Ansible Playbook to Configure Reverse Proxy and Apache webserver in AWS EC2 Instances
In this blog we will create a high availability environment for web servers, so that if there is excess load on one server, it will redirect it to the other server which is a replica of the first server. So that load between the server can be kept balanced, and there would be little to very less threat of server down or server failure.
Prerequisite:
To get better insight on the reverse proxy configuration, check out the below mentioned blog:
How to write a Ansible Playbook to Configure Reverse Proxy and Configure it with Apache Webserver?
Launch AWS EC2 for Haproxy configuration:
While launching the instances allow all traffic (In security group), so that ansible can communicate with other instances. Keep the instances in the same subnet-region. Also choose the same public key for all three instances.
In the above image we can clearly see that we have created three instances, where our controller node is the load balancer and the rest two instances are our web servers.
After launching the instances we need to do some mandatory configurations, which are mentioned below:
- Use winscp to connect to the EC-2 instance, and transfer the “instance private key”, which is in “.pem” extension into the controller instance and other managed nodes as well.
- We will be using the default instance user hence we need to provide some sudo (Root user privileges) permission to them. So the next step is to configure the sudoers file in all the three instances.
- Open the sudoers file located in “/etc/sudoers” in a text editor. Then enter the following permissions,
Now install Ansible on the controller node over python3, in the following way,
Ansible is designed over python3, so first we have to install python3 using the following command,
yum install python3
Now we can install ansible using the mentioned command:
Pip3 install Ansible
Configuration of ansible inventory in EC-2 controller node:
In AWS EC-2, the inventory setup is a bit different from the normal ansible inventory setup. Here we have to give the location of the aws private key instead of user passwords, which we have uploaded in the instances using winscp:
Configuration of “ansible.cfg” file:
Here, apart from basic configuration where we will give the path of inventory file and Providing private key, we have to do “privilege escalation”. We do privilege escalation to execute tasks with root privileges or with another user’s permissions. Because this feature allows you to ‘become’ another user, different from the user that logged into the machine (remote user).
After the configuration of Ansible inventory and “Ansible.cfg” file we will now write codes shown below to achieve reverse proxy architect.
Codes to install and start haproxy in load balancer:
Codes to install and start httpd service:
To configure a reverse proxy we have to update the IP of the web server in the configuration file of the Haproxy(/etc/haproxy/haproxy.cfg). This can be achieved manually entering the ip or by dynamically updating the IP’s directly from the inventory in the controller node. We have to add certain codes in the configuration file of haproxy for updating it dynamically, Below are the codes to dynamically update the managed node ip’s in load balancer configuration file.
Now, run the playbook in which we have written the codes to Configure Reverse Proxy i.e. Haproxy and update it’s configuration file automatically each time a new Managed node (Configured With Apache Web Server) joins the inventory.
Now, go to the load balancer and web servers instances to check their connectivity status. After you see the status as active, it means the connections are up, we will now connect to the IP of the load balancer from the web browser and it will redirect us to one ofthe web server.
Checkout the codes here: Ansible Playbook to Configure Reverse Proxy and Configure it with Apache Webserver
Thank you for reading!!!