Ansible Playbook To Configure Reverse Proxy


Creating an Ansible playbook to Configure Reverse Proxy i.e. Haproxy and update it’s configuration file automatically each time a new Managed node (Configured With Apache Webserver) join the inventory.


Ansible is a software tool that provides simple but powerful automation for cross-platform computer support. It is primarily intended for IT professionals, who use it for application deployment, updates on workstations and servers, cloud provisioning, configuration management, intra-service orchestration, and nearly anything a systems administrator does on a weekly or daily basis.

Ansible playbooks:

While modules provide the means of accomplishing a task, the way you use them is through an Ansible playbook. A playbook is a configuration file written in YAML that provides instructions for what needs to be done in order to bring a managed node into the desired state.


HAProxy is a high-performance, open-source load balancer and reverse proxy for TCP and HTTP applications. Users can make use of HAProxy to improve the performance of websites and applications by distributing their workloads.

In this article, I am using AWS instances to demonstrate this setup. I will also tell you, How you can create this setup in your virtual machine.

Steps to Follow:

➼ Create an ansible configuration file to connect AWS.

➼ Update Inventory.

➼ Create a Haproxy Configuration File.

➼ Create a PHP webpage.

➼ Create an Ansible Playbook.

Create an ansible configuration file to connect AWS

Ansible configuration file resite under /etc/ansible directory.

Use the following variables and update in the configuration file.

inventory = inventory_path
command_warning = False
private_key_file = aws_key
remote_user = ec2-user
roles_path: roles_path[privilege_escalation]

Update Inventory

My AWS instances are

Update them in inventory.

If you are configuring this setup in your virtual Box then you can write username, password and connection type in inventory instead of the configuration file as shown.   ansible_user=root   ansible_ssh_pass=123   ansible_connection=ssh

But to use a password during ssh, you must install sshpass program.

To install sshpass

# dnf install yum install sshpass

Create a Haproxy Configuration File

You can get haproxy file in directory /etc/haproxy/ as haproxy.cfg.

But if you do not have haproxy then you can install as follow.

Installing Haproxy server

Installing haproxy server in the controller node so that we can copy and update haproxy configuration file.

Bind the port according to your requirement, I am using 8080 port.

bind *: port
{% for i in groups['group_name'] %}
server app{{loop.index}} {{i}}:port check
{% endfor %}

Because we have to balance the load among the available servers, so we use a loop to dynamically retrieve the IP of servers each time a new Managed node (Configured With Apache Webserver) join the inventory.

Now copy the file to the current folder.

Create a PHP webpage

/usr/sbin/ifconfig will help us to see the private IP of the instance.

Create an Ansible Playbook

- hosts: httpd
# apache web server
- name: "install httpd package"
name: "httpd"
state: present
- name: "install php package"
name: "php"
state: present
- name: "copy web pages to the server"
src: "/var/www/html/index.php"
dest: /var/www/html/
notify: restart httpd
- name: "start httpd service"
name: "httpd"
state: "started"
- name: "restart httpd"
name: "httpd"
state: "restarted"
# loadbalancer
- hosts: lb
- name: "installing HAProxy"
name: "haproxy"
state: present
- name: "copy haproxy configuration file"
src: "haproxy.cfg"
dest: "/etc/haproxy/"
notify: lb restart
- name: "start HAproxy service"
name: "haproxy"
state: started
- name: "lb restart"
name: "haproxy"
state: restarted

Running ansible playbook.

Now, You can see we are hitting the load balancer IP and getting two different private IPs of httpd servers.

Thanks, for reading…

Keep Learning Keep Sharing !!!