Use Ansible playbook to Configure Reverse Proxy i.e. Haproxy and update its configuration file automatically each time a new Managed node joins the inventory. Configure this setup over AWS using its EC2 instances. (Using the concept of Dynamic inventory)
We’ll see how to configure the HAProxy and Apache web server on the AWS EC2 instances using Ansible.
For reference, you can read my article stating how to launch this setup on local machines like Oracle Virtual Box VM’s.
Configure Reverse Proxy i.e.
This article will give you an idea of how can you use jinja templating to make a dynamic configuration file for…
I’ll take this article as a reference to launch the setup over AWS.
We’ll follow the given approach:
- Step 1: Provision OS for Web Servers and Load Balancer.
- Step 2: Find the IP addresses using the Dynamic Inventory.
- Step 3: Configure the Apache HTTPD and HAProxy.
Let’s start with Step 1 of the process.
Step 1: Provision OS for Web Servers and Load Balancer.
For this, we use the concept of API of AWS cloud using the ec2 module of ansible. We run these tasks on localhost as the target node of ansible.
Before running the playbook, we need to install the boto library which is Python SDK for AWS.
pip3 install boto3
Now, this playbook will use AWS API, so we need to provide an AWS AMI access key and secret key. Hence, we store these values as variables in a separate file and use Ansible-vault to lock this file.
- create the ansible-vault file as keys.yml
- Create the playbook now as provision_os.yml
- Now, finally, run the playbook to launch the EC2 instances
Three instances launched successfully, 2 for the backend web server and 1 for the load balancer.
Step 2: Find the IP addresses using the Dynamic Inventory.
Theory about the Dynamic Inventory:
We know about the static inventory where we directly write the IP addresses along with the username and password. But we also have a way of creating the Inventory dynamic. Ansible supports the files with .py extension as inventory file, so we create a python script that would go to AWS and find the IP addresses using the boto3 SDK, which we already installed using pip3.
Fortunately, many contributors have already written and open-sourced such codes for dynamic inventory which we’ll use.
One of the sources is:
We will use these files for dynamic inventory with some modifications.
Download these using the following commands in a folder called inventory which we will later use in ansible’s conf file:
wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.pywget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.ini
Now, as specified in the documentation for this file of ec2.py, we’ll need to create Environment Shell Variables which will be used by these files as follows:
export AWS_ACCESS_KEY_ID='AK123(Your Access Key)'
export AWS_SECRET_ACCESS_KEY='abc123(Your Secret Key)'
export AWS_REGION='ap-south-1(Your Region id)'
Now, provide the location of key-pair, inventory, and privilege escalation in the ansible.cfg file.
That’s it. Now, we can check the IP addresses on runtime dynamically with or without using tags.
IP for load balancer is 220.127.116.11
IP for webservers are 18.104.22.168 and 22.214.171.124
Step 3: Configure the Apache HTTPD and HAProxy.
Now, we run the playbooks
Now, we can access the website using Load Balancer’s IP:
We can see the Load Balancing happening.
That’s all for this article. Thank You. :)