Set Up OpenVPN Server in AWS EC2 Using Ansible and Docker

In this tutorial, I will show you step by step, how to setup your own OpenVPN server in a AWS EC2 instance using Ansible and Docker containers.

The idea/flow is simple, suppose you have a running EC2 instance, we will perform the following two steps to setup an OpenVPN server in this instance:

1. Use Ansible playbook to install "Docker" and "Docker compose"
2. Pull the kylemanna's openvpn docker image and use "Docker Compose" to run and manage the service.

At the end of this tutorial, you should have a running OpenVPN container service.

Requirements:

• Ansible: 2.4.3.0+
• Docker: 17.12.1-ce+
• Docker compose: 1.21.0

Install "Docker" and "Docker Compose"

Go to the following repository, follow the "README.md" (https://github.com/tonylixu/ansible/blob/master/playbooks/README.md) instructions.
You will need to have a running AWS EC2 instance.
The "task" yaml file:

---

- name: Configure / Update yum packages
  yum:
    name: '*'
    state: latest
    update_cache: yes

- name: install docker
  yum:
    name='docker'
    state=latest

- name: service docker
  service:
    name=docker
    state=started
    enabled=yes

- name: Install Docker Compose
  get_url:
    url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64"
    dest: "/usr/local/bin/docker-compose"
    force: True
    owner: "root"
    group: "root"
    mode: "0755"

The "defaults" yaml file:

---
docker_compose_version: "1.21.0"

Now you should have both "docker" and "docker-compose" installed on the instance.

Install "openvpn" Container

Log into the EC2 instance, I put everything inside "/var/docker-data" as a personal habit. Create a "/var/docker-data/openvpn" directory, go into the newly created directory:

• Download the "docker-compose.yml" from "https://github.com/tonylixu/docker-compose/blob/master/containers/openvpn/docker-compose.yml"
• Follow the set up instructions: "https://github.com/tonylixu/docker-compose/blob/master/containers/openvpn/README.md"

The setup instruction is pretty self-explanatory.
You can check if the container service is running by:

docker-compose ps
 Name     Command    State           Ports
---------------------------------------------------
openvpn   ovpn_run   Up      0.0.0.0:1194->1194/udp

Notes:

Remember to open the port 1194 (or whatever port you use) in the instance's security group.