Using Ansible to Configure Haproxy and update its configuration file automatically each time a new Managed node joins the inventory

For this setup, I will be using my system(Ubuntu) as an Ansible control node and launch 3 VM having CentOS namely Master, Slave 1, and Slave 2 respectively

Master VM (work as a Haproxy node)→ IP(192.168.29.68)

Slave 1 ( 1st load balancer) →IP(192.168.29.125)

Slave 2 (2nd Load balancer) →IP(192.168.29.203)

Hope Ansible is installed on the system, if not install it with the below command

$ pip3 install ansible

Let's have an overview of the Ansible configuration files

The host's file will look like below

The ansible.cfg file will look like below

Next, we will create a "haproxy.cfg" file which is the Haproxy configuration file.

#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   https://www.haproxy.org/download/1.8/doc/configuration.txt
#
#---------------------------------------------------------------------


#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    # to have these messages end up in /var/log/haproxy.log you will
    # need to:
    #
    # 1) configure syslog to accept network log events.  This is done
    #    by adding the '-r' option to the SYSLOGD_OPTIONS in
    #    /etc/sysconfig/syslog
    #
    # 2) configure local2 events to go to the /var/log/haproxy.log
    #   file. A line like the following can be added to
    #   /etc/sysconfig/syslog
    #
    #    local2.*                       /var/log/haproxy.log
    #
    log         127.0.0.1 local2


    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon


    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats


    # utilize system-wide crypto-policies
    ssl-default-bind-ciphers PROFILE=SYSTEM
    ssl-default-server-ciphers PROFILE=SYSTEM


#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000


#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main
    bind *:{{ Haproxy_port }}
    acl url_static       path_beg       -i /static /images /javascript /stylesheets
    acl url_static       path_end       -i .jpg .gif .png .css .js


    use_backend static          if url_static
    default_backend             app


#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
    balance     roundrobin
    server      static 127.0.0.1:4331 check


#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
    balance     roundrobin
{% for hosts in groups['loadbalancer'] %}
    server apps {{ hosts }}:80 check
{% endfor %}

We will create a "var.yml" file in which we have the bind port no. of the server.

Then we will create an "index.php" file, which we print the IP address of the current node in the browser

<pre>
<?php


print `/usr/sbin/ifconfig`;


?>

</pre>

Lastly, we will create an ansible playbook file for setting up the infrastructure. I have created task12.yml file

- name: Configuring loadbalancer
  hosts: loadbalancer
  tasks:
  - name: Installing httpd and php package
    package: 
      name: httpd
      name: php
      state: present
    register: httpd_install


  - name: Start HTTPD Service
    service:
      name: httpd
      state: started


  - name: Copy WebPages
    template:
      src: index.php
      dest: /var/www/html/


- name: Configuring Server
  hosts: server
  vars_files:
  - var.yml
  tasks: 
  - name: Install haproxy package
    package:
      name: haproxy
      state: present


  - name: Copy haproxy config File
    template:
      src: haproxy.cfg
      dest: /etc/haproxy/
    notify: Restart haproxy LB Service


  - name: Start haproxy Service
    service:
      name: haproxy
      state: started


  handlers:
  - name: Restart haproxy LB Service
    service:
      name: haproxy

      
      state: restarted

Once ready will all the file, let's run the playbook with the below command

$ ansible-playbook task12.yml

Now, let’s check the outcome by visiting the Haproxy server IP with the Haproxy port number.

And do some refresh and we will be able to see the second node IP. Thus our setup is working fine.