Ansible Haproxy add backend with ansible - ansible

So i would like to run a playbook via ansible on a host get the ip of that host and then add it to the haproxy.cfg.
I have managed to get the ip from the the host by using ansible_default_ipv4.address": "192.168.159.44 but i dont think this is the correct way to do this.
I want to basically add this line
server dnsnameofserver IP:80 check fall 3 rise 2 cookie uniquecookie
Where the IP and DNS name is collected from the server.
So the workflow im thinking is running a playbook on a webserver and that collects the info and then it sends that information to the haproxy server.
Is this even possible?

Getting the IP from ansible facts is proper way.You can create two host groups one webserver and another haproxy server. You can then use delegate_to haproxy server to run the haproxy command.

Related

change ssh port on a running playbook

I have a group of hosts registered in the inventory with a non standard ssh port. I would like for ansible to try this port, if ssh fails then try port 22, change the port and continue with the playbook. I have googled and there are several articles about this, but not really doing what I want it to do.
I am trying to figure out a way to register if the ssh port is UNREACHABLE, but cant seem to find a way to do this.
If I can get this done then the rest should be easy just put my tasks in a block with the always tag set.

Will Ansible work in case of Windows Jump Server?

I wanted to know if we have Windows jump server instead or bastion server will Ansible work? if yes how can we achieve this
This is possible, via Nginx.
Send the WinRM traffic to Nginx. Configure Nginx in a way that each target host has an their own url.
example.com/tn1
example.com/tn2
Let each node point to your my.fqdn.com/wsman.
Look at this pull request.

Allowing only certain ip traffic to server using Ansible

I am using Ansible to configure my several web servers. I want to restrict all traffic coming to those servers except some hosts. Actually, i want that these servers will only be accessed by some hosts only.
First figure out how to configure such a firewall on your system without Ansible. Then use Ansible to apply that configuration to a host.
I use package iptables-persistent on Debian 9, and use Ansible templating to manage /etc/iptables/rules.v4

How to use run deck service from local browser using up address?

I have installed rundeck in docker using ec2 instance.
When I run the image and start rundeck. It's fine.
Lynx http:localhost:4440
Us able to show rundeck dashboard.
But, how can I access this rundeck from Windows browser?
I tried using address but connection refused.
In order to access this from outside for your setup, you might have to ensure the following things:
Ensure that host server (ec2) is forwarding ports to the docker container. You should have used -p or -ports when launching the container for this.
Test: From your EC2 instance, you should be able to access: http://localhost:4440
Ensure you have a public IP assigned to your EC2. You should be able to see that from your aws ec2 console: http://console.aws.amazon.com/ec2
Ensure that your security group(s) for that instance has InBound connections to accept 4440 from your IP or rest of the world.
After this, your http://:4440 should work.
I hope I got your question correct.
Let me know how it goes,
Thanks,
Anoop

Change Localhost to ip with port

I am trying to setup a development server in house. Our IP points to our live server but we have seperate servers set on different ports.
For example our testing server could be on:
external: 97.95.xxx.xxx:1234
internal: 192.168.0.100:1234
We can view the test server by entering either ip in our browsers. We want to change all our development computers to access that server by entering "testserver". We have logged in and edited
C:\Windows\System32\Drivers\etc\hosts
We have added the following line of code to the systems with no success.
97.95.xxx.xxx:1234 testserver
If we remove the port number it will connect to our live system. Is there another system we need to edit to use that port?
when you add the port, your hosts edit is simply wrong.
according to example your hosts entry must look like
97.95.xxx.xxx testserver
and accessing the testsystem would be f.e.
http://testserver:1234
or
telnet testserver 1234
whatever connectiontype / purpose your connection is.
It seems that you cannot set ports in the hosts-file,
but there seems to be a way to forward the port:
port-forwarding-in-windows
src: no ports with hosts serverfault

Resources