Refactor haproxy config (split by service) V2.0
Having all services in one giant haproxy file makes altering configuration for a service both painful and dangerous. Each service should be configured with a simple set of variables and rendered with a single unified template. Available are two new templates: * haproxy_single_service_listen.cfg.j2: close to the original style, but only one service per file * haproxy_single_service_split.cfg.j2: using the newer haproxy syntax for separated frontend and backend For now the default will be the single listen block, for ease of transition. Change-Id: I6e237438fbc0aa3c89a3c8bd706a53b74e71904b
This commit is contained in:
parent
921a6d8762
commit
f1c8136556
ansible
group_vars
inventory
roles
aodh
barbican
blazar
ceph
cinder
cloudkitty
congress
designate
elasticsearch
freezer
glance
gnocchi
grafana
haproxy-config
defaults
handlers
tasks
templates
haproxy
defaults
handlers
tasks
templates
heat
horizon
influxdb
ironic
karbor
keystone
kibana
magnum
manila
mariadb
memcached
mistral
monasca
mongodb
murano
neutron
nova
octavia
opendaylight
panko
prometheus
rabbitmq
sahara
searchlight
senlin
skydive
solum
swift
tacker
@ -208,6 +208,7 @@ gnocchi_api_port: "8041"
|
||||
grafana_server_port: "3000"
|
||||
|
||||
haproxy_stats_port: "1984"
|
||||
haproxy_monitor_port: "61313"
|
||||
|
||||
heat_api_port: "8004"
|
||||
heat_api_cfn_port: "8000"
|
||||
|
@ -493,6 +493,12 @@ solum
|
||||
[solum-conductor:children]
|
||||
solum
|
||||
|
||||
[solum-application-deployment:children]
|
||||
solum
|
||||
|
||||
[solum-image-builder:children]
|
||||
solum
|
||||
|
||||
# Mistral
|
||||
[mistral-api:children]
|
||||
mistral
|
||||
|
@ -509,6 +509,12 @@ solum
|
||||
[solum-conductor:children]
|
||||
solum
|
||||
|
||||
[solum-application-deployment:children]
|
||||
solum
|
||||
|
||||
[solum-image-builder:children]
|
||||
solum
|
||||
|
||||
# Mistral
|
||||
[mistral-api:children]
|
||||
mistral
|
||||
|
@ -14,6 +14,17 @@ aodh_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/aodh/aodh:/var/lib/kolla/venv/lib/python2.7/site-packages/aodh' if aodh_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ aodh_api_dimensions }}"
|
||||
haproxy:
|
||||
aodh_api:
|
||||
enabled: "{{ enable_aodh }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ aodh_api_port }}"
|
||||
aodh_api_external:
|
||||
enabled: "{{ enable_aodh }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ aodh_api_port }}"
|
||||
aodh-evaluator:
|
||||
container_name: aodh_evaluator
|
||||
group: aodh-evaluator
|
||||
|
7
ansible/roles/aodh/tasks/loadbalancer.yml
Normal file
7
ansible/roles/aodh/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ aodh_services }}"
|
||||
tags: always
|
@ -14,6 +14,17 @@ barbican_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/barbican/barbican:/var/lib/kolla/venv/lib/python2.7/site-packages/barbican' if barbican_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ barbican_api_dimensions }}"
|
||||
haproxy:
|
||||
barbican_api:
|
||||
enabled: "{{ enable_barbican }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ barbican_api_port }}"
|
||||
barbican_api_external:
|
||||
enabled: "{{ enable_barbican }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ barbican_api_port }}"
|
||||
barbican-keystone-listener:
|
||||
container_name: barbican_keystone_listener
|
||||
group: barbican-keystone-listener
|
||||
|
7
ansible/roles/barbican/tasks/loadbalancer.yml
Normal file
7
ansible/roles/barbican/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ barbican_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ blazar_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/blazar/blazar:/var/lib/kolla/venv/lib/python2.7/site-packages/blazar' if blazar_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ blazar_api_dimensions }}"
|
||||
haproxy:
|
||||
blazar_api:
|
||||
enabled: "{{ enable_blazar }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ blazar_api_port }}"
|
||||
blazar_api_external:
|
||||
enabled: "{{ enable_blazar }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ blazar_api_port }}"
|
||||
blazar-manager:
|
||||
container_name: blazar_manager
|
||||
group: blazar-manager
|
||||
|
7
ansible/roles/blazar/tasks/loadbalancer.yml
Normal file
7
ansible/roles/blazar/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ blazar_services }}"
|
||||
tags: always
|
@ -1,6 +1,22 @@
|
||||
---
|
||||
project_name: "ceph"
|
||||
|
||||
ceph_services:
|
||||
ceph-rgw:
|
||||
group: ceph-rgw
|
||||
enabled: "{{ enable_ceph_rgw|bool }}"
|
||||
haproxy:
|
||||
radosgw:
|
||||
enabled: "{{ enable_ceph|bool and enable_ceph_rgw|bool }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ rgw_port }}"
|
||||
radosgw_external:
|
||||
enabled: "{{ enable_ceph|bool and enable_ceph_rgw|bool }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ rgw_port }}"
|
||||
|
||||
|
||||
####################
|
||||
# Docker
|
||||
|
7
ansible/roles/ceph/tasks/loadbalancer.yml
Normal file
7
ansible/roles/ceph/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ ceph_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ cinder_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/cinder/cinder:/var/lib/kolla/venv/lib/python2.7/site-packages/cinder' if cinder_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ cinder_api_dimensions }}"
|
||||
haproxy:
|
||||
cinder_api:
|
||||
enabled: "{{ enable_cinder }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ cinder_api_port }}"
|
||||
cinder_api_external:
|
||||
enabled: "{{ enable_cinder }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ cinder_api_port }}"
|
||||
cinder-scheduler:
|
||||
container_name: cinder_scheduler
|
||||
group: cinder-scheduler
|
||||
|
7
ansible/roles/cinder/tasks/loadbalancer.yml
Normal file
7
ansible/roles/cinder/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ cinder_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ cloudkitty_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/cloudkitty/cloudkitty:/var/lib/kolla/venv/lib/python2.7/site-packages/cloudkitty' if cloudkitty_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ cloudkitty_api_dimensions }}"
|
||||
haproxy:
|
||||
cloudkitty_api:
|
||||
enabled: "{{ enable_cloudkitty }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ cloudkitty_api_port }}"
|
||||
cloudkitty_api_external:
|
||||
enabled: "{{ enable_cloudkitty }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ cloudkitty_api_port }}"
|
||||
cloudkitty-processor:
|
||||
container_name: "cloudkitty_processor"
|
||||
group: "cloudkitty-processor"
|
||||
|
7
ansible/roles/cloudkitty/tasks/loadbalancer.yml
Normal file
7
ansible/roles/cloudkitty/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ cloudkitty_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ congress_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/congress/congress:/var/lib/kolla/venv/lib/python2.7/site-packages/congress' if congress_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ congress_api_dimensions }}"
|
||||
haproxy:
|
||||
congress_api:
|
||||
enabled: "{{ enable_congress }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ congress_api_port }}"
|
||||
congress_api_external:
|
||||
enabled: "{{ enable_congress }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ congress_api_port }}"
|
||||
congress-policy-engine:
|
||||
container_name: congress_policy_engine
|
||||
group: congress-policy-engine
|
||||
|
7
ansible/roles/congress/tasks/loadbalancer.yml
Normal file
7
ansible/roles/congress/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ congress_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ designate_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/designate/designate:/var/lib/kolla/venv/lib/python2.7/site-packages/designate' if designate_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ designate_api_dimensions }}"
|
||||
haproxy:
|
||||
designate_api:
|
||||
enabled: "{{ enable_designate }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ designate_api_port }}"
|
||||
designate_api_external:
|
||||
enabled: "{{ enable_designate }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ designate_api_port }}"
|
||||
designate-backend-bind9:
|
||||
container_name: designate_backend_bind9
|
||||
group: designate-backend-bind9
|
||||
|
7
ansible/roles/designate/tasks/loadbalancer.yml
Normal file
7
ansible/roles/designate/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ designate_services }}"
|
||||
tags: always
|
@ -12,6 +12,14 @@ elasticsearch_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "elasticsearch:/var/lib/elasticsearch/data"
|
||||
dimensions: "{{ elasticsearch_dimensions }}"
|
||||
haproxy:
|
||||
elasticsearch:
|
||||
enabled: "{{ enable_elasticsearch }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ elasticsearch_port }}"
|
||||
frontend_http_extra:
|
||||
- "option dontlog-normal"
|
||||
|
||||
|
||||
####################
|
||||
|
7
ansible/roles/elasticsearch/tasks/loadbalancer.yml
Normal file
7
ansible/roles/elasticsearch/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ elasticsearch_services }}"
|
||||
tags: always
|
@ -14,6 +14,17 @@ freezer_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/freezer-api/freezer_api:/var/lib/kolla/venv/lib/python2.7/site-packages/freezer_api' if freezer_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ freezer_api_dimensions }}"
|
||||
haproxy:
|
||||
freezer_api:
|
||||
enabled: "{{ enable_freezer }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ freezer_api_port }}"
|
||||
freezer_api_external:
|
||||
enabled: "{{ enable_freezer }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ freezer_api_port }}"
|
||||
freezer-scheduler:
|
||||
container_name: freezer_scheduler
|
||||
group: freezer-scheduler
|
||||
|
7
ansible/roles/freezer/tasks/loadbalancer.yml
Normal file
7
ansible/roles/freezer/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ freezer_services }}"
|
||||
tags: always
|
@ -15,6 +15,27 @@ glance_services:
|
||||
- "{{ kolla_dev_repos_directory ~ '/glance/glance:/var/lib/kolla/venv/lib/python2.7/site-packages/glance' if glance_dev_mode | bool else '' }}"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ glance_api_dimensions }}"
|
||||
haproxy:
|
||||
glance_api:
|
||||
enabled: "{{ enable_glance }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ glance_api_port }}"
|
||||
frontend_http_extra:
|
||||
- "timeout client {{ haproxy_glance_api_client_timeout }}"
|
||||
backend_http_extra:
|
||||
- "timeout server {{ haproxy_glance_api_server_timeout }}"
|
||||
custom_member_list: "{{ haproxy_members.split(';') }}"
|
||||
glance_api_external:
|
||||
enabled: "{{ enable_glance }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ glance_api_port }}"
|
||||
frontend_http_extra:
|
||||
- "timeout client {{ haproxy_glance_api_client_timeout }}"
|
||||
backend_http_extra:
|
||||
- "timeout server {{ haproxy_glance_api_server_timeout }}"
|
||||
custom_member_list: "{{ haproxy_members.split(';') }}"
|
||||
glance-registry:
|
||||
container_name: glance_registry
|
||||
group: glance-registry
|
||||
@ -27,6 +48,11 @@ glance_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ glance_registry_dimensions }}"
|
||||
|
||||
####################
|
||||
# HAProxy
|
||||
####################
|
||||
haproxy_members: "{% for host in glance_api_hosts %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }} check inter 2000 rise 2 fall 5;{% endfor %}"
|
||||
|
||||
####################
|
||||
# Notification
|
||||
####################
|
||||
@ -66,6 +92,13 @@ glance_database_user: "{% if use_preconfigured_databases | bool and use_common_m
|
||||
glance_database_address: "{{ database_address }}:{{ database_port }}"
|
||||
|
||||
|
||||
####################
|
||||
# HAProxy
|
||||
####################
|
||||
haproxy_glance_api_client_timeout: "6h"
|
||||
haproxy_glance_api_server_timeout: "6h"
|
||||
|
||||
|
||||
####################
|
||||
# Docker
|
||||
####################
|
||||
|
7
ansible/roles/glance/tasks/loadbalancer.yml
Normal file
7
ansible/roles/glance/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ glance_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ gnocchi_services:
|
||||
- "gnocchi:/var/lib/gnocchi/"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ gnocchi_api_dimensions }}"
|
||||
haproxy:
|
||||
gnocchi_api:
|
||||
enabled: "{{ enable_gnocchi }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ gnocchi_api_port }}"
|
||||
gnocchi_api_external:
|
||||
enabled: "{{ enable_gnocchi }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ gnocchi_api_port }}"
|
||||
gnocchi-metricd:
|
||||
container_name: gnocchi_metricd
|
||||
group: gnocchi-metricd
|
||||
|
7
ansible/roles/gnocchi/tasks/loadbalancer.yml
Normal file
7
ansible/roles/gnocchi/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ gnocchi_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ grafana_services:
|
||||
- "grafana:/var/lib/grafana/"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ grafana_dimensions }}"
|
||||
haproxy:
|
||||
grafana_server:
|
||||
enabled: "{{ enable_grafana }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ grafana_server_port }}"
|
||||
grafana_server_external:
|
||||
enabled: "{{ enable_grafana }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ grafana_server_port }}"
|
||||
|
||||
####################
|
||||
# Database
|
||||
|
7
ansible/roles/grafana/tasks/loadbalancer.yml
Normal file
7
ansible/roles/grafana/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ grafana_services }}"
|
||||
tags: always
|
13
ansible/roles/haproxy-config/defaults/main.yml
Normal file
13
ansible/roles/haproxy-config/defaults/main.yml
Normal file
@ -0,0 +1,13 @@
|
||||
---
|
||||
haproxy_service_template: "haproxy_single_service_listen.cfg.j2"
|
||||
|
||||
# Extra frontend/backend options (additive with locally defined options)
|
||||
haproxy_frontend_http_extra:
|
||||
- "option httplog"
|
||||
- "option forwardfor"
|
||||
haproxy_frontend_tcp_extra:
|
||||
- "option tcplog"
|
||||
haproxy_backend_http_extra: []
|
||||
haproxy_backend_tcp_extra: []
|
||||
|
||||
haproxy_health_check: "check inter 2000 rise 2 fall 5"
|
17
ansible/roles/haproxy-config/handlers/main.yml
Normal file
17
ansible/roles/haproxy-config/handlers/main.yml
Normal file
@ -0,0 +1,17 @@
|
||||
---
|
||||
- name: Restart haproxy container
|
||||
become: true
|
||||
kolla_docker:
|
||||
action: "restart_container"
|
||||
name: haproxy
|
||||
when:
|
||||
- kolla_action != "config"
|
||||
- inventory_hostname in groups['haproxy']
|
||||
- enable_haproxy | bool
|
||||
notify:
|
||||
- Waiting for haproxy to start
|
||||
|
||||
- name: Waiting for haproxy to start
|
||||
wait_for:
|
||||
host: "{{ api_interface_address }}"
|
||||
port: "{{ haproxy_stats_port }}"
|
21
ansible/roles/haproxy-config/tasks/main.yml
Normal file
21
ansible/roles/haproxy-config/tasks/main.yml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
- name: "Copying over {{ project_name }} haproxy config"
|
||||
vars:
|
||||
service: "{{ item.value }}"
|
||||
haproxy_templates:
|
||||
- "{{ node_custom_config }}/haproxy-config/{{ inventory_hostname }}/{{ haproxy_service_template }}"
|
||||
- "{{ node_custom_config }}/haproxy-config/{{ haproxy_service_template }}"
|
||||
- "templates/{{ haproxy_service_template }}"
|
||||
template_file: "{{ query('first_found', haproxy_templates) | first }}"
|
||||
template:
|
||||
src: "{{ template_file }}"
|
||||
dest: "{{ node_config_directory }}/haproxy/services.d/{{ item.key }}.cfg"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when:
|
||||
- service.enabled | bool
|
||||
- service.haproxy is defined
|
||||
- enable_haproxy | bool
|
||||
with_dict: "{{ project_services }}"
|
||||
notify:
|
||||
- Restart haproxy container
|
@ -0,0 +1,91 @@
|
||||
#jinja2: lstrip_blocks: True
|
||||
{%- set tls_bind_info = 'ssl crt /etc/haproxy/haproxy.pem' if kolla_enable_tls_external|bool else '' %}
|
||||
|
||||
{%- macro userlist_macro(service_name, auth_user, auth_pass) %}
|
||||
userlist {{ service_name }}-user
|
||||
user {{ auth_user }} insecure-password {{ auth_pass }}
|
||||
{% endmacro %}
|
||||
|
||||
{%- macro listen_macro(service_name, service_port, service_mode, external,
|
||||
haproxy_http_extra, haproxy_tcp_extra, host_group,
|
||||
custom_member_list, auth_user, auth_pass) %}
|
||||
listen {{ service_name }}
|
||||
{% if service_mode == 'redirect' %}
|
||||
mode http
|
||||
{% else %}
|
||||
mode {{ service_mode }}
|
||||
{% endif %}
|
||||
{% if service_mode == 'http' %}
|
||||
{# Set up auth if required #}
|
||||
{% if auth_user and auth_pass %}
|
||||
acl auth_acl http_auth({{ service_name }}-user)
|
||||
http-request auth realm basicauth unless auth_acl
|
||||
{% endif %}
|
||||
{# Delete any pre-populated XFP header #}
|
||||
http-request del-header X-Forwarded-Proto
|
||||
{% for http_option in haproxy_http_extra %}
|
||||
{{ http_option }}
|
||||
{% endfor %}
|
||||
{% elif service_mode == 'tcp' %}
|
||||
{% for tcp_option in haproxy_tcp_extra %}
|
||||
{{ tcp_option }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% set tls_option = '' %}
|
||||
{% if external|bool %}
|
||||
{% set vip_address = kolla_external_vip_address %}
|
||||
{% if service_mode == 'http' %}
|
||||
{% set tls_option = tls_bind_info %}
|
||||
{# Replace the XFP header for external https requests #}
|
||||
http-request set-header X-Forwarded-Proto https if { ssl_fc }
|
||||
{% endif %}
|
||||
{% else %}
|
||||
{% set vip_address = kolla_internal_vip_address %}
|
||||
{% endif %}
|
||||
{{ "bind %s:%s %s"|e|format(vip_address, service_port, tls_option)|trim() }}
|
||||
{# Redirect mode sets a redirect scheme instead of members #}
|
||||
{% if service_mode == 'redirect' %}
|
||||
redirect scheme https code 301 if !{ ssl_fc }
|
||||
{% else %}
|
||||
{% if custom_member_list is not none %}
|
||||
{% for custom_member in custom_member_list %}
|
||||
{{ custom_member }}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
{% for host in groups[host_group] %}
|
||||
{% set api_interface = "ansible_%s"|format(hostvars[host]['api_interface']) %}
|
||||
{% set host_name = hostvars[host]['ansible_hostname'] %}
|
||||
{% set host_ip = hostvars[host][api_interface]['ipv4']['address'] %}
|
||||
server {{ host_name }} {{ host_ip }}:{{ service_port }} {{ haproxy_health_check }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endmacro %}
|
||||
|
||||
{%- set haproxy = service.haproxy|default({}) %}
|
||||
{%- for haproxy_name, haproxy_service in haproxy.items() %}
|
||||
{# External defaults to false #}
|
||||
{% set external = haproxy_service.external|default(false)|bool %}
|
||||
{# Skip anything that is external when the external vip is not enabled #}
|
||||
{% if haproxy_service.enabled|bool and (not external or haproxy_enable_external_vip|bool)%}
|
||||
{# Here we define variables and their defaults #}
|
||||
{# Custom member list can use jinja to generate a semicolon separated list #}
|
||||
{% set custom_member_list = haproxy_service.custom_member_list|default(none) %}
|
||||
{# Mode defaults to http #}
|
||||
{% set mode = haproxy_service.mode|default('http') %}
|
||||
{# Use the parent host group but allow it to be overridden #}
|
||||
{% set host_group = haproxy_service.host_group|default(service.group) %}
|
||||
{# Additional options can be defined in config, and are additive to the global extras #}
|
||||
{% set haproxy_tcp_extra = haproxy_service.frontend_tcp_extra|default([]) + haproxy_service.backend_tcp_extra|default([]) + haproxy_frontend_tcp_extra + haproxy_backend_tcp_extra %}
|
||||
{% set haproxy_http_extra = haproxy_service.frontend_http_extra|default([]) + haproxy_service.backend_http_extra|default([]) + haproxy_frontend_http_extra + haproxy_backend_http_extra %}
|
||||
{# Allow for basic auth #}
|
||||
{% set auth_user = haproxy_service.auth_user|default() %}
|
||||
{% set auth_pass = haproxy_service.auth_pass|default() %}
|
||||
{% if auth_user and auth_pass %}
|
||||
{{ userlist_macro(haproxy_name, auth_user, auth_pass) }}
|
||||
{% endif %}
|
||||
{{ listen_macro(haproxy_name, haproxy_service.port, mode, external,
|
||||
haproxy_http_extra, haproxy_tcp_extra, host_group,
|
||||
custom_member_list, auth_user, auth_pass) }}
|
||||
{% endif %}
|
||||
{%- endfor -%}
|
@ -0,0 +1,118 @@
|
||||
#jinja2: lstrip_blocks: True
|
||||
{%- set tls_bind_info = 'ssl crt /etc/haproxy/haproxy.pem' if kolla_enable_tls_external|bool else '' %}
|
||||
|
||||
{%- macro userlist_macro(service_name, auth_user, auth_pass) %}
|
||||
userlist {{ service_name }}-user
|
||||
user {{ auth_user }} insecure-password {{ auth_pass }}
|
||||
{% endmacro %}
|
||||
|
||||
{%- macro frontend_macro(service_name, service_port, service_mode, external,
|
||||
frontend_http_extra, frontend_tcp_extra) %}
|
||||
frontend {{ service_name }}_front
|
||||
{% if service_mode == 'redirect' %}
|
||||
mode http
|
||||
{% else %}
|
||||
mode {{ service_mode }}
|
||||
{% endif %}
|
||||
{% if service_mode == 'http' %}
|
||||
{# Delete any pre-populated XFP header #}
|
||||
http-request del-header X-Forwarded-Proto
|
||||
{% for http_option in frontend_http_extra %}
|
||||
{{ http_option }}
|
||||
{% endfor %}
|
||||
{% elif service_mode == 'tcp' %}
|
||||
{% for tcp_option in frontend_tcp_extra %}
|
||||
{{ tcp_option }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% set tls_option = '' %}
|
||||
{% if external|bool %}
|
||||
{% set vip_address = kolla_external_vip_address %}
|
||||
{% if service_mode == 'http' %}
|
||||
{% set tls_option = tls_bind_info %}
|
||||
{# Replace the XFP header for external https requests #}
|
||||
http-request set-header X-Forwarded-Proto https if { ssl_fc }
|
||||
{% endif %}
|
||||
{% else %}
|
||||
{% set vip_address = kolla_internal_vip_address %}
|
||||
{% endif %}
|
||||
{{ "bind %s:%s %s"|e|format(vip_address, service_port, tls_option)|trim() }}
|
||||
{# Redirect mode sets a redirect scheme instead of a backend #}
|
||||
{% if service_mode == 'redirect' %}
|
||||
redirect scheme https code 301 if !{ ssl_fc }
|
||||
{% else %}
|
||||
default_backend {{ service_name }}_back
|
||||
{% endif %}
|
||||
{% endmacro %}
|
||||
|
||||
{%- macro backend_macro(service_name, service_port, service_mode, host_group,
|
||||
custom_member_list, backend_http_extra,
|
||||
backend_tcp_extra, auth_user, auth_pass) %}
|
||||
backend {{ service_name }}_back
|
||||
{% if service_mode == 'redirect' %}
|
||||
mode http
|
||||
{% else %}
|
||||
mode {{ service_mode }}
|
||||
{% endif %}
|
||||
{% if service_mode == 'http' %}
|
||||
{# Set up auth if required #}
|
||||
{% if auth_user and auth_pass %}
|
||||
acl auth_acl http_auth({{ service_name }}-user)
|
||||
http-request auth realm basicauth unless auth_acl
|
||||
{% endif %}
|
||||
{% for http_option in backend_http_extra %}
|
||||
{{ http_option }}
|
||||
{% endfor %}
|
||||
{% elif service_mode == 'tcp' %}
|
||||
{% for tcp_option in backend_tcp_extra %}
|
||||
{{ tcp_option }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if custom_member_list is not none %}
|
||||
{% for custom_member in custom_member_list %}
|
||||
{{ custom_member }}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
{% for host in groups[host_group] %}
|
||||
{% set api_interface = "ansible_%s"|format(hostvars[host]['api_interface']) %}
|
||||
{% set host_name = hostvars[host]['ansible_hostname'] %}
|
||||
{% set host_ip = hostvars[host][api_interface]['ipv4']['address'] %}
|
||||
server {{ host_name }} {{ host_ip }}:{{ service_port }} {{ haproxy_health_check }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% endmacro %}
|
||||
|
||||
{%- set haproxy = service.haproxy|default({}) %}
|
||||
{%- for haproxy_name, haproxy_service in haproxy.items() %}
|
||||
{# External defaults to false #}
|
||||
{% set external = haproxy_service.external|default(false)|bool %}
|
||||
{# Skip anything that is external when the external vip is not enabled #}
|
||||
{% if haproxy_service.enabled|bool and (not external or haproxy_enable_external_vip|bool)%}
|
||||
{# Here we define variables and their defaults #}
|
||||
{# Custom member list can use jinja to generate a semicolon separated list #}
|
||||
{% set custom_member_list = haproxy_service.custom_member_list|default() %}
|
||||
{# Mode defaults to http #}
|
||||
{% set mode = haproxy_service.mode|default('http') %}
|
||||
{# Use the parent host group but allow it to be overridden #}
|
||||
{% set host_group = haproxy_service.host_group|default(service.group) %}
|
||||
{# Additional options can be defined in config, and are additive to the global extras #}
|
||||
{% set frontend_tcp_extra = haproxy_service.frontend_tcp_extra|default([]) + haproxy_frontend_tcp_extra %}
|
||||
{% set backend_tcp_extra = haproxy_service.backend_tcp_extra|default([]) %}
|
||||
{% set frontend_http_extra = haproxy_service.frontend_http_extra|default([]) + haproxy_frontend_http_extra %}
|
||||
{% set backend_http_extra = haproxy_service.backend_http_extra|default([]) %}
|
||||
{# Allow for basic auth #}
|
||||
{% set auth_user = haproxy_service.auth_user|default() %}
|
||||
{% set auth_pass = haproxy_service.auth_pass|default() %}
|
||||
{% if auth_user and auth_pass %}
|
||||
{{ userlist_macro(haproxy_name, auth_user, auth_pass) }}
|
||||
{% endif %}
|
||||
{{ frontend_macro(haproxy_name, haproxy_service.port, mode, external,
|
||||
frontend_http_extra, frontend_tcp_extra) }}
|
||||
{# Redirect (to https) is a special case, as it does not include a backend #}
|
||||
{% if haproxy_service.mode != 'redirect' %}
|
||||
{{ backend_macro(haproxy_name, haproxy_service.port, mode, host_group,
|
||||
custom_member_list, backend_http_extra, backend_tcp_extra,
|
||||
auth_user, auth_pass) }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{%- endfor -%}
|
@ -38,27 +38,12 @@ haproxy_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_
|
||||
haproxy_tag: "{{ openstack_release }}"
|
||||
haproxy_image_full: "{{ haproxy_image }}:{{ haproxy_tag }}"
|
||||
|
||||
haproxy_client_timeout: "1m"
|
||||
haproxy_server_timeout: "1m"
|
||||
|
||||
# Check http://www.haproxy.org/download/1.5/doc/configuration.txt for available options
|
||||
haproxy_defaults_balance: "roundrobin"
|
||||
|
||||
haproxy_glance_api_client_timeout: "6h"
|
||||
haproxy_glance_api_server_timeout: "6h"
|
||||
|
||||
haproxy_outward_rabbitmq_client_timeout: "1h"
|
||||
haproxy_outward_rabbitmq_server_timeout: "1h"
|
||||
|
||||
syslog_server: "{{ api_interface_address }}"
|
||||
syslog_haproxy_facility: "local1"
|
||||
|
||||
# Traffic mode. Valid options are [ multicast, unicast ]
|
||||
keepalived_traffic_mode: "multicast"
|
||||
|
||||
haproxy_listen_tcp_extra: []
|
||||
haproxy_listen_http_extra: []
|
||||
|
||||
# Extended global configuration, optimization options.
|
||||
haproxy_max_connections: 4000
|
||||
haproxy_processes: 1
|
||||
@ -66,3 +51,14 @@ haproxy_process_cpu_map: "no"
|
||||
|
||||
haproxy_dimensions: "{{ default_container_dimensions }}"
|
||||
keepalived_dimensions: "{{ default_container_dimensions }}"
|
||||
|
||||
# Default timeout values
|
||||
haproxy_http_request_timeout: "10s"
|
||||
haproxy_queue_timeout: "1m"
|
||||
haproxy_connect_timeout: "10s"
|
||||
haproxy_client_timeout: "1m"
|
||||
haproxy_server_timeout: "1m"
|
||||
haproxy_check_timeout: "10s"
|
||||
|
||||
# Check http://www.haproxy.org/download/1.5/doc/configuration.txt for available options
|
||||
haproxy_defaults_balance: "roundrobin"
|
||||
|
@ -3,8 +3,6 @@
|
||||
vars:
|
||||
service_name: "haproxy"
|
||||
service: "{{ haproxy_services[service_name] }}"
|
||||
config_json: "{{ haproxy_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
haproxy_container: "{{ check_haproxy_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
become: true
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -18,19 +16,13 @@
|
||||
- kolla_action != "config"
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or haproxy_cfg.changed | bool
|
||||
or haproxy_pem.changed | bool
|
||||
or haproxy_container.changed | bool
|
||||
notify:
|
||||
- Waiting for virtual IP to appear
|
||||
- Waiting for haproxy to start
|
||||
|
||||
- name: Restart keepalived container
|
||||
vars:
|
||||
service_name: "keepalived"
|
||||
service: "{{ haproxy_services[service_name] }}"
|
||||
config_json: "{{ haproxy_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
keepalived_container: "{{ check_haproxy_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
become: true
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -44,26 +36,15 @@
|
||||
- kolla_action != "config"
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or keepalived_conf.changed | bool
|
||||
or keepalived_container.changed | bool
|
||||
notify:
|
||||
- Waiting for virtual IP to appear
|
||||
|
||||
- name: Ensuring latest haproxy config is used
|
||||
command: docker exec haproxy /usr/local/bin/kolla_ensure_haproxy_latest_config
|
||||
register: status
|
||||
changed_when: status.stdout.find('changed') != -1
|
||||
when:
|
||||
- kolla_action != "config"
|
||||
- haproxy_config_jsons.changed | bool
|
||||
or haproxy_cfg.changed | bool
|
||||
or haproxy_pem.changed | bool
|
||||
- name: Waiting for haproxy to start
|
||||
wait_for:
|
||||
host: "{{ api_interface_address }}"
|
||||
port: "{{ haproxy_monitor_port }}"
|
||||
|
||||
- name: Waiting for virtual IP to appear
|
||||
wait_for:
|
||||
host: "{{ kolla_internal_vip_address }}"
|
||||
port: "{{ database_port }}"
|
||||
when:
|
||||
- enable_mariadb | bool
|
||||
or enable_external_mariadb_load_balancer | bool
|
||||
port: "{{ haproxy_monitor_port }}"
|
||||
|
@ -20,20 +20,32 @@
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ haproxy_services }}"
|
||||
|
||||
- name: Ensuring service config subdir exists
|
||||
vars:
|
||||
service: "{{ haproxy_services['haproxy'] }}"
|
||||
file:
|
||||
path: "{{ node_config_directory }}/haproxy/services.d"
|
||||
state: "directory"
|
||||
owner: "{{ config_owner_user }}"
|
||||
group: "{{ config_owner_group }}"
|
||||
mode: "0770"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
|
||||
- name: Copying over config.json files for services
|
||||
template:
|
||||
src: "{{ item.key }}.json.j2"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||
mode: "0660"
|
||||
become: true
|
||||
register: haproxy_config_jsons
|
||||
when:
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ haproxy_services }}"
|
||||
notify:
|
||||
- "Restart {{ item.key }} container"
|
||||
- Ensuring latest haproxy config is used
|
||||
|
||||
- name: Copying over haproxy.cfg
|
||||
vars:
|
||||
@ -43,17 +55,15 @@
|
||||
dest: "{{ node_config_directory }}/haproxy/haproxy.cfg"
|
||||
mode: "0660"
|
||||
become: true
|
||||
register: haproxy_cfg
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_first_found:
|
||||
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy.cfg"
|
||||
- "{{ node_custom_config }}/haproxy/haproxy.cfg"
|
||||
- "haproxy.cfg.j2"
|
||||
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_main.cfg"
|
||||
- "{{ node_custom_config }}/haproxy/haproxy_main.cfg"
|
||||
- "haproxy_main.cfg.j2"
|
||||
notify:
|
||||
- Restart haproxy container
|
||||
- Ensuring latest haproxy config is used
|
||||
|
||||
- name: Copying over keepalived.conf
|
||||
vars:
|
||||
@ -63,7 +73,6 @@
|
||||
dest: "{{ node_config_directory }}/keepalived/keepalived.conf"
|
||||
mode: "0660"
|
||||
become: true
|
||||
register: keepalived_conf
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
@ -82,7 +91,6 @@
|
||||
dest: "{{ node_config_directory }}/haproxy/{{ item }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
register: haproxy_pem
|
||||
when:
|
||||
- kolla_enable_tls_external | bool
|
||||
- inventory_hostname in groups[service.group]
|
||||
@ -91,7 +99,24 @@
|
||||
- "haproxy.pem"
|
||||
notify:
|
||||
- Restart haproxy container
|
||||
- Ensuring latest haproxy config is used
|
||||
|
||||
- name: Copying over haproxy start script
|
||||
vars:
|
||||
service: "{{ haproxy_services['haproxy'] }}"
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ node_config_directory }}/haproxy/haproxy_run.sh"
|
||||
mode: "0770"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_first_found:
|
||||
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_run.sh"
|
||||
- "{{ node_custom_config }}/haproxy/haproxy_run.sh"
|
||||
- "haproxy_run.sh.j2"
|
||||
notify:
|
||||
- Restart haproxy container
|
||||
|
||||
- name: Check haproxy containers
|
||||
become: true
|
||||
@ -103,7 +128,6 @@
|
||||
volumes: "{{ item.value.volumes }}"
|
||||
dimensions: "{{ item.value.dimensions }}"
|
||||
privileged: "{{ item.value.privileged | default(False) }}"
|
||||
register: check_haproxy_containers
|
||||
when:
|
||||
- kolla_action != "config"
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
|
@ -108,7 +108,7 @@
|
||||
|
||||
- name: Checking free port for HAProxy stats
|
||||
wait_for:
|
||||
host: "{{ kolla_internal_vip_address }}"
|
||||
host: "{{ api_interface_address }}"
|
||||
port: "{{ haproxy_stats_port }}"
|
||||
connect_timeout: 1
|
||||
timeout: 1
|
||||
@ -118,6 +118,31 @@
|
||||
- container_facts['haproxy'] is not defined
|
||||
- inventory_hostname in groups['haproxy']
|
||||
|
||||
- name: Checking free port for HAProxy monitor (api interface)
|
||||
wait_for:
|
||||
host: "{{ api_interface_address }}"
|
||||
port: "{{ haproxy_monitor_port }}"
|
||||
connect_timeout: 1
|
||||
timeout: 1
|
||||
state: stopped
|
||||
when:
|
||||
- enable_haproxy | bool
|
||||
- container_facts['haproxy'] is not defined
|
||||
- inventory_hostname in groups['haproxy']
|
||||
|
||||
- name: Checking free port for HAProxy monitor (vip interface)
|
||||
wait_for:
|
||||
host: "{{ kolla_internal_vip_address }}"
|
||||
port: "{{ haproxy_monitor_port }}"
|
||||
connect_timeout: 1
|
||||
timeout: 1
|
||||
state: stopped
|
||||
when:
|
||||
- enable_haproxy | bool
|
||||
- container_facts['haproxy'] is not defined
|
||||
- inventory_hostname in groups['haproxy']
|
||||
- api_interface_address != kolla_internal_vip_address
|
||||
|
||||
- name: Checking if kolla_internal_vip_address is in the same network as api_interface on all nodes
|
||||
command: ip -4 -o addr show dev {{ api_interface }}
|
||||
register: ip_addr_output
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,13 +1,24 @@
|
||||
{% set haproxy_cmd='/usr/sbin/haproxy -W -db' if kolla_base_distro in ['ubuntu'] else '/usr/sbin/haproxy-systemd-wrapper' %}
|
||||
{
|
||||
"command": "{{ haproxy_cmd }} -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid",
|
||||
"command": "/etc/haproxy/haproxy_run.sh",
|
||||
"config_files": [
|
||||
{
|
||||
"source": "{{ container_config_directory }}/haproxy_run.sh",
|
||||
"dest": "/etc/haproxy/haproxy_run.sh",
|
||||
"owner": "root",
|
||||
"perm": "0700"
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/haproxy.cfg",
|
||||
"dest": "/etc/haproxy/haproxy.cfg",
|
||||
"owner": "root",
|
||||
"perm": "0600"
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/services.d/",
|
||||
"dest": "/etc/haproxy/services.d",
|
||||
"owner": "root",
|
||||
"perm": "0700"
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/haproxy.pem",
|
||||
"dest": "/etc/haproxy/haproxy.pem",
|
||||
|
49
ansible/roles/haproxy/templates/haproxy_main.cfg.j2
Normal file
49
ansible/roles/haproxy/templates/haproxy_main.cfg.j2
Normal file
@ -0,0 +1,49 @@
|
||||
#jinja2: lstrip_blocks: True
|
||||
global
|
||||
chroot /var/lib/haproxy
|
||||
user haproxy
|
||||
group haproxy
|
||||
daemon
|
||||
log {{ syslog_server }}:{{ syslog_udp_port }} {{ syslog_haproxy_facility }}
|
||||
maxconn {{ haproxy_max_connections }}
|
||||
nbproc {{ haproxy_processes }}
|
||||
{% if haproxy_processes > 1 and haproxy_process_cpu_map | bool %}
|
||||
{% for cpu_idx in range(0, haproxy_processes) %}
|
||||
cpu-map {{ cpu_idx + 1 }} {{ cpu_idx }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
stats socket /var/lib/kolla/haproxy/haproxy.sock group kolla mode 660
|
||||
{% if kolla_enable_tls_external | bool %}
|
||||
ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES
|
||||
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11
|
||||
tune.ssl.default-dh-param 4096
|
||||
{% endif %}
|
||||
|
||||
defaults
|
||||
log global
|
||||
option redispatch
|
||||
retries 3
|
||||
timeout http-request {{ haproxy_http_request_timeout }}
|
||||
timeout queue {{ haproxy_queue_timeout }}
|
||||
timeout connect {{ haproxy_connect_timeout }}
|
||||
timeout client {{ haproxy_client_timeout }}
|
||||
timeout server {{ haproxy_server_timeout }}
|
||||
timeout check {{ haproxy_check_timeout }}
|
||||
balance {{ haproxy_defaults_balance }}
|
||||
|
||||
listen stats
|
||||
bind {{ api_interface_address }}:{{ haproxy_stats_port }}
|
||||
mode http
|
||||
stats enable
|
||||
stats uri /
|
||||
stats refresh 15s
|
||||
stats realm Haproxy\ Stats
|
||||
stats auth {{ haproxy_user }}:{{ haproxy_password }}
|
||||
|
||||
frontend status
|
||||
bind {{ api_interface_address }}:{{ haproxy_monitor_port }}
|
||||
{% if api_interface_address != kolla_internal_vip_address %}
|
||||
bind {{ kolla_internal_vip_address }}:{{ haproxy_monitor_port }}
|
||||
{% endif %}
|
||||
mode http
|
||||
monitor-uri /
|
10
ansible/roles/haproxy/templates/haproxy_run.sh.j2
Normal file
10
ansible/roles/haproxy/templates/haproxy_run.sh.j2
Normal file
@ -0,0 +1,10 @@
|
||||
#!/bin/bash -x
|
||||
{% set haproxy_cmd='/usr/sbin/haproxy -W -db' if kolla_base_distro in ['ubuntu'] else '/usr/sbin/haproxy-systemd-wrapper' %}
|
||||
|
||||
# We need to run haproxy with one `-f` for each service, because including an
|
||||
# entire config directory was not a feature until version 1.7 of HAProxy.
|
||||
# So, append "-f $cfg" to the haproxy command for each service file.
|
||||
# This will run haproxy_cmd *exactly once*.
|
||||
find /etc/haproxy/services.d/ -mindepth 1 -print0 | \
|
||||
xargs -0 -Icfg echo -f cfg | \
|
||||
xargs {{ haproxy_cmd }} -p /run/haproxy.pid -f /etc/haproxy/haproxy.cfg
|
@ -13,6 +13,17 @@ heat_services:
|
||||
- "{{ kolla_dev_repos_directory ~ '/heat/heat:/var/lib/kolla/venv/lib/python2.7/site-packages/heat' if heat_dev_mode | bool else '' }}"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ heat_api_dimensions }}"
|
||||
haproxy:
|
||||
heat_api:
|
||||
enabled: "{{ enable_heat }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ heat_api_port }}"
|
||||
heat_api_external:
|
||||
enabled: "{{ enable_heat }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ heat_api_port }}"
|
||||
heat-api-cfn:
|
||||
container_name: heat_api_cfn
|
||||
group: heat-api-cfn
|
||||
@ -24,6 +35,17 @@ heat_services:
|
||||
- "{{ kolla_dev_repos_directory ~ '/heat/heat:/var/lib/kolla/venv/lib/python2.7/site-packages/heat' if heat_dev_mode | bool else '' }}"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ heat_api_cfn_dimensions }}"
|
||||
haproxy:
|
||||
heat_api_cfn:
|
||||
enabled: "{{ enable_heat }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ heat_api_cfn_port }}"
|
||||
heat_api_cfn_external:
|
||||
enabled: "{{ enable_heat }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ heat_api_cfn_port }}"
|
||||
heat-engine:
|
||||
container_name: heat_engine
|
||||
group: heat-engine
|
||||
|
7
ansible/roles/heat/tasks/loadbalancer.yml
Normal file
7
ansible/roles/heat/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ heat_services }}"
|
||||
tags: always
|
@ -43,6 +43,26 @@ horizon_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "/tmp:/tmp"
|
||||
dimensions: "{{ horizon_dimensions }}"
|
||||
haproxy:
|
||||
horizon:
|
||||
enabled: "{{ enable_horizon }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ horizon_port }}"
|
||||
frontend_http_extra:
|
||||
- "balance source"
|
||||
horizon_external:
|
||||
enabled: "{{ enable_horizon }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{% if kolla_enable_tls_external|bool %}443{% else %}{{ horizon_port }}{% endif %}"
|
||||
frontend_http_extra:
|
||||
- "balance source"
|
||||
horizon_external_redirect:
|
||||
enabled: "{{ enable_horizon|bool and kolla_enable_tls_external|bool }}"
|
||||
mode: "redirect"
|
||||
external: true
|
||||
port: "{{ horizon_port }}"
|
||||
horizon_keystone_domain_choices:
|
||||
Default: default
|
||||
|
||||
|
7
ansible/roles/horizon/tasks/loadbalancer.yml
Normal file
7
ansible/roles/horizon/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ horizon_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ influxdb_services:
|
||||
- "influxdb:/var/lib/influxdb"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ influxdb_dimensions }}"
|
||||
haproxy:
|
||||
influxdb_admin:
|
||||
enabled: "{{ enable_influxdb }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ influxdb_admin_port }}"
|
||||
influxdb_http:
|
||||
enabled: "{{ enable_influxdb }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ influxdb_http_port }}"
|
||||
|
||||
|
||||
####################
|
||||
|
7
ansible/roles/influxdb/tasks/loadbalancer.yml
Normal file
7
ansible/roles/influxdb/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ influxdb_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ ironic_services:
|
||||
- "kolla_logs:/var/log/kolla"
|
||||
- "{{ kolla_dev_repos_directory ~ '/ironic/ironic:/var/lib/kolla/venv/lib/python2.7/site-packages/ironic' if ironic_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ ironic_api_dimensions }}"
|
||||
haproxy:
|
||||
ironic_api:
|
||||
enabled: "{{ enable_ironic }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ ironic_api_port }}"
|
||||
ironic_api_external:
|
||||
enabled: "{{ enable_ironic }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ ironic_api_port }}"
|
||||
ironic-conductor:
|
||||
container_name: ironic_conductor
|
||||
group: ironic-conductor
|
||||
@ -44,6 +55,17 @@ ironic_services:
|
||||
- "kolla_logs:/var/log/kolla"
|
||||
- "{{ kolla_dev_repos_directory ~ '/ironic-inspector/ironic_inspector:/var/lib/kolla/venv/lib/python2.7/site-packages/ironic_inspector' if ironic_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ ironic_inspector_dimensions }}"
|
||||
haproxy:
|
||||
ironic_inspector:
|
||||
enabled: "{{ enable_ironic }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ ironic_inspector_port }}"
|
||||
ironic_inspector_external:
|
||||
enabled: "{{ enable_ironic }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ ironic_inspector_port }}"
|
||||
ironic-pxe:
|
||||
container_name: ironic_pxe
|
||||
group: ironic-pxe
|
||||
|
7
ansible/roles/ironic/tasks/loadbalancer.yml
Normal file
7
ansible/roles/ironic/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ ironic_services }}"
|
||||
tags: always
|
@ -12,6 +12,17 @@ karbor_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ karbor_api_dimensions }}"
|
||||
haproxy:
|
||||
karbor_api:
|
||||
enabled: "{{ enable_karbor }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ karbor_api_port }}"
|
||||
karbor_api_external:
|
||||
enabled: "{{ enable_karbor }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ karbor_api_port }}"
|
||||
karbor-protection:
|
||||
container_name: karbor_protection
|
||||
group: karbor-protection
|
||||
|
7
ansible/roles/karbor/tasks/loadbalancer.yml
Normal file
7
ansible/roles/karbor/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ karbor_services }}"
|
||||
tags: always
|
@ -14,6 +14,22 @@ keystone_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{% if keystone_token_provider == 'fernet' %}keystone_fernet_tokens:/etc/keystone/fernet-keys{% endif %}"
|
||||
dimensions: "{{ keystone_dimensions }}"
|
||||
haproxy:
|
||||
keystone_internal:
|
||||
enabled: "{{ enable_keystone }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ keystone_public_port }}"
|
||||
keystone_external:
|
||||
enabled: "{{ enable_keystone }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ keystone_public_port }}"
|
||||
keystone_admin:
|
||||
enabled: "{{ enable_keystone }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ keystone_admin_port }}"
|
||||
keystone-ssh:
|
||||
container_name: "keystone_ssh"
|
||||
group: "keystone"
|
||||
|
7
ansible/roles/keystone/tasks/loadbalancer.yml
Normal file
7
ansible/roles/keystone/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ keystone_services }}"
|
||||
tags: always
|
@ -12,6 +12,21 @@ kibana_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ kibana_dimensions }}"
|
||||
haproxy:
|
||||
kibana:
|
||||
enabled: "{{ enable_kibana }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ kibana_server_port }}"
|
||||
auth_user: "{{ kibana_user }}"
|
||||
auth_pass: "{{ kibana_password }}"
|
||||
kibana_external:
|
||||
enabled: "{{ enable_kibana }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ kibana_server_port }}"
|
||||
auth_user: "{{ kibana_user }}"
|
||||
auth_pass: "{{ kibana_password }}"
|
||||
|
||||
|
||||
####################
|
||||
|
7
ansible/roles/kibana/tasks/loadbalancer.yml
Normal file
7
ansible/roles/kibana/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ kibana_services }}"
|
||||
tags: always
|
@ -15,6 +15,17 @@ magnum_services:
|
||||
- "{{ kolla_dev_repos_directory ~ '/magnum/magnum:/var/lib/kolla/venv/lib/python2.7/site-packages/magnum' if magnum_dev_mode | bool else '' }}"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ magnum_api_dimensions }}"
|
||||
haproxy:
|
||||
magnum_api:
|
||||
enabled: "{{ enable_magnum }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ magnum_api_port }}"
|
||||
magnum_api_external:
|
||||
enabled: "{{ enable_magnum }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ magnum_api_port }}"
|
||||
magnum-conductor:
|
||||
container_name: magnum_conductor
|
||||
group: magnum-conductor
|
||||
|
7
ansible/roles/magnum/tasks/loadbalancer.yml
Normal file
7
ansible/roles/magnum/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ magnum_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ manila_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/manila/manila:/var/lib/kolla/venv/lib/python2.7/site-packages/manila' if manila_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ manila_api_dimensions }}"
|
||||
haproxy:
|
||||
manila_api:
|
||||
enabled: "{{ enable_manila }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ manila_api_port }}"
|
||||
manila_api_external:
|
||||
enabled: "{{ enable_manila }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ manila_api_port }}"
|
||||
manila-scheduler:
|
||||
container_name: "manila_scheduler"
|
||||
group: "manila-scheduler"
|
||||
|
7
ansible/roles/manila/tasks/loadbalancer.yml
Normal file
7
ansible/roles/manila/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ manila_services }}"
|
||||
tags: always
|
@ -13,7 +13,30 @@ mariadb_services:
|
||||
- "mariadb:/var/lib/mysql"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ mariadb_dimensions }}"
|
||||
|
||||
haproxy:
|
||||
mariadb:
|
||||
enabled: "{{ enable_mariadb|bool and not enable_external_mariadb_load_balancer|bool }}"
|
||||
mode: "tcp"
|
||||
port: "{{ mariadb_port }}"
|
||||
frontend_tcp_extra:
|
||||
- "option clitcpka"
|
||||
- "timeout client 3600s"
|
||||
backend_tcp_extra:
|
||||
- "option srvtcpka"
|
||||
- "timeout server 3600s"
|
||||
- "option mysql-check user haproxy post-41"
|
||||
custom_member_list: "{{ internal_haproxy_members.split(';') }}"
|
||||
mariadb_external_lb:
|
||||
enabled: "{{ enable_mariadb|bool and enable_external_mariadb_load_balancer|bool }}"
|
||||
mode: "tcp"
|
||||
port: "{{ mariadb_port }}"
|
||||
frontend_tcp_extra:
|
||||
- "option clitcpka"
|
||||
- "timeout client 3600s"
|
||||
backend_tcp_extra:
|
||||
- "option srvtcpka"
|
||||
- "timeout server 3600s"
|
||||
custom_member_list: "{{ external_haproxy_members.split(';') }}"
|
||||
|
||||
####################
|
||||
# Database
|
||||
@ -21,6 +44,12 @@ mariadb_services:
|
||||
database_cluster_name: "openstack"
|
||||
database_max_timeout: 120
|
||||
|
||||
####################
|
||||
# HAProxy
|
||||
####################
|
||||
internal_haproxy_members: "{% for host in groups['mariadb'] %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mariadb_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}"
|
||||
external_haproxy_members: "{% for host in groups['mariadb'] %}server {{ host }} {{ host }}:{{ mariadb_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}"
|
||||
|
||||
####################
|
||||
# Docker
|
||||
####################
|
||||
|
7
ansible/roles/mariadb/tasks/loadbalancer.yml
Normal file
7
ansible/roles/mariadb/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ mariadb_services }}"
|
||||
tags: always
|
@ -11,7 +11,23 @@ memcached_services:
|
||||
- "{{ node_config_directory }}/memcached/:{{ container_config_directory }}/:ro"
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
dimensions: "{{ memcached_dimensions }}"
|
||||
haproxy:
|
||||
memcached:
|
||||
enabled: "{{ enable_memcached|bool and enable_haproxy_memcached|bool }}"
|
||||
mode: "tcp"
|
||||
port: "{{ memcached_port }}"
|
||||
frontend_tcp_extra:
|
||||
- "option clitcpka"
|
||||
- "timeout client 3600s"
|
||||
backend_tcp_extra:
|
||||
- "option srvtcpka"
|
||||
- "timeout server 3600s"
|
||||
custom_member_list: "{{ haproxy_members.split(';') }}"
|
||||
|
||||
####################
|
||||
# HAProxy
|
||||
####################
|
||||
haproxy_members: "{% for host in groups['memcached'] %}server {{ host }} {{ host }}:{{ memcached_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}"
|
||||
|
||||
####################
|
||||
# Docker
|
||||
|
7
ansible/roles/memcached/tasks/loadbalancer.yml
Normal file
7
ansible/roles/memcached/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ memcached_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ mistral_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/mistral/mistral:/var/lib/kolla/venv/lib/python2.7/site-packages/mistral' if mistral_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ mistral_api_dimensions }}"
|
||||
haproxy:
|
||||
mistral_api:
|
||||
enabled: "{{ enable_mistral }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ mistral_api_port }}"
|
||||
mistral_api_external:
|
||||
enabled: "{{ enable_mistral }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ mistral_api_port }}"
|
||||
mistral-engine:
|
||||
container_name: mistral_engine
|
||||
group: mistral-engine
|
||||
|
7
ansible/roles/mistral/tasks/loadbalancer.yml
Normal file
7
ansible/roles/mistral/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ mistral_services }}"
|
||||
tags: always
|
@ -10,6 +10,17 @@ monasca_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla"
|
||||
dimensions: "{{ monasca_api_dimensions }}"
|
||||
haproxy:
|
||||
monasca_api:
|
||||
enabled: "{{ enable_monasca }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ monasca_api_port }}"
|
||||
monasca_api_external:
|
||||
enabled: "{{ enable_monasca }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ monasca_api_port }}"
|
||||
monasca-log-api:
|
||||
container_name: monasca_log_api
|
||||
group: monasca-log-api
|
||||
@ -20,6 +31,17 @@ monasca_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla"
|
||||
dimensions: "{{ monasca_log_api_dimensions }}"
|
||||
haproxy:
|
||||
monasca_log_api:
|
||||
enabled: "{{ enable_monasca }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ monasca_log_api_port }}"
|
||||
monasca_log_api_external:
|
||||
enabled: "{{ enable_monasca }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ monasca_log_api_port }}"
|
||||
monasca-log-transformer:
|
||||
container_name: monasca_log_transformer
|
||||
group: monasca-log-transformer
|
||||
|
7
ansible/roles/monasca/tasks/loadbalancer.yml
Normal file
7
ansible/roles/monasca/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ monasca_services }}"
|
||||
tags: always
|
@ -14,6 +14,12 @@ mongodb_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "mongodb:/var/lib/mongodb"
|
||||
dimensions: "{{ mongodb_dimensions }}"
|
||||
haproxy:
|
||||
mongodb:
|
||||
enabled: "{{ enable_mongodb }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ mongodb_port }}"
|
||||
|
||||
|
||||
####################
|
||||
|
7
ansible/roles/mongodb/tasks/loadbalancer.yml
Normal file
7
ansible/roles/mongodb/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ mongodb_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ murano_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ murano_api_dimensions }}"
|
||||
haproxy:
|
||||
murano_api:
|
||||
enabled: "{{ enable_murano }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ murano_api_port }}"
|
||||
murano_api_external:
|
||||
enabled: "{{ enable_murano }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ murano_api_port }}"
|
||||
murano-engine:
|
||||
container_name: murano_engine
|
||||
group: murano-engine
|
||||
|
7
ansible/roles/murano/tasks/loadbalancer.yml
Normal file
7
ansible/roles/murano/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ murano_services }}"
|
||||
tags: always
|
@ -13,6 +13,19 @@ neutron_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ neutron_server_dimensions }}"
|
||||
haproxy:
|
||||
neutron_server:
|
||||
enabled: "{{ enable_neutron }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ neutron_server_port }}"
|
||||
frontend_http_extra:
|
||||
- "option http-tunnel"
|
||||
neutron_server_external:
|
||||
enabled: "{{ enable_neutron }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ neutron_server_port }}"
|
||||
neutron-openvswitch-agent:
|
||||
container_name: "neutron_openvswitch_agent"
|
||||
image: "{{ neutron_openvswitch_agent_image_full }}"
|
||||
|
7
ansible/roles/neutron/tasks/loadbalancer.yml
Normal file
7
ansible/roles/neutron/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ neutron_services }}"
|
||||
tags: always
|
@ -47,6 +47,17 @@ nova_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ placement_api_dimensions }}"
|
||||
haproxy:
|
||||
placement_api:
|
||||
enabled: "{{ enable_nova }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ placement_api_port }}"
|
||||
placement_api_external:
|
||||
enabled: "{{ enable_nova }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ placement_api_port }}"
|
||||
nova-api:
|
||||
container_name: "nova_api"
|
||||
group: "nova-api"
|
||||
@ -60,6 +71,33 @@ nova_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ nova_api_dimensions }}"
|
||||
haproxy:
|
||||
nova_api:
|
||||
enabled: "{{ enable_nova }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ nova_api_port }}"
|
||||
nova_api_external:
|
||||
enabled: "{{ enable_nova }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ nova_api_port }}"
|
||||
nova_metadata:
|
||||
enabled: "{{ enable_nova }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ nova_metadata_port }}"
|
||||
nova_metadata_external:
|
||||
enabled: "{{ enable_nova }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ nova_metadata_port }}"
|
||||
nova_rdp:
|
||||
enabled: "{{ enable_nova|bool and nova_console == 'rdp' }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ rdp_port }}"
|
||||
host_group: "hyperv"
|
||||
nova-consoleauth:
|
||||
container_name: "nova_consoleauth"
|
||||
group: "nova-consoleauth"
|
||||
@ -82,6 +120,19 @@ nova_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ nova_novncproxy_dimensions }}"
|
||||
haproxy:
|
||||
nova_novncproxy:
|
||||
enabled: "{{ enable_nova|bool and nova_console == 'novnc' }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ nova_novncproxy_port }}"
|
||||
backend_http_extra:
|
||||
- "timeout tunnel 1h"
|
||||
nova_novncproxy_external:
|
||||
enabled: "{{ enable_nova|bool and nova_console == 'novnc' }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ nova_novncproxy_port }}"
|
||||
nova-scheduler:
|
||||
container_name: "nova_scheduler"
|
||||
group: "nova-scheduler"
|
||||
@ -104,6 +155,17 @@ nova_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ nova_spicehtml5proxy_dimensions }}"
|
||||
haproxy:
|
||||
nova_spicehtml5proxy:
|
||||
enabled: "{{ enable_nova|bool and nova_console == 'spice' }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ nova_spicehtml5proxy_port }}"
|
||||
nova_spicehtml5proxy_external:
|
||||
enabled: "{{ enable_nova|bool and nova_console == 'spice' }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ nova_spicehtml5proxy_port }}"
|
||||
nova-serialproxy:
|
||||
container_name: "nova_serialproxy"
|
||||
group: "nova-serialproxy"
|
||||
@ -115,6 +177,17 @@ nova_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ nova_serialproxy_dimensions }}"
|
||||
haproxy:
|
||||
nova_serialconsole_proxy:
|
||||
enabled: "{{ enable_nova|bool and enable_nova_serialconsole_proxy|bool }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ nova_serialproxy_port }}"
|
||||
nova_serialconsole_proxy_external:
|
||||
enabled: "{{ enable_nova|bool and enable_nova_serialconsole_proxy|bool }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ nova_serialproxy_port }}"
|
||||
nova-conductor:
|
||||
container_name: "nova_conductor"
|
||||
group: "nova-conductor"
|
||||
|
7
ansible/roles/nova/tasks/loadbalancer.yml
Normal file
7
ansible/roles/nova/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ nova_services }}"
|
||||
tags: always
|
@ -12,6 +12,17 @@ octavia_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ octavia_api_dimensions }}"
|
||||
haproxy:
|
||||
octavia_api:
|
||||
enabled: "{{ enable_octavia }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ octavia_api_port }}"
|
||||
octavia_api_external:
|
||||
enabled: "{{ enable_octavia }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ octavia_api_port }}"
|
||||
octavia-health-manager:
|
||||
container_name: octavia_health_manager
|
||||
group: octavia-health-manager
|
||||
|
7
ansible/roles/octavia/tasks/loadbalancer.yml
Normal file
7
ansible/roles/octavia/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ octavia_services }}"
|
||||
tags: always
|
@ -14,6 +14,33 @@ opendaylight_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ opendaylight_dimensions }}"
|
||||
haproxy:
|
||||
opendaylight_api:
|
||||
enabled: "{{ enable_opendaylight }}"
|
||||
mode: "http"
|
||||
port: "{{ opendaylight_haproxy_restconf_port }}"
|
||||
backend_http_extra:
|
||||
- "balance source"
|
||||
custom_member_list: "{{ api_haproxy_members.split(';') }}"
|
||||
opendaylight_api_backup:
|
||||
enabled: "{{ enable_opendaylight }}"
|
||||
mode: "http"
|
||||
port: "{{ opendaylight_haproxy_restconf_port_backup }}"
|
||||
backend_http_extra:
|
||||
- "balance source"
|
||||
custom_member_list: "{{ backup_api_haproxy_members.split(';') }}"
|
||||
opendaylight_websocket:
|
||||
enabled: "{{ enable_opendaylight }}"
|
||||
mode: "http"
|
||||
port: "{{ opendaylight_websocket_port }}"
|
||||
backend_http_extra:
|
||||
- "balance source"
|
||||
|
||||
####################
|
||||
# HAProxy
|
||||
####################
|
||||
api_haproxy_members: "{% for host in groups['opendaylight'] %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ opendaylight_restconf_port }} check inter 2000 rise 2 fall 5;{% endfor %}"
|
||||
backup_api_haproxy_members: "{% for host in groups['opendaylight'] %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ opendaylight_restconf_port_backup }} check inter 2000 rise 2 fall 5;{% endfor %}"
|
||||
|
||||
####################
|
||||
# Docker
|
||||
|
7
ansible/roles/opendaylight/tasks/loadbalancer.yml
Normal file
7
ansible/roles/opendaylight/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ opendaylight_services }}"
|
||||
tags: always
|
@ -12,6 +12,17 @@ panko_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ panko_api_dimensions }}"
|
||||
haproxy:
|
||||
panko_api:
|
||||
enabled: "{{ enable_panko }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ panko_api_port }}"
|
||||
panko_api_external:
|
||||
enabled: "{{ enable_panko }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ panko_api_port }}"
|
||||
|
||||
|
||||
####################
|
||||
|
7
ansible/roles/panko/tasks/loadbalancer.yml
Normal file
7
ansible/roles/panko/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ panko_services }}"
|
||||
tags: always
|
@ -13,6 +13,12 @@ prometheus_services:
|
||||
- "prometheus:/var/lib/prometheus"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ prometheus_server_dimensions }}"
|
||||
haproxy:
|
||||
prometheus_server:
|
||||
enabled: "{{ enable_prometheus }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ prometheus_port }}"
|
||||
prometheus-node-exporter:
|
||||
container_name: prometheus_node_exporter
|
||||
group: prometheus-node-exporter
|
||||
@ -83,6 +89,21 @@ prometheus_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "prometheus:/var/lib/prometheus"
|
||||
dimensions: "{{ prometheus_alertmanager_dimensions }}"
|
||||
haproxy:
|
||||
prometheus_alertmanager:
|
||||
enabled: "{{ enable_prometheus_alertmanager }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ prometheus_alertmanager_port }}"
|
||||
auth_user: "{{ prometheus_alertmanager_user }}"
|
||||
auth_pass: "{{ prometheus_alertmanager_password }}"
|
||||
prometheus_alertmanager_external:
|
||||
enabled: "{{ enable_prometheus_alertmanager }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ prometheus_alertmanager_port }}"
|
||||
auth_user: "{{ prometheus_alertmanager_user }}"
|
||||
auth_pass: "{{ prometheus_alertmanager_password }}"
|
||||
|
||||
####################
|
||||
# Database
|
||||
|
7
ansible/roles/prometheus/tasks/loadbalancer.yml
Normal file
7
ansible/roles/prometheus/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ prometheus_services }}"
|
||||
tags: always
|
@ -22,6 +22,34 @@ rabbitmq_services:
|
||||
- "{{ project_name }}:/var/lib/rabbitmq/"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ rabbitmq_dimensions }}"
|
||||
haproxy:
|
||||
rabbitmq_management:
|
||||
enabled: "{{ enable_rabbitmq }}"
|
||||
mode: "http"
|
||||
port: "{{ rabbitmq_management_port }}"
|
||||
host_group: "rabbitmq"
|
||||
rabbitmq_outward_management:
|
||||
enabled: "{{ enable_outward_rabbitmq }}"
|
||||
mode: "http"
|
||||
port: "{{ outward_rabbitmq_management_port }}"
|
||||
host_group: "outward-rabbitmq"
|
||||
rabbitmq_outward_external:
|
||||
enabled: "{{ enable_outward_rabbitmq }}"
|
||||
mode: "tcp"
|
||||
external: true
|
||||
port: "{{ outward_rabbitmq_port }}"
|
||||
host_group: "outward-rabbitmq"
|
||||
frontend_tcp_extra:
|
||||
- "timeout client {{ haproxy_outward_rabbitmq_client_timeout }}"
|
||||
backend_tcp_extra:
|
||||
- "timeout server {{ haproxy_outward_rabbitmq_server_timeout }}"
|
||||
|
||||
|
||||
####################
|
||||
# HAProxy
|
||||
####################
|
||||
haproxy_outward_rabbitmq_client_timeout: "1h"
|
||||
haproxy_outward_rabbitmq_server_timeout: "1h"
|
||||
|
||||
|
||||
####################
|
||||
|
7
ansible/roles/rabbitmq/tasks/loadbalancer.yml
Normal file
7
ansible/roles/rabbitmq/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ rabbitmq_services }}"
|
||||
tags: always
|
@ -14,6 +14,17 @@ sahara_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/sahara/sahara:/var/lib/kolla/venv/lib/python2.7/site-packages/sahara' if sahara_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ sahara_api_dimensions }}"
|
||||
haproxy:
|
||||
sahara_api:
|
||||
enabled: "{{ enable_sahara }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ sahara_api_port }}"
|
||||
sahara_api_external:
|
||||
enabled: "{{ enable_sahara }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ sahara_api_port }}"
|
||||
sahara-engine:
|
||||
container_name: sahara_engine
|
||||
group: sahara-engine
|
||||
|
7
ansible/roles/sahara/tasks/loadbalancer.yml
Normal file
7
ansible/roles/sahara/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ sahara_services }}"
|
||||
tags: always
|
@ -12,6 +12,17 @@ searchlight_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ searchlight_api_dimensions }}"
|
||||
haproxy:
|
||||
searchlight_api:
|
||||
enabled: "{{ enable_searchlight }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ searchlight_api_port }}"
|
||||
searchlight_api_external:
|
||||
enabled: "{{ enable_searchlight }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ searchlight_api_port }}"
|
||||
searchlight-listener:
|
||||
container_name: searchlight_listener
|
||||
group: searchlight-listener
|
||||
|
7
ansible/roles/searchlight/tasks/loadbalancer.yml
Normal file
7
ansible/roles/searchlight/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ searchlight_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ senlin_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/senlin/senlin:/var/lib/kolla/venv/lib/python2.7/site-packages/senlin' if senlin_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ senlin_api_dimensions }}"
|
||||
haproxy:
|
||||
senlin_api:
|
||||
enabled: "{{ enable_senlin }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ senlin_api_port }}"
|
||||
senlin_api_external:
|
||||
enabled: "{{ enable_senlin }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ senlin_api_port }}"
|
||||
senlin-engine:
|
||||
container_name: senlin_engine
|
||||
group: senlin-engine
|
||||
|
7
ansible/roles/senlin/tasks/loadbalancer.yml
Normal file
7
ansible/roles/senlin/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ senlin_services }}"
|
||||
tags: always
|
@ -12,6 +12,17 @@ skydive_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ skydive_analyzer_dimensions }}"
|
||||
haproxy:
|
||||
skydive_server:
|
||||
enabled: "{{ enable_skydive }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ skydive_analyzer_port }}"
|
||||
skydive_server_external:
|
||||
enabled: "{{ enable_skydive }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ skydive_analyzer_port }}"
|
||||
skydive-agent:
|
||||
container_name: skydive_agent
|
||||
group: skydive-agent
|
||||
|
7
ansible/roles/skydive/tasks/loadbalancer.yml
Normal file
7
ansible/roles/skydive/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ skydive_services }}"
|
||||
tags: always
|
@ -35,6 +35,31 @@ solum_services:
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
- "{{ kolla_dev_repos_directory ~ '/solum/solum:/var/lib/kolla/venv/lib/python2.7/site-packages/solum' if solum_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ solum_deployer_dimensions }}"
|
||||
haproxy:
|
||||
solum_application_deployment:
|
||||
enabled: "{{ enable_solum }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ solum_application_deployment_port }}"
|
||||
host_group: "solum-application-deployment"
|
||||
solum_application_deployment_external:
|
||||
enabled: "{{ enable_solum }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ solum_application_deployment_port }}"
|
||||
host_group: "solum-application-deployment"
|
||||
solum_image_builder:
|
||||
enabled: "{{ enable_solum }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ solum_image_builder_port }}"
|
||||
host_group: "solum-image-builder"
|
||||
solum_image_builder_external:
|
||||
enabled: "{{ enable_solum }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ solum_image_builder_port }}"
|
||||
host_group: "solum-image-builder"
|
||||
solum-conductor:
|
||||
container_name: solum_conductor
|
||||
group: solum-conductor
|
||||
@ -47,7 +72,6 @@ solum_services:
|
||||
- "{{ kolla_dev_repos_directory ~ '/solum/solum:/var/lib/kolla/venv/lib/python2.7/site-packages/solum' if solum_dev_mode | bool else '' }}"
|
||||
dimensions: "{{ solum_conductor_dimensions }}"
|
||||
|
||||
|
||||
####################
|
||||
# Database
|
||||
####################
|
||||
|
7
ansible/roles/solum/tasks/loadbalancer.yml
Normal file
7
ansible/roles/solum/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ solum_services }}"
|
||||
tags: always
|
@ -1,6 +1,22 @@
|
||||
---
|
||||
project_name: "swift"
|
||||
|
||||
swift_services:
|
||||
swift-api:
|
||||
group: swift-proxy-server
|
||||
enabled: true
|
||||
haproxy:
|
||||
swift_api:
|
||||
enabled: "{{ enable_swift }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ swift_proxy_server_port }}"
|
||||
swift_api_external:
|
||||
enabled: "{{ enable_swift }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ swift_proxy_server_port }}"
|
||||
|
||||
####################
|
||||
# Docker
|
||||
####################
|
||||
|
7
ansible/roles/swift/tasks/loadbalancer.yml
Normal file
7
ansible/roles/swift/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ swift_services }}"
|
||||
tags: always
|
@ -13,6 +13,17 @@ tacker_services:
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla/"
|
||||
dimensions: "{{ tacker_server_dimensions }}"
|
||||
haproxy:
|
||||
tacker_server:
|
||||
enabled: "{{ enable_tacker }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
port: "{{ tacker_server_port }}"
|
||||
tacker_server_external:
|
||||
enabled: "{{ enable_tacker }}"
|
||||
mode: "http"
|
||||
external: true
|
||||
port: "{{ tacker_server_port }}"
|
||||
tacker-conductor:
|
||||
container_name: "tacker_conductor"
|
||||
group: "tacker-conductor"
|
||||
|
7
ansible/roles/tacker/tasks/loadbalancer.yml
Normal file
7
ansible/roles/tacker/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "Configure haproxy for {{ project_name }}"
|
||||
import_role:
|
||||
role: haproxy-config
|
||||
vars:
|
||||
project_services: "{{ tacker_services }}"
|
||||
tags: always
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user