Ansible playbook to configure reverse proxy with dynamic update of conf file of the new backend servers added

6 min readMar 21, 2021

Procedure- First we will write a playbook which will configure haproxy in a system and two backend servers. to add any new server we will update the conf file manually

Then we will enhance our playbook that will automatically/dynamically take ip of the new backend server added.

Let’ start

Below is an ansible playbook which will configure haproxy and web server, you just have to give the IPs for the respective systems.

Also i have uploaded the haproxy.cfg file in which i have manually written the IPs of the systems that gonna to be backend servers. see below👇

haproxy.cfg file||my workspace where playbook and some more files present

Now time to run the playbook👇

🍤Everything configured properly and now we can go to our browser and put the ip of load balancer with the port you have set in it’s conf file(i have set 8080)🍤

Now we got the power of load balancing also🔥.

But now the main problem comes.👇

If we want to add one more new backend server, then we can add its ip in the inventory and run the playbook one more time and it will also be configured, BUT before running the playbook, we first have to add the ip into the conf file of haproxy which we don’t want, as its not good to open configuration files, change them because of many reasons and one big reason is human error. we want everything to be automated.

we want that as soon as we update the inventory file, everything would be configured and for this we have to make some changes in the playbook and the haproxy.conf file.

🍤For this purpose we will take help of ansible facts. 🍤

Ansible facts are system properties that are collected by Ansible when it executes on a remote system. The facts contain useful details such as storage and network configuration about a target system.

similarly, we have a groups variable by which we can fetch our inventor’s ip present. let’s see it practically to understand more clearly👇

🍤I have a small playbook j.yml which will copy the j.txt file in the same system in / folder. j.txt contains a simple line but with a jinja type variable which is groups[‘mylb’]. mylb is a host group containing ip of LB. let;s see what comes as output when we run it🍤.

see, the ip of the group mylb has come which is in my inventory.

let’s see one more example of jinja to become more example.

Note- i rebooted my system and my IPs of all the nodes has been changed now, below is the updated inventory👇

I have edited the same playbook with some variables and the j.txt file with a for loop of jinja👇

Now let’s run the playbook and see what file is uploaded👇

🔰so, now you saw the power of jinja and also, this line looks similar to the one we have to write in the haproxy file. so, finally am going to edit the haproxy.cfg file with some lines of jinja which would take ip from inventory and hence will update the server with new nodes🔰.

🎇so, this concept we can use to solve our use case. so, before we upload file, we will write some variables in the haproxy.cfg which will retrieve the ip from inventory and hence when we next time run the playbook, updated conf file will be uploaded and hence the new servers would automatically/dynamically added.🎇

Now i am adding one more ip in my inventory and just run the playbook and you will see now i will have 3 nodes🔥

Now run the playbook and see how many nodes we have 👇

You can also check the haproxy file. its updated with the 3rd node automatically!

Now lets go to browser and check

so, we are done with our task!!!!

Now, we can do the same setup on aws also. we can make our aws instances as our backend servers, just update the inventory with the instances’s IPs and just one click our aws servers are ready!

Let’s do this also🔥

we just need to run the playbook again and our backend servers would be of aws also

just note that this time you have to login with ec2-user only and instead of giving the password, you have to give your pvt key file path of your instance.

Also remember to give read access also using the command 👇