From f62a53e476dca9bc74f04ee66ea665ea8ea7bb64 Mon Sep 17 00:00:00 2001 From: Johannes Rothe Date: Thu, 14 Sep 2023 22:59:08 +0200 Subject: [PATCH] Add loadbalancer to playbook using new caddy role --- ansible/group_vars/lb | 1 + ansible/playbook.yaml | 24 +++++++++- ansible/roles/caddy/tasks/main.yaml | 45 +++++++++++++++++++ ansible/roles/caddy/templates/Caddyfile.j2 | 5 +++ .../roles/mysql-replication/tasks/main.yaml | 8 ++-- .../mysql-replication/templates/mysql.cnf.j2 | 2 +- 6 files changed, 78 insertions(+), 7 deletions(-) create mode 100644 ansible/group_vars/lb create mode 100644 ansible/roles/caddy/tasks/main.yaml create mode 100644 ansible/roles/caddy/templates/Caddyfile.j2 diff --git a/ansible/group_vars/lb b/ansible/group_vars/lb new file mode 100644 index 0000000..36e2f30 --- /dev/null +++ b/ansible/group_vars/lb @@ -0,0 +1 @@ +ansible_ssh_user: root diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml index 98d7b9a..fb50867 100644 --- a/ansible/playbook.yaml +++ b/ansible/playbook.yaml @@ -21,13 +21,32 @@ - "alt.pub" register: tf_out + - debug: var=tf_out + - add_host: name: "{{ item.key }}" ansible_host: "{{ item.value }}" group: web loop: "{{ tf_out.outputs.server_ips.value | dict2items }}" -- name: Setup LEMP stack + - add_host: + name: "lb" + ansible_host: "{{ tf_out.outputs.lb_public_ip.value }}" + group: lb + +- name: Setup loadbalancer + hosts: lb + vars: + caddy: + server_name: wordpress-jr.senecops.com + lb_targets: + - 10.0.0.3:80 + - 10.0.0.4:80 + - 10.0.0.5:80 + roles: + - caddy + +- name: Setup LEMP stack on application servers hosts: web vars_files: - vault.yaml @@ -51,7 +70,8 @@ - 10.0.0.5 mysql: replication_user: replica_user - replication_master: web1 + replication_master_hostname: web1 + replication_master_ip: 10.0.0.3 replication_slaves: - web2 - web3 diff --git a/ansible/roles/caddy/tasks/main.yaml b/ansible/roles/caddy/tasks/main.yaml new file mode 100644 index 0000000..8e03362 --- /dev/null +++ b/ansible/roles/caddy/tasks/main.yaml @@ -0,0 +1,45 @@ +--- +- name: Install required packages + ansible.builtin.apt: + update_cache: true + cache_valid_time: 3600 + name: + - debian-keyring + - debian-archive-keyring + - apt-transport-https + become: true + +- name: Fetch gpg key + ansible.builtin.apt_key: + url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key + id: 155B6D79CA56EA34 + keyring: /usr/share/keyrings/caddy-stable-archive-keyring.gpg + become: true + +- name: Add specified repository into sources list using specified filename + ansible.builtin.apt_repository: + repo: "deb [signed-by=/usr/share/keyrings/caddy-stable-archive-keyring.gpg] https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main" + state: present + filename: caddy-stable + +- name: Install caddy + ansible.builtin.apt: + update_cache: true + cache_valid_time: 3600 + name: + - caddy + become: true + +- name: Write Caddyfile + ansible.builtin.template: + src: "Caddyfile.j2" + dest: "/etc/caddy/Caddyfile" + mode: "0644" + become: true + +- name: Start service + ansible.builtin.service: + name: caddy + state: restarted + enabled: true + become: true diff --git a/ansible/roles/caddy/templates/Caddyfile.j2 b/ansible/roles/caddy/templates/Caddyfile.j2 new file mode 100644 index 0000000..653955d --- /dev/null +++ b/ansible/roles/caddy/templates/Caddyfile.j2 @@ -0,0 +1,5 @@ +{{ caddy.server_name }} { + reverse_proxy {{ caddy.lb_targets | join(" ") }} { + lb_policy cookie + } +} diff --git a/ansible/roles/mysql-replication/tasks/main.yaml b/ansible/roles/mysql-replication/tasks/main.yaml index 0bfce75..bd0cbe3 100644 --- a/ansible/roles/mysql-replication/tasks/main.yaml +++ b/ansible/roles/mysql-replication/tasks/main.yaml @@ -26,7 +26,7 @@ "*.*": "REPLICATION SLAVE" login_unix_socket: /var/run/mysqld/mysqld.sock become: true - when: mysql.replication_master in ansible_all_ipv4_addresses + when: ansible_hostname == mysql.replication_master_hostname - name: Get master replication status community.mysql.mysql_replication: @@ -34,7 +34,7 @@ login_password: "{{ mysql_root_password }}" mode: getmaster register: repl_stat - when: ansible_hostname == mysql.replication_master + when: ansible_hostname == mysql.replication_master_hostname - debug: var=repl_stat @@ -52,12 +52,12 @@ login_user: root login_password: "{{ mysql_root_password }}" mode: changemaster - master_host: "{{ mysql.replication_master }}" + master_host: "{{ mysql.replication_master_ip }}" master_log_file: "{{ hostvars['web1'].repl_stat.File }}" master_log_pos: "{{ hostvars['web1'].repl_stat.Position }}" master_user: "{{ mysql.replication_user }}" master_password: "{{ mysql_replication_pass }}" - when: ansible_hostname in mysql.replication_slaves and not slave.Is_Slave + when: ansible_hostname in mysql.replication_slaves - name: Start slave replication community.mysql.mysql_replication: diff --git a/ansible/roles/mysql-replication/templates/mysql.cnf.j2 b/ansible/roles/mysql-replication/templates/mysql.cnf.j2 index 18a15ed..c63a882 100644 --- a/ansible/roles/mysql-replication/templates/mysql.cnf.j2 +++ b/ansible/roles/mysql-replication/templates/mysql.cnf.j2 @@ -1,6 +1,6 @@ [mysqld] bind-address = "0.0.0.0" -{% if ansible_hostname == mysql.replication_master %} +{% if ansible_hostname == mysql.replication_master_hostname %} server-id = 1 expire_logs_days = 10 max_binlog_size = 100M