Integration of Haproxy Load-Balancer to Webserver running on AWS

Objective

In this article , I configure webserver on aws cloud and integrate them with haproxy load-balancer that is running in my local VM.

1. Configure the webserver on AWS cloud by ansible-playbook.
2. Automatically configure the HAProxy load balancer using Ansible Playbook.
3. When a new web server is added to the ansible inventory, the HAProxy configuration file should be updated with the new webserver.

Introduction

1. Ansible :- Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration .
2. Webserver :- A web server is software and hardware that uses HTTP (Hypertext Transfer Protocol) and other protocols to respond to client requests made over the World Wide Web. The main job of a web server is to display website content through storing, processing and delivering webpages to users.
3. Load-Balancer :-A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers. Load balancers are used to increase capacity (concurrent users) and reliability of applications. They improve the overall performance of applications by decreasing the burden on servers associated with managing and maintaining application and network sessions, as well as by performing application-specific tasks.

Prerequisites: -Two webserver must be launched on AWS cloud and in security group allow http and ssh .

Step-1 :- Assure connectivity to Controller node to AWS Webserver and Local Load-Balancer

• Initially I configure one webserver on aws and a Load-balancer locally. So webserver user is ec2-user and for load-balancer, I use root user. Then my inventory file be-

• Due to security reason , AWS disabled the root account and provides a pre-created account ec2-user. So to connect with AWS instance , we have to use privilege escalation concept. So my ansible.cfg file be

• When we launch an instance on AWS , then it require a key to login the instance . So we have to copy the key(.pem format) in controller node. We have to change the permission of the key .So we can use it to login the AWS instance and configure them as apache webserver.
• To change permission we use

chmod 400 arthkey.pem

Now check that controller node is connected to webserver and Load-balancer by

ansible all -m ping

We see both are connected to the controller node.

Step-2 Write Play-book

I create a single play-book with two plays .

1. for webserver
2. for load-balancer

• I don't create firewall rule in webserver for port no 80 . Because It is running on AWS cloud and I already add security group that allow http (port 80) and ssh(port 22).
• I added http port 80 rule .Because by default apache webserver works on the port no 80 and added ssh port 22 . Because ansible controller login to webserver by ssh to configure as webserver.
• My webpage index.php. In this code , I use php to run ifconfig command. So we can easily differentiate that from which webserver we are connected and our load-balancer is working fine or not.

<pre>


<?php


print `/usr/sbin/ifconfig`;


?>

</pre>

• This play is apply on Managed node(MN) to configure the MN as Load-balancer.
• I also create firewall rule in webserver for port no 8080 . Because I configure this load-balancer to sent the traffic on port no. 8080 . So client can access the webpage on the load-balancer port no 8080.
• When any new webserver register with the Load-Balancer , then it only updated in Load-Balancer if restart the haproxy service. But when we run play-book , then it always restart the service which impact the performance.
• So we put service task in handlers and notify only if any change(or new webserver register with the load-balancer) occur in the haproxy configuration file.
• The load-balancer configuration file is

Now run the playbook by

ansible-playbook web.yml

• Our playbook is successfully executed and we did not face any error. So it successfully the webserver and load-balancer . We can verify by load-balancer ip:8080 , we able to access webpage of the webserver or not.

Both are working fine.

Step-3 Add new webserver :- To manage the traffic

First I have to update in the inventory file

Now check that controller node has connectivity to new managed node

We can see that new managed node is connected to controller node . So we can configure it as webserver. So when I run playbook

• Now we can verify that the load-balancer is working fine or not . If it is working fine then it split the traffic between these two webserver.

• When I refresh the page, then load-balancer connect to another webserver. We can verify by the help of ip address.

Hence our load-balancer is working fine and we don't need to manually register the webserver to the load-balancer .This issue is resolved by the jinja concept. In the LB configuration file , I use jinja concept . So when any new webserver come , then It automatically register to the load-balancer. We have to just update webserver ip in the inventory file.

Thanks,

Github link:- https://github.com/Ds123-wq/Haproxy-AWS-task-12.2-.git