diff options
Diffstat (limited to 'roles/haproxy')
| -rw-r--r-- | roles/haproxy/README.md | 34 | ||||
| -rw-r--r-- | roles/haproxy/defaults/main.yml | 23 | ||||
| -rw-r--r-- | roles/haproxy/handlers/main.yml | 6 | ||||
| -rw-r--r-- | roles/haproxy/meta/main.yml | 14 | ||||
| -rw-r--r-- | roles/haproxy/tasks/main.yml | 43 | ||||
| -rw-r--r-- | roles/haproxy/templates/haproxy.cfg.j2 | 76 |
6 files changed, 196 insertions, 0 deletions
diff --git a/roles/haproxy/README.md b/roles/haproxy/README.md new file mode 100644 index 000000000..5bc415066 --- /dev/null +++ b/roles/haproxy/README.md @@ -0,0 +1,34 @@ +HAProxy +======= + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Jason DeTiberus (jdetiber@redhat.com) diff --git a/roles/haproxy/defaults/main.yml b/roles/haproxy/defaults/main.yml new file mode 100644 index 000000000..937d94209 --- /dev/null +++ b/roles/haproxy/defaults/main.yml @@ -0,0 +1,23 @@ +--- +haproxy_frontend_port: 80 + +haproxy_frontends: +- name: main + binds: + - "*:80" + default_backend: default + +haproxy_backends: +- name: default + balance: roundrobin + servers: + - name: web01 + address: 127.0.0.1:9000 + opts: check + +os_firewall_use_firewalld: False +os_firewall_allow: +- service: haproxy stats + port: "9000/tcp" +- service: haproxy balance + port: "{{ haproxy_frontend_port }}/tcp" diff --git a/roles/haproxy/handlers/main.yml b/roles/haproxy/handlers/main.yml new file mode 100644 index 000000000..5b8691b26 --- /dev/null +++ b/roles/haproxy/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: restart haproxy + service: + name: haproxy + state: restarted + when: not (haproxy_start_result_changed | default(false) | bool) diff --git a/roles/haproxy/meta/main.yml b/roles/haproxy/meta/main.yml new file mode 100644 index 000000000..0fad106a9 --- /dev/null +++ b/roles/haproxy/meta/main.yml @@ -0,0 +1,14 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: HAProxy + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 +dependencies: +- { role: os_firewall } +- { role: openshift_repos } diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml new file mode 100644 index 000000000..837fa67db --- /dev/null +++ b/roles/haproxy/tasks/main.yml @@ -0,0 +1,43 @@ +--- +- name: Install haproxy + action: "{{ ansible_pkg_mgr }} name=haproxy state=present" + when: not openshift.common.is_containerized | bool + +- name: Configure systemd service directory for haproxy + file: + path: /etc/systemd/system/haproxy.service.d + state: directory + when: haproxy_limit_nofile is defined + +- name: Configure the nofile limits for haproxy + ini_file: + dest: /etc/systemd/system/haproxy.service.d/limits.conf + section: Service + option: LimitNOFILE + value: "{{ haproxy_limit_nofile }}" + when: haproxy_limit_nofile is defined + notify: restart haproxy + register: nofile_limit_result + +- name: Reload systemd if needed + command: systemctl daemon-reload + when: nofile_limit_result | changed + +- name: Configure haproxy + template: + src: haproxy.cfg.j2 + dest: /etc/haproxy/haproxy.cfg + owner: root + group: root + mode: 0644 + notify: restart haproxy + +- name: Enable and start haproxy + service: + name: haproxy + state: started + enabled: yes + register: start_result + +- set_fact: + haproxy_start_result_changed: "{{ start_result | changed }}" diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2 new file mode 100644 index 000000000..cb4380971 --- /dev/null +++ b/roles/haproxy/templates/haproxy.cfg.j2 @@ -0,0 +1,76 @@ +# Global settings +#--------------------------------------------------------------------- +global + chroot /var/lib/haproxy + pidfile /var/run/haproxy.pid + maxconn {{ haproxy_global_maxconn | default('4000') }} + user haproxy + group haproxy + daemon + + # turn on stats unix socket + stats socket /var/lib/haproxy/stats + +#--------------------------------------------------------------------- +# common defaults that all the 'listen' and 'backend' sections will +# use if not designated in their block +#--------------------------------------------------------------------- +defaults + mode http + log global + option httplog + option dontlognull +# option http-server-close + option forwardfor except 127.0.0.0/8 + option redispatch + retries 3 + timeout http-request 10s + timeout queue 1m + timeout connect 10s + timeout client 300s + timeout server 300s + timeout http-keep-alive 10s + timeout check 10s + maxconn {{ haproxy_default_maxconn | default('3000') }} + +listen stats :9000 + mode http + stats enable + stats uri / + +{% for frontend in haproxy_frontends %} +frontend {{ frontend.name }} +{% for bind in frontend.binds %} + bind {{ bind }} +{% endfor %} + default_backend {{ frontend.default_backend }} +{% if 'mode' in frontend %} + mode {{ frontend.mode }} +{% endif %} +{% if 'options' in frontend %} +{% for option in frontend.options %} + option {{ option }} +{% endfor %} +{% endif %} +{% if 'redirects' in frontend %} +{% for redirect in frontend.redirects %} + redirect {{ redirect }} +{% endfor %} +{% endif %} +{% endfor %} + +{% for backend in haproxy_backends %} +backend {{ backend.name }} + balance {{ backend.balance }} +{% if 'mode' in backend %} + mode {{ backend.mode }} +{% endif %} +{% if 'options' in backend %} +{% for option in backend.options %} + option {{ option }} +{% endfor %} +{% endif %} +{% for server in backend.servers %} + server {{ server.name }} {{ server.address }} {{ server.opts }} +{% endfor %} +{% endfor %} |