From a05e77d71af803d501451931fe70402cdf287257 Mon Sep 17 00:00:00 2001 From: Clint Byrum Date: Sun, 18 Feb 2018 23:09:16 -0800 Subject: [PATCH] Allow disabling keepalived for external LBs In some cases a deployer may want to use haproxy for SSL termination but has external infrastructure for load balancing, and thus no need for keepalived to manage the VIP. Co-Authored-By: Adam Harwell Change-Id: I451d7e33f1e631038a8d198dbc33c9a8850571b7 --- ansible/group_vars/all.yml | 1 + ansible/roles/haproxy/defaults/main.yml | 2 +- ansible/roles/haproxy/tasks/config.yml | 3 ++- ansible/roles/haproxy/tasks/precheck.yml | 12 +++++++++++- .../allow-disabling-keepalived-310321889a848edf.yaml | 5 +++++ 5 files changed, 20 insertions(+), 3 deletions(-) create mode 100644 releasenotes/notes/allow-disabling-keepalived-310321889a848edf.yaml diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 453c05f776..1fb7b9e739 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -392,6 +392,7 @@ openstack_interface: "admin" # could disable some of these required roles and run their own services. enable_glance: "yes" enable_haproxy: "yes" +enable_keepalived: "{{ enable_haproxy | bool }}" enable_keystone: "yes" enable_mariadb: "yes" enable_memcached: "yes" diff --git a/ansible/roles/haproxy/defaults/main.yml b/ansible/roles/haproxy/defaults/main.yml index 1dafa84fa3..79e8ea0c6d 100644 --- a/ansible/roles/haproxy/defaults/main.yml +++ b/ansible/roles/haproxy/defaults/main.yml @@ -16,7 +16,7 @@ haproxy_services: keepalived: container_name: keepalived group: haproxy - enabled: true + enabled: "{{ enable_keepalived | bool }}" image: "{{ keepalived_image_full }}" privileged: True volumes: diff --git a/ansible/roles/haproxy/tasks/config.yml b/ansible/roles/haproxy/tasks/config.yml index d687cf44de..81e16c4119 100644 --- a/ansible/roles/haproxy/tasks/config.yml +++ b/ansible/roles/haproxy/tasks/config.yml @@ -5,7 +5,8 @@ with_items: - { name: "net.ipv4.ip_nonlocal_bind", value: 1} - { name: "net.unix.max_dgram_qlen", value: 128} - when: set_sysctl | bool + when: + - set_sysctl | bool - name: Ensuring config directories exist file: diff --git a/ansible/roles/haproxy/tasks/precheck.yml b/ansible/roles/haproxy/tasks/precheck.yml index e5631d8f91..026bca97b8 100644 --- a/ansible/roles/haproxy/tasks/precheck.yml +++ b/ansible/roles/haproxy/tasks/precheck.yml @@ -11,12 +11,16 @@ changed_when: False check_mode: no run_once: true + when: + - enable_keepalived | bool - name: Create empty temp kolla_keepalived_running file local_action: copy content=None dest=/tmp/kolla_keepalived_running mode=0644 changed_when: False check_mode: no run_once: true + when: + - enable_keepalived | bool - name: Getting hosts who is running keepalived local_action: copy content={{ ansible_hostname }} dest=/tmp/kolla_keepalived_running mode=0644 @@ -25,17 +29,21 @@ when: - inventory_hostname in groups['haproxy'] - container_facts['keepalived'] is defined - - enable_haproxy | bool + - enable_keepalived | bool - name: Registering host running keepalived set_fact: host_running_keepalived: "{{ lookup('file', '/tmp/kolla_keepalived_running') }}" + when: + - enable_keepalived | bool - name: Clearing temp kolla_keepalived_running file local_action: file path=/tmp/kolla_keepalived_running state=absent changed_when: False check_mode: no run_once: true + when: + - enable_keepalived | bool - name: Clearing temp kolla_haproxy_running file local_action: file path=/tmp/kolla_haproxy_running state=absent @@ -103,6 +111,7 @@ - "{{ kolla_internal_vip_address }}" - "{{ kolla_external_vip_address }}" when: + - enable_keepalived | bool - "host_running_keepalived == 'None'" - enable_haproxy | bool @@ -128,6 +137,7 @@ kolla_internal_vip_address | ipaddr(ip_addr_output.stdout.split()[3]) is none) when: - enable_haproxy | bool + - enable_keepalived | bool - container_facts['keepalived'] is not defined - inventory_hostname in groups['haproxy'] diff --git a/releasenotes/notes/allow-disabling-keepalived-310321889a848edf.yaml b/releasenotes/notes/allow-disabling-keepalived-310321889a848edf.yaml new file mode 100644 index 0000000000..32ec7b4d7c --- /dev/null +++ b/releasenotes/notes/allow-disabling-keepalived-310321889a848edf.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + Add a configuration option `enable_keepalived` to allow disabling the + service. This is useful when using an external LB in front of HAProxy.