Add generic manifest for loadbalancer endpoints

In order to reduce repeated code in the loadbalancer manifest, the
repeated parts were moved into one manifest that contains the
endpoint resource.

Change-Id: Ib72abe9de7ab073dcbd780298385b0c519f363aa

1 files changed, 117 insertions, 0 deletions

diff --git a/manifests/loadbalancer/endpoint.pp b/manifests/loadbalancer/endpoint.pp
new file mode 100644
index 0000000..12209e3
--- /dev/null
+++ b/manifests/loadbalancer/endpoint.pp
@@ -0,0 +1,117 @@
+# Copyright 2014 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# == Class: tripleo::loadbalancer::endpoint
+#
+# Configure a HAProxy listen endpoint
+#
+# [*internal_ip*]
+#  The IP in which the proxy endpoint will be listening in the internal
+#  network.
+#
+# [*service_port*]
+#  The default port on which the endpoint will be listening.
+#
+# [*ip_addresses*]
+#  The ordered list of IPs to be used to contact the balancer member.
+#
+# [*server_names*]
+#  The names of the balancer members, which usually should be the hostname.
+#
+# [*member_options*]
+#  Options for the balancer member, specified after the server declaration.
+#  These should go in the member's configuration block.
+#
+# [*public_virtual_ip*]
+#  Address in which the proxy endpoint will be listening in the public network.
+#  If this service is internal only this should be ommited.
+#  Defaults to undef.
+#
+# [*mode*]
+#  HAProxy mode in which the endpoint will be listening. This can be undef,
+#  tcp, http or health.
+#  Defaults to undef.
+#
+# [*haproxy_listen_bind_param*]
+#  A list of params to be added to the HAProxy listener bind directive.
+#  Defaults to undef.
+#
+# [*listen_options*]
+#  Options specified for the listening service's configuration block (in
+#  HAproxy terms, the frontend).
+#  defaults to {'option' => []}
+#
+# [*public_ssl_port*]
+#  The port used for the public proxy endpoint if it differs from the default
+#  one. This is used only if SSL is enabled, and it's used in order to avoid
+#  overriding with the internal proxy endpoint (which could happen if they were
+#  in the same network).
+#  Defaults to undef.
+#
+# [*public_certificate*]
+#  Certificate path used to enable TLS for the public proxy endpoint.
+#  Defaults to undef.
+#
+define tripleo::loadbalancer::endpoint (
+  $internal_ip,
+  $service_port,
+  $ip_addresses,
+  $server_names,
+  $member_options,
+  $public_virtual_ip         = undef,
+  $mode                      = undef,
+  $haproxy_listen_bind_param = undef,
+  $listen_options            = {
+    'option' => [],
+  },
+  $public_ssl_port           = undef,
+  $public_certificate        = undef,
+) {
+  if $public_virtual_ip {
+    # service exposed to the public network
+
+    if $public_certificate {
+      $public_bind_opts = {
+        "${public_virtual_ip}:${public_ssl_port}" => union($haproxy_listen_bind_param, ['ssl', 'crt', $public_certificate]),
+      }
+    } else {
+      $public_bind_opts = {
+        "${public_virtual_ip}:${service_port}" => $haproxy_listen_bind_param,
+      }
+    }
+  } else {
+    # internal service only
+    $public_bind_opts = {}
+  }
+
+  $internal_bind_opts = {
+    "${internal_ip}:${service_port}" => $haproxy_listen_bind_param,
+  }
+  $bind_opts = merge($internal_bind_opts, $public_bind_opts)
+
+  haproxy::listen { "${name}":
+    bind             => $bind_opts,
+    collect_exported => false,
+    mode             => $mode,
+    options          => $listen_options,
+  }
+  haproxy::balancermember { "${name}":
+    listening_service => $name,
+    ports             => $service_port,
+    ipaddresses       => $ip_addresses,
+    server_names      => $server_names,
+    options           => $member_options,
+  }
+}