Marius Cornea 50de0269d0 Set balance to source for openshift_router endpoints
Currently the haproxy loadbalancer set by TripleO uses balance
roundrobin. According to this Openshift HA configuration example[1]
it uses balance source for both the API and the router backends.
This way we ensure that all traffic from a user’s session goes to
the same node(sticky sessions).

[1] https://blog.openshift.com/keeping-both-of-your-openshift-container-platforms-highly-available-with-keepalived-and-haproxy/

Change-Id: I0be466f7d30748fc46fc69f098bf5aa7eb980aa2
2018-11-30 13:57:32 -05:00

83 lines
2.7 KiB
YAML

heat_template_version: rocky
description: External tasks definition for OpenShift
parameters:
RoleNetIpMap:
default: {}
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
# TODO(mandre) This is unused. Remove it or make it OpenShiftNodeVars
OpenShiftWorkerNodeVars:
default: {}
description: OpenShift node vars specific for the worker nodes
type: json
resources:
OpenShiftWorker:
type: ./openshift-worker.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Openshift Service
value:
service_name: openshift_infra
config_settings: {get_attr: [OpenShiftWorker, role_data, config_settings]}
service_config_settings:
haproxy:
tripleo::openshift_infra::haproxy_endpoints:
openshift-router-http:
base_service_name: openshift_infra
public_virtual_ip: "%{hiera('public_virtual_ip')}"
internal_ip: "%{hiera('openshift_infra_vip')}"
service_port: 80
listen_options:
balance: 'source'
member_options: [ 'check', 'inter 2000', 'rise 2', 'fall 5' ]
haproxy_listen_bind_param: ['transparent']
openshift-router-https:
base_service_name: openshift_infra
public_virtual_ip: "%{hiera('public_virtual_ip')}"
internal_ip: "%{hiera('openshift_infra_vip')}"
service_port: 443
listen_options:
balance: 'source'
member_options: [ 'check', 'inter 2000', 'rise 2', 'fall 5' ]
haproxy_listen_bind_param: ['transparent']
upgrade_tasks: []
step_config: ''
external_deploy_tasks:
- get_attr: [OpenShiftWorker, role_data, external_deploy_tasks]