...</span> <span class="nx">libvirt_domain</span><span class="err">.</span><span class="nx">domain-ubuntu</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="err">:</span> <span class="nx">Creation</span> <span class="nx">complete</span> <span class="nx">after</span> <span class="mi">51</span><span class="nx">s</span> <span class="p">[</span><span class="nx">id</span><span class="err">=</span><span class="mi">6221</span><span class="nx">f782-48b7-49a4-9eb9-fc92970f06a2</span><span class="p">]</span> <span class="nx">Apply</span> <span class="nx">complete</span><span class="err">!</span> <span class="nx">Resources</span><span class="err">:</span> <span class="mi">8</span> <span class="nx">added</span><span class="err">,</span> <span class="mi">0</span> <span class="nx">changed</span><span class="err">,</span> <span class="mi">0</span> <span class="nx">destroyed</span> </code></pre> </div> <p>Verify VM creation using <code>virsh</code> command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>virsh list Id Name State <span class="nt">----------------------</span> 1 vm1 running 2 vm2 running </code></pre> </div> <p>Get instances IP address:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>virsh net-dhcp-leases <span class="nt">--network</span> default Expiry Time MAC address Protocol IP address Hostname Client ID or DUID <span class="nt">-----------------------------------------------------------------------------------------------------------------------------------------------</span> 2024-12-09 19:50:00 52:54:00:2e:0e:86 ipv4 192.168.122.19/24 vm1 ff:b5:5e:67:ff:00:02:00:00:ab:11:b0:43:6a:d8:bc:16:30:0d 2024-12-09 19:50:00 52:54:00:86:d4:ca ipv4 192.168.122.15/24 vm2 ff:b5:5e:67:ff:00:02:00:00:ab:11:39:24:8c:4a:7e:6a:dd:78 </code></pre> </div> <p>Try to access the vm using <code>ubuntu</code> user:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>ssh ubuntu@192.168.122.15 The authenticity of host <span class="s1">'192.168.122.15 (192.168.122.15)'</span> can<span class="s1">'t be established. ED25519 key fingerprint is SHA256:Y20zaCcrlOZvPTP+/qLLHc7vJIOca7QjTinsz9Bj6sk. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '</span>192.168.122.15<span class="s1">' (ED25519) to the list of known hosts. Welcome to Ubuntu 20.04.6 LTS (GNU/Linux 5.4.0-200-generic x86_64) ... ubuntu@ubuntu:~$ </span></code></pre> </div> <h2> Create Ansible Playbook </h2> <p>Now let's create the Ansible Playbook to deploy Flask &amp; Postgresql on Docker. First you need to create <code>ansible</code> directory and <code>ansible.cfg</code> file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>ansible <span class="o">&amp;&amp;</span> <span class="nb">cd </span>ansible </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="o">[</span>defaults] inventory <span class="o">=</span> hosts host_key_checking <span class="o">=</span> True deprecation_warnings <span class="o">=</span> False collections <span class="o">=</span> ansible.posix, community.general, community.postgresql </code></pre> </div> <p>Then create inventory file called <code>hosts</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="o">[</span>vm1] 192.168.122.19 <span class="nv">ansible_user</span><span class="o">=</span>ubuntu <span class="o">[</span>vm2] 192.168.122.15 <span class="nv">ansible_user</span><span class="o">=</span>ubuntu </code></pre> </div> <p>checking our VMs using <code>ansible ping</code> command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>ansible <span class="nt">-m</span> ping all 192.168.122.15 | SUCCESS <span class="o">=&gt;</span> <span class="o">{</span> <span class="s2">"ansible_facts"</span>: <span class="o">{</span> <span class="s2">"discovered_interpreter_python"</span>: <span class="s2">"/usr/bin/python3"</span> <span class="o">}</span>, <span class="s2">"changed"</span>: <span class="nb">false</span>, <span class="s2">"ping"</span>: <span class="s2">"pong"</span> <span class="o">}</span> 192.168.122.19 | SUCCESS <span class="o">=&gt;</span> <span class="o">{</span> <span class="s2">"ansible_facts"</span>: <span class="o">{</span> <span class="s2">"discovered_interpreter_python"</span>: <span class="s2">"/usr/bin/python3"</span> <span class="o">}</span>, <span class="s2">"changed"</span>: <span class="nb">false</span>, <span class="s2">"ping"</span>: <span class="s2">"pong"</span> <span class="o">}</span> </code></pre> </div> <p>Now create <code>playbook.yml</code> and <code>roles</code>, this playbook will install and configure Docker, Flask and PostgreSQL:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nt">---</span> - name: Deploy Flask hosts: vm1 become: <span class="nb">true </span>remote_user: ubuntu roles: - docker - flask - name: Deploy Postgresql hosts: vm2 become: <span class="nb">true </span>remote_user: ubuntu roles: - docker - psql </code></pre> </div> <h3> Playbook to install Docker </h3> <p>Now create new directory called <code>roles/docker</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>roles <span class="nv">$ </span><span class="nb">mkdir </span>docker </code></pre> </div> <p>Create a new directory in <code>docker</code> called <code>tasks</code>, then create new file <code>main.yml</code>. This file will install Docker &amp; Docker Compose:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>docker/tasks <span class="nv">$ </span>vim main.yml </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run update</span> <span class="na">ansible.builtin.apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">aptitude</span> <span class="na">state</span><span class="pi">:</span> <span class="s">latest</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install dependencies</span> <span class="na">ansible.builtin.apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">net-tools</span> <span class="pi">-</span> <span class="s">apt-transport-https</span> <span class="pi">-</span> <span class="s">ca-certificates</span> <span class="pi">-</span> <span class="s">curl</span> <span class="pi">-</span> <span class="s">software-properties-common</span> <span class="pi">-</span> <span class="s">python3-pip</span> <span class="pi">-</span> <span class="s">virtualenv</span> <span class="pi">-</span> <span class="s">python3-setuptools</span> <span class="pi">-</span> <span class="s">gnupg-agent</span> <span class="pi">-</span> <span class="s">autoconf</span> <span class="pi">-</span> <span class="s">dpkg-dev</span> <span class="pi">-</span> <span class="s">file</span> <span class="pi">-</span> <span class="s">g++</span> <span class="pi">-</span> <span class="s">gcc</span> <span class="pi">-</span> <span class="s">libc-dev</span> <span class="pi">-</span> <span class="s">make</span> <span class="pi">-</span> <span class="s">pkg-config</span> <span class="pi">-</span> <span class="s">re2c</span> <span class="pi">-</span> <span class="s">wget</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add Docker GPG apt Key</span> <span class="na">ansible.builtin.apt_key</span><span class="pi">:</span> <span class="na">url</span><span class="pi">:</span> <span class="s">https://download.docker.com/linux/ubuntu/gpg</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add repository into sources list</span> <span class="na">ansible.builtin.apt_repository</span><span class="pi">:</span> <span class="na">repo</span><span class="pi">:</span> <span class="s">deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">filename</span><span class="pi">:</span> <span class="s">docker</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Docker</span> <span class="na">ansible.builtin.apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">docker-ce</span> <span class="pi">-</span> <span class="s">docker-ce-cli</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add non-root to docker group</span> <span class="na">user</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">ubuntu</span> <span class="na">groups</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">docker</span><span class="pi">]</span> <span class="na">append</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Docker module for Python</span> <span class="na">ansible.builtin.pip</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">docker</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Docker-Compose</span> <span class="na">ansible.builtin.get_url</span><span class="pi">:</span> <span class="na">url</span><span class="pi">:</span> <span class="s">https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/usr/local/bin/docker-compose</span> <span class="na">mode</span><span class="pi">:</span> <span class="s1">'</span><span class="s">755'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create Docker-Compose symlink</span> <span class="na">ansible.builtin.command</span><span class="pi">:</span> <span class="na">cmd</span><span class="pi">:</span> <span class="s">ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose</span> <span class="na">creates</span><span class="pi">:</span> <span class="s">/usr/bin/docker-compose</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Restart Docker</span> <span class="na">ansible.builtin.service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">docker</span> <span class="na">state</span><span class="pi">:</span> <span class="s">restarted</span> <span class="na">enabled</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <h3> Playbook to install and configure postgresql </h3> <p>Then create new directory called <code>psql</code>, create subdirectory called <code>vars</code>, <code>tempalates</code> &amp; <code>tasks</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>psql <span class="nv">$ </span><span class="nb">mkdir </span>psql/vars <span class="nv">$ </span><span class="nb">mkdir </span>psql/templates <span class="nv">$ </span><span class="nb">mkdir </span>psql/tasks </code></pre> </div> <p>After that, in <code>vars</code>, create <code>main.yml</code>. These are variables used to set username, passwords, etc:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="na">db_port</span><span class="pi">:</span> <span class="m">5433</span> <span class="na">db_user</span><span class="pi">:</span> <span class="s">admin</span> <span class="na">db_password</span><span class="pi">:</span> <span class="s">dbPassword</span> <span class="na">db_name</span><span class="pi">:</span> <span class="s">todo</span> </code></pre> </div> <p>Next, we will create jinja file called <code>docker-compose.yml.j2</code>. With this file we will create postgresql container:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">3.7'</span> <span class="na">services</span><span class="pi">:</span> <span class="na">postgres</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:13</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">db</span> <span class="na">restart</span><span class="pi">:</span> <span class="s">unless-stopped</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="pi">{{</span> <span class="nv">db_port</span> <span class="pi">}}</span><span class="s">:5432</span> <span class="na">networks</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">flask_network</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">POSTGRES_USER={{ db_user }}</span> <span class="pi">-</span> <span class="s">POSTGRES_PASSWORD={{ db_password }}</span> <span class="pi">-</span> <span class="s">POSTGRES_DB={{ db_name }}</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">postgres_data:/var/lib/postgresql/data</span> <span class="na">networks</span><span class="pi">:</span> <span class="na">flask_network</span><span class="pi">:</span> <span class="na">volumes</span><span class="pi">:</span> <span class="na">postgres_data</span><span class="pi">:</span> </code></pre> </div> <p>Next, create <code>main.yml</code> to <code>tasks</code>. So we will copy <code>docker-compose.yml.j2</code> and run using <code>docker compose</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add Postgresql Compose</span> <span class="na">ansible.builtin.template</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">docker-compose.yml.j2</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/home/ubuntu/docker-compose.yml</span> <span class="na">mode</span><span class="pi">:</span> <span class="s">preserve</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Docker-compose up</span> <span class="na">ansible.builtin.shell</span><span class="pi">:</span> <span class="s">docker-compose up -d --build</span> <span class="na">args</span><span class="pi">:</span> <span class="na">chdir</span><span class="pi">:</span> <span class="s">/home/ubuntu</span> </code></pre> </div> <h3> Playbook to deploy Flask App </h3> <p>First, you need to create directory called <code>flask</code>, then create sub-directory again:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>flask <span class="nv">$ </span><span class="nb">mkdir </span>flask/vars <span class="nv">$ </span><span class="nb">mkdir </span>flask/templates <span class="nv">$ </span><span class="nb">mkdir </span>flask/tasks </code></pre> </div> <p>Next, add <code>main.yml</code> to <code>vars</code>. This file refer to posgtresql variable before, with addition IP address of VM2(database VM):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="na">db_port</span><span class="pi">:</span> <span class="m">5433</span> <span class="na">db_user</span><span class="pi">:</span> <span class="s">admin</span> <span class="na">db_password</span><span class="pi">:</span> <span class="s">dbPassword</span> <span class="na">db_name</span><span class="pi">:</span> <span class="s">todo</span> <span class="na">db_host</span><span class="pi">:</span> <span class="s">192.168.122.15</span> </code></pre> </div> <p>Next, create <code>config.py.j2</code> to <code>templates</code>. This file will replace the old config file from Flask project:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight jinja"><code>DEV_DB = 'sqlite:///task.db' pg_user = "<span class="cp">{{</span> <span class="nv">db_user</span> <span class="cp">}}</span>" pg_pass = "<span class="cp">{{</span> <span class="nv">db_password</span> <span class="cp">}}</span>" pg_db = "<span class="cp">{{</span> <span class="nv">db_name</span> <span class="cp">}}</span>" pg_port = <span class="cp">{{</span> <span class="nv">db_port</span> <span class="cp">}}</span> pg_host = "<span class="cp">{{</span> <span class="nv">db_host</span> <span class="cp">}}</span>" PROD_DB = f'postgresql://{pg_user}:{pg_pass}@{pg_host}:{pg_port}/{pg_db}' </code></pre> </div> <p>Next, create <code>docker-compose.yml.j2</code> to templates. With this file we will create a container using <code>docker compose</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">3.7'</span> <span class="na">services</span><span class="pi">:</span> <span class="na">flask</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">flask</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">app</span> <span class="na">restart</span><span class="pi">:</span> <span class="s">unless-stopped</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">5000:5000</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">DEBUG=0</span> <span class="na">networks</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">flask_network</span> <span class="na">networks</span><span class="pi">:</span> <span class="na">flask_network</span><span class="pi">:</span> </code></pre> </div> <p>Next, create <code>main.yml</code> in <code>tasks</code>. With this file we will clone <a href="https://github.com/danielcristho/Flask_TODO/tree/master" rel="noopener noreferrer">flask project</a>, add compose file, replace config.py and create new container using <code>docker compose</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Clone html project</span> <span class="na">changed_when</span><span class="pi">:</span> <span class="kc">false</span> <span class="na">ansible.builtin.git</span><span class="pi">:</span> <span class="na">repo</span><span class="pi">:</span> <span class="s">https://github.com/danielcristho/Flask_TODO.git</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/home/ubuntu/Flask_TODO</span> <span class="na">clone</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add Flask Compose</span> <span class="na">ansible.builtin.template</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">docker-compose.yml.j2</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/home/ubuntu/Flask_TODO/docker-compose.yml</span> <span class="na">mode</span><span class="pi">:</span> <span class="s">preserve</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Update config.py</span> <span class="na">ansible.builtin.template</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">config.py.j2</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/home/ubuntu/Flask_TODO/flask/app/config.py</span> <span class="na">mode</span><span class="pi">:</span> <span class="s">preserve</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run docker-compose up -d</span> <span class="na">shell</span><span class="pi">:</span> <span class="s">docker-compose up -d --build</span> <span class="na">args</span><span class="pi">:</span> <span class="na">chdir</span><span class="pi">:</span> <span class="s">/home/ubuntu/Flask_TODO</span> </code></pre> </div> <p>Our project structure should look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>├── ansible-flask-psql │   ├── ansible.cfg │   ├── hosts │   ├── playbook.yml │   └── roles │   ├── docker │   │   └── tasks │   │   └── main.yml │   ├── flask │   │   ├── tasks │   │   │   └── main.yml │   │   ├── templates │   │   │   ├── config.py.j2 │   │   │   └── docker-compose.yml.j2 │   │   └── vars │   │   └── main.yml │   └── psql │   ├── tasks │   │   └── main.yml │   ├── templates │   │   └── docker-compose.yml.j2 │   └── vars │   └── main.yml ├── libvirt-kvm │   ├── config │   │   ├── cloud_init.yml │   │   └── network_config.yml │   ├── main.tf │   ├── variables.tf </code></pre> </div> <h3> Run Playbook and testing </h3> <p>Finally, let's run <code>ansible-playbook</code> to deploy PostgreSQL and Flask:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">ls </span>ansible.cfg hosts playbook.yml roles <span class="nv">$ </span>ansible-playbook <span class="nt">-i</span> host playbook.yml _____________________ &lt; PLAY <span class="o">[</span>Deploy Flask] <span class="o">&gt;</span> <span class="nt">---------------------</span> <span class="se">\ </span> ^__^ <span class="se">\ </span> <span class="o">(</span>oo<span class="o">)</span><span class="se">\_</span>______ <span class="o">(</span>__<span class="o">)</span><span class="se">\ </span> <span class="o">)</span><span class="se">\/\</span> <span class="o">||</span><span class="nt">----w</span> | <span class="o">||</span> <span class="o">||</span> ________________________ &lt; TASK <span class="o">[</span>Gathering Facts] <span class="o">&gt;</span> <span class="nt">------------------------</span> <span class="se">\ </span> ^__^ <span class="se">\ </span> <span class="o">(</span>oo<span class="o">)</span><span class="se">\_</span>______ <span class="o">(</span>__<span class="o">)</span><span class="se">\ </span> <span class="o">)</span><span class="se">\/\</span> <span class="o">||</span><span class="nt">----w</span> | <span class="o">||</span> | ... ____________ &lt; PLAY RECAP <span class="o">&gt;</span> <span class="nt">------------</span> <span class="se">\ </span> ^__^ <span class="se">\ </span> <span class="o">(</span>oo<span class="o">)</span><span class="se">\_</span>______ <span class="o">(</span>__<span class="o">)</span><span class="se">\ </span> <span class="o">)</span><span class="se">\/\</span> <span class="o">||</span><span class="nt">----w</span> | <span class="o">||</span> <span class="o">||</span> 192.168.122.15 : <span class="nv">ok</span><span class="o">=</span>13 <span class="nv">changed</span><span class="o">=</span>3 <span class="nv">unreachable</span><span class="o">=</span>0 <span class="nv">failed</span><span class="o">=</span>0 <span class="nv">skipped</span><span class="o">=</span>0 <span class="nv">rescued</span><span class="o">=</span>0 <span class="nv">ignored</span><span class="o">=</span>0 192.168.122.19 : <span class="nv">ok</span><span class="o">=</span>15 <span class="nv">changed</span><span class="o">=</span>4 <span class="nv">unreachable</span><span class="o">=</span>0 <span class="nv">failed</span><span class="o">=</span>0 <span class="nv">skipped</span><span class="o">=</span>0 <span class="nv">rescued</span><span class="o">=</span>0 <span class="nv">ignored</span><span class="o">=</span>0 </code></pre> </div> <p>After complete, just make sure there is no error. Then you see there are two containers created. In VM1 is Flask and VM2 is Postgresql:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f3978427e34c flask_todo_flask <span class="s2">"python run.py"</span> About a minute ago Up About a minute 0.0.0.0:5000-&gt;5000/tcp, : ::5000-&gt;5000/tcp app <span class="nv">$ </span>docker ps fbebdff75a6e postgres:13 <span class="s2">"docker-entrypoint.s…"</span> 4 minutes ago Up 4 minutes 0.0.0.0:5433-&gt;5432/tcp, <span class="o">[</span>::]:5433 -&gt;5432/tcp db </code></pre> </div> <p>Try to access the app using browsers, just type <code>http://&lt;vm1_ip&gt;:5000</code>:</p> <p><a href="https://community.ops.io/images/uGDvwlRHVbCTsN9D9cA-IM-YJR2z_IbubbGGMCuZibw/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzL25iaTN5/cDRtb2t0Yzh2ZG0y/cXQ4LnBuZw" class="article-body-image-wrapper"><img src="https://community.ops.io/images/uGDvwlRHVbCTsN9D9cA-IM-YJR2z_IbubbGGMCuZibw/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzL25iaTN5/cDRtb2t0Yzh2ZG0y/cXQ4LnBuZw" alt="Access flask app using browser" width="800" height="184"></a></p> <p>Try to add a new task and then the data will be added to the database:</p> <p><a href="https://community.ops.io/images/6QPxYWmehBO9kQyos36VIzhPM_o3NGQpJ00xIWHlqCo/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzL2docnU2/NmkzYWFrZzg0MHpn/bjNoLnBuZw" class="article-body-image-wrapper"><img src="https://community.ops.io/images/6QPxYWmehBO9kQyos36VIzhPM_o3NGQpJ00xIWHlqCo/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzL2docnU2/NmkzYWFrZzg0MHpn/bjNoLnBuZw" alt="pgsql content" width="775" height="447"></a></p> <h4> Conclusion </h4> <p>Finally we have created 2 VMs and deploy Flask Project with database.</p> <p>Thank you for reading this article. Feel free to leave a comment if you have any questions, suggestions, or feedback.</p> <p><em>NB</em>: Project Repo: <a href="https://github.com/danielcristho/that-i-write/tree/main/terrafrom-ansible-flask" rel="noopener noreferrer">danielcristho/that-i-write/terrafrom-ansible-flask</a></p> devops tutorials terraform docker Deploy Laravel API To AWS Lambda Daniel Pepuho Thu, 11 Apr 2024 00:15:24 +0000 https://community.ops.io/danielcristho/deploy-laravel-api-to-aws-lambda-25m4 https://community.ops.io/danielcristho/deploy-laravel-api-to-aws-lambda-25m4 <p>About two months ago, I was given a task to deploy Laravel API to Lambda. And then I found the ways to deploy it using <a href="https://www.serverless.com/framework/docs/getting-started" rel="noopener noreferrer">Serverless Framework</a> and <a href="https://bref.sh/docs/laravel/getting-started" rel="noopener noreferrer">Bref</a>.</p> <h2> What is Serverless Framework? </h2> <p>The Serverless Framework is an open-source framework that allows developers to build and deploy serverless applications and functions. It simplifies the process of managing serverless architectures by abstracting away the underlying infrastructure management. With the Serverless Framework, developers can focus more on writing code and less on managing servers or provisioning resources.</p> <p>To install serverless, you should using npm:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">-g</span> serverless </code></pre> </div> <h2> What is Bref? </h2> <p>To managing the function, Bref provides a command-line interface (CLI) tool for initializing, deploying, and managing serverless PHP applications. Developers can use the CLI to create new projects, deploy functions to AWS Lambda, and manage configuration settings.</p> <p>You guys also, set the runtime environment for running PHP applications using Bref. This environment includes support for PHP 7.x, 8.x, extensions commonly used in PHP applications, and features like HTTP request handling, environment variables, and logging.</p> <p>Install Bref using composer:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cd </span>laravel-project </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>composer require bref/bref bref/laravel-bridge <span class="nt">--update-with-dependencies</span> </code></pre> </div> <p>Lastly, to deploy our function or application we need to define everything, including the runtime, runtime version, stage, environment, cloud provider in a file called <code>serverless.yml</code></p> <h3> Setup </h3> <p>Okay, I think that's enough explanation and installation. Now let's do some setup. :)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cd </span>laravel-project </code></pre> </div> <p>Create <code>serverless.yml</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan vendor:publish <span class="nt">--tag</span><span class="o">=</span>serverless-config </code></pre> </div> <p>Now, you need<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">service</span><span class="pi">:</span> <span class="s">laravel</span> <span class="na">provider</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">aws</span> <span class="na">region</span><span class="pi">:</span> <span class="s">ap-southeast-2</span> <span class="na">stage</span><span class="pi">:</span> <span class="s">dev</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">provided.al2</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">DB_HOST</span><span class="pi">:</span> <span class="s">wwww.ap-southeast-2.rds.amazonaws.com</span> <span class="na">DB_DATABASE</span><span class="pi">:</span> <span class="s">xxxx</span> <span class="na">DB_USERNAME</span><span class="pi">:</span> <span class="s">yyyy</span> <span class="na">DB_PASSWORD</span><span class="pi">:</span> <span class="s">zzzz</span> <span class="na">vpc</span><span class="pi">:</span> <span class="na">securityGroupIds</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">sg-xyz</span> <span class="na">subnetIds</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">subnet-abcd</span> <span class="na">package</span><span class="pi">:</span> <span class="c1"># Files and directories to exclude from deployment</span> <span class="na">patterns</span><span class="pi">:</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!node_modules/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!resources/assets/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!storage/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!tests/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!docker/'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!.husky/'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!.github/**'</span> <span class="na">functions</span><span class="pi">:</span> <span class="c1"># This function runs the athena website/API</span> <span class="na">athena</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">public/index.php</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">php-82-fpm</span> <span class="na">timeout</span><span class="pi">:</span> <span class="m">28</span> <span class="c1"># in seconds (API Gateway has a timeout of 29 seconds)</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">httpApi</span><span class="pi">:</span> <span class="s1">'</span><span class="s">*'</span> <span class="c1"># This function lets us run artisan commands in Lambda</span> <span class="na">artisan</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">artisan</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">php-82-console</span> <span class="na">timeout</span><span class="pi">:</span> <span class="m">720</span> <span class="c1"># in seconds</span> <span class="c1"># Uncomment to also run the scheduler every minute</span> <span class="c1">#events:</span> <span class="c1"># - schedule:</span> <span class="c1"># rate: rate(1 minute)</span> <span class="c1"># input: '"schedule:run"'</span> <span class="na">plugins</span><span class="pi">:</span> <span class="c1"># We need to include the Bref plugin</span> <span class="pi">-</span> <span class="s">./vendor/bref/bref</span> </code></pre> </div> <h3> A bit of explanation </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">service</span><span class="pi">:</span> <span class="s">laravel</span> <span class="na">provider</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">aws</span> <span class="na">region</span><span class="pi">:</span> <span class="s">ap-southeast-2</span> <span class="na">stage</span><span class="pi">:</span> <span class="s">dev</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">provided.al2</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">DB_HOST</span><span class="pi">:</span> <span class="s">wwww.ap-southeast-2.rds.amazonaws.com</span> <span class="na">DB_DATABASE</span><span class="pi">:</span> <span class="s">xxxx</span> <span class="na">DB_USERNAME</span><span class="pi">:</span> <span class="s">yyyy</span> <span class="na">DB_PASSWORD</span><span class="pi">:</span> <span class="s">zzzz</span> <span class="na">vpc</span><span class="pi">:</span> <span class="na">securityGroupIds</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">sg-xyz</span> <span class="na">subnetIds</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">subnet-abcd</span> </code></pre> </div> <ul> <li> <code>service</code>: This specifies the name of our service. In this case, it's named "laravel".</li> <li> <code>provider</code>: <ul> <li> <code>name</code>: Specifies that the cloud provider. For example we using AWS.</li> <li> <code>region</code>: Specifies the AWS region where our resources will be deployed. In this case, it's the Asia Pacific (Sydney) region.</li> <li> <code>stage</code>: Specifies the deployment stage or environment. Here, it's set to "dev", indicating a development stage, Or <code>prod</code> indicating production.</li> <li> <code>runtime</code>: Specifies the Lambda runtime. <code>provided.al2</code> indicates that we're using a custom runtime based on Amazon Linux 2. This is a common choice for PHP-based applications. Then you will using other runtime likes; Node Js, Python, .NET etc.</li> <li> <code>environment</code>: Specifies the environment variable that will be available to our Lambda function. In this case I wrote an environment for RDS Database. Anyway, later I will write about <a href="https://aws.amazon.com/cdk/" rel="noopener noreferrer">AWS CDK</a> using Python for creating database clusters, etc.</li> <li> <code>vpc</code>: This indicates that we're configuring the Virtual Private Cloud settings for our Lambda functions. This is useful for scenarios where your Lambda functions need to interact with resources that are only accessible within your VPC, such as databases hosted on Amazon RDS or services running on Amazon EC2 instances.</li> <li> <code>securityGroupIds</code>: Specifies the security groups associated with our Lambda functions.</li> <li> <code>subnetIds</code>: Specifies the subnets in which our Lambda functions will be deployed. Subnets are segments of our VPC where you can place resources. subnet-abcd is the ID of the subnet where our Lambda functions will be deployed. </li> </ul> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">package</span><span class="pi">:</span> <span class="c1"># Files and directories to exclude from deployment</span> <span class="na">patterns</span><span class="pi">:</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!node_modules/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!resources/assets/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!storage/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!tests/**'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!docker/'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!.husky/'</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">!.github/**'</span> <span class="na">functions</span><span class="pi">:</span> <span class="c1"># This function runs the athena website/API</span> <span class="na">athena</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">public/index.php</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">php-82-fpm</span> <span class="na">timeout</span><span class="pi">:</span> <span class="m">28</span> <span class="c1"># in seconds (API Gateway has a timeout of 29 seconds)</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">httpApi</span><span class="pi">:</span> <span class="s1">'</span><span class="s">*'</span> <span class="c1"># This function lets us run artisan commands in Lambda</span> <span class="na">artisan</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">artisan</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">php-82-console</span> <span class="na">timeout</span><span class="pi">:</span> <span class="m">720</span> <span class="c1"># in seconds</span> <span class="c1"># Uncomment to also run the scheduler every minute</span> <span class="c1">#events:</span> <span class="c1"># - schedule:</span> <span class="c1"># rate: rate(1 minute)</span> <span class="c1"># input: '"schedule:run"'</span> <span class="na">plugins</span><span class="pi">:</span> <span class="c1"># We need to include the Bref plugin</span> <span class="pi">-</span> <span class="s">./vendor/bref/bref</span> </code></pre> </div> <h4> Package </h4> <ul> <li> <code>patterns</code>: Specifies the files and directories to exclude from the deployment package. These are typically directories that contain development or testing files that aren't needed in the production deployment.</li> </ul> <h4> Functions </h4> <ul> <li> <code>functions</code>: Defines a Lambda function named responsible for running the Athena website/API.</li> <li> <code>handler</code>: Specifies the entry point for the function. In this case, it's public/index.php, which is typical for Laravel applications.</li> <li> <code>runtime</code>: Specifies the runtime for the Lambda function. It's set to php-82-fpm, indicating PHP 8.2 running as FastCGI Process Manager (FPM).</li> <li> <code>timeout</code>: Sets the timeout for the function execution in seconds.</li> <li> <code>events</code>: Defines the event trigger for the function. In this case, it's an HTTP API event trigger.</li> <li> <code>artisan</code>: Defines a Lambda function named "artisan" responsible for running artisan commands in Lambda.</li> <li> <code>handler</code>: Specifies the entry point for the function. Here, it's artisan, indicating the Laravel artisan CLI.</li> <li> <code>runtime</code>: Specifies the runtime for the Lambda function. It's set to php-82-console, indicating PHP 8.2 running in console mode.</li> </ul> <h4> Plugins </h4> <ul> <li> <code>./vendor/bref/bref</code>: Specifies the Bref plugin, which is necessary for deploying PHP applications to AWS Lambda. This plugin provides the necessary runtime and integration with AWS services.</li> </ul> <p>Okay lastly, we'll deploy the function by running serverless command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>serverless deploy </code></pre> </div> <p>or<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>sls deploy </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>Deploying laravel to stage dev <span class="o">(</span>ap-southeast-2<span class="o">)</span> ✔ Service deployed to stack laravel-dev <span class="o">(</span>102s<span class="o">)</span> endpoint: ANY - https://xxyyzz.execute-api.ap-southeast-2.amazonaws.com functions: athena: laravel-dev-athena <span class="o">(</span>45 MB<span class="o">)</span> artisan: laravel-dev-artisan <span class="o">(</span>45 MB<span class="o">)</span> Want a better experience than the AWS console? Try out https://dashboard.bref.sh </code></pre> </div> <p>Migration using bref, usually we use <code>artisan</code> command, like <code>php artisan migrate</code> but if using bref just use:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>serverless bref:cli <span class="nt">--args</span><span class="o">=</span><span class="s2">"migrate"</span> </code></pre> </div> <p>NB: You guys can use bref to run other artisan commands.</p> <p>Accessing API, in this case i use api/health-check:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl https://xxyyzz.execute-api.ap-southeast-2.amazonaws.com/api/health-check </code></pre> </div> <p>Response:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="s2">"Hello to public API."</span> </code></pre> </div> <p>That's all for now, I will write about Lambda or other stuff about AWS later. Hope you enjoy it.</p> aws tutorials devops Build Multi Arch Docker Image Daniel Pepuho Fri, 06 Oct 2023 02:38:02 +0000 https://community.ops.io/danielcristho/build-multi-arch-docker-image-3516 https://community.ops.io/danielcristho/build-multi-arch-docker-image-3516 <h2> Case </h2> <p>I have several problems, when I create a Docker image on Ubuntu which in fact uses <code>amd64</code> architecture then, when I share the image with my friends, sometimes they have problems. Because the architecture they use is <code>arm64</code>.</p> <h2> Goal </h2> <p>So in this article, I will make a short step on how to create multi-arch Docker image using Docker plugin: <a href="https://docs.docker.com/engine/reference/commandline/buildx/" rel="noopener noreferrer">buildx</a>.</p> <h2> What is Buildx </h2> <p>Before we start, what is buildx? Buildx is an open-source Docker CLI plugin that brings enhanced build capabilities based Moby BuildKit to the Docker CLI. It’s worth mentioning that the x in buildx stands for experimental, meaning that features and capabilities provided by buildx are not yet stable. Keep in mind that actual features and command line interface may change. Once a feature provided by buildx has matured and become stable, it will be integrated into regular Docker CLI commands such as docker build and others.</p> <h2> Let's start </h2> <p>First, make sure Docker is installed, then create a new builder called <code>multi-arch</code> using buildx command.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker buildx create <span class="nt">--use</span> <span class="nt">--name</span> multi-arch </code></pre> </div> <p>output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="o">[</span>+] Building 4.7s <span class="o">(</span>1/1<span class="o">)</span> FINISHED <span class="o">=&gt;</span> <span class="o">[</span>internal] booting buildkit 4.7s <span class="o">=&gt;</span> <span class="o">=&gt;</span> pulling image moby/buildkit:buildx-stable-1 3.7s <span class="o">=&gt;</span> <span class="o">=&gt;</span> creating container buildx_buildkit_multi-arch0 1.0s multi-arch </code></pre> </div> <p>Inspect costum buildx<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>Name: multi-arch Driver: docker-container Last Activity: 2023-09-25 18:58:30 +0000 UTC Nodes: Name: multi-arch0 Endpoint: unix:///var/run/docker.sock Status: running Buildkit: v0.12.2 Platforms: linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/386 ... </code></pre> </div> <p>After create new builder then, create a <code>Dockerfile</code>, in this case i will create a <code>Dockerfile</code> using Ubuntu base image.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>FROM ubuntu:18.04 LABEL <span class="nv">maintainer</span><span class="o">=</span><span class="s2">"@danielcristho"</span> VOLUME /root <span class="c"># Install packages</span> RUN <span class="nv">DEBIAN_FRONTEND</span><span class="o">=</span>noninteractive <span class="se">\</span> apt-get update <span class="se">\</span> <span class="o">&amp;&amp;</span> apt-get <span class="nb">install</span> <span class="nt">-y</span> net-tools build-essential tcpdump telnet traceroute curl iperf3 knot-host openssh-server mtr-tiny socat nmap iputils-ping rsyslog vim iptables iproute2 nano <span class="se">\</span> <span class="o">&amp;&amp;</span> <span class="nb">rm</span> <span class="nt">-rf</span> /var/lib/apt/lists/<span class="k">*</span> <span class="c">### Clear cache and change shell ###</span> RUN apt-get clean <span class="o">&amp;&amp;</span> <span class="se">\</span> apt-get autoclean <span class="o">&amp;&amp;</span> <span class="se">\</span> apt-get autoremove <span class="nt">-y</span> <span class="o">&amp;&amp;</span> <span class="se">\</span> <span class="nb">rm</span> <span class="nt">-rf</span> /var/lib/cache/<span class="k">*</span> <span class="o">&amp;&amp;</span> <span class="se">\</span> <span class="nb">rm</span> <span class="nt">-rf</span> /var/lib/log/<span class="k">*</span> CMD <span class="o">[</span><span class="s2">"bash"</span><span class="o">]</span> </code></pre> </div> <p>Finally after create the <code>Dockerfile</code>, let's build into multi-arch using <code>buildx</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code>docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v8 . </code></pre> </div> <p>By running the command above, we can build Docker image on multi architecture, like <code>amd64</code> and <code>arm64</code>.</p> <p>But you can push the image to <a href="https://hub.docker.com" rel="noopener noreferrer">DockerHub</a> after build by using push arguments. In this case i will push the image to my repository on DockerHub.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker buildx build <span class="nt">--platform</span> linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v8,linux/arm64/v8 <span class="nt">-t</span> danielcristh0/ubuntu-bionic <span class="nt">--push</span> <span class="nb">.</span> </code></pre> </div> <p>Verify the result in Docker Hub.<br> <a href="https://community.ops.io/images/vOyL-jA0YwUfOfDnYtDkIKr6hMmOQROrgFY7r_N51oE/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzL3pnajJt/bmQ0eGV3ZmdtYzVs/eG8yLnBuZw" class="article-body-image-wrapper"><img src="https://community.ops.io/images/vOyL-jA0YwUfOfDnYtDkIKr6hMmOQROrgFY7r_N51oE/rt:fit/w:800/g:sm/q:0/mb:500000/ar:1/aHR0cHM6Ly9jb21t/dW5pdHkub3BzLmlv/L3JlbW90ZWltYWdl/cy91cGxvYWRzL2Fy/dGljbGVzL3pnajJt/bmQ0eGV3ZmdtYzVs/eG8yLnBuZw" alt="Push to DockerHub" width="800" height="183"></a></p> <h3> Reference: </h3> <ul> <li><a href="https://github.com/docker/buildx" rel="noopener noreferrer">https://github.com/docker/buildx</a></li> <li><a href="https://www.thorsten-hans.com/how-to-build-multi-arch-docker-images-with-ease" rel="noopener noreferrer">https://www.thorsten-hans.com/how-to-build-multi-arch-docker-images-with-ease</a></li> </ul> docker tutorials Install Docker on Remote Server using Ansible Daniel Pepuho Mon, 28 Aug 2023 17:39:13 +0000 https://community.ops.io/danielcristho/install-docker-on-remote-server-using-ansible-ena https://community.ops.io/danielcristho/install-docker-on-remote-server-using-ansible-ena <p>Long time no see, now i will show you how to install Docker using Ansible Playbook. Let's start!!!</p> <h2> Setup </h2> <p>First, you need to install Ansible. Just follow this link to install Ansible on your operating system <a href="https://docs.ansible.com/ansible/latest/installation_guide/index.html" rel="noopener noreferrer">installation guide</a>.</p> <p>After installation, create new directory called <code>ansible-docker</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>ansible-docker <span class="o">&amp;&amp;</span> <span class="nb">cd </span>ansible-docker </code></pre> </div> <p>Create a new file called <code>ansible.cfg</code> as the Ansible configuration setting and then define the inventory file.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="o">[</span>defaults] inventory <span class="o">=</span> hosts host_key_checking <span class="o">=</span> True deprecation_warnings <span class="o">=</span> False collections <span class="o">=</span> ansible.posix, community.general </code></pre> </div> <p>Then create a new file called <code>hosts</code>, where the name is defined on <code>ansible.cfg</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="o">[</span>example-server] 0.0.0.0 <span class="nv">ansible_user</span><span class="o">=</span>root </code></pre> </div> <p>NB: Don't forget to change the IP Address and host name.</p> <p>After setup the Ansible configuration setting &amp; inventory file, let's create a <strong>YAML</strong> called <code>playbook.yml</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Setup Docker on Ubuntu Server </span><span class="m">22.04</span> <span class="na">hosts</span><span class="pi">:</span> <span class="s">all</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">remote_user</span><span class="pi">:</span> <span class="s">root</span> <span class="na">roles</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">config</span> <span class="pi">-</span> <span class="s">docker</span> </code></pre> </div> <p>Then create roles directory:</p> <ul> <li>Config, On this directory I will create a directory called tasks. After that, I should create yaml file called <code>main.yml</code> to run update, upgrade &amp; install many dependencies. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Update&amp;Upgrade</span> <span class="na">ansible.builtin.apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">aptitude</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install dependencies</span> <span class="na">ansible.builtin.apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">net-tools</span> <span class="pi">-</span> <span class="s">apt-transport-https</span> <span class="pi">-</span> <span class="s">ca-certificates</span> <span class="pi">-</span> <span class="s">curl</span> <span class="pi">-</span> <span class="s">software-properties-common</span> <span class="pi">-</span> <span class="s">python3-pip</span> <span class="pi">-</span> <span class="s">virtualenv</span> <span class="pi">-</span> <span class="s">python3-setuptools</span> <span class="pi">-</span> <span class="s">gnupg-agent</span> <span class="pi">-</span> <span class="s">autoconf</span> <span class="pi">-</span> <span class="s">dpkg-dev</span> <span class="pi">-</span> <span class="s">file</span> <span class="pi">-</span> <span class="s">g++</span> <span class="pi">-</span> <span class="s">gcc</span> <span class="pi">-</span> <span class="s">libc-dev</span> <span class="pi">-</span> <span class="s">make</span> <span class="pi">-</span> <span class="s">pkg-config</span> <span class="pi">-</span> <span class="s">re2c</span> <span class="pi">-</span> <span class="s">wget</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <ul> <li>Docker, On this directory create 2 directories called <code>tasks</code> &amp; <code>templates</code>. </li> </ul> <p>On tasks directory create new file called <code>main.yml</code>. This file contains <em>Docker installation, Docker Compose installation &amp; private registry setup</em>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add Docker GPG apt Key</span> <span class="na">ansible.builtin.apt_key</span><span class="pi">:</span> <span class="na">url</span><span class="pi">:</span> <span class="s">https://download.docker.com/linux/ubuntu/gpg</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add repository into sources list</span> <span class="na">ansible.builtin.apt_repository</span><span class="pi">:</span> <span class="na">repo</span><span class="pi">:</span> <span class="s">deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">filename</span><span class="pi">:</span> <span class="s">docker</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Docker 23.0.1-1</span> <span class="na">ansible.builtin.apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">docker-ce=5:23.0.1-1~ubuntu.22.04~jammy</span> <span class="pi">-</span> <span class="s">docker-ce-cli=5:23.0.1-1~ubuntu.22.04~jammy</span> <span class="pi">-</span> <span class="s">containerd.io</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Setup docker user</span> <span class="na">ansible.builtin.user</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">docker</span> <span class="na">groups</span><span class="pi">:</span> <span class="s2">"</span><span class="s">docker"</span> <span class="na">append</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">sudo_user</span><span class="pi">:</span> <span class="s">yes</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Docker module for Python</span> <span class="na">ansible.builtin.pip</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">docker</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Docker-Compose&amp;Set Permission</span> <span class="na">ansible.builtin.get_url</span><span class="pi">:</span> <span class="na">url</span><span class="pi">:</span> <span class="s">https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/usr/local/bin/docker-compose</span> <span class="na">mode</span><span class="pi">:</span> <span class="s1">'</span><span class="s">755'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create Docker-Compose symlink</span> <span class="na">ansible.builtin.command</span><span class="pi">:</span> <span class="na">cmd</span><span class="pi">:</span> <span class="s">ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose</span> <span class="na">creates</span><span class="pi">:</span> <span class="s">/usr/bin/docker-compose</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add private registry</span> <span class="na">ansible.builtin.template</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">daemon.j2</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/etc/docker/daemon.json</span> <span class="na">mode</span><span class="pi">:</span> <span class="s">preserve</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Restart Docker</span> <span class="na">ansible.builtin.service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">docker</span> <span class="na">state</span><span class="pi">:</span> <span class="s">restarted</span> <span class="na">enabled</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <p>In the template, create a template file using a jinja file named <code>daemon.j2</code>. This file contains configuration for private registry settings (optional).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight jinja"><code>{ "insecure-registries" : ["http://0.0.0.0:5000"] } </code></pre> </div> <p>NB: Field the IP using your remote server private IP</p> <p>After all setup, Your project directory should look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>tree <span class="nb">.</span> ├── ansible.cfg ├── config │   └── tasks │   └── main.yml ├── docker │   ├── tasks │   │   └── main.yml │   └── templates │   └── daemon.j2 ├── hosts └── playbook.yml </code></pre> </div> <h2> Test &amp; Run </h2> <p>Okay, now test Your <code>playbook.yml</code> file using this command.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>ansible-playbook <span class="nt">--syntax-check</span> playbook.yml </code></pre> </div> <p>If You don't have any errors, run the playbook using this command.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>ansible-playbook <span class="nt">-i</span> hosts playbook.yml </code></pre> </div> <p>Output, wait until finish.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> ____________________________________________ &lt; PLAY <span class="o">[</span>Setup Docker on Ubuntu Server 22.04] <span class="o">&gt;</span> <span class="nt">--------------------------------------------</span> <span class="se">\ </span> ^__^ <span class="se">\ </span> <span class="o">(</span>oo<span class="o">)</span><span class="se">\_</span>______ <span class="o">(</span>__<span class="o">)</span><span class="se">\ </span> <span class="o">)</span><span class="se">\/\</span> <span class="o">||</span><span class="nt">----w</span> | <span class="o">||</span> <span class="o">||</span> ________________________ &lt; TASK <span class="o">[</span>Gathering Facts] <span class="o">&gt;</span> <span class="nt">------------------------</span> <span class="se">\ </span> ^__^ <span class="se">\ </span> <span class="o">(</span>oo<span class="o">)</span><span class="se">\_</span>______ <span class="o">(</span>__<span class="o">)</span><span class="se">\ </span> <span class="o">)</span><span class="se">\/\</span> <span class="o">||</span><span class="nt">----w</span> | <span class="o">||</span> <span class="o">||</span> </code></pre> </div> <h3> Conclusion </h3> <p>In this post, I just show you how to install Docker in a specific version using Ansible Playbook when you have one or more servers. </p> <p>Thank You for reading this post, If You have suggestions or questions please leave them below. Thanks</p> <p>NB: In this case, I just set the user as root. I installed the Docker on <code>Ubuntu Server 22.04</code>. For full code follow this link <a href="https://github.com/danielcristho/ansible-stuff/tree/main/ansible-docker" rel="noopener noreferrer">ansible-docker</a>.</p> docker devops tutorials linux