Ansible Role automation for HAProxy server

For this task, I am using the ansible ec2 inventory plugin. This is easy to configure and this allows us to get dynamic inventory and all you need to do is to create a yaml file like below

plugin: amazon.aws.aws_ec2
regions:
— ap-south-1
keyed_groups:
— key: tags
prefix: tag
hostnames:
— ip-address

For more details, check my other HAproxy setup blog where I described about this plugin AWS EC2 with HAProxy and Apache Httpd for load balancing | by Meherchaitanya | Medium

Now we need to launch 3 instances in AWS. You can use any method but I am not gonna discuss about it now. I choose Amazon Linux for this practical but it is better to choose any RedHat based OS for this practical.

Now after creating the instances, we should allow the Ansible node to be able to access the cloud instances. so we use the pem file and add the identity to with the below commands.

Add pem file to ssh for accessing the ec2 nodes

Now we code the roles. To create the roles, we use command ansible-galaxy role init ROLE_NAME . I choose the names smc181002.lbserver and smc181002.webserver for HAproxy and Httpd respectively.

LB server

---
# tasks file for lbserver
- name: install haproxy
package:
name: haproxy
state: present
- name: copy conf file to load-balancer server
template:
src: haproxy.cfg
dest: /etc/haproxy/haproxy.cfg
notify: lb-restart
- name: start haproxy
service:
name: haproxy
state: started
  • In the above task file, in the first task, we install the haproxy software with package module from ansible
  • Then we copy the haproxy file to the haproxy server instance which have the list of the webserver IPs created directly with the help of jinja2 templating. We use the ansible variable called groups which is a dictionary of the inventory IPs which we will use here to loop to create dynamic file. Below is the file haproxy.cfg in the /templates folder. we will give the user to provide the variables like proxy_port
// some config above...
frontend main
bind *:{{proxy_port}}
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .jsuse_backend static if url_static
default_backend appbackend static
balance roundrobin
server static 127.0.0.1:4331 checkbackend app
balance roundrobin
{%for app_url in groups['tag_Name_webserver']%}
server app1 {{ app_url }}:80 check
{%endfor%}
  • After doing the copying, the config file will be changed. so we add a handler to run when the code changed. Below is the handler code in file /handler/main.yml
---
# handlers file for lbserver
- name: lb-restart
service:
name: haproxy
state: restarted
  • Now we need to start the lbserver for the server to work with service module from ansible

Web Server

The webserver code is fairly simple. Below is the code

---
# tasks file for webserver
- name: install httpd server
package:
name: httpd
state: present
- name: create index.html file
template:
src: index.html
dest: /var/www/html/
- name: start httpd server
service:
name: httpd
state: started
  • We first install the httpd server with the package module
  • Then we copy the index.html to the webserver
<!-- index.html -->
<h1>This index page comes form {{ ansible_hostname }}</h1>
  • After this, we start the httpd service to launch the webserver with the service package

Since the HAproxy uses the roundrobin method for balancing the load we can see the 2 IPs loop when we refresh each time

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store