Add haproxy and iptables configuration for Kingbird

Host binding was missing for kingbird
Firewall rule that opens 8118 port was missing.

NOTE: This is necessary but may not be enough, as
curl on 172 and 192 network was refused.

Change-Id: If950154012ee7b290a42a0774d5fdb782d6b065d
Signed-off-by: Dimitri Mazmanov <dimitri.mazmanov@ericsson.com>
(cherry picked from commit 8c3744ff8b80f9aede71af8938cd7732b117f8cb)

1 files changed, 20 insertions, 0 deletions

diff --git a/tools/kingbird/install_kingbird.sh b/tools/kingbird/install_kingbird.sh
index 4cec1e1..dd166e9 100755
--- a/tools/kingbird/install_kingbird.sh
+++ b/tools/kingbird/install_kingbird.sh
@@ -171,6 +171,26 @@ iniset ${KINGBIRD_CONF_FILE} database connection "mysql://$mysql_user:$mysql_pas
 iniset ${KINGBIRD_CONF_FILE} database max_overflow -1
 iniset ${KINGBIRD_CONF_FILE} database max_pool_size 1000
 
+# Configure haproxy
+
+cat > /etc/haproxy/conf.d/180-kingbird-api.cfg <<EOF
+listen kingbird-api
+  bind 172.16.0.3:8118
+  bind 192.168.0.2:8118
+  http-request  set-header X-Forwarded-Proto https if { ssl_fc }
+  option  httpchk
+  http-check expect status 401
+  option  httplog
+  option  forceclose
+  option  http-buffer-request
+  timeout  server 660s
+  timeout  http-request 10s
+  server node-4 192.168.0.4:8118  check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+EOF
+
+# Configure iptables
+iptables -I INPUT -p tcp -m multiport --dports 8118 -m comment --comment "410 kingbird" -j ACCEPT
+
 
 # Run kingbird
 mkdir -p /var/log/kingbird