Ansible Roles to configure Web-server and Haproxy

In this article, we will be diminishing our dilemma while creating Ansible roles and organised way to keep our ansible code..

🎲What are Ansible ROLES ?

Roles let you automatically load related vars_files, tasks, handlers, and other Ansible artifacts based on a known file structure. Once you group your content in roles, you can easily reuse them and share them with other users.

📃Ansible role file structure :

Thus ,we would be using the concept of roles to manage our code for haproxy as well as web server configuration, lets see:

Here I have created two roles:

1️⃣One for Loadbalancer configuration (HAproxy)

#ansible-galaxy init mylb

2️⃣Second one for Apache Web Server Configuration.(HTTPD)

ansible-galaxy init myapache

Lets see ansble.cfg file first :

[defaults]
inventory = /etc/ansible/ip2.txt
host_key_checking = false
deprecation_warnings = false
ask_pass = false
roles_path = /root/myapache/
[privilege escalation]
become = true
become_method = sudo
become_user = root
become_ask_pass = false

Now the inventory file : ip2.txt

[webserver]
65.0.127.145 ansible_user=ec2-user ansible_ssh_private_key_file=/root/hadoop.pem ansible_connection=ssh
13.233.131.71 ansible_user=ec2-user ansible_ssh_private_key_file=/root/hadoop.pem ansible_connection=ssh
[LB]
65.2.40.196 ansible_user=ec2-user ansible_ssh_private_key_file=/root/hadoop.pem ansible_connection=ssh

Now lets start to write the role for web-server :

✍In tasks folder, we had main.yml , here we will be specifying the tasks to be performed by ansible:

#vim main.yml

---
# tasks file for myapache
- name : "Installing httpd package and PHP"
yum :
name : "{{ package }}"
state : present
loop : "{{ package }}"
- name : "Copying webpages to server"
copy :
src : "index.php"
dest : "{{ document_root }}"
notify : "web_status"
- name : "Starting httpd services"
service :
name : "{{ service }}"
state : started

✍Specifying the variables in vars folder → main.yml

#cd vars

#vim main.yml

---
# vars file for myapache
package :
- "httpd"
- "php"
#mount_dir : "dvd_apache"---> You can use this for VMs
#yum_repo : --> Default repos
# - "AppStream"
# - "BaseOS"
web_page : "/files/index.php"
document_root : "/var/www/html/"
service : "httpd"

Also we had some static files → php pages , which will we be saving in Files folder.

#cd files

#vim index.php

<pre>
<?php
print `/usr/sbin/ifconfig;`
?>
</pre>

Also we had created the handler for idempotence of webserver service:

#cd handlers

#vim main.yml

---
# handlers file for myapache
- name : web_status
service :
name : "{{ service }}"
state : restarted

Now its time to include the role in setup.yml created by us for running playbook.

Inventory file :

Lets check now:

Playbook executed fine!

Lets see the output:

Thus , we have successfully created role to setup Httpd webserver

🧭Now time to create one for Haproxy too…

🏷Inventory file :

🏷ansible.cfg file:

Lets start to write role now:

👉Creating tasks:

#cd tasks

#vim main.yml

---
# tasks file for mylb
- name : "Installing haproxy.. "
package :
name : "{{ package }}"
state : present
- name : "Configuring the HAPROXY"
template :
src : haproxy.cfg.j2
dest : "/etc/haproxy/haproxy.cfg"
notify : haproxy
- name : "Starting haproxy server"
service :
name : "{{ service }}"
state : started

👉Creating vars:

#cd vars

#vim main.yml

# vars file for mylbpackage : "haproxy"
service : "haproxy"

👉Now as we need to dynamically update the conf file of haproxy →haproxy.cfg

Lets create the template file for same in templates folder

#cd templates

#vim haproxy.cfg.j2

👉Handler for haproxy service

#cd handlers

#vim main.yml

---
# handlers file for mylb
- name : haproxy
service :
name : "{{ service }}"
state : restarted

lets check the role now:

“setup.yml”

- hosts: LB
become : true
roles :
- role: "mylb"

Now lets combine both the role in one playbook and check the execution:

“setup.yml”

- hosts: webserver
become : true
roles :
- role: "myapache"
- hosts: LB
become : true
roles :
- role: "mylb"

😍Finally by using roles , we have achieved our goal…..

To access haproxy server:

TYPE in you browser

<ip_reverse_proxy_server>:port

for e,g 65.2.40.196:8080

Thus roles had made life of devops engineer at ease by organising the whole code in oriented/managed file-structure …….

Github repo :

Happy automating ……..🧱🛠🎯

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store