DEPLOY HAPROXY LOADBALANCER AND WEBSERVER ON TOP OF AWS CLOUD USING ANSIBLE ROLES..

WELCOME

Welcome you all, Here I will cover “HOW TO DEPLOY HAPROXY LAODBALANCER AND HTTPD WEBSERVER ON AWS CLOUD USING ANSIBLE AUTOMATION”. I have tried my best to explain each and every step of this practical very clear. This practical is the Integration of “AWS CLOUD + ANSIBLE + HAPROXY + WEBSERVER”, trust me you gonna like this integration. After reading this article you will see only we have to add webserver on the cluster, the IP of webserver is dynamically update over the Haproxy Configuration file.

First, let’s see what task we have to perform actually:-

TASK DESCRIPTION:-

🔅Create an ansible role myapache to configure Httpd WebServer.

🔅Create another ansible role myloadbalancer to configure HAProxy LB.

🔅We need to combine both of these roles controlling webserver versions
and solving challenge for host ip’s addition dynamically over each Managed
Node in haproxy.cfg file.

PRE-REQUISITE:-

Before jumping into the coding part, here are some basic pre-requisite to understand this task:

• To understand the complete steps of this Task, you should have some basic knowledge of AWS Cloud EC2 Instance, Webserver, LoadBalancer, Ansible ROLE.
• For doing this task, I have used RHEL 8 Linux Operating system as my Controller Node of Ansible. To make it easier I have used Putty program to run my Operating System.
• I have installed Ansible, boto and boto3 tools inside the Controller Node of ansible. Command:-

pip3 install ansible

pip3 install boto

pip3 install boto3

• Make Sure you should have account on AWS Cloud.

PRACTICAL:

Let’s start running the commands & writing the codes…

I have uploaded my Ansible Roles on Git Hub, that you will find at the end of this blog. I will explain each and every bit of this task in this blog so stay tuned:

STEP-1:- Create one workspace or folder inside your Controller Node using this command:-

mkdir /automation

Now all the Files and Roles we will create inside this workspace.

STEP-2:- Inside this workspace, create one folder named as “/role” , and inside this folder run following commands. This commands will create the Ansible Roles inside this directory-

cd /automation

mkdir /role

cd /role

ansible-galaxy init ec2-instance

ansible-galaxy init haproxy

ansible-galaxy init webserver

I have Created three Ansible Roles. One for Launching AWS EC2-instance, Second for Configuring Haproxy Load Balancer and third one is for Configuring HTTPD Webserver.

STEP-3:- We gonna create one local configuration file inside “automation” folder & whatever Ansible commands we want to run in future we will run on this folder. Because then only Ansible will be able to read this Local configuration file & can work accordingly.

Create “ansible.cfg” file inside the “automation” directory and Put this content on it:-

vim ansible.cfg

• Here some common key-word you can see like “host_key_checking”, “roles_path”, “ask_pass”, etc. You should be familiar with this all common keywords as I already mentioned in Pre-Requisite.
• Here is the “private_key_file” keyword is used for aws key pair. When Ansible gonna login to AWS instances to setup K8s via SSH, then it needs the private key file. Also the default remote user of EC2 Instance is “ec2-user”.

STEP-4:- Login to your AWS Account. Search for IAM Service of AWS, service is used to create the New User of our account. Click on Add User and give some limited power and create it. It will provide the Access Key and Secret Key of the user that we will gonna use to log in inside our account using ansible.

STEP-5:- Go to EC2->KEY-PAIRS service and create one new Key Pair with whatever the name you wanna give let’s say- “task19.pem” download it and put it on our workspace. And run this command:-

chmod 400 task19.pem

STEP-6:- Create one vault file of Ansible, where we gonna put all our user credentials like “access_key” and “secret_key”, that ansible use while login. Command:-

ansible-vault create cred.yml

It will ask you to create password, create it and put the credential like that:-

access_key: XXXXXXXXXX

secret_key: XXXXXXXXXXX

Now we are ready to work on Roles.

STEP-7:- Go to “/roles/ec2-instance/tasks” and start editing the “main.yml” file. Here we gonna put all our code for launching the EC2-Instance. Code:-

Have used many variables in this code, value of this variables I putted inside the “/ec2-instance/vars/main.yml”. Screen Shot of this file you will find at last of this step.

• Here I have used “ec2” module of ansible to launch the EC2-INSTANCE. You might be familiar with all the properties that I used inside the ec2 module, if you worked in AWS Cloud before. So I skipping the explanation of this properties.
• Here I used “register” property to store the Output of above module “ec2” in variable named as “instance”. Used “loop” because we have to install three EC2-instances.
• Also used “add_host” module of ansible. This module will dynamically create the Host Group while running the playbook with the name that we provided “groupname”. Used JSON parsing to fetch the IP of the instances that it launched in “host”.

Here I used three add_host, because we have to launch three nodes(Haproxy and two Webserver). So don’t confuse in it.

• Here I used “debug” module of ansible, just for printing the value of the variable. You can skip this part.
• At last have used “wait_for” module, it stops the program till the Public DNS name of the Slave Instance will not come. As we know that the Instance Launching takes some time, that’s why I used this module. It will wait till the SSH comes up.

“/ec2-instance/vars/main.yml”:-

The value of this variable you can find in AWS Cloud Console.

STEP-8:- Go to “/role/haproxy/tasks” and start editing the “main.yml” file. Here we gonna put all the code for configuration of HAPROXY LoadBalancer. Code:-

• Here I used “package” module of ansible to download the HAPROXY software.
• Next just for testing I used “debug” module of ansible. You can skip it.
• Next I copying the configuration file of Haproxy Load Balancer from Controller Node to the Haproxy instance using “template” module of ansible. This conf file you will find in my git hub repo.
• Next “service” module of ansible which start the service of the Haproxy, I used “restarted” because I changed something in conf file of Haproxy.

Now Here is the interesting part comes, How we will update the conf file of Haproxy where we have to put the IP’s of our webservers. For this I used JINJA language, used “For Loop” for doing this. Let’s see the conf file:-

“/role/haproxy/template/haproxy.cfg”:-

• Here I used “8080” as my loadbalancer port number, you can choose whatever you want but make sure that number is not in used.
• “groups[‘ec2_server’]”, we store the webservers host inside the ec2_server group. “hostvars” is the builtin variable of ansible where they store all the information about the “hostgroups”. “inverntory_hostname” is the magic variable of ansible, where it store the IP’s of the nodes.
• So when first time loop start it will fetch — “hostvars[groups[‘ec2_server’][0][‘inventory_hostname’]”, 0 means first host of the group, means first webserver.
• when second time loop start it will fetch — “hostvars[groups[‘ec2_server’][1][‘inventory_hostname’]”, 1 means second host of the group, means second webserver.

NOW WE JUST HAVE TO LAUNCH THE NEW WEBSERVER, THE IP WILL AUTOMATICALLY UPDATE INSIDE THE CONF FILE, USING THE HOSTVARS.

STEP-9:- Go to “/role/webserver/tasks” and start editing the “main.yml” file. Here we write the code for configuring the webservers. Code:-

• Here I used “package” module of ansible to download the HTTPD Webserver software and PHP software.
• Next if you are familiar with the httpd web-server, you should know that the httpd server only reads the web-pages from one directory only that is “/var/www/html”. Here I copying my Web Page “index.php” from Controller node to the web-server directory. This web-page is present inside — “/role/haproxy/template/index.php”:-

Here I putted the php code, which shows the IP of the webserver as an output.

• Next “service” module, which restart the service of my webserver.

STEP-10:- Now it’s time to create final playbook that will gonna run all our Roles. Create one playbook inside the workspace “automation”.

• Using the “hostname” we gonna run all the roles.

STEP-11:- Command to run the playbook:-

ansible-playbook execute.yml --ask-vault-pass

If your Roles don’t have any error and all the Steps you configured properly, then you will get this output:-

Finally our playbook has run successfully, you can go inside the AWS Cloud and see the instances has launched or not.

STEP-12:- Connect to the Haproxy Instance, and see all things are updated or not:-

• Here you can see, haproxy is successfully installed and service is also running.
• You can use this command — “vim /etc/haproxy/haproxy.cfg” to see the conf file is updated or not.

STEP-13:- Connect to the webserver instance and see all things are updated or not:-

• Here you can see httpd is installed, service is started and the server directory is also updated with the code.

STEP-14:- Now use the public Ip of the load-balancer and the port number that you updated inside the conf file, and put it on browser to see the magic of this integration:-

URL- http://public_ip:8080

• Here you can see my Load Blancer IP is “63.0.3.110” and port number “8080”. Here from my browser I’m connecting to the haproxy, here you can see the out IP is “172.31.42.131” which is the IP of my one webserver. Now if you keep refreshing the page you can see the IP will change to “172.31.45.86” which is the IP of my other webserver. This is the power of load balancing.

GIT HUB REPO FOR YOUR REFERENCE:-

Sarvjeet-Jain/ANSIBLE_WEBSERVER_HAPROXY_AWS

HURRAY FINALLY WE INTEGRATED ALL THE TECHNOLOGIES AND COMPLETED OUR TASK…

IT MIGHT LOOK SIMPLE BUT TRUST ME IT’S NOT. IT ALMOST TOOK 2 DAYS AND 60+ INSTANCE LAUNCHED TO COMPLETE THIS TASK….

THANK YOU SO MUCH FOR READING THIS ARTICLE. AND FOR MORE SUCH TYPE OF ARTICLE STAY CONNECTED.

Don’t forget to go through my Linkdin profile:-

Sarvjeet Jain - Arth Learner - ARTH - The School of Technologies | LinkedIn