Ansible — Configuring Load balancer with HaProxy using AWS EC2 instances
What is HAProxy?
HAProxy is free, open source software that provides a high availability load balancer and proxy server for TCP and HTTP-based applications that spreads requests across multiple servers. It is written in C and has a reputation for being fast and efficient.
So let’s start our journey!!
First of all, Install boto software
Boto is the Amazon Web Services (AWS) SDK for Python. It enables Python developers to create, configure, and manage AWS services, such as EC2 and S3. Boto provides an easy to use, object-oriented API, as well as low-level access to AWS services.
pip3 install boto
Create Ansible Playbook for both webservers and loadbalancer.
Here we have created 3 webservers and 1 load-balancer in the ap-south-1(Mumbai Region) and the access key and secret key for authentication are placed in one file.
Before creating ansible playbook for aws instance create vault encryption security for the access key and secret key variables file.
Here we have encrypted file with passwords. Let us check whether it shows us password without asking vault password. It will not show file content without asking vault password.
3- Launch Webservers and Load Balancer by running Ansible Playbook.
Open aws account and see whether they have launched or not.
4- Next Step is to retrieve IP Address of instance using dynamic inventory concept.
For this we need to download ec2.py and ec2 using wget command from github repositories.
https://github.com/Rahulkprajapati/ansible-aws-httpd/tree/master/ansible-aws/webserverExport some variables to fetch information about instances
export EC2_INI_PATH=path_of_ec2.ini_file
export AWS_ACCESS_KEY_ID="aws_access_key"
export AWS_SECRET_ACCESS_KEY="aws_secret_key"This will authenticate our os to aws ec2 services and fetch public IP address of ec2 dynamically.
5- Now we have to set the inventory according to this ip.
Here, inventory is present at /etc/myinventory.txt and I already copy the key from windows to Virtual Machine by using WinScp.
6- Give location of inventory in ansible configuration file.
To access/ authenticate we need private key, so we give location of our private key by copying into our os using winscp. Ansible uses existing privilege escalation systems to execute tasks with root privileges or with another user’s permissions. Because this feature allows you to ‘become’ another user, different from the user that logged into the machine , we call it become.
7- Check whether we have ssh connectivity to all hosts.
8- Create two roles one for load balancer and one for web server.
We are here creating role called webserver and lbserver.
ansible-galaxy init webserver
ansible-galaxy init lbserver
9- Write task for webservers.
In this tasks, we are first installing httpd software then copy webpages to the document root of httpd and then starting httpd services.
10- Install HAProxy software.
Here we are installing it using yum installation method.
yum install haproxy -y11- Change haproxy configuration file.
Here we bind our frontend main to the port 8080 so that users will come on this port to access webpages of website. In the bottom, we used for loop for starting backend service to number of webservers and used port address translation with port 80 as httpd works on 80.
12] Write playbook for Load Balancer.
Here we installed haproxy software into the load balancer instance and copy configuration file to the and at the end we start haproxy service.
13] Write Playbook for running both roles created previously.
Run this playbook
14- Check whether the httpd services are started or not in webserver instances.
15- Check whether our load balancer is working or not.
