From 55773923b1256e03482bf6ba61e2bbfd72493cac Mon Sep 17 00:00:00 2001 From: Nick Jones Date: Wed, 17 Jan 2018 16:38:24 +0000 Subject: [PATCH] [HAProxy] Allow extra options to be specified per listener This commit provides operators with the ability to specify additional options per HTTP or TCP listener stanza. Change-Id: I66cc5372f2a686213b6748a8260cfe84f789ad8e Implements: blueprint haproxy-listener-extra-options --- ansible/roles/haproxy/defaults/main.yml | 3 + .../roles/haproxy/templates/haproxy.cfg.j2 | 309 ++++++++++++++++++ ...proxy-listen-options-ef1dc74a239f6f9d.yaml | 5 + 3 files changed, 317 insertions(+) create mode 100644 releasenotes/notes/haproxy-listen-options-ef1dc74a239f6f9d.yaml diff --git a/ansible/roles/haproxy/defaults/main.yml b/ansible/roles/haproxy/defaults/main.yml index c2e6e61400..06277ef19e 100644 --- a/ansible/roles/haproxy/defaults/main.yml +++ b/ansible/roles/haproxy/defaults/main.yml @@ -47,3 +47,6 @@ syslog_haproxy_facility: "local1" # Traffic mode. Valid options are [ multicast, unicast ] keepalived_traffic_mode: "multicast" + +haproxy_listen_tcp_extra: [] +haproxy_listen_http_extra: [] diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2 index e3354c6b32..cdc33a7bc9 100644 --- a/ansible/roles/haproxy/templates/haproxy.cfg.j2 +++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2 @@ -40,6 +40,9 @@ listen stats {% if enable_rabbitmq | bool %} listen rabbitmq_management bind {{ kolla_internal_vip_address }}:{{ rabbitmq_management_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['rabbitmq'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_management_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -47,6 +50,9 @@ listen rabbitmq_management {% if enable_outward_rabbitmq | bool %} listen outward_rabbitmq_management bind {{ kolla_internal_vip_address }}:{{ outward_rabbitmq_management_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['outward-rabbitmq'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ outward_rabbitmq_management_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -57,6 +63,9 @@ listen outward_rabbitmq_external timeout client 3600s timeout server 3600s bind {{ kolla_external_vip_address }}:{{ outward_rabbitmq_port }} +{% for tcp_option in haproxy_listen_tcp_extra %} + {{ tcp_option }} +{% endfor %} {% for host in groups['outward-rabbitmq'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ outward_rabbitmq_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -66,6 +75,9 @@ listen outward_rabbitmq_external {% if enable_mongodb | bool %} listen mongodb bind {{ kolla_internal_vip_address }}:{{ mongodb_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['mongodb'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mongodb_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -75,6 +87,9 @@ listen mongodb listen keystone_internal bind {{ kolla_internal_vip_address }}:{{ keystone_public_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['keystone'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_public_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -84,6 +99,9 @@ listen keystone_external bind {{ kolla_external_vip_address }}:{{ keystone_public_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['keystone'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_public_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -92,6 +110,9 @@ listen keystone_external listen keystone_admin bind {{ kolla_internal_vip_address }}:{{ keystone_admin_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['keystone'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_admin_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -100,6 +121,9 @@ listen keystone_admin {% if enable_glance | bool %} listen glance_registry bind {{ kolla_internal_vip_address }}:{{ glance_registry_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['glance-registry'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_registry_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -108,6 +132,9 @@ listen glance_api bind {{ kolla_internal_vip_address }}:{{ glance_api_port }} timeout client {{ haproxy_glance_api_client_timeout }} timeout server {{ haproxy_glance_api_server_timeout }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['glance-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -117,6 +144,9 @@ listen glance_api_external bind {{ kolla_external_vip_address }}:{{ glance_api_port }} {{ tls_bind_info }} timeout client {{ haproxy_glance_api_client_timeout }} timeout server {{ haproxy_glance_api_server_timeout }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['glance-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -127,6 +157,9 @@ listen glance_api_external listen nova_api bind {{ kolla_internal_vip_address }}:{{ nova_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -134,6 +167,9 @@ listen nova_api listen nova_metadata bind {{ kolla_internal_vip_address }}:{{ nova_metadata_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_metadata_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -141,6 +177,9 @@ listen nova_metadata listen placement_api bind {{ kolla_internal_vip_address }}:{{ placement_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['placement-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ placement_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -151,18 +190,27 @@ listen nova_novncproxy http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } timeout tunnel 1h +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-novncproxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_novncproxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} {% elif nova_console == 'spice' %} listen nova_spicehtml5proxy bind {{ kolla_internal_vip_address }}:{{ nova_spicehtml5proxy_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-spicehtml5proxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_spicehtml5proxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} {% elif nova_console == 'rdp' %} listen nova_rdp bind {{ kolla_internal_vip_address }}:{{ rdp_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['hyperv'] %} server {{ hostvars[host]['ansible_hostname'] }} {% for ip in hostvars[host]['ansible_ip_addresses'] %}{% if host == ip %}{{ ip }}{% endif %}{% endfor %}:{{ rdp_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -171,6 +219,9 @@ listen nova_rdp {% if enable_nova_serialconsole_proxy | bool %} listen nova_serialconsole_proxy bind {{ kolla_internal_vip_address }}:{{ nova_serialproxy_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-serialproxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_serialproxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -181,6 +232,9 @@ listen nova_api_external bind {{ kolla_external_vip_address }}:{{ nova_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -189,6 +243,9 @@ listen nova_metadata_external bind {{ kolla_external_vip_address }}:{{ nova_metadata_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_metadata_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -197,6 +254,9 @@ listen placement_api_external bind {{ kolla_external_vip_address }}:{{ placement_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['placement-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ placement_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -206,6 +266,9 @@ listen nova_novncproxy_external bind {{ kolla_external_vip_address }}:{{ nova_novncproxy_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-novncproxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_novncproxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -214,6 +277,9 @@ listen nova_spicehtml5proxy_external bind {{ kolla_external_vip_address }}:{{ nova_spicehtml5proxy_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-spicehtml5proxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_spicehtml5proxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -224,6 +290,9 @@ listen nova_serialconsole_proxy_external bind {{ kolla_external_vip_address }}:{{ nova_serialproxy_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['nova-serialproxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_serialproxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -235,6 +304,9 @@ listen nova_serialconsole_proxy_external listen neutron_server option http-tunnel bind {{ kolla_internal_vip_address }}:{{ neutron_server_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['neutron-server'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ neutron_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -243,6 +315,9 @@ listen neutron_server listen neutron_server_external option http-tunnel bind {{ kolla_external_vip_address }}:{{ neutron_server_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['neutron-server'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ neutron_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -254,6 +329,9 @@ listen horizon bind {{ kolla_internal_vip_address }}:{{ horizon_port }} balance source http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['horizon'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ horizon_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -265,6 +343,9 @@ listen horizon_external balance source http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['horizon'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ horizon_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -275,6 +356,9 @@ frontend horizon_external_redirect {% else %} listen horizon_external bind {{ kolla_external_vip_address }}:{{ horizon_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['horizon'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ horizon_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -286,6 +370,9 @@ listen horizon_external listen cinder_api bind {{ kolla_internal_vip_address }}:{{ cinder_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['cinder-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ cinder_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -295,6 +382,9 @@ listen cinder_api_external bind {{ kolla_external_vip_address }}:{{ cinder_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['cinder-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ cinder_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -305,6 +395,9 @@ listen cinder_api_external listen cloudkitty_api bind {{ kolla_internal_vip_address }}:{{ cloudkitty_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['cloudkitty-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ cloudkitty_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -314,6 +407,9 @@ listen cloudkitty_api_external bind {{ kolla_external_vip_address }}:{{ cloudkitty_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['cloudkitty-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ cloudkitty_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -324,6 +420,9 @@ listen cloudkitty_api_external listen octavia_api bind {{ kolla_internal_vip_address }}:{{ octavia_api_port }} http-request del-header X-Forwarded-Proto +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['octavia-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ octavia_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -333,6 +432,9 @@ listen octavia_api_external bind {{ kolla_external_vip_address }}:{{ octavia_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['octavia-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ octavia_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -343,6 +445,9 @@ listen octavia_api_external listen panko_api bind {{ kolla_internal_vip_address }}:{{ panko_api_port }} http-request del-header X-Forwarded-Proto +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['panko-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ panko_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -352,6 +457,9 @@ listen panko_api_external bind {{ kolla_external_vip_address }}:{{ panko_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['panko-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ panko_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -362,6 +470,9 @@ listen panko_api_external listen heat_api bind {{ kolla_internal_vip_address }}:{{ heat_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['heat-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ heat_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -369,6 +480,9 @@ listen heat_api listen heat_api_cfn bind {{ kolla_internal_vip_address }}:{{ heat_api_cfn_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['heat-api-cfn'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ heat_api_cfn_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -378,6 +492,9 @@ listen heat_api_external bind {{ kolla_external_vip_address }}:{{ heat_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['heat-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ heat_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -386,6 +503,9 @@ listen heat_api_cfn_external bind {{ kolla_external_vip_address }}:{{ heat_api_cfn_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['heat-api-cfn'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ heat_api_cfn_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -397,6 +517,9 @@ listen grafana_server bind {{ kolla_internal_vip_address }}:{{ grafana_server_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['grafana'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ grafana_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -406,6 +529,9 @@ listen grafana_server_external bind {{ kolla_external_vip_address }}:{{ grafana_server_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['grafana'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ grafana_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -415,11 +541,17 @@ listen grafana_server_external {% if enable_ironic | bool %} listen ironic_api bind {{ kolla_internal_vip_address }}:{{ ironic_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['ironic-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ ironic_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} listen ironic_inspector bind {{ kolla_internal_vip_address }}:{{ ironic_inspector_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['ironic-inspector'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ ironic_inspector_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -427,6 +559,9 @@ listen ironic_inspector listen ironic_api_external bind {{ kolla_external_vip_address }}:{{ ironic_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['ironic-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ ironic_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -434,6 +569,9 @@ listen ironic_inspector_external bind {{ kolla_external_vip_address }}:{{ ironic_inspector_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['ironic-inspector'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ ironic_inspector_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -443,6 +581,9 @@ listen ironic_inspector_external {% if enable_karbor | bool %} listen karbor_api bind {{ kolla_internal_vip_address }}:{{ karbor_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['karbor-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ karbor_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -450,6 +591,9 @@ listen karbor_api listen karbor_api_external bind {{ kolla_external_vip_address }}:{{ karbor_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['karbor-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ karbor_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -460,6 +604,9 @@ listen karbor_api_external {% if enable_freezer | bool %} listen freezer_api bind {{ kolla_internal_vip_address }}:{{ freezer_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['freezer-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ freezer_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -467,6 +614,9 @@ listen freezer_api listen freezer_api_external bind {{ kolla_external_vip_address }}:{{ freezer_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['freezer-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ freezer_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -477,6 +627,9 @@ listen freezer_api_external {% if enable_senlin | bool %} listen senlin_api bind {{ kolla_internal_vip_address }}:{{ senlin_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['senlin-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ senlin_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -484,6 +637,9 @@ listen senlin_api listen senlin_api_external bind {{ kolla_external_vip_address }}:{{ senlin_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['senlin-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ senlin_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -493,12 +649,18 @@ listen senlin_api_external {% if enable_solum | bool %} listen solum_application_deployment bind {{ kolla_internal_vip_address }}:{{ solum_application_deployment_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['solum-application-deployment'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ solum_application_deployment_port }} check inter 2000 rise 2 fall 5 {% endfor %} listen solum_image_builder bind {{ kolla_internal_vip_address }}:{{ solum_image_builder_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['solum-image-builder'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ solum_image_builder_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -506,12 +668,18 @@ listen solum_image_builder listen solum_application_deployment_external bind {{ kolla_external_vip_address }}:{{ solum_application_deployment_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['solum-application-deployment'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ solum_application_deployment_port }} check inter 2000 rise 2 fall 5 {% endfor %} listen solum_image_builder_external bind {{ kolla_external_vip_address }}:{{ solum_image_builder_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['solum-image-builder'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ solum_image_builder_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -521,6 +689,9 @@ listen solum_image_builder_external {% if enable_swift | bool %} listen swift_api bind {{ kolla_internal_vip_address }}:{{ swift_proxy_server_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['swift-proxy-server'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ swift_proxy_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -528,6 +699,9 @@ listen swift_api listen swift_api_external bind {{ kolla_external_vip_address }}:{{ swift_proxy_server_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['swift-proxy-server'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ swift_proxy_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -537,6 +711,9 @@ listen swift_api_external {% if enable_murano | bool %} listen murano_api bind {{ kolla_internal_vip_address }}:{{ murano_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['murano-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ murano_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -544,6 +721,9 @@ listen murano_api listen murano_api_external bind {{ kolla_external_vip_address }}:{{ murano_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['murano-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ murano_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -553,6 +733,9 @@ listen murano_api_external {% if enable_manila | bool %} listen manila_api bind {{ kolla_internal_vip_address }}:{{ manila_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['manila-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ manila_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -560,6 +743,9 @@ listen manila_api listen manila_api_external bind {{ kolla_external_vip_address }}:{{ manila_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['manila-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ manila_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -569,6 +755,9 @@ listen manila_api_external {% if enable_magnum | bool %} listen magnum_api bind {{ kolla_internal_vip_address }}:{{ magnum_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['magnum-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ magnum_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -576,6 +765,9 @@ listen magnum_api listen magnum_api_external bind {{ kolla_external_vip_address }}:{{ magnum_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['magnum-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ magnum_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -585,6 +777,9 @@ listen magnum_api_external {% if enable_watcher | bool and enable_ceilometer | bool %} listen watcher_api bind {{ kolla_internal_vip_address }}:{{ watcher_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['watcher-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ watcher_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -592,6 +787,9 @@ listen watcher_api listen watcher_api_external bind {{ kolla_external_vip_address }}:{{ watcher_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['watcher-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ watcher_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -601,6 +799,9 @@ listen watcher_api_external {% if enable_sahara | bool %} listen sahara_api bind {{ kolla_internal_vip_address }}:{{ sahara_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['sahara-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ sahara_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -608,6 +809,9 @@ listen sahara_api listen sahara_api_external bind {{ kolla_external_vip_address }}:{{ sahara_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['sahara-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ sahara_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -617,6 +821,9 @@ listen sahara_api_external {% if enable_searchlight | bool %} listen searchlight_api bind {{ kolla_internal_vip_address }}:{{ searchlight_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['searchlight-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ searchlight_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -624,6 +831,9 @@ listen searchlight_api listen searchlight_api_external bind {{ kolla_external_vip_address }}:{{ searchlight_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['searchlight-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ searchlight_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -633,6 +843,9 @@ listen searchlight_api_external {% if enable_ceph | bool and enable_ceph_rgw | bool %} listen radosgw bind {{ kolla_internal_vip_address }}:{{ rgw_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['ceph-rgw'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rgw_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -640,6 +853,9 @@ listen radosgw listen radosgw_external bind {{ kolla_external_vip_address }}:{{ rgw_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['ceph-rgw'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rgw_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -655,6 +871,9 @@ listen kibana bind {{ kolla_internal_vip_address }}:{{ kibana_server_port }} acl auth_acl http_auth(kibanauser) http-request auth realm basicauth unless auth_acl +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['kibana'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ kibana_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -666,6 +885,9 @@ listen kibana_external http-request set-header X-Forwarded-Proto https if { ssl_fc } acl auth_acl http_auth(kibanauser) http-request auth realm basicauth unless auth_acl +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['kibana'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ kibana_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -675,6 +897,9 @@ listen kibana_external {% if enable_gnocchi | bool %} listen gnocchi_api bind {{ kolla_internal_vip_address }}:{{ gnocchi_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['gnocchi-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ gnocchi_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -682,6 +907,9 @@ listen gnocchi_api listen gnocchi_api_external bind {{ kolla_external_vip_address }}:{{ gnocchi_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['gnocchi-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ gnocchi_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -692,6 +920,9 @@ listen gnocchi_api_external listen elasticsearch option dontlog-normal bind {{ kolla_internal_vip_address }}:{{ elasticsearch_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['elasticsearch'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ elasticsearch_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -700,6 +931,9 @@ listen elasticsearch {% if enable_barbican | bool %} listen barbican_api bind {{ kolla_internal_vip_address }}:{{ barbican_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['barbican-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ barbican_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -707,6 +941,9 @@ listen barbican_api listen barbican_api_external bind {{ kolla_external_vip_address }}:{{ barbican_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['barbican-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ barbican_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -716,6 +953,9 @@ listen barbican_api_external {% if enable_aodh | bool %} listen aodh_api bind {{ kolla_internal_vip_address }}:{{ aodh_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['aodh-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ aodh_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -723,6 +963,9 @@ listen aodh_api listen aodh_api_external bind {{ kolla_external_vip_address }}:{{ aodh_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['aodh-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ aodh_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -732,6 +975,9 @@ listen aodh_api_external {% if enable_trove | bool %} listen trove_api bind {{ kolla_internal_vip_address }}:{{ trove_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['trove-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ trove_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -739,6 +985,9 @@ listen trove_api listen trove_api_external bind {{ kolla_external_vip_address }}:{{ trove_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['trove-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ trove_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -749,6 +998,9 @@ listen trove_api_external listen congress_api bind {{ kolla_internal_vip_address }}:{{ congress_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['congress-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ congress_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -758,6 +1010,9 @@ listen congress_api_external bind {{ kolla_external_vip_address }}:{{ congress_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['congress-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ congress_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -767,6 +1022,9 @@ listen congress_api_external {% if enable_designate | bool %} listen designate_api bind {{ kolla_internal_vip_address }}:{{ designate_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['designate-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ designate_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -774,6 +1032,9 @@ listen designate_api listen designate_api_external bind {{ kolla_external_vip_address }}:{{ designate_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['designate-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ designate_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -783,6 +1044,9 @@ listen designate_api_external {% if enable_mistral | bool %} listen mistral_api bind {{ kolla_internal_vip_address }}:{{ mistral_api_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['mistral-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mistral_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -790,6 +1054,9 @@ listen mistral_api listen mistral_api_external bind {{ kolla_external_vip_address }}:{{ mistral_api_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['mistral-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mistral_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -799,6 +1066,9 @@ listen mistral_api_external {% if enable_tacker | bool %} listen tacker_server bind {{ kolla_internal_vip_address }}:{{ tacker_server_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['tacker'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ tacker_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -806,6 +1076,9 @@ listen tacker_server listen tacker_server_external bind {{ kolla_external_vip_address }}:{{ tacker_server_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['tacker'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ tacker_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -816,6 +1089,9 @@ listen tacker_server_external listen zun_api bind {{ kolla_internal_vip_address }}:{{ zun_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['zun-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ zun_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -825,6 +1101,9 @@ listen zun_api_external bind {{ kolla_external_vip_address }}:{{ zun_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['zun-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ zun_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -834,6 +1113,9 @@ listen zun_api_external {% if enable_skydive | bool %} listen skydive_server bind {{ kolla_internal_vip_address }}:{{ skydive_analyzer_port }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['skydive-analyzer'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ skydive_analyzer_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -841,6 +1123,9 @@ listen skydive_server listen skydive_server_external bind {{ kolla_external_vip_address }}:{{ skydive_analyzer_port }} {{ tls_bind_info }} +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['skydive-analyzer'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ skydive_analyzer_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -851,6 +1136,9 @@ listen skydive_server_external listen vitrage_api bind {{ kolla_internal_vip_address }}:{{ vitrage_api_port }} http-request del-header X-Forwarded-Proto +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['vitrage-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ vitrage_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -860,6 +1148,9 @@ listen vitrage_api_external bind {{ kolla_external_vip_address }}:{{ vitrage_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['vitrage-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ vitrage_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -870,6 +1161,9 @@ listen vitrage_api_external listen blazar_api bind {{ kolla_internal_vip_address }}:{{ blazar_api_port }} http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['blazar-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ blazar_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -879,6 +1173,9 @@ listen blazar_api_external bind {{ kolla_external_vip_address }}:{{ blazar_api_port }} {{ tls_bind_info }} http-request del-header X-Forwarded-Proto if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['blazar-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ blazar_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -912,6 +1209,9 @@ listen mariadb option mysql-check user haproxy post-41 {% endif %} bind {{ kolla_internal_vip_address }}:{{ mariadb_port }} +{% for tcp_option in haproxy_listen_tcp_extra %} + {{ tcp_option }} +{% endfor %} {% for host in groups['mariadb'] %} {% if not enable_external_mariadb_load_balancer | bool %} @@ -929,6 +1229,9 @@ listen memcached timeout server 3600s option tcplog option tcpka +{% for tcp_option in haproxy_listen_tcp_extra %} + {{ tcp_option }} +{% endfor %} bind {{ kolla_internal_vip_address }}:{{ memcached_port }} {% for host in groups['memcached'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }} check inter 2000 rise 2 fall 5 {% if not loop.first %}backup{% endif %} @@ -940,6 +1243,9 @@ listen memcached listen opendaylight_api bind {{ kolla_internal_vip_address }}:{{ opendaylight_haproxy_restconf_port }} balance source +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['opendaylight'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ opendaylight_restconf_port }} check fall 5 inter 2000 rise 2 {% endfor %} @@ -947,6 +1253,9 @@ listen opendaylight_api listen opendaylight_api_backup bind {{ kolla_internal_vip_address }}:{{ opendaylight_haproxy_restconf_port_backup }} balance source +{% for http_option in haproxy_listen_http_extra %} + {{ http_option }} +{% endfor %} {% for host in groups['opendaylight'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ opendaylight_restconf_port_backup }} check fall 5 inter 2000 rise 2 {% endfor %} diff --git a/releasenotes/notes/haproxy-listen-options-ef1dc74a239f6f9d.yaml b/releasenotes/notes/haproxy-listen-options-ef1dc74a239f6f9d.yaml new file mode 100644 index 0000000000..06ff597ec3 --- /dev/null +++ b/releasenotes/notes/haproxy-listen-options-ef1dc74a239f6f9d.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + HAProxy - Add ability for operators to specify additional options per HTTP + or TCP listener stanza.