diff options
author | Michael Polenchuk <mpolenchuk@mirantis.com> | 2017-05-24 12:44:05 +0400 |
---|---|---|
committer | Michael Polenchuk <mpolenchuk@mirantis.com> | 2017-05-24 12:47:57 +0400 |
commit | a6daf4ece3f05600ad66fea55c5220d07a71cef1 (patch) | |
tree | 988e0e370b7c2683f10eff189f2ba7b276b24923 /mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml | |
parent | 7b4fbdd9be1a234c345b21ebf0eafcf7f5187f26 (diff) |
[mcp] Bring in reclass system salt models
Change-Id: I1a865b7524f3a5242544e60e6b36b1092721c58b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Diffstat (limited to 'mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml')
-rw-r--r-- | mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml new file mode 100644 index 000000000..549869996 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_security_monkey_bind_host: ${_param:haproxy_bind_address} + haproxy_security_monkey_bind_port: 5001 + haproxy_security_monkey_exposed_port: 15001 + haproxy_security_monkey_ssl: + enabled: false + haproxy: + proxy: + listen: + security_monkey: + mode: http + options: + - httpchk GET / + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + sticks: + - http-check expect status 404 + binds: + - address: ${_param:haproxy_security_monkey_bind_host} + port: ${_param:haproxy_security_monkey_bind_port} + ssl: ${_param:haproxy_security_monkey_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check |