Configuring Load Balancers on AWS

5 min readDec 12, 2020

TASK REQUIREMENTS:

🔹 Launch AWS instances with the help of ansible playbooks.

🔹 Retrieve the public IP which is allocated to the launched instance using register.

🔹 With the help of the retrieved Public IP configure the inventory file dynamically and then configure load balancer setup using haproxy.cfg file dynamically.

🔹 After this launch the webserver for running the application on AWS instances.

🔹 Finally, launch the webservers and HAProxy on AWS instances using Playbooks.

Solution:

For this we create one playbook for launching AWS instances and then dynamically updating the inventory file and then installing HAProxy and webservers. Following the inventory file modification, HAProxy.cfg file will automatically the webserver IP’s in its file and then restart the HAProxy service in target node.

For details about setting up Ansible controller and initial ansible configuration, please see :

Step1: Create user in AWS and copy the keys as shown below:

Note down the access key and secret key for this user.

Step 2: Install boto3 software

Boto3 software helps us to create Software through Python, which are used in Amazon AWS EC2 and S3 devices.

Step3: Privilege Escalation

ec2-users of AWS instances, by default they don’t have root privileges hence we need to tell ansible to make ec2-user as root user for executing some ansible tasks.

Step4: Yml code

Let me publish the yml code for this task: ( Intentionally I didn’t paste the code as it removes all the inundations ). At the end of this publication , you will find a git link from where you can download the code.

I will explain the code step by step:

Code Part 1: Creating an EC2 instance for HAProxy server and dynamically updating its IP into the iventory file using lineinfile module.

hosts: 127.0.0.1

This part of code indicates that we need to execute the playbook from the level of controller if we wish to create AWS instances. Why? The reason is, to AWS API, our ansible controller works like a client and in API programming the base rule is that client should call the method/function.

ec2_instance:

Is the module that helps our AC to integrate with AWS

region: “<value>”

image_id: “<value>”

instance_type: “<value>”

vpc_subnet_id: “<value>”

security_group: “<value>”

key_name: “<value>”

name: “<value>”

state: present

We need to configure these parameters for creating an ec2 instance. But the most important of all these is the security groups parameter, make sure the SG rules are as below:

Pic showing the rules for inbound traffic and the same for outbound traffic as well.

aws_access_key: “<value>”

aws_secret_key: “<value”

These two values are obtained when you create a user in AWS IAM page

register: x

This is the most important part of playbook, We need to consider that whenever we run some playbook, it is going to show the output in the form of logs (Usually, these logs contain some crucial data related to the task), So by this command we are actually asking ansible to store these logs and why? you will find answer in the bottom.

- name: Dynamically adding haproxy hosts

lineinfile:

path: “/root/ip.text”

insertafter: ‘^\[haproxy\]’

state: present

line: “{{ x.instances[0].public_ip_address }} ansible_user=ec2-user ansible_ssh_private_key_file=/root/commonkey_allinstances.pem ansible_ssh_extra_args=’-o StrictHostKeyChecking=no’”

Now comes, the crucial part: Dynamic inventory updating :

For this we use lineinfile module of Ansible. The path of my inventory file is /root/ip.text.

Code part 2: For creating AWS instance for HTTPD and then dynamically updating the ip in inventory file.

The explanation for code part2 is same as code part1

Code part 3: Pausing for 2 minutes.

Why do we need to pause the playbook execution?

The reason is to update the inventory file via lineinfile module would actually take small amount of time. To compensate that required time I am gonna use pause module which can actually halt the execution and give some time for AC to sync with the new inventory file

After the pause module, you can see that my inventory file is updated as below: