Creating a HaProxy LoadBalancer Cluster on AWS using Ansible as Automation Tool

What is Ansible?

What is “HA-Proxy”?

Pre-Requistes for this creation :

  • IAM role in AWS
  • Pre-Installed Ansible on a system to run playbooks and other stuff –
  • tasks directory is for containing the main file/playbook.
  • cars directory is for storing variables.
  • templates directory is for storing templates written in jinja format.
    There are other folders also which have different uses.
# chmod +x ec2.py
# chmod +x ec2.ini
Initial Image
Changes made
# ./ec2.py --list
2nd line will be commented
# ansible all --list-hosts
# chmod 400 ansibletask3key.pem
# ansible-galaxy init lb
# ansible-galaxy init webserver
# ansible-galaxy role list
  • Firstly, I am configuring webserver role, following are the editing you can do by going to described directories :
tasks/main.yml
-
# tasks file for webserver
- name: install httpd
package:
name: "httpd"
state: present
- name: copy content
copy:
content: "Task3 Successfully completed\n, hello from {{ ansible_hostname }} "
dest: /var/www/html/index.html
notify: restart service
- name: service httpd start
service:
name: "httpd"
state: started
enabled: yes
handlers/main.yml
# handlers file for webserver
- name: "restart service"
service:
name: "httpd"
state: restarted
  • Now, we will be configuring “lb” role, following are the editing you can do by going to described directories:
tasks/main.yml
---
# tasks file for lb
- name: "installing haproxy"
package:
name: "haproxy"
state: present
- template:
src: "haproxy.j2"
dest: "/etc/haproxy/haproxy.cfg"
notify: "restart service"- service:
name: "haproxy"
state: started
enabled: yes
handlers/main.yml
---
# handlers file for LB
- name: "restart service"
service:
name: "haproxy"
state: restarted
templates/
haproxy.j2
---
# handlers file for webserver
- name: "restart service"
service:
name: "httpd"
state: restarted
[root@ansiblecn ansibletask3]# cat lb/templates/haproxy.j2
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# https://www.haproxy.org/download/1.8/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
# utilize system-wide crypto-policies
ssl-default-bind-ciphers PROFILE=SYSTEM
ssl-default-server-ciphers PROFILE=SYSTEM
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main
bind *:2629
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
{% for webserver in groups["tag_Name_Ansible_WebServer"] %}
server app {{ webserver }}:80 check
{% endfor %}
# vi vault.yml
# ansible-vault encrypt vault.yml
- hosts: localhost
gather_facts: false
vars_files:
- vault.yml
tasks:
- name: "installing boto"
pip:
name: "boto"
executable: pip3
- name: "installing boto3"
pip:
name: "boto3"
executable: pip3
- name: "creating security group"
ec2_group:
aws_access_key: "{{ ak }}"
aws_secret_key: "{{ sak }}"
name: 'launch-wizard-1'
description: 'sg with rule descriptions'
vpc_id: 'vpc-224d514a'
tags:
Name: "task3-sg"
region: "ap-south-1"
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rule_desc: allow all on port 22 for ssh
- proto: tcp
cidr_ip: 0.0.0.0/0
ports:
- 80
rule_desc: allow all on port 80 for webserver
- proto: tcp
cidr_ip: 0.0.0.0/0
ports:
- 2629
rule_desc: allow all on port 2629 for loadbalancer
rules_egress:
- proto: all
from_port: 0
to_port: 0
cidr_ip: 0.0.0.0/0

- name: "LoadBalancer"
ec2:
count: 1
image: "ami-0ebc1ac48dfd14136"
instance_type: t2.micro
region: "ap-south-1"
wait: yes
instance_tags:
Name: Ansible_LoadBalancer
group: "launch-wizard-1"
key_name: "ansibletask3key"
state: present
aws_access_key: "{{ ak }}"
aws_secret_key: "{{ sak }}"
- name: "webserver"
ec2:
count: 3
image: "ami-0ebc1ac48dfd14136"
instance_type: t2.micro
region: "ap-south-1"
wait: yes
instance_tags:
Name: Ansible_WebServer
group: "launch-wizard-1"
key_name: "ansibletask3key"
state: present
aws_access_key: "{{ ak }}"
aws_secret_key: "{{ sak }}"
# ansible-playbook ec2.yml --ask-vault-pass
# ansible-playbook lbcluster.yml
# ./ec2.py --list
In this image, you can see that 3rd and 4th group contains our VM’s IP

Github URL :

--

--

--

I am a student and persuing under graduation in computer science and engineering.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Next Step for Reactive Android Programming

Best and free note-taking app for beginners — CherryTree [Increased Productivity]

Python vs. Java: Differences | Career Karma

CRUD Operation With ASP.NET Core MVC Using ADO.NET and Visual Studio 2017

Roobykon Ruby Digest: Issue 15

Space Assault: JavaScript project

Easily create a ChatBot for Telegram using Node-RED and RedBot

OPENCV FOR BEGINNERS

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Akhilesh Jain

Akhilesh Jain

I am a student and persuing under graduation in computer science and engineering.

More from Medium

DevOps Tools in AWS

WordPress and MySQL in Kubernetes Cluster on AWS

Setup Jenkins CI/CD pipeline to deploy Node.js to AWS EC2 [Part 1]

Setup Jenkins on AWS Linux EC2 Instance