diff options
-rw-r--r-- | manifests/loadbalancer.pp | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp index 37c8c66..2557d06 100644 --- a/manifests/loadbalancer.pp +++ b/manifests/loadbalancer.pp @@ -137,6 +137,10 @@ # [*aodh_certificate*] # Filename of an HAProxy-compatible certificate and key file # When set, enables SSL on the Aodh public API endpoint using the specified file. +# +# [*sahara_certificate*] +# Filename of an HAProxy-compatible certificate and key file +# When set, enables SSL on the Sahara public API endpoint using the specified file. # Defaults to undef # # [*swift_certificate*] @@ -179,6 +183,10 @@ # (optional) Enable or not Manila API binding # Defaults to false # +# [*sahara*] +# (optional) Enable or not Sahara API binding +# defaults to false +# # [*glance_api*] # (optional) Enable or not Glance API binding # Defaults to false @@ -276,6 +284,7 @@ class tripleo::loadbalancer ( $keystone_certificate = undef, $neutron_certificate = undef, $cinder_certificate = undef, + $sahara_certificate = undef, $manila_certificate = undef, $glance_certificate = undef, $nova_certificate = undef, @@ -289,6 +298,7 @@ class tripleo::loadbalancer ( $keystone_public = false, $neutron = false, $cinder = false, + $sahara = false, $manila = false, $glance_api = false, $glance_registry = false, @@ -422,6 +432,11 @@ class tripleo::loadbalancer ( } else { $cinder_bind_certificate = $service_certificate } + if $sahara_certificate { + $sahara_bind_certificate = $sahara_certificate + } else { + $sahara_bind_certificate = $service_certificate + } if $manila_certificate { $manila_bind_certificate = $manila_certificate } else { @@ -542,6 +557,19 @@ class tripleo::loadbalancer ( } } + $sahara_api_vip = hiera('sahara_api_vip', $controller_virtual_ip) + if $sahara_bind_certificate { + $sahara_bind_opts = { + "${sahara_api_vip}:8386" => [], + "${public_virtual_ip}:13786" => ['ssl', 'crt', $sahara_bind_certificate], + } + } else { + $sahara_bind_opts = { + "${sahara_api_vip}:8386" => [], + "${public_virtual_ip}:8386" => [], + } + } + $nova_api_vip = hiera('nova_api_vip', $controller_virtual_ip) if $nova_bind_certificate { $nova_osapi_bind_opts = { @@ -776,6 +804,20 @@ class tripleo::loadbalancer ( } } + if $sahara { + haproxy::listen { 'sahara': + bind => $sahara_bind_opts, + collect_exported => false, + } + haproxy::balancermember { 'sahara': + listening_service => 'sahara', + ports => '8386', + ipaddresses => hiera('sahara_api_node_ips', $controller_hosts_real), + server_names => $controller_hosts_names_real, + options => ['check', 'inter 2000', 'rise 2', 'fall 5'], + } + } + if $glance_api { haproxy::listen { 'glance_api': bind => $glance_bind_opts, |