diff options
Diffstat (limited to 'manifests/haproxy.pp')
| -rw-r--r-- | manifests/haproxy.pp | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index 3ad10eb..5f563ba 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -230,6 +230,10 @@ # (optional) Enable or not RabbitMQ binding # Defaults to false # +# [*docker_registry*] +# (optional) Enable or not the Docker Registry API binding +# Defaults to hiera('enable_docker_registry', false) +# # [*redis*] # (optional) Enable or not Redis binding # Defaults to hiera('redis_enabled', false) @@ -259,6 +263,10 @@ # (optional) Enable or not Zaqar Websockets binding # Defaults to false # +# [*ui*] +# (optional) Enable or not TripleO UI +# Defaults to false +# # [*aodh_network*] # (optional) Specify the network aodh is running on. # Defaults to hiera('aodh_api_network', undef) @@ -275,6 +283,10 @@ # (optional) Specify the network cinder is running on. # Defaults to hiera('cinder_api_network', undef) # +# [*docker_registry_network*] +# (optional) Specify the network docker-registry is running on. +# Defaults to hiera('docker_registry_network', undef) +# # [*glance_api_network*] # (optional) Specify the network glance_api is running on. # Defaults to hiera('glance_api_network', undef) @@ -368,6 +380,8 @@ # 'ceilometer_api_ssl_port' (Defaults to 13777) # 'cinder_api_port' (Defaults to 8776) # 'cinder_api_ssl_port' (Defaults to 13776) +# 'docker_registry_port' (Defaults to 8787) +# 'docker_registry_ssl_port' (Defaults to 13787) # 'glance_api_port' (Defaults to 9292) # 'glance_api_ssl_port' (Defaults to 13292) # 'glance_registry_port' (Defaults to 9191) @@ -462,6 +476,7 @@ class tripleo::haproxy ( $mysql = hiera('mysql_enabled', false), $mysql_clustercheck = false, $rabbitmq = false, + $docker_registry = hiera('enable_docker_registry', false), $redis = hiera('redis_enabled', false), $redis_password = undef, $midonet_api = false, @@ -469,10 +484,12 @@ class tripleo::haproxy ( $ceph_rgw = hiera('ceph_rgw_enabled', false), $opendaylight = hiera('opendaylight_api_enabled', false), $zaqar_ws = hiera('zaqar_api_enabled', false), + $ui = hiera('enable_ui', false), $aodh_network = hiera('aodh_api_network', undef), $ceilometer_network = hiera('ceilometer_api_network', undef), $ceph_rgw_network = hiera('ceph_rgw_network', undef), $cinder_network = hiera('cinder_api_network', undef), + $docker_registry_network = hiera('docker_registry_network', undef), $glance_api_network = hiera('glance_api_network', undef), $glance_registry_network = hiera('glance_registry_network', undef), $gnocchi_network = hiera('gnocchi_api_network', undef), @@ -502,6 +519,8 @@ class tripleo::haproxy ( ceilometer_api_ssl_port => 13777, cinder_api_port => 8776, cinder_api_ssl_port => 13776, + docker_registry_port => 8787, + docker_registry_ssl_port => 13787, glance_api_port => 9292, glance_api_ssl_port => 13292, glance_registry_port => 9191, @@ -538,6 +557,8 @@ class tripleo::haproxy ( swift_proxy_ssl_port => 13808, trove_api_port => 8779, trove_api_ssl_port => 13779, + ui_port => 3000, + ui_ssl_port => 443, zaqar_api_port => 8888, zaqar_api_ssl_port => 13888, ceph_rgw_port => 8080, @@ -645,6 +666,10 @@ class tripleo::haproxy ( 'maxconn' => $haproxy_global_maxconn, 'ssl-default-bind-ciphers' => $ssl_cipher_suite, 'ssl-default-bind-options' => $ssl_options, + 'stats' => [ + 'socket /var/run/haproxy.sock mode 600 level user', + 'timeout 2m' + ], }, defaults_options => { 'mode' => 'tcp', @@ -880,6 +905,7 @@ class tripleo::haproxy ( server_names => hiera('ceilometer_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[ceilometer_api_ssl_port], service_network => $ceilometer_network, + member_options => union($haproxy_member_options, $internal_tls_member_options), } } @@ -892,6 +918,7 @@ class tripleo::haproxy ( server_names => hiera('aodh_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[aodh_api_ssl_port], service_network => $aodh_network, + member_options => union($haproxy_member_options, $internal_tls_member_options), } } @@ -920,12 +947,17 @@ class tripleo::haproxy ( } if $swift_proxy_server { + $swift_proxy_server_listen_options = { + 'timeout client' => '2m', + 'timeout server' => '2m', + } ::tripleo::haproxy::endpoint { 'swift_proxy_server': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('swift_proxy_vip', $controller_virtual_ip), service_port => $ports[swift_proxy_port], ip_addresses => hiera('swift_proxy_node_ips', $controller_hosts_real), server_names => hiera('swift_proxy_node_names', $controller_hosts_names_real), + listen_options => $swift_proxy_server_listen_options, public_ssl_port => $ports[swift_proxy_ssl_port], service_network => $swift_proxy_server_network, } @@ -1078,6 +1110,18 @@ class tripleo::haproxy ( } } + if $docker_registry { + ::tripleo::haproxy::endpoint { 'docker-registry': + public_virtual_ip => $public_virtual_ip, + internal_ip => hiera('docker_registry_vip', $controller_virtual_ip), + service_port => $ports[docker_registry_port], + ip_addresses => hiera('docker_registry_node_ips', $controller_hosts_real), + server_names => hiera('docker_registry_node_names', $controller_hosts_names_real), + public_ssl_port => $ports[docker_registry_ssl_port], + service_network => $docker_registry_network, + } + } + if $redis { if $redis_password { $redis_tcp_check_options = ["send AUTH\\ ${redis_password}\\r\\n"] @@ -1196,4 +1240,17 @@ class tripleo::haproxy ( service_network => $zaqar_api_network, } } + + if $ui { + ::tripleo::haproxy::endpoint { 'ui': + public_virtual_ip => $public_virtual_ip, + internal_ip => hiera('ui_vip', $controller_virtual_ip), + service_port => $ports[ui_port], + ip_addresses => hiera('ui_ips', $controller_hosts_real), + server_names => $controller_hosts_names_real, + mode => 'http', + public_ssl_port => $ports[ui_ssl_port], + } + } + } |