How to Provision Alibaba Cloud Resources with Ansible

By Philip Choi, Solutions Architect

This article will show you how to create Alibaba Cloud resources using Ansible through the Ansible Alicloud Module.


Ansible is one of the DevOps tools that is available in the market and widely being adopted among developer and operators. This document will describe how one can provision Alibaba Cloud Resources by using Ansible, such as creating an Elastic Compute Service (ECS) instance by using an Ansible playbook.

Comparison of Provisioning Methods

In general, Alicloud provides 4 ways for user to manage their cloud resources, namely Web Console, CLI, language-specific SDK, and RawAPI. Each of the method has its own pros and cons in terms of user-friendliness or automation capability. The following matrix describe each of the pros and cons of each methods. Ansible is something between CLI and SDK in terms of user friendliness as well as automation capability.

MediumUser friendlinessAutomation CapabilityProduct CoverageConsoleAnyone, intuitiveNo wayAllCLIProbably OK, for experienced sysadminWorks, but not perfectECS/VPC/RDS/SLB/StorageAnsibleProbably OK, for experienced sysadmin who can scriptBetter than CLI and more manageableECS/VPC/RDS/SLB/StorageSDKProbably OK, for experienced developerFlexible, but quite a bit of effortAllRaw APINot user friendly at allVery capable, but extensive effortAll

What Is Ansible and How Does It Support IaaS and the Cloud?

As mentioned Ansible is one of the DevOps tools being widely used in the IaaS automation space. It allows sysadmins or developers to maintain their infrastructure as a code, supporting IaaS from traditional vendors like VMware to modern cloud vendors like Alibaba Cloud. Below is a comparison matrix on Ansible’s capability in supporting other cloud vendors in the market.

Image for post
Image for post

Setting Up the Test Environment

Here is the overview of setting up the environment. After it is done, we can then run the example to create a ECS instance through ansible.

  1. Have Ansible installed
  2. Have Alicloud ansible-provider installed

Install Ansible

Please refer to the official documentation for details. In my case, I am using a CentOS 7 server to install the Ansible. You can do so with the following command.

Install Alicloud Ansible module

By default Ansible doesn’t ship with Alicloud module, in order to provision Alicloud resources we will need this module. To install the module, please follow the steps documented in

Run the following command to install the module on a CentOS 7 machine.

Go through a Deployment Example

Define the Playbook

Playbook is the template which contains the resources that we want to create. You can find the example template from below url:

Run the Results

To run the playbook, use the following command

Here is a simulation run.

Image for post
Image for post

And from the web console, we can see that the instance is created.

Image for post
Image for post

Also, as from our playbook, we defined installation of web server and creation of web page, we can now fetch the page too.

Image for post
Image for post

Command Error during Playbook Execution

NTP Time Lag

In case the node running the Ansible playbook have a major time lag, the following error may occur. To solve the problem, sync the clock with ntp server to avoid any time lag.


Example Playbook

This example will create one ECS instance (or multiple instance, depends how much number you put into the “count” variable in the playbook),. However, you will need to input your own:

  1. Access key and secret key pair
  2. Create the security group in advance and provide the security-group ID
  3. Create the ssh-key pair in advance and provide the ssh-keypair ID
  4. Create the VPC in advance and provide the vswitch ID
- name: make sure ingress port 22 and 80 are allowed
alicloud_access_key: '{{ alicloud_access_key }}'
alicloud_secret_key: '{{ alicloud_secret_key }}'
group_id: '{{ group_id }}'
alicloud_region: '{{ alicloud_region }}'
- ip_protocol: tcp
port_range: 22/22
source_cidr_ip: ''
policy: accept
- ip_protocol: tcp
port_range: 80/80
source_cidr_ip: ''
policy: accept
- name: launch ECS instance in VPC network
alicloud_access_key: '{{ alicloud_access_key }}'
alicloud_secret_key: '{{ alicloud_secret_key }}'
alicloud_region: '{{ alicloud_region }}'
image: '{{ image }}'
system_disk_category: '{{ system_disk_category }}'
system_disk_size: '{{ system_disk_size }}'
instance_type: '{{ instance_type }}'
vswitch_id: '{{ vswitch_id }}'
assign_public_ip: '{{ assign_public_ip }}'
internet_charge_type: '{{ internet_charge_type }}'
max_bandwidth_out: '{{ max_bandwidth_out }}'
group_id: '{{ group_id }}'
key_name: '{{ key_name }}'
host_name: '{{ host_name }}'
#password: '{{ password }}'
user_data: '{{ user_data }}'
count: '{{ count }}'
Name: created_through_ansible
register: status
- name: Poll instance information
alicloud_access_key: '{{ alicloud_access_key }}'
alicloud_secret_key: '{{ alicloud_secret_key }}'
alicloud_region: '{{ alicloud_region }}'
instance_ids: '{{ status.instance_ids }}'
register: all_instances
- set_fact:
instances_info: []
- set_fact:
instances_info: "{{ instances_info + [ { 'id':, 'host_name': item.host_name, 'public_ip': item.public_ip }] }}"
with_items: "{{ all_instances.instances }}"
no_log: true

- name: print instance information
msg: "ECS instance {{ item.host_name }} created, id: {{ }}. IP: {{ item.public_ip }} . URL http://{{ item.public_ip }}/"
with_items: "{{ instances_info }}

Example Task Definition to Create VPC

This example task will create a VPC.

Example Task Definition to Create RDS

This example task will create a RDS.

Example Task Definition to Create SLB

This example task will create a SLB.

Example Skeleton to Create VPC, RDS and ECS

An example skeleton to create VPC, RDS and ECS in one playbook (Notes, you will need to glue each of the above examples together to form one playbook)

    - name: create RDS
.. line skipped ..
- name: create ECS
.. line skipped ..


Written by

Follow me to keep abreast with the latest technology news, industry insights, and developer trends.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store