openstack
/
kolla-ansible
Code Issues Proposed changes

Refactor haproxy config (split by service) V2.0 

Having all services in one giant haproxy file makes altering
configuration for a service both painful and dangerous. Each service
should be configured with a simple set of variables and rendered with a
single unified template.

Available are two new templates:

* haproxy_single_service_listen.cfg.j2: close to the original style, but
only one service per file
* haproxy_single_service_split.cfg.j2: using the newer haproxy syntax
for separated frontend and backend

For now the default will be the single listen block, for ease of
transition.

Change-Id: I6e237438fbc0aa3c89a3c8bd706a53b74e71904b
This commit is contained in:
Adam Harwell 2018-06-19 00:43:35 -05:00
parent 921a6d8762
commit f1c8136556
110 changed files with 1763 additions and 1504 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/group_vars/all.yml
View File

@ -208,6 +208,7 @@ gnocchi_api_port: "8041"
grafana_server_port: "3000"
haproxy_stats_port: "1984"
haproxy_monitor_port: "61313"
heat_api_port: "8004"
heat_api_cfn_port: "8000"

6
ansible/inventory/all-in-one
View File

@ -493,6 +493,12 @@ solum
[solum-conductor:children]
solum
[solum-application-deployment:children]
solum
[solum-image-builder:children]
solum
# Mistral
[mistral-api:children]
mistral

6
ansible/inventory/multinode
View File

@ -509,6 +509,12 @@ solum
[solum-conductor:children]
solum
[solum-application-deployment:children]
solum
[solum-image-builder:children]
solum
# Mistral
[mistral-api:children]
mistral

11
ansible/roles/aodh/defaults/main.yml
View File

@ -14,6 +14,17 @@ aodh_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/aodh/aodh:/var/lib/kolla/venv/lib/python2.7/site-packages/aodh' if aodh_dev_mode | bool else '' }}"
dimensions: "{{ aodh_api_dimensions }}"
haproxy:
aodh_api:
enabled: "{{ enable_aodh }}"
mode: "http"
external: false
port: "{{ aodh_api_port }}"
aodh_api_external:
enabled: "{{ enable_aodh }}"
mode: "http"
external: true
port: "{{ aodh_api_port }}"
aodh-evaluator:
container_name: aodh_evaluator
group: aodh-evaluator

7
ansible/roles/aodh/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ aodh_services }}"
tags: always

11
ansible/roles/barbican/defaults/main.yml
View File

@ -14,6 +14,17 @@ barbican_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/barbican/barbican:/var/lib/kolla/venv/lib/python2.7/site-packages/barbican' if barbican_dev_mode | bool else '' }}"
dimensions: "{{ barbican_api_dimensions }}"
haproxy:
barbican_api:
enabled: "{{ enable_barbican }}"
mode: "http"
external: false
port: "{{ barbican_api_port }}"
barbican_api_external:
enabled: "{{ enable_barbican }}"
mode: "http"
external: true
port: "{{ barbican_api_port }}"
barbican-keystone-listener:
container_name: barbican_keystone_listener
group: barbican-keystone-listener

7
ansible/roles/barbican/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ barbican_services }}"
tags: always

11
ansible/roles/blazar/defaults/main.yml
View File

@ -13,6 +13,17 @@ blazar_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/blazar/blazar:/var/lib/kolla/venv/lib/python2.7/site-packages/blazar' if blazar_dev_mode | bool else '' }}"
dimensions: "{{ blazar_api_dimensions }}"
haproxy:
blazar_api:
enabled: "{{ enable_blazar }}"
mode: "http"
external: false
port: "{{ blazar_api_port }}"
blazar_api_external:
enabled: "{{ enable_blazar }}"
mode: "http"
external: true
port: "{{ blazar_api_port }}"
blazar-manager:
container_name: blazar_manager
group: blazar-manager

7
ansible/roles/blazar/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ blazar_services }}"
tags: always

16
ansible/roles/ceph/defaults/main.yml
View File

@ -1,6 +1,22 @@
---
project_name: "ceph"
ceph_services:
ceph-rgw:
group: ceph-rgw
enabled: "{{ enable_ceph_rgw|bool }}"
haproxy:
radosgw:
enabled: "{{ enable_ceph|bool and enable_ceph_rgw|bool }}"
mode: "http"
external: false
port: "{{ rgw_port }}"
radosgw_external:
enabled: "{{ enable_ceph|bool and enable_ceph_rgw|bool }}"
mode: "http"
external: true
port: "{{ rgw_port }}"
####################
# Docker

7
ansible/roles/ceph/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ ceph_services }}"
tags: always

11
ansible/roles/cinder/defaults/main.yml
View File

@ -13,6 +13,17 @@ cinder_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/cinder/cinder:/var/lib/kolla/venv/lib/python2.7/site-packages/cinder' if cinder_dev_mode | bool else '' }}"
dimensions: "{{ cinder_api_dimensions }}"
haproxy:
cinder_api:
enabled: "{{ enable_cinder }}"
mode: "http"
external: false
port: "{{ cinder_api_port }}"
cinder_api_external:
enabled: "{{ enable_cinder }}"
mode: "http"
external: true
port: "{{ cinder_api_port }}"
cinder-scheduler:
container_name: cinder_scheduler
group: cinder-scheduler

7
ansible/roles/cinder/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ cinder_services }}"
tags: always

11
ansible/roles/cloudkitty/defaults/main.yml
View File

@ -13,6 +13,17 @@ cloudkitty_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/cloudkitty/cloudkitty:/var/lib/kolla/venv/lib/python2.7/site-packages/cloudkitty' if cloudkitty_dev_mode | bool else '' }}"
dimensions: "{{ cloudkitty_api_dimensions }}"
haproxy:
cloudkitty_api:
enabled: "{{ enable_cloudkitty }}"
mode: "http"
external: false
port: "{{ cloudkitty_api_port }}"
cloudkitty_api_external:
enabled: "{{ enable_cloudkitty }}"
mode: "http"
external: true
port: "{{ cloudkitty_api_port }}"
cloudkitty-processor:
container_name: "cloudkitty_processor"
group: "cloudkitty-processor"

7
ansible/roles/cloudkitty/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ cloudkitty_services }}"
tags: always

11
ansible/roles/congress/defaults/main.yml
View File

@ -13,6 +13,17 @@ congress_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/congress/congress:/var/lib/kolla/venv/lib/python2.7/site-packages/congress' if congress_dev_mode | bool else '' }}"
dimensions: "{{ congress_api_dimensions }}"
haproxy:
congress_api:
enabled: "{{ enable_congress }}"
mode: "http"
external: false
port: "{{ congress_api_port }}"
congress_api_external:
enabled: "{{ enable_congress }}"
mode: "http"
external: true
port: "{{ congress_api_port }}"
congress-policy-engine:
container_name: congress_policy_engine
group: congress-policy-engine

7
ansible/roles/congress/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ congress_services }}"
tags: always

11
ansible/roles/designate/defaults/main.yml
View File

@ -13,6 +13,17 @@ designate_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/designate/designate:/var/lib/kolla/venv/lib/python2.7/site-packages/designate' if designate_dev_mode | bool else '' }}"
dimensions: "{{ designate_api_dimensions }}"
haproxy:
designate_api:
enabled: "{{ enable_designate }}"
mode: "http"
external: false
port: "{{ designate_api_port }}"
designate_api_external:
enabled: "{{ enable_designate }}"
mode: "http"
external: true
port: "{{ designate_api_port }}"
designate-backend-bind9:
container_name: designate_backend_bind9
group: designate-backend-bind9

7
ansible/roles/designate/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ designate_services }}"
tags: always

8
ansible/roles/elasticsearch/defaults/main.yml
View File

@ -12,6 +12,14 @@ elasticsearch_services:
- "/etc/localtime:/etc/localtime:ro"
- "elasticsearch:/var/lib/elasticsearch/data"
dimensions: "{{ elasticsearch_dimensions }}"
haproxy:
elasticsearch:
enabled: "{{ enable_elasticsearch }}"
mode: "http"
external: false
port: "{{ elasticsearch_port }}"
frontend_http_extra:
- "option dontlog-normal"
####################

7
ansible/roles/elasticsearch/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ elasticsearch_services }}"
tags: always

11
ansible/roles/freezer/defaults/main.yml
View File

@ -14,6 +14,17 @@ freezer_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/freezer-api/freezer_api:/var/lib/kolla/venv/lib/python2.7/site-packages/freezer_api' if freezer_dev_mode | bool else '' }}"
dimensions: "{{ freezer_api_dimensions }}"
haproxy:
freezer_api:
enabled: "{{ enable_freezer }}"
mode: "http"
external: false
port: "{{ freezer_api_port }}"
freezer_api_external:
enabled: "{{ enable_freezer }}"
mode: "http"
external: true
port: "{{ freezer_api_port }}"
freezer-scheduler:
container_name: freezer_scheduler
group: freezer-scheduler

7
ansible/roles/freezer/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ freezer_services }}"
tags: always

33
ansible/roles/glance/defaults/main.yml
View File

@ -15,6 +15,27 @@ glance_services:
- "{{ kolla_dev_repos_directory ~ '/glance/glance:/var/lib/kolla/venv/lib/python2.7/site-packages/glance' if glance_dev_mode | bool else '' }}"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ glance_api_dimensions }}"
haproxy:
glance_api:
enabled: "{{ enable_glance }}"
mode: "http"
external: false
port: "{{ glance_api_port }}"
frontend_http_extra:
- "timeout client {{ haproxy_glance_api_client_timeout }}"
backend_http_extra:
- "timeout server {{ haproxy_glance_api_server_timeout }}"
custom_member_list: "{{ haproxy_members.split(';') }}"
glance_api_external:
enabled: "{{ enable_glance }}"
mode: "http"
external: true
port: "{{ glance_api_port }}"
frontend_http_extra:
- "timeout client {{ haproxy_glance_api_client_timeout }}"
backend_http_extra:
- "timeout server {{ haproxy_glance_api_server_timeout }}"
custom_member_list: "{{ haproxy_members.split(';') }}"
glance-registry:
container_name: glance_registry
group: glance-registry
@ -27,6 +48,11 @@ glance_services:
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ glance_registry_dimensions }}"
####################
# HAProxy
####################
haproxy_members: "{% for host in glance_api_hosts %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }} check inter 2000 rise 2 fall 5;{% endfor %}"
####################
# Notification
####################
@ -66,6 +92,13 @@ glance_database_user: "{% if use_preconfigured_databases | bool and use_common_m
glance_database_address: "{{ database_address }}:{{ database_port }}"
####################
# HAProxy
####################
haproxy_glance_api_client_timeout: "6h"
haproxy_glance_api_server_timeout: "6h"
####################
# Docker
####################

7
ansible/roles/glance/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ glance_services }}"
tags: always

11
ansible/roles/gnocchi/defaults/main.yml
View File

@ -13,6 +13,17 @@ gnocchi_services:
- "gnocchi:/var/lib/gnocchi/"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ gnocchi_api_dimensions }}"
haproxy:
gnocchi_api:
enabled: "{{ enable_gnocchi }}"
mode: "http"
external: false
port: "{{ gnocchi_api_port }}"
gnocchi_api_external:
enabled: "{{ enable_gnocchi }}"
mode: "http"
external: true
port: "{{ gnocchi_api_port }}"
gnocchi-metricd:
container_name: gnocchi_metricd
group: gnocchi-metricd

7
ansible/roles/gnocchi/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ gnocchi_services }}"
tags: always

11
ansible/roles/grafana/defaults/main.yml
View File

@ -13,6 +13,17 @@ grafana_services:
- "grafana:/var/lib/grafana/"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ grafana_dimensions }}"
haproxy:
grafana_server:
enabled: "{{ enable_grafana }}"
mode: "http"
external: false
port: "{{ grafana_server_port }}"
grafana_server_external:
enabled: "{{ enable_grafana }}"
mode: "http"
external: true
port: "{{ grafana_server_port }}"
####################
# Database

7
ansible/roles/grafana/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ grafana_services }}"
tags: always

13
ansible/roles/haproxy-config/defaults/main.yml Normal file
View File

@ -0,0 +1,13 @@
---
haproxy_service_template: "haproxy_single_service_listen.cfg.j2"
# Extra frontend/backend options (additive with locally defined options)
haproxy_frontend_http_extra:
- "option httplog"
- "option forwardfor"
haproxy_frontend_tcp_extra:
- "option tcplog"
haproxy_backend_http_extra: []
haproxy_backend_tcp_extra: []
haproxy_health_check: "check inter 2000 rise 2 fall 5"

17
ansible/roles/haproxy-config/handlers/main.yml Normal file
View File

@ -0,0 +1,17 @@
---
- name: Restart haproxy container
become: true
kolla_docker:
action: "restart_container"
name: haproxy
when:
- kolla_action != "config"
- inventory_hostname in groups['haproxy']
- enable_haproxy | bool
notify:
- Waiting for haproxy to start
- name: Waiting for haproxy to start
wait_for:
host: "{{ api_interface_address }}"
port: "{{ haproxy_stats_port }}"

21
ansible/roles/haproxy-config/tasks/main.yml Normal file
View File

@ -0,0 +1,21 @@
---
- name: "Copying over {{ project_name }} haproxy config"
vars:
service: "{{ item.value }}"
haproxy_templates:
- "{{ node_custom_config }}/haproxy-config/{{ inventory_hostname }}/{{ haproxy_service_template }}"
- "{{ node_custom_config }}/haproxy-config/{{ haproxy_service_template }}"
- "templates/{{ haproxy_service_template }}"
template_file: "{{ query('first_found', haproxy_templates) | first }}"
template:
src: "{{ template_file }}"
dest: "{{ node_config_directory }}/haproxy/services.d/{{ item.key }}.cfg"
mode: "0660"
become: true
when:
- service.enabled | bool
- service.haproxy is defined
- enable_haproxy | bool
with_dict: "{{ project_services }}"
notify:
- Restart haproxy container

91
ansible/roles/haproxy-config/templates/haproxy_single_service_listen.cfg.j2 Normal file
View File

@ -0,0 +1,91 @@
#jinja2: lstrip_blocks: True
{%- set tls_bind_info = 'ssl crt /etc/haproxy/haproxy.pem' if kolla_enable_tls_external|bool else '' %}
{%- macro userlist_macro(service_name, auth_user, auth_pass) %}
userlist {{ service_name }}-user
user {{ auth_user }} insecure-password {{ auth_pass }}
{% endmacro %}
{%- macro listen_macro(service_name, service_port, service_mode, external,
haproxy_http_extra, haproxy_tcp_extra, host_group,
custom_member_list, auth_user, auth_pass) %}
listen {{ service_name }}
{% if service_mode == 'redirect' %}
mode http
{% else %}
mode {{ service_mode }}
{% endif %}
{% if service_mode == 'http' %}
{# Set up auth if required #}
{% if auth_user and auth_pass %}
acl auth_acl http_auth({{ service_name }}-user)
http-request auth realm basicauth unless auth_acl
{% endif %}
{# Delete any pre-populated XFP header #}
http-request del-header X-Forwarded-Proto
{% for http_option in haproxy_http_extra %}
{{ http_option }}
{% endfor %}
{% elif service_mode == 'tcp' %}
{% for tcp_option in haproxy_tcp_extra %}
{{ tcp_option }}
{% endfor %}
{% endif %}
{% set tls_option = '' %}
{% if external|bool %}
{% set vip_address = kolla_external_vip_address %}
{% if service_mode == 'http' %}
{% set tls_option = tls_bind_info %}
{# Replace the XFP header for external https requests #}
http-request set-header X-Forwarded-Proto https if { ssl_fc }
{% endif %}
{% else %}
{% set vip_address = kolla_internal_vip_address %}
{% endif %}
{{ "bind %s:%s %s"|e|format(vip_address, service_port, tls_option)|trim() }}
{# Redirect mode sets a redirect scheme instead of members #}
{% if service_mode == 'redirect' %}
redirect scheme https code 301 if !{ ssl_fc }
{% else %}
{% if custom_member_list is not none %}
{% for custom_member in custom_member_list %}
{{ custom_member }}
{% endfor %}
{% else %}
{% for host in groups[host_group] %}
{% set api_interface = "ansible_%s"|format(hostvars[host]['api_interface']) %}
{% set host_name = hostvars[host]['ansible_hostname'] %}
{% set host_ip = hostvars[host][api_interface]['ipv4']['address'] %}
server {{ host_name }} {{ host_ip }}:{{ service_port }} {{ haproxy_health_check }}
{% endfor %}
{% endif %}
{% endif %}
{% endmacro %}
{%- set haproxy = service.haproxy|default({}) %}
{%- for haproxy_name, haproxy_service in haproxy.items() %}
{# External defaults to false #}
{% set external = haproxy_service.external|default(false)|bool %}
{# Skip anything that is external when the external vip is not enabled #}
{% if haproxy_service.enabled|bool and (not external or haproxy_enable_external_vip|bool)%}
{# Here we define variables and their defaults #}
{# Custom member list can use jinja to generate a semicolon separated list #}
{% set custom_member_list = haproxy_service.custom_member_list|default(none) %}
{# Mode defaults to http #}
{% set mode = haproxy_service.mode|default('http') %}
{# Use the parent host group but allow it to be overridden #}
{% set host_group = haproxy_service.host_group|default(service.group) %}
{# Additional options can be defined in config, and are additive to the global extras #}
{% set haproxy_tcp_extra = haproxy_service.frontend_tcp_extra|default([]) + haproxy_service.backend_tcp_extra|default([]) + haproxy_frontend_tcp_extra + haproxy_backend_tcp_extra %}
{% set haproxy_http_extra = haproxy_service.frontend_http_extra|default([]) + haproxy_service.backend_http_extra|default([]) + haproxy_frontend_http_extra + haproxy_backend_http_extra %}
{# Allow for basic auth #}
{% set auth_user = haproxy_service.auth_user|default() %}
{% set auth_pass = haproxy_service.auth_pass|default() %}
{% if auth_user and auth_pass %}
{{ userlist_macro(haproxy_name, auth_user, auth_pass) }}
{% endif %}
{{ listen_macro(haproxy_name, haproxy_service.port, mode, external,
haproxy_http_extra, haproxy_tcp_extra, host_group,
custom_member_list, auth_user, auth_pass) }}
{% endif %}
{%- endfor -%}

118
ansible/roles/haproxy-config/templates/haproxy_single_service_split.cfg.j2 Normal file
View File

@ -0,0 +1,118 @@
#jinja2: lstrip_blocks: True
{%- set tls_bind_info = 'ssl crt /etc/haproxy/haproxy.pem' if kolla_enable_tls_external|bool else '' %}
{%- macro userlist_macro(service_name, auth_user, auth_pass) %}
userlist {{ service_name }}-user
user {{ auth_user }} insecure-password {{ auth_pass }}
{% endmacro %}
{%- macro frontend_macro(service_name, service_port, service_mode, external,
frontend_http_extra, frontend_tcp_extra) %}
frontend {{ service_name }}_front
{% if service_mode == 'redirect' %}
mode http
{% else %}
mode {{ service_mode }}
{% endif %}
{% if service_mode == 'http' %}
{# Delete any pre-populated XFP header #}
http-request del-header X-Forwarded-Proto
{% for http_option in frontend_http_extra %}
{{ http_option }}
{% endfor %}
{% elif service_mode == 'tcp' %}
{% for tcp_option in frontend_tcp_extra %}
{{ tcp_option }}
{% endfor %}
{% endif %}
{% set tls_option = '' %}
{% if external|bool %}
{% set vip_address = kolla_external_vip_address %}
{% if service_mode == 'http' %}
{% set tls_option = tls_bind_info %}
{# Replace the XFP header for external https requests #}
http-request set-header X-Forwarded-Proto https if { ssl_fc }
{% endif %}
{% else %}
{% set vip_address = kolla_internal_vip_address %}
{% endif %}
{{ "bind %s:%s %s"|e|format(vip_address, service_port, tls_option)|trim() }}
{# Redirect mode sets a redirect scheme instead of a backend #}
{% if service_mode == 'redirect' %}
redirect scheme https code 301 if !{ ssl_fc }
{% else %}
default_backend {{ service_name }}_back
{% endif %}
{% endmacro %}
{%- macro backend_macro(service_name, service_port, service_mode, host_group,
custom_member_list, backend_http_extra,
backend_tcp_extra, auth_user, auth_pass) %}
backend {{ service_name }}_back
{% if service_mode == 'redirect' %}
mode http
{% else %}
mode {{ service_mode }}
{% endif %}
{% if service_mode == 'http' %}
{# Set up auth if required #}
{% if auth_user and auth_pass %}
acl auth_acl http_auth({{ service_name }}-user)
http-request auth realm basicauth unless auth_acl
{% endif %}
{% for http_option in backend_http_extra %}
{{ http_option }}
{% endfor %}
{% elif service_mode == 'tcp' %}
{% for tcp_option in backend_tcp_extra %}
{{ tcp_option }}
{% endfor %}
{% endif %}
{% if custom_member_list is not none %}
{% for custom_member in custom_member_list %}
{{ custom_member }}
{% endfor %}
{% else %}
{% for host in groups[host_group] %}
{% set api_interface = "ansible_%s"|format(hostvars[host]['api_interface']) %}
{% set host_name = hostvars[host]['ansible_hostname'] %}
{% set host_ip = hostvars[host][api_interface]['ipv4']['address'] %}
server {{ host_name }} {{ host_ip }}:{{ service_port }} {{ haproxy_health_check }}
{% endfor %}
{% endif %}
{% endmacro %}
{%- set haproxy = service.haproxy|default({}) %}
{%- for haproxy_name, haproxy_service in haproxy.items() %}
{# External defaults to false #}
{% set external = haproxy_service.external|default(false)|bool %}
{# Skip anything that is external when the external vip is not enabled #}
{% if haproxy_service.enabled|bool and (not external or haproxy_enable_external_vip|bool)%}
{# Here we define variables and their defaults #}
{# Custom member list can use jinja to generate a semicolon separated list #}
{% set custom_member_list = haproxy_service.custom_member_list|default() %}
{# Mode defaults to http #}
{% set mode = haproxy_service.mode|default('http') %}
{# Use the parent host group but allow it to be overridden #}
{% set host_group = haproxy_service.host_group|default(service.group) %}
{# Additional options can be defined in config, and are additive to the global extras #}
{% set frontend_tcp_extra = haproxy_service.frontend_tcp_extra|default([]) + haproxy_frontend_tcp_extra %}
{% set backend_tcp_extra = haproxy_service.backend_tcp_extra|default([]) %}
{% set frontend_http_extra = haproxy_service.frontend_http_extra|default([]) + haproxy_frontend_http_extra %}
{% set backend_http_extra = haproxy_service.backend_http_extra|default([]) %}
{# Allow for basic auth #}
{% set auth_user = haproxy_service.auth_user|default() %}
{% set auth_pass = haproxy_service.auth_pass|default() %}
{% if auth_user and auth_pass %}
{{ userlist_macro(haproxy_name, auth_user, auth_pass) }}
{% endif %}
{{ frontend_macro(haproxy_name, haproxy_service.port, mode, external,
frontend_http_extra, frontend_tcp_extra) }}
{# Redirect (to https) is a special case, as it does not include a backend #}
{% if haproxy_service.mode != 'redirect' %}
{{ backend_macro(haproxy_name, haproxy_service.port, mode, host_group,
custom_member_list, backend_http_extra, backend_tcp_extra,
auth_user, auth_pass) }}
{% endif %}
{% endif %}
{%- endfor -%}

26
ansible/roles/haproxy/defaults/main.yml
View File

@ -38,27 +38,12 @@ haproxy_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_
haproxy_tag: "{{ openstack_release }}"
haproxy_image_full: "{{ haproxy_image }}:{{ haproxy_tag }}"
haproxy_client_timeout: "1m"
haproxy_server_timeout: "1m"
# Check http://www.haproxy.org/download/1.5/doc/configuration.txt for available options
haproxy_defaults_balance: "roundrobin"
haproxy_glance_api_client_timeout: "6h"
haproxy_glance_api_server_timeout: "6h"
haproxy_outward_rabbitmq_client_timeout: "1h"
haproxy_outward_rabbitmq_server_timeout: "1h"
syslog_server: "{{ api_interface_address }}"
syslog_haproxy_facility: "local1"
# Traffic mode. Valid options are [ multicast, unicast ]
keepalived_traffic_mode: "multicast"
haproxy_listen_tcp_extra: []
haproxy_listen_http_extra: []
# Extended global configuration, optimization options.
haproxy_max_connections: 4000
haproxy_processes: 1
@ -66,3 +51,14 @@ haproxy_process_cpu_map: "no"
haproxy_dimensions: "{{ default_container_dimensions }}"
keepalived_dimensions: "{{ default_container_dimensions }}"
# Default timeout values
haproxy_http_request_timeout: "10s"
haproxy_queue_timeout: "1m"
haproxy_connect_timeout: "10s"
haproxy_client_timeout: "1m"
haproxy_server_timeout: "1m"
haproxy_check_timeout: "10s"
# Check http://www.haproxy.org/download/1.5/doc/configuration.txt for available options
haproxy_defaults_balance: "roundrobin"

31
ansible/roles/haproxy/handlers/main.yml
View File

@ -3,8 +3,6 @@
vars:
service_name: "haproxy"
service: "{{ haproxy_services[service_name] }}"
config_json: "{{ haproxy_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
haproxy_container: "{{ check_haproxy_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
become: true
kolla_docker:
action: "recreate_or_restart_container"
@ -18,19 +16,13 @@
- kolla_action != "config"
- inventory_hostname in groups[service.group]
- service.enabled | bool
- config_json.changed | bool
or haproxy_cfg.changed | bool
or haproxy_pem.changed | bool
or haproxy_container.changed | bool
notify:
- Waiting for virtual IP to appear
- Waiting for haproxy to start
- name: Restart keepalived container
vars:
service_name: "keepalived"
service: "{{ haproxy_services[service_name] }}"
config_json: "{{ haproxy_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
keepalived_container: "{{ check_haproxy_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
become: true
kolla_docker:
action: "recreate_or_restart_container"
@ -44,26 +36,15 @@
- kolla_action != "config"
- inventory_hostname in groups[service.group]
- service.enabled | bool
- config_json.changed | bool
or keepalived_conf.changed | bool
or keepalived_container.changed | bool
notify:
- Waiting for virtual IP to appear
- name: Ensuring latest haproxy config is used
command: docker exec haproxy /usr/local/bin/kolla_ensure_haproxy_latest_config
register: status
changed_when: status.stdout.find('changed') != -1
when:
- kolla_action != "config"
- haproxy_config_jsons.changed | bool
or haproxy_cfg.changed | bool
or haproxy_pem.changed | bool
- name: Waiting for haproxy to start
wait_for:
host: "{{ api_interface_address }}"
port: "{{ haproxy_monitor_port }}"
- name: Waiting for virtual IP to appear
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ database_port }}"
when:
- enable_mariadb | bool
or enable_external_mariadb_load_balancer | bool
port: "{{ haproxy_monitor_port }}"

46
ansible/roles/haproxy/tasks/config.yml
View File

@ -20,20 +20,32 @@
- item.value.enabled | bool
with_dict: "{{ haproxy_services }}"
- name: Ensuring service config subdir exists
vars:
service: "{{ haproxy_services['haproxy'] }}"
file:
path: "{{ node_config_directory }}/haproxy/services.d"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
register: haproxy_config_jsons
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ haproxy_services }}"
notify:
- "Restart {{ item.key }} container"
- Ensuring latest haproxy config is used
- name: Copying over haproxy.cfg
vars:
@ -43,17 +55,15 @@
dest: "{{ node_config_directory }}/haproxy/haproxy.cfg"
mode: "0660"
become: true
register: haproxy_cfg
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
with_first_found:
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy.cfg"
- "{{ node_custom_config }}/haproxy/haproxy.cfg"
- "haproxy.cfg.j2"
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_main.cfg"
- "{{ node_custom_config }}/haproxy/haproxy_main.cfg"
- "haproxy_main.cfg.j2"
notify:
- Restart haproxy container
- Ensuring latest haproxy config is used
- name: Copying over keepalived.conf
vars:
@ -63,7 +73,6 @@
dest: "{{ node_config_directory }}/keepalived/keepalived.conf"
mode: "0660"
become: true
register: keepalived_conf
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
@ -82,7 +91,6 @@
dest: "{{ node_config_directory }}/haproxy/{{ item }}"
mode: "0660"
become: true
register: haproxy_pem
when:
- kolla_enable_tls_external | bool
- inventory_hostname in groups[service.group]
@ -91,7 +99,24 @@
- "haproxy.pem"
notify:
- Restart haproxy container
- Ensuring latest haproxy config is used
- name: Copying over haproxy start script
vars:
service: "{{ haproxy_services['haproxy'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/haproxy/haproxy_run.sh"
mode: "0770"
become: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
with_first_found:
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_run.sh"
- "{{ node_custom_config }}/haproxy/haproxy_run.sh"
- "haproxy_run.sh.j2"
notify:
- Restart haproxy container
- name: Check haproxy containers
become: true
@ -103,7 +128,6 @@
volumes: "{{ item.value.volumes }}"
dimensions: "{{ item.value.dimensions }}"
privileged: "{{ item.value.privileged | default(False) }}"
register: check_haproxy_containers
when:
- kolla_action != "config"
- inventory_hostname in groups[item.value.group]

27
ansible/roles/haproxy/tasks/precheck.yml
View File

@ -108,7 +108,7 @@
- name: Checking free port for HAProxy stats
wait_for:
host: "{{ kolla_internal_vip_address }}"
host: "{{ api_interface_address }}"
port: "{{ haproxy_stats_port }}"
connect_timeout: 1
timeout: 1
@ -118,6 +118,31 @@
- container_facts['haproxy'] is not defined
- inventory_hostname in groups['haproxy']
- name: Checking free port for HAProxy monitor (api interface)
wait_for:
host: "{{ api_interface_address }}"
port: "{{ haproxy_monitor_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_haproxy | bool
- container_facts['haproxy'] is not defined
- inventory_hostname in groups['haproxy']
- name: Checking free port for HAProxy monitor (vip interface)
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ haproxy_monitor_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_haproxy | bool
- container_facts['haproxy'] is not defined
- inventory_hostname in groups['haproxy']
- api_interface_address != kolla_internal_vip_address
- name: Checking if kolla_internal_vip_address is in the same network as api_interface on all nodes
command: ip -4 -o addr show dev {{ api_interface }}
register: ip_addr_output

1431
ansible/roles/haproxy/templates/haproxy.cfg.j2
View File

File diff suppressed because it is too large Load Diff

15
ansible/roles/haproxy/templates/haproxy.json.j2
View File

@ -1,13 +1,24 @@
{% set haproxy_cmd='/usr/sbin/haproxy -W -db' if kolla_base_distro in ['ubuntu'] else '/usr/sbin/haproxy-systemd-wrapper' %}
{
"command": "{{ haproxy_cmd }} -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid",
"command": "/etc/haproxy/haproxy_run.sh",
"config_files": [
{
"source": "{{ container_config_directory }}/haproxy_run.sh",
"dest": "/etc/haproxy/haproxy_run.sh",
"owner": "root",
"perm": "0700"
},
{
"source": "{{ container_config_directory }}/haproxy.cfg",
"dest": "/etc/haproxy/haproxy.cfg",
"owner": "root",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/services.d/",
"dest": "/etc/haproxy/services.d",
"owner": "root",
"perm": "0700"
},
{
"source": "{{ container_config_directory }}/haproxy.pem",
"dest": "/etc/haproxy/haproxy.pem",

49
ansible/roles/haproxy/templates/haproxy_main.cfg.j2 Normal file
View File

@ -0,0 +1,49 @@
#jinja2: lstrip_blocks: True
global
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
log {{ syslog_server }}:{{ syslog_udp_port }} {{ syslog_haproxy_facility }}
maxconn {{ haproxy_max_connections }}
nbproc {{ haproxy_processes }}
{% if haproxy_processes > 1 and haproxy_process_cpu_map | bool %}
{% for cpu_idx in range(0, haproxy_processes) %}
cpu-map {{ cpu_idx + 1 }} {{ cpu_idx }}
{% endfor %}
{% endif %}
stats socket /var/lib/kolla/haproxy/haproxy.sock group kolla mode 660
{% if kolla_enable_tls_external | bool %}
ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11
tune.ssl.default-dh-param 4096
{% endif %}
defaults
log global
option redispatch
retries 3
timeout http-request {{ haproxy_http_request_timeout }}
timeout queue {{ haproxy_queue_timeout }}
timeout connect {{ haproxy_connect_timeout }}
timeout client {{ haproxy_client_timeout }}
timeout server {{ haproxy_server_timeout }}
timeout check {{ haproxy_check_timeout }}
balance {{ haproxy_defaults_balance }}
listen stats
bind {{ api_interface_address }}:{{ haproxy_stats_port }}
mode http
stats enable
stats uri /
stats refresh 15s
stats realm Haproxy\ Stats
stats auth {{ haproxy_user }}:{{ haproxy_password }}
frontend status
bind {{ api_interface_address }}:{{ haproxy_monitor_port }}
{% if api_interface_address != kolla_internal_vip_address %}
bind {{ kolla_internal_vip_address }}:{{ haproxy_monitor_port }}
{% endif %}
mode http
monitor-uri /

10
ansible/roles/haproxy/templates/haproxy_run.sh.j2 Normal file
View File

@ -0,0 +1,10 @@
#!/bin/bash -x
{% set haproxy_cmd='/usr/sbin/haproxy -W -db' if kolla_base_distro in ['ubuntu'] else '/usr/sbin/haproxy-systemd-wrapper' %}
# We need to run haproxy with one `-f` for each service, because including an
# entire config directory was not a feature until version 1.7 of HAProxy.
# So, append "-f $cfg" to the haproxy command for each service file.
# This will run haproxy_cmd *exactly once*.
find /etc/haproxy/services.d/ -mindepth 1 -print0 | \
xargs -0 -Icfg echo -f cfg | \
xargs {{ haproxy_cmd }} -p /run/haproxy.pid -f /etc/haproxy/haproxy.cfg

22
ansible/roles/heat/defaults/main.yml
View File

@ -13,6 +13,17 @@ heat_services:
- "{{ kolla_dev_repos_directory ~ '/heat/heat:/var/lib/kolla/venv/lib/python2.7/site-packages/heat' if heat_dev_mode | bool else '' }}"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ heat_api_dimensions }}"
haproxy:
heat_api:
enabled: "{{ enable_heat }}"
mode: "http"
external: false
port: "{{ heat_api_port }}"
heat_api_external:
enabled: "{{ enable_heat }}"
mode: "http"
external: true
port: "{{ heat_api_port }}"
heat-api-cfn:
container_name: heat_api_cfn
group: heat-api-cfn
@ -24,6 +35,17 @@ heat_services:
- "{{ kolla_dev_repos_directory ~ '/heat/heat:/var/lib/kolla/venv/lib/python2.7/site-packages/heat' if heat_dev_mode | bool else '' }}"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ heat_api_cfn_dimensions }}"
haproxy:
heat_api_cfn:
enabled: "{{ enable_heat }}"
mode: "http"
external: false
port: "{{ heat_api_cfn_port }}"
heat_api_cfn_external:
enabled: "{{ enable_heat }}"
mode: "http"
external: true
port: "{{ heat_api_cfn_port }}"
heat-engine:
container_name: heat_engine
group: heat-engine

7
ansible/roles/heat/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ heat_services }}"
tags: always

20
ansible/roles/horizon/defaults/main.yml
View File

@ -43,6 +43,26 @@ horizon_services:
- "kolla_logs:/var/log/kolla/"
- "/tmp:/tmp"
dimensions: "{{ horizon_dimensions }}"
haproxy:
horizon:
enabled: "{{ enable_horizon }}"
mode: "http"
external: false
port: "{{ horizon_port }}"
frontend_http_extra:
- "balance source"
horizon_external:
enabled: "{{ enable_horizon }}"
mode: "http"
external: true
port: "{% if kolla_enable_tls_external|bool %}443{% else %}{{ horizon_port }}{% endif %}"
frontend_http_extra:
- "balance source"
horizon_external_redirect:
enabled: "{{ enable_horizon|bool and kolla_enable_tls_external|bool }}"
mode: "redirect"
external: true
port: "{{ horizon_port }}"
horizon_keystone_domain_choices:
Default: default

7
ansible/roles/horizon/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ horizon_services }}"
tags: always

11
ansible/roles/influxdb/defaults/main.yml
View File

@ -13,6 +13,17 @@ influxdb_services:
- "influxdb:/var/lib/influxdb"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ influxdb_dimensions }}"
haproxy:
influxdb_admin:
enabled: "{{ enable_influxdb }}"
mode: "http"
external: false
port: "{{ influxdb_admin_port }}"
influxdb_http:
enabled: "{{ enable_influxdb }}"
mode: "http"
external: false
port: "{{ influxdb_http_port }}"
####################

7
ansible/roles/influxdb/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ influxdb_services }}"
tags: always

22
ansible/roles/ironic/defaults/main.yml
View File

@ -13,6 +13,17 @@ ironic_services:
- "kolla_logs:/var/log/kolla"
- "{{ kolla_dev_repos_directory ~ '/ironic/ironic:/var/lib/kolla/venv/lib/python2.7/site-packages/ironic' if ironic_dev_mode | bool else '' }}"
dimensions: "{{ ironic_api_dimensions }}"
haproxy:
ironic_api:
enabled: "{{ enable_ironic }}"
mode: "http"
external: false
port: "{{ ironic_api_port }}"
ironic_api_external:
enabled: "{{ enable_ironic }}"
mode: "http"
external: true
port: "{{ ironic_api_port }}"
ironic-conductor:
container_name: ironic_conductor
group: ironic-conductor
@ -44,6 +55,17 @@ ironic_services:
- "kolla_logs:/var/log/kolla"
- "{{ kolla_dev_repos_directory ~ '/ironic-inspector/ironic_inspector:/var/lib/kolla/venv/lib/python2.7/site-packages/ironic_inspector' if ironic_dev_mode | bool else '' }}"
dimensions: "{{ ironic_inspector_dimensions }}"
haproxy:
ironic_inspector:
enabled: "{{ enable_ironic }}"
mode: "http"
external: false
port: "{{ ironic_inspector_port }}"
ironic_inspector_external:
enabled: "{{ enable_ironic }}"
mode: "http"
external: true
port: "{{ ironic_inspector_port }}"
ironic-pxe:
container_name: ironic_pxe
group: ironic-pxe

7
ansible/roles/ironic/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ ironic_services }}"
tags: always

11
ansible/roles/karbor/defaults/main.yml
View File

@ -12,6 +12,17 @@ karbor_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ karbor_api_dimensions }}"
haproxy:
karbor_api:
enabled: "{{ enable_karbor }}"
mode: "http"
external: false
port: "{{ karbor_api_port }}"
karbor_api_external:
enabled: "{{ enable_karbor }}"
mode: "http"
external: true
port: "{{ karbor_api_port }}"
karbor-protection:
container_name: karbor_protection
group: karbor-protection

7
ansible/roles/karbor/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ karbor_services }}"
tags: always

16
ansible/roles/keystone/defaults/main.yml
View File

@ -14,6 +14,22 @@ keystone_services:
- "kolla_logs:/var/log/kolla/"
- "{% if keystone_token_provider == 'fernet' %}keystone_fernet_tokens:/etc/keystone/fernet-keys{% endif %}"
dimensions: "{{ keystone_dimensions }}"
haproxy:
keystone_internal:
enabled: "{{ enable_keystone }}"
mode: "http"
external: false
port: "{{ keystone_public_port }}"
keystone_external:
enabled: "{{ enable_keystone }}"
mode: "http"
external: true
port: "{{ keystone_public_port }}"
keystone_admin:
enabled: "{{ enable_keystone }}"
mode: "http"
external: false
port: "{{ keystone_admin_port }}"
keystone-ssh:
container_name: "keystone_ssh"
group: "keystone"

7
ansible/roles/keystone/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ keystone_services }}"
tags: always

15
ansible/roles/kibana/defaults/main.yml
View File

@ -12,6 +12,21 @@ kibana_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ kibana_dimensions }}"
haproxy:
kibana:
enabled: "{{ enable_kibana }}"
mode: "http"
external: false
port: "{{ kibana_server_port }}"
auth_user: "{{ kibana_user }}"
auth_pass: "{{ kibana_password }}"
kibana_external:
enabled: "{{ enable_kibana }}"
mode: "http"
external: true
port: "{{ kibana_server_port }}"
auth_user: "{{ kibana_user }}"
auth_pass: "{{ kibana_password }}"
####################

7
ansible/roles/kibana/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ kibana_services }}"
tags: always

11
ansible/roles/magnum/defaults/main.yml
View File

@ -15,6 +15,17 @@ magnum_services:
- "{{ kolla_dev_repos_directory ~ '/magnum/magnum:/var/lib/kolla/venv/lib/python2.7/site-packages/magnum' if magnum_dev_mode | bool else '' }}"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ magnum_api_dimensions }}"
haproxy:
magnum_api:
enabled: "{{ enable_magnum }}"
mode: "http"
external: false
port: "{{ magnum_api_port }}"
magnum_api_external:
enabled: "{{ enable_magnum }}"
mode: "http"
external: true
port: "{{ magnum_api_port }}"
magnum-conductor:
container_name: magnum_conductor
group: magnum-conductor

7
ansible/roles/magnum/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ magnum_services }}"
tags: always

11
ansible/roles/manila/defaults/main.yml
View File

@ -13,6 +13,17 @@ manila_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/manila/manila:/var/lib/kolla/venv/lib/python2.7/site-packages/manila' if manila_dev_mode | bool else '' }}"
dimensions: "{{ manila_api_dimensions }}"
haproxy:
manila_api:
enabled: "{{ enable_manila }}"
mode: "http"
external: false
port: "{{ manila_api_port }}"
manila_api_external:
enabled: "{{ enable_manila }}"
mode: "http"
external: true
port: "{{ manila_api_port }}"
manila-scheduler:
container_name: "manila_scheduler"
group: "manila-scheduler"

7
ansible/roles/manila/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ manila_services }}"
tags: always

31
ansible/roles/mariadb/defaults/main.yml
View File

@ -13,7 +13,30 @@ mariadb_services:
- "mariadb:/var/lib/mysql"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ mariadb_dimensions }}"
haproxy:
mariadb:
enabled: "{{ enable_mariadb|bool and not enable_external_mariadb_load_balancer|bool }}"
mode: "tcp"
port: "{{ mariadb_port }}"
frontend_tcp_extra:
- "option clitcpka"
- "timeout client 3600s"
backend_tcp_extra:
- "option srvtcpka"
- "timeout server 3600s"
- "option mysql-check user haproxy post-41"
custom_member_list: "{{ internal_haproxy_members.split(';') }}"
mariadb_external_lb:
enabled: "{{ enable_mariadb|bool and enable_external_mariadb_load_balancer|bool }}"
mode: "tcp"
port: "{{ mariadb_port }}"
frontend_tcp_extra:
- "option clitcpka"
- "timeout client 3600s"
backend_tcp_extra:
- "option srvtcpka"
- "timeout server 3600s"
custom_member_list: "{{ external_haproxy_members.split(';') }}"
####################
# Database
@ -21,6 +44,12 @@ mariadb_services:
database_cluster_name: "openstack"
database_max_timeout: 120
####################
# HAProxy
####################
internal_haproxy_members: "{% for host in groups['mariadb'] %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mariadb_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}"
external_haproxy_members: "{% for host in groups['mariadb'] %}server {{ host }} {{ host }}:{{ mariadb_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}"
####################
# Docker
####################

7
ansible/roles/mariadb/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ mariadb_services }}"
tags: always

16
ansible/roles/memcached/defaults/main.yml
View File

@ -11,7 +11,23 @@ memcached_services:
- "{{ node_config_directory }}/memcached/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
dimensions: "{{ memcached_dimensions }}"
haproxy:
memcached:
enabled: "{{ enable_memcached|bool and enable_haproxy_memcached|bool }}"
mode: "tcp"
port: "{{ memcached_port }}"
frontend_tcp_extra:
- "option clitcpka"
- "timeout client 3600s"
backend_tcp_extra:
- "option srvtcpka"
- "timeout server 3600s"
custom_member_list: "{{ haproxy_members.split(';') }}"
####################
# HAProxy
####################
haproxy_members: "{% for host in groups['memcached'] %}server {{ host }} {{ host }}:{{ memcached_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}"
####################
# Docker

7
ansible/roles/memcached/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ memcached_services }}"
tags: always

11
ansible/roles/mistral/defaults/main.yml
View File

@ -13,6 +13,17 @@ mistral_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/mistral/mistral:/var/lib/kolla/venv/lib/python2.7/site-packages/mistral' if mistral_dev_mode | bool else '' }}"
dimensions: "{{ mistral_api_dimensions }}"
haproxy:
mistral_api:
enabled: "{{ enable_mistral }}"
mode: "http"
external: false
port: "{{ mistral_api_port }}"
mistral_api_external:
enabled: "{{ enable_mistral }}"
mode: "http"
external: true
port: "{{ mistral_api_port }}"
mistral-engine:
container_name: mistral_engine
group: mistral-engine

7
ansible/roles/mistral/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ mistral_services }}"
tags: always

22
ansible/roles/monasca/defaults/main.yml
View File

@ -10,6 +10,17 @@ monasca_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla"
dimensions: "{{ monasca_api_dimensions }}"
haproxy:
monasca_api:
enabled: "{{ enable_monasca }}"
mode: "http"
external: false
port: "{{ monasca_api_port }}"
monasca_api_external:
enabled: "{{ enable_monasca }}"
mode: "http"
external: true
port: "{{ monasca_api_port }}"
monasca-log-api:
container_name: monasca_log_api
group: monasca-log-api
@ -20,6 +31,17 @@ monasca_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla"
dimensions: "{{ monasca_log_api_dimensions }}"
haproxy:
monasca_log_api:
enabled: "{{ enable_monasca }}"
mode: "http"
external: false
port: "{{ monasca_log_api_port }}"
monasca_log_api_external:
enabled: "{{ enable_monasca }}"
mode: "http"
external: true
port: "{{ monasca_log_api_port }}"
monasca-log-transformer:
container_name: monasca_log_transformer
group: monasca-log-transformer

7
ansible/roles/monasca/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ monasca_services }}"
tags: always

6
ansible/roles/mongodb/defaults/main.yml
View File

@ -14,6 +14,12 @@ mongodb_services:
- "kolla_logs:/var/log/kolla/"
- "mongodb:/var/lib/mongodb"
dimensions: "{{ mongodb_dimensions }}"
haproxy:
mongodb:
enabled: "{{ enable_mongodb }}"
mode: "http"
external: false
port: "{{ mongodb_port }}"
####################

7
ansible/roles/mongodb/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ mongodb_services }}"
tags: always

11
ansible/roles/murano/defaults/main.yml
View File

@ -13,6 +13,17 @@ murano_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ murano_api_dimensions }}"
haproxy:
murano_api:
enabled: "{{ enable_murano }}"
mode: "http"
external: false
port: "{{ murano_api_port }}"
murano_api_external:
enabled: "{{ enable_murano }}"
mode: "http"
external: true
port: "{{ murano_api_port }}"
murano-engine:
container_name: murano_engine
group: murano-engine

7
ansible/roles/murano/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ murano_services }}"
tags: always

13
ansible/roles/neutron/defaults/main.yml
View File

@ -13,6 +13,19 @@ neutron_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ neutron_server_dimensions }}"
haproxy:
neutron_server:
enabled: "{{ enable_neutron }}"
mode: "http"
external: false
port: "{{ neutron_server_port }}"
frontend_http_extra:
- "option http-tunnel"
neutron_server_external:
enabled: "{{ enable_neutron }}"
mode: "http"
external: true
port: "{{ neutron_server_port }}"
neutron-openvswitch-agent:
container_name: "neutron_openvswitch_agent"
image: "{{ neutron_openvswitch_agent_image_full }}"

7
ansible/roles/neutron/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ neutron_services }}"
tags: always

73
ansible/roles/nova/defaults/main.yml
View File

@ -47,6 +47,17 @@ nova_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
dimensions: "{{ placement_api_dimensions }}"
haproxy:
placement_api:
enabled: "{{ enable_nova }}"
mode: "http"
external: false
port: "{{ placement_api_port }}"
placement_api_external:
enabled: "{{ enable_nova }}"
mode: "http"
external: true
port: "{{ placement_api_port }}"
nova-api:
container_name: "nova_api"
group: "nova-api"
@ -60,6 +71,33 @@ nova_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
dimensions: "{{ nova_api_dimensions }}"
haproxy:
nova_api:
enabled: "{{ enable_nova }}"
mode: "http"
external: false
port: "{{ nova_api_port }}"
nova_api_external:
enabled: "{{ enable_nova }}"
mode: "http"
external: true
port: "{{ nova_api_port }}"
nova_metadata:
enabled: "{{ enable_nova }}"
mode: "http"
external: false
port: "{{ nova_metadata_port }}"
nova_metadata_external:
enabled: "{{ enable_nova }}"
mode: "http"
external: true
port: "{{ nova_metadata_port }}"
nova_rdp:
enabled: "{{ enable_nova|bool and nova_console == 'rdp' }}"
mode: "http"
external: false
port: "{{ rdp_port }}"
host_group: "hyperv"
nova-consoleauth:
container_name: "nova_consoleauth"
group: "nova-consoleauth"
@ -82,6 +120,19 @@ nova_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
dimensions: "{{ nova_novncproxy_dimensions }}"
haproxy:
nova_novncproxy:
enabled: "{{ enable_nova|bool and nova_console == 'novnc' }}"
mode: "http"
external: false
port: "{{ nova_novncproxy_port }}"
backend_http_extra:
- "timeout tunnel 1h"
nova_novncproxy_external:
enabled: "{{ enable_nova|bool and nova_console == 'novnc' }}"
mode: "http"
external: true
port: "{{ nova_novncproxy_port }}"
nova-scheduler:
container_name: "nova_scheduler"
group: "nova-scheduler"
@ -104,6 +155,17 @@ nova_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
dimensions: "{{ nova_spicehtml5proxy_dimensions }}"
haproxy:
nova_spicehtml5proxy:
enabled: "{{ enable_nova|bool and nova_console == 'spice' }}"
mode: "http"
external: false
port: "{{ nova_spicehtml5proxy_port }}"
nova_spicehtml5proxy_external:
enabled: "{{ enable_nova|bool and nova_console == 'spice' }}"
mode: "http"
external: true
port: "{{ nova_spicehtml5proxy_port }}"
nova-serialproxy:
container_name: "nova_serialproxy"
group: "nova-serialproxy"
@ -115,6 +177,17 @@ nova_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python2.7/site-packages/nova' if nova_dev_mode | bool else '' }}"
dimensions: "{{ nova_serialproxy_dimensions }}"
haproxy:
nova_serialconsole_proxy:
enabled: "{{ enable_nova|bool and enable_nova_serialconsole_proxy|bool }}"
mode: "http"
external: false
port: "{{ nova_serialproxy_port }}"
nova_serialconsole_proxy_external:
enabled: "{{ enable_nova|bool and enable_nova_serialconsole_proxy|bool }}"
mode: "http"
external: true
port: "{{ nova_serialproxy_port }}"
nova-conductor:
container_name: "nova_conductor"
group: "nova-conductor"

7
ansible/roles/nova/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ nova_services }}"
tags: always

11
ansible/roles/octavia/defaults/main.yml
View File

@ -12,6 +12,17 @@ octavia_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ octavia_api_dimensions }}"
haproxy:
octavia_api:
enabled: "{{ enable_octavia }}"
mode: "http"
external: false
port: "{{ octavia_api_port }}"
octavia_api_external:
enabled: "{{ enable_octavia }}"
mode: "http"
external: true
port: "{{ octavia_api_port }}"
octavia-health-manager:
container_name: octavia_health_manager
group: octavia-health-manager

7
ansible/roles/octavia/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ octavia_services }}"
tags: always

27
ansible/roles/opendaylight/defaults/main.yml
View File

@ -14,6 +14,33 @@ opendaylight_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ opendaylight_dimensions }}"
haproxy:
opendaylight_api:
enabled: "{{ enable_opendaylight }}"
mode: "http"
port: "{{ opendaylight_haproxy_restconf_port }}"
backend_http_extra:
- "balance source"
custom_member_list: "{{ api_haproxy_members.split(';') }}"
opendaylight_api_backup:
enabled: "{{ enable_opendaylight }}"
mode: "http"
port: "{{ opendaylight_haproxy_restconf_port_backup }}"
backend_http_extra:
- "balance source"
custom_member_list: "{{ backup_api_haproxy_members.split(';') }}"
opendaylight_websocket:
enabled: "{{ enable_opendaylight }}"
mode: "http"
port: "{{ opendaylight_websocket_port }}"
backend_http_extra:
- "balance source"
####################
# HAProxy
####################
api_haproxy_members: "{% for host in groups['opendaylight'] %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ opendaylight_restconf_port }} check inter 2000 rise 2 fall 5;{% endfor %}"
backup_api_haproxy_members: "{% for host in groups['opendaylight'] %}server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ opendaylight_restconf_port_backup }} check inter 2000 rise 2 fall 5;{% endfor %}"
####################
# Docker

7
ansible/roles/opendaylight/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ opendaylight_services }}"
tags: always

11
ansible/roles/panko/defaults/main.yml
View File

@ -12,6 +12,17 @@ panko_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ panko_api_dimensions }}"
haproxy:
panko_api:
enabled: "{{ enable_panko }}"
mode: "http"
external: false
port: "{{ panko_api_port }}"
panko_api_external:
enabled: "{{ enable_panko }}"
mode: "http"
external: true
port: "{{ panko_api_port }}"
####################

7
ansible/roles/panko/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ panko_services }}"
tags: always

21
ansible/roles/prometheus/defaults/main.yml
View File

@ -13,6 +13,12 @@ prometheus_services:
- "prometheus:/var/lib/prometheus"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ prometheus_server_dimensions }}"
haproxy:
prometheus_server:
enabled: "{{ enable_prometheus }}"
mode: "http"
external: false
port: "{{ prometheus_port }}"
prometheus-node-exporter:
container_name: prometheus_node_exporter
group: prometheus-node-exporter
@ -83,6 +89,21 @@ prometheus_services:
- "kolla_logs:/var/log/kolla/"
- "prometheus:/var/lib/prometheus"
dimensions: "{{ prometheus_alertmanager_dimensions }}"
haproxy:
prometheus_alertmanager:
enabled: "{{ enable_prometheus_alertmanager }}"
mode: "http"
external: false
port: "{{ prometheus_alertmanager_port }}"
auth_user: "{{ prometheus_alertmanager_user }}"
auth_pass: "{{ prometheus_alertmanager_password }}"
prometheus_alertmanager_external:
enabled: "{{ enable_prometheus_alertmanager }}"
mode: "http"
external: true
port: "{{ prometheus_alertmanager_port }}"
auth_user: "{{ prometheus_alertmanager_user }}"
auth_pass: "{{ prometheus_alertmanager_password }}"
####################
# Database

7
ansible/roles/prometheus/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ prometheus_services }}"
tags: always

28
ansible/roles/rabbitmq/defaults/main.yml
View File

@ -22,6 +22,34 @@ rabbitmq_services:
- "{{ project_name }}:/var/lib/rabbitmq/"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ rabbitmq_dimensions }}"
haproxy:
rabbitmq_management:
enabled: "{{ enable_rabbitmq }}"
mode: "http"
port: "{{ rabbitmq_management_port }}"
host_group: "rabbitmq"
rabbitmq_outward_management:
enabled: "{{ enable_outward_rabbitmq }}"
mode: "http"
port: "{{ outward_rabbitmq_management_port }}"
host_group: "outward-rabbitmq"
rabbitmq_outward_external:
enabled: "{{ enable_outward_rabbitmq }}"
mode: "tcp"
external: true
port: "{{ outward_rabbitmq_port }}"
host_group: "outward-rabbitmq"
frontend_tcp_extra:
- "timeout client {{ haproxy_outward_rabbitmq_client_timeout }}"
backend_tcp_extra:
- "timeout server {{ haproxy_outward_rabbitmq_server_timeout }}"
####################
# HAProxy
####################
haproxy_outward_rabbitmq_client_timeout: "1h"
haproxy_outward_rabbitmq_server_timeout: "1h"
####################

7
ansible/roles/rabbitmq/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ rabbitmq_services }}"
tags: always

11
ansible/roles/sahara/defaults/main.yml
View File

@ -14,6 +14,17 @@ sahara_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/sahara/sahara:/var/lib/kolla/venv/lib/python2.7/site-packages/sahara' if sahara_dev_mode | bool else '' }}"
dimensions: "{{ sahara_api_dimensions }}"
haproxy:
sahara_api:
enabled: "{{ enable_sahara }}"
mode: "http"
external: false
port: "{{ sahara_api_port }}"
sahara_api_external:
enabled: "{{ enable_sahara }}"
mode: "http"
external: true
port: "{{ sahara_api_port }}"
sahara-engine:
container_name: sahara_engine
group: sahara-engine

7
ansible/roles/sahara/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ sahara_services }}"
tags: always

11
ansible/roles/searchlight/defaults/main.yml
View File

@ -12,6 +12,17 @@ searchlight_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ searchlight_api_dimensions }}"
haproxy:
searchlight_api:
enabled: "{{ enable_searchlight }}"
mode: "http"
external: false
port: "{{ searchlight_api_port }}"
searchlight_api_external:
enabled: "{{ enable_searchlight }}"
mode: "http"
external: true
port: "{{ searchlight_api_port }}"
searchlight-listener:
container_name: searchlight_listener
group: searchlight-listener

7
ansible/roles/searchlight/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ searchlight_services }}"
tags: always

11
ansible/roles/senlin/defaults/main.yml
View File

@ -13,6 +13,17 @@ senlin_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/senlin/senlin:/var/lib/kolla/venv/lib/python2.7/site-packages/senlin' if senlin_dev_mode | bool else '' }}"
dimensions: "{{ senlin_api_dimensions }}"
haproxy:
senlin_api:
enabled: "{{ enable_senlin }}"
mode: "http"
external: false
port: "{{ senlin_api_port }}"
senlin_api_external:
enabled: "{{ enable_senlin }}"
mode: "http"
external: true
port: "{{ senlin_api_port }}"
senlin-engine:
container_name: senlin_engine
group: senlin-engine

7
ansible/roles/senlin/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ senlin_services }}"
tags: always

11
ansible/roles/skydive/defaults/main.yml
View File

@ -12,6 +12,17 @@ skydive_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ skydive_analyzer_dimensions }}"
haproxy:
skydive_server:
enabled: "{{ enable_skydive }}"
mode: "http"
external: false
port: "{{ skydive_analyzer_port }}"
skydive_server_external:
enabled: "{{ enable_skydive }}"
mode: "http"
external: true
port: "{{ skydive_analyzer_port }}"
skydive-agent:
container_name: skydive_agent
group: skydive-agent

7
ansible/roles/skydive/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ skydive_services }}"
tags: always

26
ansible/roles/solum/defaults/main.yml
View File

@ -35,6 +35,31 @@ solum_services:
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/solum/solum:/var/lib/kolla/venv/lib/python2.7/site-packages/solum' if solum_dev_mode | bool else '' }}"
dimensions: "{{ solum_deployer_dimensions }}"
haproxy:
solum_application_deployment:
enabled: "{{ enable_solum }}"
mode: "http"
external: false
port: "{{ solum_application_deployment_port }}"
host_group: "solum-application-deployment"
solum_application_deployment_external:
enabled: "{{ enable_solum }}"
mode: "http"
external: true
port: "{{ solum_application_deployment_port }}"
host_group: "solum-application-deployment"
solum_image_builder:
enabled: "{{ enable_solum }}"
mode: "http"
external: false
port: "{{ solum_image_builder_port }}"
host_group: "solum-image-builder"
solum_image_builder_external:
enabled: "{{ enable_solum }}"
mode: "http"
external: true
port: "{{ solum_image_builder_port }}"
host_group: "solum-image-builder"
solum-conductor:
container_name: solum_conductor
group: solum-conductor
@ -47,7 +72,6 @@ solum_services:
- "{{ kolla_dev_repos_directory ~ '/solum/solum:/var/lib/kolla/venv/lib/python2.7/site-packages/solum' if solum_dev_mode | bool else '' }}"
dimensions: "{{ solum_conductor_dimensions }}"
####################
# Database
####################

7
ansible/roles/solum/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ solum_services }}"
tags: always

16
ansible/roles/swift/defaults/main.yml
View File

@ -1,6 +1,22 @@
---
project_name: "swift"
swift_services:
swift-api:
group: swift-proxy-server
enabled: true
haproxy:
swift_api:
enabled: "{{ enable_swift }}"
mode: "http"
external: false
port: "{{ swift_proxy_server_port }}"
swift_api_external:
enabled: "{{ enable_swift }}"
mode: "http"
external: true
port: "{{ swift_proxy_server_port }}"
####################
# Docker
####################

7
ansible/roles/swift/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ swift_services }}"
tags: always

11
ansible/roles/tacker/defaults/main.yml
View File

@ -13,6 +13,17 @@ tacker_services:
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
dimensions: "{{ tacker_server_dimensions }}"
haproxy:
tacker_server:
enabled: "{{ enable_tacker }}"
mode: "http"
external: false
port: "{{ tacker_server_port }}"
tacker_server_external:
enabled: "{{ enable_tacker }}"
mode: "http"
external: true
port: "{{ tacker_server_port }}"
tacker-conductor:
container_name: "tacker_conductor"
group: "tacker-conductor"

7
ansible/roles/tacker/tasks/loadbalancer.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: "Configure haproxy for {{ project_name }}"
import_role:
role: haproxy-config
vars:
project_services: "{{ tacker_services }}"
tags: always

Some files were not shown because too many files have changed in this diff Show More