Use Vagrant to deploy to AWS

In the Pied Piper program we run through a Vagrant tutorial as we found it a great tool to help set up other labs. We are not going to cover Vagrant in detail in this blog as there are plenty of good examples out there. If you are interested in the exercises we did you can visit the repository:
https://github.com/cermegno/vagrant-lesson

However, something I felt is not sufficiently document and would make a good candidate for a post is how to use Vagrant to deploy to AWS and particularly from Windows. I found a couple of posts that provided good detail but none of them prevented me from running into Windows specific issues. If you are running it from Linux, this article will still help you as I will point out the differences anyway.

Install prerequisites

Firstly, as the Vagrant documentation states, "providers" other than VirtualBox require a plug in. This is how you install the AWS provider:

vagrant plugin install vagrant-aws

Deploying to AWS EC2 generally means selecting an AMI (Amazon Machine Image) instead of dealing with a full image as you would do with "Atlas". However Vagrant still needs to use a box. The solution is to install the dummy box provided by Hashicorp:

vagrant box add dummy https://github.com/mitchellh/vagrant-aws/raw/master/dummy.box

Gathering information

With the previous to prerequisites out of the way the next step is to collect all the details we need to populate the "Vagrantfile". The list is quite extensive but I will show you screenshots of where to find all the information.

• AWS Region. Firstly you will need to make note of your region of choice, ex: us-west-2. You will see this in the url of your browser.

• Choose the AMI (Amazon Machine Image) you want to use. You can see the available options by clicking the "Launch Instance" button while at the EC2 Dashboard. Each AMI has a certain OS, ex: Amazon Linux (a derivative of CentOS), SUSE, Debian, etc and a number of software packages pre-installed to meet your needs. For the AWS Vagrant install you are going to keep a record of the AMI-id. In my screenshot I will keep "ami-aa5ebdd2". Please note that the id is likely to change if you want to use a different region. Make sure you remember also the OS you chose because this will determine the default user to use with SSH

• Instance type. This is essentially the size of the AMI in terms of RAM, disk, etc. From the screenshot below I have chosend "t2.micro"

• Access and secret keys. If you already had an AWS account prior to reading this article, chances are you know already these. As of this writing it is no longer possible to view the secret key once it has been generated. If you don't remember it you might to generate keys again. You can view or generate your keys in:

top-right dropdown menu --> my security credentials --> Access Keys

NOTE: AWS recommends creating and IAM user that has the keys rather than relying on root access keys

• EC2 keys (.pem file). Go to EC2 Dashboard, click on "Key Pairs" and follow the prompts to create a ".pem" file. Once created it will get downloaded automatically to your computer.

• Default SSH user. Make note of the default SSH user for your AMI as described in the following table:

Operating System	SSH user
Amazon Linux	ec2-user
Ubuntu	ubuntu
Debian	admin
RHEL 6.4 and later	ec2-user
RHEL 6.3 and earlier	root
Fedora	fedora
Centos	centos
SUSE	root

• Security Group. A Security Group defines what combination of IP addresses and ports will be allowed inbound and outbound. At a minimum you are going to need to SSH access from your Windows system from where you are running Vagrant Window. Initially however, the easiest is set an "Inbound rule" with "My IP" as a source (it will autodetect it) and and "Outbound rule" with the default "Port Range = 0 - 65535" and "Destination 0.0.0.0/0". In my case the anem of the Security Group I have chosen is "default"

Preparing the Vagrantfile

If you haven't done so, go the github repository and download the contents. You will need the "aws" folder.
https://github.com/cermegno/vagrant-lesson

Open the "Vagrantfile" file with your favourite text editor and populate the information you have collected

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure(2) do |config|
 config.vm.box = "dummy"
 config.vm.provider :aws do |aws, override|
   aws.access_key_id = "123-your_access_key-ABC"
   aws.secret_access_key = "12345-your-AWS-secret-key-goes-here-ABCDE"
   aws.keypair_name = "myKeyPair"
   aws.ami = "ami-aa5ebdd2"
   aws.region = "us-west-2"
   aws.instance_type = "t2.micro"
   aws.security_groups = ['default']
   
   config.vm.synced_folder '.', '/vagrant', disabled: true
   
#   override.vm.box = "dummy"
   override.ssh.username = "ec2-user"
   override.ssh.private_key_path = "C:\\Full\\path\\to\\your\\EC2\\myKeyPair.pem"
 end
 
   config.vm.provision "shell", inline: <<-SHELL
        sudo yum -y install python-pip
        sudo pip install flask
 sudo pip install redis
        wget https://raw.githubusercontent.com/cermegno/Ansible-test/master/web.py
  SHELL
  
end

IMPORTANT: Vagrant by default likes to map the current directory as a "synced" folder with the target, however in the absence of "Rsync" or similar in your Windows system the safest setting is to "disabled : true". My advice is to run it first with synching disabled and then experiment with "Rsync" or similar once everything else works.

NOTE: If you need to place some files into your instance don't despair, as long as the files are sitting somewhere on the Internet you can use the another method like "wget" as shown in the "provision" section.

NOTE: If you are deploying from Linux my advice is also to initially disable the "synced folder" and to experiment with once everything else works.

Moment of truth 

After following all the steps above there is only one step left. Open a command prompt or terminal, go to the directory that contains the "Vagrantfile" and type

vagrant up

Logging in

Logging in Windows is going to depend on your SSH client and whether it supports ".pem" certificates or not. A common example is PUTTY which doesn't support it. This AWS article explains how to convert the ".pem" file so that you can use PUTTY

To ssh from Linux or an SSH client that supports ".pem" you can issue the command:

ssh -i "/root/aws-vagrant/Vagrant.pem" ec2-user@dns-of-your-machine.com

Note the "ec2-user" before the "@". You will need to specify the username specific to the OS in your AMI. Finally you can get the dns of you machine from the EC2 Dashboard and it will look something like:

ec2-35-163-63-170.us-west-2.compute.amazonaws.com