✍ DEPLOY HAPROXY LOADBALANCER AND WEBSERVER ON THE AWS CLOUD USING ANSIBLE DYNAMIC INVENTORY CONCEPT :
HELLO EVERYONE✌✌,
In this article, I will demonstrate How we can setup Haproxy Loadbalancer and Webservers on AWS Cloud using Ansible Dynamic Inventory Concept.
And I will also show how to create your own customized Roles on Ansible. So , At the last we will configure HTTPD Web Server on that EC2 Instance using Ansible Role.
✍TASK DESCRIPTION :
We can Deploy Web Server on AWS through our ANSIBLE PlAYBOOK!
🔅Create an ansible role myapache to configure Httpd WebServer.
🔅Create another ansible role myloadbalancer to configure HAProxy LB.
🔅We need to combine both of these roles controlling webserver versions and solving challenge for host ip’s addition dynamically over each Managed Node in HAProxy.cfg file.
⚠️ NOTE: It is a compulsory Individual task.
But before starting let’s understand some basic terms.
✍WHAT IS THE USE OF ROLES IN ANSIBLE ?
Roles provide a framework for fully independent, or interdependent collections of variables, tasks, files, templates, and modules.
In Ansible, the role is the primary mechanism for breaking a playbook into multiple files. This simplifies writing complex playbooks, and it makes them easier to reuse.
✍WHAT IS AN ANSIBLE GALAXY ROLES ?
Ansible Galaxy is a repository for Ansible Roles that are available to drop directly into your Playbooks to streamline your automation projects.
It is easy to get up and running with Ansible. Even a new sysadmin could start automating with Ansible in a matter of a few hours. Ansible automates using the SSH protocol.
✍WHAT IS LOAD BALANCER ?
Load balancing is defined as the methodical and efficient distribution of network or application traffic across multiple servers in a server farm.
Each load balancer sits between client devices and backend servers, receiving and then distributing incoming requests to any available server capable of fulfilling them.
Before doing any practical implementations It’s a good practice to create one directory to store all the files.
This directory is also known as our Workspace. In my system I created one workspace called “task15”. I am putting everything in this workspace and at the end of this article I will provide the GitHub link, from where you can download this workspace and use it.
✍PREREQUISITE :
✅ For basic of an ansible setup on AWS cloud you can also visit my recent blog for more clarity.
✅ In this blog we have to know How to provision EC2 instance using Ansible.
To Reference for enhancing the understanding and integrating with the public cloud with the concept of dynamic inventory:-
So, Without wasting your time let’s start our practical demonstration part….
👉STEP : 1
We have to be launch these instances using our ansible-playbook.
Then, we have to first create a role inside ControllerNode.
Create two roles one for LoadBalancer and another for Webservers.
To Set the webservers and loadbalancers inside ansible hosts.
# vim ip.txt[loadbalancer] 13.233.206.110 [Webserver] 3.7.69.24
13.235.79.168
👉STEP: 2
👉TO CREATE ANSIBLE CONFIGURATION FILE :
# vim /etc/ansible/ansible.cfg👉TO SEE THE DATA OF THE CONFIGURATION FILE :
# cat /etc/ansible/ansible.cfg👉TO SEE THE WHOLE DATA INSIDE THE CONFIGURATION FILE :
[defaults]
inventory = /root/ip.txt
host_key_checking = False
roles_path = /root/ansible_roles
private_key_file = /root/aws_ansible.pem
remote_user = ec2-user
ask_pass = false
[privilege_escalation]
become = true
become_user = root
become_method = sudo
become_ask_pass = falseI have already “aws_ansible.pem” key for ssh login in my system. If you don’t have then put here.
👉STEP : 3
create a role folder mkdir /root/ansible_roles all the roles will be inside this roles folder.
# ansible-galaxy init webserver ---> role created for Webserver
# ansible-galaxy init loadbalancer ---> role created for LoadBalancer
👉NEXT :
👉NEXT :
👉STEP : 4
After creating the roles go into the webserver role and in that go to the tasks folder and add the below tasks into the main.yml file:-
# vim main.yml- name: TO INSTALLING THE HTTPD INSTALLING HTTPD
package:
name: httpd
state: present- name: TO INSTALLING THE PHP SOFTWARE
package:
name: php
state: present
- name: TO COPY INDEX.PHP TO THE HTTPD DOCUMENT ROOT
tempalte:
src: index.php
dest: /var/www/html/index.php - name: TO STARTING THE HTTPD SERVICES service:
name: httpd
state: started
👉STEP : 5
Now, create the index.php file in templates folder in myapache role with below contents:-
# vim index.php<pre>
<?php
print `/usr/sbin/ifconfig`;
?>
</pre>
👉STEP : 6
Now, go into the loadbalancer role and in that go to the tasks folder and add the below tasks into the main.yml file:-
# vim main.yml# tasks file for loadbalancer - name: TO INSTALL THE HAPROXY
package:
name: haproxy
state: present - name: TO CONFIGURE THE HAPROXY BY COPYING HAPROXY.CFG FILE
template:
src: haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
notify:
- restart_haproxy service:
name: haproxy
state: started
👉STEP : 7
Go to the handlers folder in loadbalancer and add the following content:-
# vim main.yml# handlers file for loadbalancer- name: TO RESTARTING THE HAPROXY SERVICES
service:
name: haproxy
state: restarted
👉STEP : 8
Now, go to the templates folder in loadbalancer, create haproxy.cfg.j2 file and add the following content in it:-
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# https://www.haproxy.org/download/1.8/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
# utilize system-wide crypto-policies
ssl-default-bind-ciphers PROFILE=SYSTEM
ssl-default-server-ciphers PROFILE=SYSTEM
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main
bind *:8080
acl url_static path_beg -i /static /images /javascript /styleshe ets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
{% for i in group['webserver'] %}
server app {{loop.index }} {{ i }}:80 check
{% endfor %}👉STEP : 9
Now, let us create an Ansible Playbook to call these roles. For this, create a YAML file and add following contents in it:-
# vim task15.yml- hosts: Webserver
roles:
- webserver - hosts: loadbalancer
roles:
- loadbalancer
👉STEP : 10
Finally, lets run the ansible playbook. You will get an output like below:-
# ansible-playbook task15.yml
👉STEP : 11
Now we can check the weather our load balancer is working fine or not. Take public IP of load balancer with port 8080 (binding port).
Lets try to connect to the loadbalancer IP using browser. You will see something like this:-
As you can see above, the Private IP address is changing even though the IP Address in URL is same. Let us add third instance and check if the HAProxy detects it or not.
Here is the third instance which we added afterwards:
As you can see, the IP Address in the URL bar is still the same, but after adding the new instance in inventory and re — running the playbook, the third webserver is also detected and added in the configuration on loadbalancer by using ansible roles.
Finally I have successfully completed my this task. Thank you Vimal Daga sir for giving me such a great task. Sir your mentorship is a God gift for me to enhance my skills and I am very blessed because you are my mentor.
So guys, In the upcoming days I am going to be publish a lots of blogs and articles on different different automation tools and other technologies, So definetely follow me on Medium as well as on linkedIn.
I have also provide the link of my GitHub repository for this task which is given below for your reference.
So, Here is my linkedIn profile if you have any queries definitely comment below or DM me on linkedIn.
SEE YOU IN THE NEXT BLOG WITH MORE AMAZING TASKS.
