Task3: ANSIBLE ( Deploying Load Balancer and Webservers on AWS)
Nilesh Gopale
Associate Software Engineer @Veritas Technologies LLC | Building Kubernetes Protection | Top 1% @Leetcode | Specialist @Codeforces
? Task : Deploy a Load Balancer and Multiple Web Servers on AWS via ANSIBLE !
?Provision EC2 instances through ansible.
?Retrieve the IP Address of instances using the dynamic inventory concept.
?Configure the web servers through the ansible roles.
?The target nodes of the load balancer should auto-updated as per the status of web servers.
Note : On just one click entire environment will launched and also be Ready!!
Let see some theoretical part before procedding :
1.What is Ansible..?
Ansible is a software tool that provides simple but powerful automation for cross-platform computer support. It is primarily intended for IT professionals, who use it for application deployment, updates on workstations and servers, cloud provisioning, configuration management, intra-service orchestration, and nearly anything a systems administrator does on a weekly or daily basis.
2.How Ansible Works..?
In Ansible, there are two categories of computers: the control node and managed nodes. The control node is a computer that runs Ansible. There must be at least one control node, although a backup control node may also exist. A managed node is any device being managed by the control node.
Ansible works by connecting to nodes (clients, servers, or whatever you're configuring) on a network, and then sending a small program called an Ansible module to that node. Ansible executes these modules over SSH and removes them when finished. The only requirement for this interaction is that your Ansible control node has login access to the managed nodes. SSH keys are the most common way to provide access, but other forms of authentication are also supported.
3.Ansible with AWS
When we deploy an application into AWS, we will soon realize that the cloud is much more than a collection of servers in someone else's data center. We now have a fleet of services available to we to rapidly deploy and scale applications. However, if we continue to manage AWS like just a group of servers, we won’t see the full benefit of our migration to the cloud. Ansible automation can help us manage your AWS environment like a fleet of services instead of a collection of servers.
? Pre-Requisites:
1.Installed boto/boto3
2.AWS account
3.Installed Ansible.
4. Installed Haproxy
Now let's Start the practical:
*Here I'm checking the ansible version
* Now ping to localhost
For launching the aws instances we need to write playbook for it , but for that we need asw secret credentials , here i'm creating a secure.yml file have aws secret credentials which is secure no one can access it without password
Now I'm creating a playbook for launching ec2-instances which provision 3 webserver and one load balancer.
- hosts: all
vars_files:
- secure.yml
tasks:
- name: provision ec2 instance on aws
ec2:
key_name: "mykey1122"
instance_type: "t2.micro"
image: "ami-0ebc1ac48dfd14136"
wait: true
count: 3
instance_tags:
Name: webserver
vpc_subnet_id: "subnet-859beec9"
assign_public_ip: yes
region: "ap-south-1"
state: present
group_id: "sg-0e08239d5c6c04317"
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
register: x
- debug:
var: x
- name: provision ec2 instance on aws by using ansible
ec2:
key_name: "mykey1122"
instance_type: "t2.micro"
image: "ami-0ebc1ac48dfd14136"
wait: true
count: 1
instance_tags:
Name: loadbalancer
vpc_subnet_id: "subnet-859beec9"
assign_public_ip: yes
region: "ap-south-1"
state: present
group_id: "sg-0e08239d5c6c04317"
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
register: y
- debug:
var: y
Before Launching the playbook, you can check/see there is no aws ec2-instance running in my aws account.
And just after the running ansible playbook ,it will launch 3 webserver(instances) and one loadbalancer(instance) on aws.
Here you can see the playbook is launched successfully without any error.
Here you can see launched instances on aws successfully,with one loadbalancer and 3 webserver.
Now the time to fetching ip of instances from aws by using ec2.ini and ec2.py file
here bothe files are succefully downloaded . Now transfer your aws key from your system to linux by using WinSCP and make it executable .Also make ec2.ini and ec2.py file executable.
Here you can see i have successfully retrieve the dynamic IP of EC2 instances by exporting ini path,ansible host,aws region,aws access key, asw secret key.
? Inventory File:
Note: Here I have make all inventory files configuration in single ansible.cfg file
1. Inventory = /etc/myhost.txt is for launching aws instances by using ansible-playook.
2. Inventory= ec2.py for fetching the ip from aws dynamically.
3. Inventory = /etc/ansible/myhost.py for creating the dynamic invetory of instances . I'll describe it below.
Now check that all hosts are pingable or not by using ec2.py inventory.
Here all the hosts are pinging , that means we have connectivity between them ,now we can proceed.
Now here i'm going to make a python file to create dynamic inventory of aws instances with node webserver and loadbalancer, like it will arrange all webservers in one node and loadbalancer in one node.
*Here you can see the configuration of that file , hoe it fetch that particular ip and arrange it in respective group.
*Heree you can see the ip's arranges successfully in respective groups. Now we can proceed further.
*Here i'm creating a roles path as /etc/myroles and some privilege escalation rules also.
*Here myroles path is created.
Here you can see role path is successfully initialised.
*Here you can see there is nothing in myroles.Now I'm going to create two roles one is webserver and another one is loadbalancer by "ansible-galaxy init" command.
Here you can see two roles are created successfully.
Now I'm going to inside the webserver role and then in the task folder, here i'm editing main.yml file .
---
# tasks file for webserver
- name: install httpd service
package:
name: "httpd"
state: present
- name: copy webcontent
copy:
content: "output from {{ ansible_hostname }}"
dest: /var/www/html/index.html
- name: start httpd services
service:
name: "httpd"
state: started
Now i'm going to handlers file of loadbalancer role's for setting the haproxy restarted.
---
# handlers file for loadbalancer
- name: lb restart
service:
name: "haproxy"
state: restarted
task file of loadbalancer for installing haproxy loadbalancer , setting the notify parameter in config file and restarting the services.
---
# tasks file for loadbalancer
- name: installing haproxy software
package:
name: "haproxy"
state: present
- name: copy file
template:
src: "/etc/haproxy/haproxy.cfg"
dest: "/etc/haproxy/haproxy.cfg"
notify: lb restart
- name: start lb
service:
name: "haproxy"
state: started
Now im going to haproxy.cfg file .
Here i am using jinja2 embedded code for dynamically fetch or register the webserver ip with haproxy loadbalancer.
Now create one playbook for play all this task together.Here i am creating a one playbook for this task.
- hosts: webserver roles: - role: webserver - hosts: loadbalancer roles: - role: loadbalancer
Here our all set-up of creating loadbalancer on aws is ready , now we can run this playbook.
Here you can see all the tasks run successfully without any error ,also it installed the respective software in instances and started it ,copying the content from source to destination.
Now check it manually.
Here you can see that haproxy is running in loadbalancer .
You can see here it is created successfully.
? Output:
By seeing this output we can conclude that , haproxy work properly in loadbalancer.
Hope it will helpful to you...If in case is any suggestion then please DM me or comment below.
Thank you for reading!!
GitHub URL: https://github.com/Nilesh1206/Ansible_Task3