Edda Ansible Playbook and AMIs
Edda is a service to track changes in an AWS region, multiple regions and/or multiple accounts. Before running the playbook, there are a few things we need to do:
Launch EC2 instance for Edda
- Create an Edda security group
- Allow port 22 for SSH
- Allow port 80 for HTTP from your IP address only
If you don't already have one, create a new Key Pair, and add it to your keychain or SSH agent so you don't need to specify it later:
$ ssh-add mykey.pem
- Launch a new EC2 instance using the above Security Group, Key Pair and IAM Role. You can use with Ubuntu or Amazon Linux for the OS
- Set the
Nametag of the instance to
- Confirm you can see the instance using the Ansible EC2 inventory
$ /etc/ansible/hosts --refresh-cache | grep 'Edda'
Run Ansible playbook
Now you can run the playbook
$ ansible-playbook playbooks/edda-amazon-linux.yml -l 'tag_Name_Edda' or $ ansible-playbook playbooks/edda-ubuntu.yml -l 'tag_Name_Edda'
This will configure the instance to be running the latest snapshot build of Edda. If you prefer to build your own WAR file yourself, just specify the path to the WAR file:
$ ansible-playbook playbooks/edda-amazon-linux.yml -l 'tag_Name_Edda' -e "local_war=/path/to/edda.war"
Once the playbook is finished, you will have Edda running inside Tomcat with MongoDB on your EC2 instance. You can access then make queries to it via HTTP. Example:
The easy way with CloudFormation
If all of that seems too hard, feel free to use the Edda CloudFormation template to bring it up in just a few clicks.
You can find the list of pre-built AMIs here:
- This is not production quality. If the instance dies, you loose your history. This is meant as a quick way to get Edda up and running and see if you like it. Have a look at this wiki page for running Edda in production.
- There is work going on now on getting Edda to use AWS Cloud Search as an alternative to MongoDB.
This playbook does nothing for security. It is highly recommended that you put some kind of restrictions on who can access Edda. At the very minimum, please make sure your security group only allows port 80 access from your IP address only.
Adding authentication, running over SSL, and/or putting it on a private subnet is also recommended.
If you have feedback, comments or suggestions, please feel free to contact Peter at Answers for AWS, create an Issue, or submit a pull request.