diff options
Diffstat (limited to 'manifests/haproxy.pp')
| -rw-r--r-- | manifests/haproxy.pp | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index cc21e37..043e01e 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -251,6 +251,10 @@ # (optional) Enable or not RabbitMQ binding # Defaults to false # +# [*etcd*] +# (optional) Enable or not Etcd binding +# Defaults to hiera('etcd_enabled', false) +# # [*docker_registry*] # (optional) Enable or not the Docker Registry API binding # Defaults to hiera('enable_docker_registry', false) @@ -380,6 +384,10 @@ # (optional) Specify the network nova_osapi is running on. # Defaults to hiera('nova_api_network', undef) # +# [*nova_placement_network*] +# (optional) Specify the network nova_placement is running on. +# Defaults to hiera('nova_placement_network', undef) +# # [*opendaylight_network*] # (optional) Specify the network opendaylight is running on. # Defaults to hiera('opendaylight_api_network', undef) @@ -526,6 +534,7 @@ class tripleo::haproxy ( $mysql_clustercheck = false, $mysql_member_options = undef, $rabbitmq = false, + $etcd = hiera('etcd_enabled', false), $docker_registry = hiera('enable_docker_registry', false), $redis = hiera('redis_enabled', false), $redis_password = undef, @@ -558,6 +567,7 @@ class tripleo::haproxy ( $nova_metadata_network = hiera('nova_api_network', undef), $nova_novncproxy_network = hiera('nova_vnc_proxy_network', undef), $nova_osapi_network = hiera('nova_api_network', undef), + $nova_placement_network = hiera('nova_placement_network', undef), $panko_network = hiera('panko_api_network', undef), $ovn_dbs_network = hiera('ovn_dbs_network', undef), $sahara_network = hiera('sahara_api_network', undef), @@ -713,6 +723,11 @@ class tripleo::haproxy ( "${redis_vip}:6379" => $haproxy_listen_bind_param, } + $etcd_vip = hiera('etcd_vip', $controller_virtual_ip) + $etcd_bind_opts = { + "${etcd_vip}:2379" => $haproxy_listen_bind_param, + } + class { '::haproxy': service_manage => $haproxy_service_manage, global_options => { @@ -952,7 +967,7 @@ class tripleo::haproxy ( 'set-header X-Forwarded-Proto http if !{ ssl_fc }'], }, public_ssl_port => $ports[nova_placement_ssl_port], - service_network => $nova_osapi_network, + service_network => $nova_placement_network, member_options => union($haproxy_member_options, $internal_tls_member_options), } } @@ -1235,6 +1250,15 @@ class tripleo::haproxy ( server_names => hiera('mysql_node_names', $controller_hosts_names_real), options => $mysql_member_options_real, } + if hiera('manage_firewall', true) { + include ::tripleo::firewall + $mysql_firewall_rules = { + '100 mysql_haproxy' => { + 'dport' => 3306, + } + } + create_resources('tripleo::firewall::rule', $mysql_firewall_rules) + } } if $rabbitmq { @@ -1255,6 +1279,23 @@ class tripleo::haproxy ( } } + if $etcd { + haproxy::listen { 'etcd': + bind => $etcd_bind_opts, + options => { + 'balance' => 'source', + }, + collect_exported => false, + } + haproxy::balancermember { 'etcd': + listening_service => 'etcd', + ports => '2379', + ipaddresses => hiera('etcd_node_ips', $controller_hosts_real), + server_names => hiera('etcd_node_names', $controller_hosts_names_real), + options => $haproxy_member_options, + } + } + if $docker_registry { ::tripleo::haproxy::endpoint { 'docker-registry': public_virtual_ip => $public_virtual_ip, @@ -1294,6 +1335,15 @@ class tripleo::haproxy ( server_names => hiera('redis_node_names', $controller_hosts_names_real), options => $haproxy_member_options, } + if hiera('manage_firewall', true) { + include ::tripleo::firewall + $redis_firewall_rules = { + '100 redis_haproxy' => { + 'dport' => 6379, + } + } + create_resources('tripleo::firewall::rule', $redis_firewall_rules) + } } $midonet_cluster_vip = hiera('midonet_cluster_vip', $controller_virtual_ip) |