Arth2020 task12
This article is to explain how to configure a highly automated setup for Reverse proxy i.e Haproxy and update it's configuration file automatically and all the operating system launch on the top of AWS cloud and fetch all the IPs dynamically using ansible dynamic inventory.
Task Description
- 12.1 Use Ansible playbook to Configure Reverse Proxy i.e. Haproxy and update it's configuration file automatically on each time new Managed node (Configured With Apache Webserver) join the inventory.
- 12.2 Configure the same setup as 12.1 over AWS using instance over there.
Introduction
Server automation now plays an essential role in systems administration, due to the disposable nature of modern application environments. Configuration Management tools such as Ansible are typically used to streamline the process of automating server setup by establishing standard procedures for new servers while also reducing human error associated with manual setups.
Ansible offers a simple architecture that doesn’t require special software to be installed on nodes. It also provides a robust set of features and built-in modules which facilitate writing automation scripts.
Ansible dynamic inventory
The dynamic inventory script can do anything to get the data (call an external API, pull information from a database or file, etc.), and Ansible will use it as an inventory source as long as it returns a JSON structure like the one above when the script is called with the --list.
Prerequisites
In order to execute the automated setup provided by the playbook we’re discussing in this article, you’ll need:
- One Ansible control node: an Red Hat 8 machine with Ansible installed and configured to connect to your Ansible hosts using SSH keys. Make sure the control node has a regular user with sudo permissions and a firewall enabled.
- One or more Ansible Hosts: one or more remote Red Hat 8 servers previously set up, these will be work as a managed node.
First configure the ansible dynamic inventory so that we can fetch IPs dynamically. and then launch all the operating system over cloud then third and setup load balancer through haproxy. and my all the files and folder related to this task is in /ansible/arthtask12.2/ folder.
DYNAMIC INVENTORY SETUP
Here you will learn how to set up a dynamic inventory on AWS using boto , ec2.yml and ec2.ini file.
Follow the steps carefully for the setup.
Step 1:
- Install python3 "$ yum install python3 -y"
- Install the boto3 and boto library "$ pip3 install boto3" , "$ pip3 install boto"
step2:
- create a directory "$ mkdir /ansible/arthtask12.2/mydb"
- download ec2.yml and ec2.ini from ansible official dynamic inventory GitHub link in /ansible/arthtask12.2/mydb folder. both the files should be in same folder.
- link :- https://github.com/ansible/ansible/tree/stable-2.9/contrib/inventory
"$ wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.py" "$ wget https://raw.githubusercontent.com/ansible/ansible/stable-2.9/contrib/inventory/ec2.ini "
- make the ec2.py file executable using "$ chmod +x ec2.py"
- open ec2.py file and change env python to python3 in the first line of this file because this python code is written in python2 and now we are using python3 so we need to change it.
step3:
- set environment variable for authentication .
AWS_RGION: <YOUR-AWS-REGION-NAME-HERE> AWS_ACCESS_KEY_ID: <YOUR-AWS-ACCESS-KEY-HERE> AWS_SECRET_ACCESS_KEY: <YOUR-AWS-SECRET-KEY-HERE>
- update this /ansible/arthtask12.2/mydb directory in ansible configuration file and also set aws private_key and user through which you wanted to launch os on aws.
- note:- go to that folder where your private key is there and run "$ chmod 400 <private_key_name"
dynamic inventory configuration is done now u can check using using "$ ansible all --list-hosts"
LAUNCH AWS OPERATING SYSTEM USING ANSIBLE PLAYBOOK
I need three operating system one for haproxy configuration and other two for webserver configuration.
Below is the ansible playbook code for ec2 instances name as play.yml .
vim /ansible/arthtask12.2/play.yml
as we are launching OS so we don't have any IP now , and to use ansible playbook or ad-hock command we need IP as host. so we will use localhost.
while launching ec2 instances we need to give aws-access-key and aws-secret-key which is very critical for us. so, we create a file and set all the variable value in this file
vim /ansible/arthtask12.2/var.yml
aws_access: xxxxxxxx
aws_secret: xxxxxxxxxxxxxxxxxxxxxx
region: ap-south-1
here giving instance - tags is important , we will use it in configuration of haproxy file dynamically.
How to Use this Playbook
The playbook file, containing the tasks to be executed on the remote server.
Run command "ansible-playbook <play book name>" to run this playbook.
now try to ping using "$ ansible all -m ping "
as we have configure dynamic inventory so we don't need to write the IPs of all the operating system in inventory file. dynamic inventory will fetch all the details dynamically.
we can list all the details about all the os using "$ ./ec2.py --list".
we will use these two tag.
operating system setup is done.
CONFIGRATION REVERSE PROXY (WITH APACHE WEBSERVER)
First install haproxy software in your ansible manage node
yum install haproxy -y
now got to the /etc/haproxy and copy haproxy.cfg in your main task folder /ansible/arthtask12.2
now edit this haproxy.cfg file so that it can automatically update on each time new managed node.
now create one more ansible playbook name as main.yml . below is the code
here I am using that tags name which I have fetch using dynamic inventory
tag_name_loadbalancer <I am using this host for haproxy configuration > tag_name_web_server < and this for apche webserver>
we can also check the syntax error using "$ ansible-playbook mail.yml --check"
Now run this playbook main.yml
everything is working good. now we can check load balancer is working or not.
we have configure haproxy in <tag_name_loadbalancer> and this contain load balancer IP which is 15.207.21.111
Now browse https://15.207.21.111:8080/ multiple time .
I have written PHP code to print the IP address of that system . if will browse multiple time https://15.207.21.111:8080/ it will give every time different IP , its means load balancer is working good.
Student at ARTH - The School of Technologies
4 年so impressive ??
Student at ARTH - The School of Technologies
4 年Thank you for sharing ?? Sulekha .
DevOps Engineer at Celebal Technologies
4 年First comment ??