Using Ansible playbook to Configure Reverse Proxy i.e. Haproxy and update it’s configuration file automatically on each time new Managed node (Configured With Apache Webserver) join the inventory.
Prerequisite
- Basics of Ansible
- Configuring Haproxy server manually.
Environment Setup
- 1 VM as Ansible Controller node —here, in my case ip : 192.168.1.5
- 2 VM as WebServer — here, ip’s : 192.168.1.10 and 192.168.1.8
- 1 VM as Haproxy Server — ip: 192.168.1.2
Steps to be followed to achieve this task :
First of all, we need to update our inventory. Here, we can create group of host according to their functions. Example: We can group webserver ip and give its group name as web.
Configuring WebServer [192.168.1.10 and 192.168.1.8]
- Create a folder
- Mount CDROM to that folder
- Configure yum
- Install php software for sample testing php website
- Install httpd software
- copy content of webpage to Document Root
- Start web service
- Configure firewall to access port 80(by default port for webserver)
Configuring Haproxy server [192.168.1.2]
8. Yum configuration as above. i.e step 1,2 and 3
9. Install haproxy
10. Configure /etc/haproxy/haproxy.cfg file
11. Start haproxy service
Lets jump to the fun part i.e writing ansible code.
Here is the code for configuring Webserver
- hosts: web
tasks:
— name: “Creating a directory for mounting CDROM”
file:
path: “/dvd”
state: directory
— name: “Mounting CDROM”
mount:
path: “/dvd”
src: “/dev/cdrom”
fstype: iso9660
state: mounted
— name: “Configuring yum AppStream repo”
yum_repository:
baseurl: “/dvd/AppStream”
name: “dvd1”
description: “yum dvd1”
gpgcheck: “no”
— name: “Configuring yum BaseOS repo”
yum_repository:
baseurl: “/dvd/BaseOS”
name: “dvd2”
description: “yum dvd2”
gpgcheck: “no”
— name: “Install httpd”
package:
name: “httpd”
state: present
— name: “Install php”
package:
name: “php”
state: present
— name: “Copying index.php file to document root”
copy:
dest: “/var/www/html/index.php”
src: “index.php”
— name: “Starting service”
service:
name: “httpd”
state: restarted
— name: “Disabling firewall at port 8080”
firewalld:
service: “http”
permanent: yes
state: enabled
The sample php code prints the IP address of the OS.
<pre>
<?php
print `/usr/sbin/ifconfig`;
?>
</pre>
After running the playbook, we can confirm that our website is up and running.
Now, lets start writing code for configuring Haproxy server, which will have the above two created webserver as their backend servers.
So, here we will make use of Jinja Templating and ansible template module. We have take a copy of haproxy.cfg file and append the IP address of the backend server with the app number at the end of this file. So, we can get IP address using ansible groups variable.
- hosts: haproxy
tasks:
— name: “Installing haproxy”
package:
name: “haproxy”
— name: “Configuring /etc/haproxy/haproxy.cfg file”
template:
dest: “/etc/haproxy/haproxy.cfg”
src: “haproxy.cfg”
— name: “Starting haproxy service”
service:
name: “haproxy”
state: started
In haproxy.cfg file, run a for loop to get all the IP from inventory using groups variable. Group variable references a particular group host and list all the IP from that group.
groups[“web”] → Fetches all the IP address of the Web Group from inventory file. So, now whenever new IP/new server want to get appended we just have to write IP address in the Inventory file.
Github URL for code : https://github.com/tiru-patel/Ansible/tree/main/Haproxy-LoadBalancer%20configuration%20using%20Ansible
So, now we can access the Haproxy IP from browser using the 8080 port as configured and can see that it works as a load balancer.
Once you refresh the page, you can see that the load balancer calls the other website as it works on Round Robin Algorithm.
