aboutsummaryrefslogtreecommitdiffstats
path: root/manifests
diff options
context:
space:
mode:
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>2016-08-25 11:36:10 +0300
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2016-09-20 04:52:00 +0000
commitd07cf8e6681c3e67ac12cb82dc32b488dba722c4 (patch)
treee597930ee721b1654759ab9ec34516fe5f7e25a7 /manifests
parent3f2ffe31b5d63d84b3a5c48d3d7607bc3b1b830e (diff)
Terminate Zaqar websocket endpoint in HAProxy
Note that there was a need to modify different timeouts due to the nature of how websockets work. The source where the reasoning and value came from is listed as a comment in the code. Related-Bug: #1625448 Co-Authored-By: Brad P. Crochet <brad@redhat.com> Change-Id: I9de77d5f692c1c9d04e3c59c5de5312e63f81aed
Diffstat (limited to 'manifests')
-rw-r--r--manifests/haproxy.pp33
1 files changed, 33 insertions, 0 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index e1f5d50..6af287e 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -238,6 +238,10 @@
# (optional) Enable or not OpenDaylight binding
# Defaults to hiera('opendaylight_api_enabled', false)
#
+# [*zaqar_ws*]
+# (optional) Enable or not Zaqar Websockets binding
+# Defaults to false
+#
# [*service_ports*]
# (optional) Hash that contains the values to override from the service ports
# The available keys to modify the services' ports are:
@@ -287,6 +291,10 @@
# 'zaqar_api_ssl_port' (Defaults to 13888)
# 'ceph_rgw_port' (Defaults to 8080)
# 'ceph_rgw_ssl_port' (Defaults to 13808)
+# 'zaqar_ws_port' (Defaults to 9000)
+# 'zaqar_ws_ssl_port' (Defaults to 9000)
+# * Note that for zaqar's websockets we don't support having a different
+# port for SSL, because it ignores the handshake.
# Defaults to {}
#
class tripleo::haproxy (
@@ -341,6 +349,7 @@ class tripleo::haproxy (
$zaqar_api = hiera('zaqar_api_enabled', false),
$ceph_rgw = hiera('ceph_rgw_enabled', false),
$opendaylight = hiera('opendaylight_api_enabled', false),
+ $zaqar_ws = hiera('zaqar_api_enabled', false),
$service_ports = {}
) {
$default_service_ports = {
@@ -390,6 +399,8 @@ class tripleo::haproxy (
zaqar_api_ssl_port => 13888,
ceph_rgw_port => 8080,
ceph_rgw_ssl_port => 13808,
+ zaqar_ws_port => 9000,
+ zaqar_ws_ssl_port => 9000,
}
$ports = merge($default_service_ports, $service_ports)
@@ -977,4 +988,26 @@ class tripleo::haproxy (
options => ['check', 'inter 2000', 'rise 2', 'fall 5'],
}
}
+
+ if $zaqar_ws {
+ ::tripleo::haproxy::endpoint { 'zaqar_ws':
+ public_virtual_ip => $public_virtual_ip,
+ internal_ip => hiera('zaqar_ws_vip', $controller_virtual_ip),
+ service_port => $ports[zaqar_ws_port],
+ ip_addresses => hiera('zaqar_ws_node_ips', $controller_hosts_real),
+ server_names => $controller_hosts_names_real,
+ mode => 'http',
+ haproxy_listen_bind_param => [], # We don't use a transparent proxy here
+ listen_options => {
+ # NOTE(jaosorior): Websockets have more overhead in establishing
+ # connections than regular HTTP connections. Also, since it begins
+ # as an HTTP connection and then "upgrades" to a TCP connection, some
+ # timeouts get overriden by others at certain times of the connection.
+ # The following values were taken from the following site:
+ # http://blog.haproxy.com/2012/11/07/websockets-load-balancing-with-haproxy/
+ 'timeout' => ['connect 5s', 'client 25s', 'server 25s', 'tunnel 3600s'],
+ },
+ public_ssl_port => $ports[zaqar_ws_ssl_port],
+ }
+ }
}