summaryrefslogtreecommitdiffstats
path: root/manifests/haproxy
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-07-31 19:32:33 +0000
committerGerrit Code Review <review@openstack.org>2017-07-31 19:32:33 +0000
commitee2a53afb1ad8f45be7d3986f5de2b6731048c65 (patch)
treed525eb07f2480969d74c643793c1daff2f050d29 /manifests/haproxy
parent48ead62f6fcb1b833c044f099644cb32a06c3206 (diff)
parente51e79692032d2cf8c6092e86c5a28a0e7f1832d (diff)
Merge "Enable TLS for the HAProxy stats interface"
Diffstat (limited to 'manifests/haproxy')
-rw-r--r--manifests/haproxy/stats.pp74
1 files changed, 74 insertions, 0 deletions
diff --git a/manifests/haproxy/stats.pp b/manifests/haproxy/stats.pp
new file mode 100644
index 0000000..f185c29
--- /dev/null
+++ b/manifests/haproxy/stats.pp
@@ -0,0 +1,74 @@
+# Copyright 2014 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# == Class: tripleo::haproxy::stats
+#
+# Configure the HAProxy stats interface
+#
+# [*haproxy_listen_bind_param*]
+# A list of params to be added to the HAProxy listener bind directive.
+#
+# [*ip*]
+# IP Address on which the stats interface is listening on. This right now
+# assumes that it's in the ctlplane network.
+#
+# [*password*]
+# Password for haproxy stats authentication. When set, authentication is
+# enabled on the haproxy stats endpoint.
+# A string.
+# Defaults to undef
+#
+# [*certificate*]
+# Filename of an HAProxy-compatible certificate and key file
+# When set, enables SSL on the haproxy stats endpoint using the specified file.
+# Defaults to undef
+#
+# [*user*]
+# Username for haproxy stats authentication.
+# A string.
+# Defaults to 'admin'
+#
+class tripleo::haproxy::stats (
+ $haproxy_listen_bind_param,
+ $ip,
+ $password = undef,
+ $certificate = undef,
+ $user = 'admin'
+) {
+ if $certificate {
+ $haproxy_stats_bind_opts = {
+ "${ip}:1993" => union($haproxy_listen_bind_param, ['ssl', 'crt', $certificate]),
+ }
+ } else {
+ $haproxy_stats_bind_opts = {
+ "${ip}:1993" => $haproxy_listen_bind_param,
+ }
+ }
+
+ $stats_base = ['enable', 'uri /']
+ if $password {
+ $stats_config = union($stats_base, ["auth ${user}:${password}"])
+ } else {
+ $stats_config = $stats_base
+ }
+ haproxy::listen { 'haproxy.stats':
+ bind => $haproxy_stats_bind_opts,
+ mode => 'http',
+ options => {
+ 'stats' => $stats_config,
+ },
+ collect_exported => false,
+ }
+}