diff options
author | Michael Polenchuk <mpolenchuk@mirantis.com> | 2017-05-24 12:44:05 +0400 |
---|---|---|
committer | Michael Polenchuk <mpolenchuk@mirantis.com> | 2017-05-24 12:47:57 +0400 |
commit | a6daf4ece3f05600ad66fea55c5220d07a71cef1 (patch) | |
tree | 988e0e370b7c2683f10eff189f2ba7b276b24923 /mcp/reclass/classes/system/haproxy | |
parent | 7b4fbdd9be1a234c345b21ebf0eafcf7f5187f26 (diff) |
[mcp] Bring in reclass system salt models
Change-Id: I1a865b7524f3a5242544e60e6b36b1092721c58b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Diffstat (limited to 'mcp/reclass/classes/system/haproxy')
54 files changed, 1701 insertions, 0 deletions
diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/aptly.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/aptly.yml new file mode 100644 index 000000000..fb24c1f0d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/aptly.yml @@ -0,0 +1,55 @@ +parameters: + _param: + haproxy_aptly_api_bind_host: ${_param:haproxy_bind_address} + haproxy_aptly_api_bind_port: 8084 + haproxy_aptly_public_bind_host: ${_param:haproxy_bind_address} + haproxy_aptly_public_bind_port: 8085 + haproxy: + proxy: + listen: + aptly-api: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_aptly_api_bind_host} + port: ${_param:haproxy_aptly_api_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18084 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18084 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18084 + params: backup check + aptly-public: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_aptly_public_bind_host} + port: ${_param:haproxy_aptly_public_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18085 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18085 + params: check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18085 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/gerrit.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/gerrit.yml new file mode 100644 index 000000000..51d494b61 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/gerrit.yml @@ -0,0 +1,58 @@ +parameters: + _param: + haproxy_gerrit_bind_host: ${_param:haproxy_bind_address} + haproxy_gerrit_bind_port: 8080 + haproxy_gerrit_ssh_bind_host: ${_param:haproxy_gerrit_bind_host} + haproxy_gerrit_ssh_bind_port: 29418 + haproxy_gerrit_ssl: + enabled: false + haproxy: + proxy: + listen: + gerrit: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_gerrit_bind_host} + port: ${_param:haproxy_gerrit_bind_port} + ssl: ${_param:haproxy_gerrit_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18083 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18083 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18083 + params: backup check + gerrit_ssh: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_gerrit_ssh_bind_host} + port: ${_param:haproxy_gerrit_ssh_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 29417 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 29417 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 29417 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/jenkins.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/jenkins.yml new file mode 100644 index 000000000..eda12f84e --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/jenkins.yml @@ -0,0 +1,60 @@ +parameters: + _param: + haproxy_jenkins_bind_host: ${_param:haproxy_bind_address} + haproxy_jenkins_bind_port: 8081 + haproxy_jenkins_jnlp_bind_host: ${_param:haproxy_jenkins_bind_host} + haproxy_jenkins_jnlp_bind_port: 50000 + haproxy_jenkins_ssl: + enabled: false + haproxy: + proxy: + listen: + jenkins: + mode: http + options: + - forwardfor +# - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + http_response: + - action: "del-header X-Frame-Options" + binds: + - address: ${_param:haproxy_jenkins_bind_host} + port: ${_param:haproxy_jenkins_bind_port} + ssl: ${_param:haproxy_jenkins_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18081 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18081 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18081 + params: backup check + jenkins_jnlp: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_jenkins_jnlp_bind_host} + port: ${_param:haproxy_jenkins_jnlp_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 50001 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 50001 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 50001 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/docker/registry.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/registry.yml new file mode 100644 index 000000000..8d45e971f --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/registry.yml @@ -0,0 +1,36 @@ +parameters: + _param: + haproxy_docker_registry_listen_host: ${_param:haproxy_bind_address} + haproxy_docker_registry_listen_port: 5000 + haproxy_docker_registry_ssl: + enabled: false + haproxy: + proxy: + listen: + registry: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_docker_registry_listen_host} + port: ${_param:haproxy_docker_registry_listen_port} + ssl: ${_param:haproxy_docker_registry_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 15000 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 15000 + params: check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 15000 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/docker/visualizer.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/visualizer.yml new file mode 100644 index 000000000..409815c4d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/visualizer.yml @@ -0,0 +1,30 @@ +parameters: + _param: + haproxy_docker_visualizer_listen_port: 8091 + haproxy: + proxy: + listen: + visualizer: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_bind_address} + port: ${_param:haproxy_docker_visualizer_listen_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18090 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18090 + params: check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18090 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/elasticsearch.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/elasticsearch.yml new file mode 100644 index 000000000..cb1a8e5ec --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/elasticsearch.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + elasticsearch: + mode: http + service_name: elasticsearch + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: roundrobin + binds: + - address: ${_param:cluster_vip_address} + port: 9200 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 9200 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 9200 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 9200 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kibana.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kibana.yml new file mode 100644 index 000000000..a2180cb25 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kibana.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + kibana: + mode: http + service_name: kibana + options: + - forwardfor +# - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 80 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 5601 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 5601 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 5601 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver.yml new file mode 100644 index 000000000..a45a71a75 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + k8s_secure: + type: kubernetes + options: + - ssl-hello-chk + binds: + - address: ${_param:cluster_vip_address} + port: 443 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 443 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 443 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 443 + params: check
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver_insecure.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver_insecure.yml new file mode 100644 index 000000000..a365c5190 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver_insecure.yml @@ -0,0 +1,40 @@ +parameters: + haproxy: + proxy: + listen: + k8s_cluster: + type: kubernetes + binds: + - address: ${_param:cluster_vip_address} + port: 8080 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8080 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8080 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8080 + params: check + k8s_cluster_localhost: + type: kubernetes + binds: + - address: localhost + port: 8080 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8080 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8080 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8080 + params: check
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/etcd.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/etcd.yml new file mode 100644 index 000000000..c31419165 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/etcd.yml @@ -0,0 +1,22 @@ +parameters: + haproxy: + proxy: + listen: + etcd_cluster: + type: etcd + binds: + - address: ${_param:cluster_vip_address} + port: 4001 + servers: + - name: etc01 + host: ${_param:cluster_node01_address} + port: 4001 + params: check + - name: etc02 + host: ${_param:cluster_node02_address} + port: 4001 + params: backup check + - name: etc03 + host: ${_param:cluster_node03_address} + port: 4001 + params: backup check
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/logging.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/logging.yml new file mode 100644 index 000000000..48a4b5ce5 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/logging.yml @@ -0,0 +1,6 @@ +classes: + - service.haproxy.proxy.single + - service.haproxy.proxy.stats + # Services + - system.haproxy.proxy._kibana + - system.haproxy.proxy._elasticsearch diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/monitoring.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/monitoring.yml new file mode 100644 index 000000000..a59d84ac8 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/monitoring.yml @@ -0,0 +1,8 @@ +classes: + - service.haproxy.proxy.single + - service.haproxy.proxy.stats + # Services + - system.haproxy.proxy._rabbitmq + - system.haproxy.proxy._uchiwa + - system.haproxy.proxy._sensu + - system.haproxy.proxy._redis diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/mysql.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/mysql.yml new file mode 100644 index 000000000..a7ef9105b --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/mysql.yml @@ -0,0 +1,26 @@ +parameters: + _param: + haproxy_mysql_bind_port: 3306 + haproxy_mysql_source_port: 3306 + haproxy: + proxy: + listen: + mysql: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_bind_address} + port: ${_param:haproxy_mysql_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_mysql_source_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_mysql_source_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_mysql_source_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/analytics.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/analytics.yml new file mode 100644 index 000000000..fd20277dd --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/analytics.yml @@ -0,0 +1,53 @@ +parameters: + haproxy: + proxy: + listen: + contrail_analytics: + type: contrail-analytics + service_name: contrail + binds: + - address: ${_param:cluster_vip_address} + port: 8081 + servers: + - name: nal01 + host: ${_param:cluster_node01_address} + port: 9081 + params: check inter 2000 rise 2 fall 3 + - name: nal02 + host: ${_param:cluster_node02_address} + port: 9081 + params: check inter 2000 rise 2 fall 3 + - name: nal03 + host: ${_param:cluster_node03_address} + port: 9081 + params: check inter 2000 rise 2 fall 3 + contrail_config_stats: + type: contrail-config + service_name: contrail + check: false + format: listen + binds: + - address: '*' + port: 5937 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_openstack_stats: + type: contrail-config + service_name: contrail + check: false + format: listen + binds: + - address: '*' + port: 5936 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_collector_stats: + type: contrail-config + service_name: contrail + check: false + format: listen + binds: + - address: '*' + port: 5938 + user: haproxy + password: ${_param:opencontrail_stats_password} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/control.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/control.yml new file mode 100644 index 000000000..c38968275 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/control.yml @@ -0,0 +1,69 @@ +parameters: + haproxy: + proxy: + listen: + contrail_api: + type: contrail-api + service_name: contrail + binds: + - address: ${_param:cluster_vip_address} + port: 8082 + servers: + - name: ntw01 + host: ${_param:cluster_node01_address} + port: 9100 + params: check inter 2000 rise 2 fall 3 + - name: ntw02 + host: ${_param:cluster_node02_address} + port: 9100 + params: check inter 2000 rise 2 fall 3 + - name: ntw03 + host: ${_param:cluster_node03_address} + port: 9100 + params: check inter 2000 rise 2 fall 3 + contrail_discovery: + type: contrail-api + service_name: contrail + binds: + - address: ${_param:cluster_vip_address} + port: 5998 + servers: + - name: ntw01 + host: ${_param:cluster_node01_address} + port: 9110 + params: check inter 2000 rise 2 fall 3 + - name: ntw02 + host: ${_param:cluster_node02_address} + port: 9110 + params: check inter 2000 rise 2 fall 3 + - name: ntw03 + host: ${_param:cluster_node03_address} + port: 9110 + params: check inter 2000 rise 2 fall 3 + contrail_config_stats: + type: contrail-config + check: false + format: listen + binds: + - address: '*' + port: 5937 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_openstack_stats: + type: contrail-config + check: false + format: listen + binds: + - address: '*' + port: 5936 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_collector_stats: + type: contrail-config + check: false + format: listen + binds: + - address: '*' + port: 5938 + user: haproxy + password: ${_param:opencontrail_stats_password} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openldap.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openldap.yml new file mode 100644 index 000000000..b6f79a039 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openldap.yml @@ -0,0 +1,46 @@ +parameters: + _param: + haproxy_openldap_bind_host: ${_param:haproxy_bind_address} + haproxy_openldap_bind_port: 389 + haproxy_openldap_ssl_bind_port: 636 + haproxy: + proxy: + listen: + openldap: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_openldap_bind_host} + port: ${_param:haproxy_openldap_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 1389 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 1389 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 1389 + params: backup check + openldap_ssl: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_openldap_bind_host} + port: ${_param:haproxy_openldap_ssl_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 1636 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 1636 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 1636 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/aodh.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/aodh.yml new file mode 100644 index 000000000..6b024aa2f --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/aodh.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + aodh-api: + type: openstack-service + service_name: aodh + binds: + - address: ${_param:cluster_vip_address} + port: 8042 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8042 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8042 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8042 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/ceilometer.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/ceilometer.yml new file mode 100644 index 000000000..68eef43c6 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/ceilometer.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + ceilometer_api: + type: general-service + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8777 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8777 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8777 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8777 + params: check
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/cinder.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/cinder.yml new file mode 100644 index 000000000..a693e6e21 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/cinder.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + cinder_api: + type: openstack-service + service_name: cinder + binds: + - address: ${_param:cluster_vip_address} + port: 8776 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8776 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8776 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8776 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/designate.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/designate.yml new file mode 100644 index 000000000..7a54af27d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/designate.yml @@ -0,0 +1,19 @@ +parameters: + haproxy: + proxy: + listen: + designate_api: + type: openstack-service + service_name: designate + binds: + - address: ${_param:cluster_vip_address} + port: 9001 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 9001 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 9001 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/galera.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/galera.yml new file mode 100644 index 000000000..254dc3b03 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/galera.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + timeout: + queue: '10s' + connect: '10s' + client: '10s' + server: '10s' + check: '10s' + listen: + mysql_cluster: + type: mysql + service_name: mysql + binds: + - address: ${_param:cluster_vip_address} + port: 3306 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3306 + params: check inter 20s fastinter 2s downinter 2s rise 3 fall 3 + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3306 + params: backup check inter 20s fastinter 2s downinter 2s rise 3 fall 3 + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 3306 + params: backup check inter 20s fastinter 2s downinter 2s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glance.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glance.yml new file mode 100644 index 000000000..729cc5b69 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glance.yml @@ -0,0 +1,42 @@ +parameters: + haproxy: + proxy: + listen: + glance_api: + type: openstack-service + service_name: glance + binds: + - address: ${_param:cluster_vip_address} + port: 9292 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9292 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9292 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9292 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + glance_registry_api: + type: general-service + service_name: glance + binds: + - address: ${_param:cluster_vip_address} + port: 9191 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9191 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9191 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9191 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glare.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glare.yml new file mode 100644 index 000000000..a98427511 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glare.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + glare: + type: general-service + service_name: glare + binds: + - address: ${_param:cluster_vip_address} + port: 9494 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9494 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9494 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9494 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/heat.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/heat.yml new file mode 100644 index 000000000..440a018b2 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/heat.yml @@ -0,0 +1,61 @@ +parameters: + haproxy: + proxy: + listen: + heat_cloudwatch_api: + type: openstack-service + service_name: heat + binds: + - address: ${_param:cluster_vip_address} + port: 8000 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + heat_api: + type: openstack-service + service_name: heat + binds: + - address: ${_param:cluster_vip_address} + port: 8004 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8004 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8004 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8004 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + heat_cfn_api: + type: openstack-service + service_name: heat + binds: + - address: ${_param:cluster_vip_address} + port: 8003 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8003 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8003 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8003 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/horizon.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/horizon.yml new file mode 100644 index 000000000..9bf838cd7 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/horizon.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + horizon_web: + type: general-service + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8078 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8078 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8078 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8078 + params: check
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/keystone.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/keystone.yml new file mode 100644 index 000000000..17e537ecf --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/keystone.yml @@ -0,0 +1,42 @@ +parameters: + haproxy: + proxy: + listen: + keystone_public_api: + type: openstack-service + service_name: keystone + binds: + - address: ${_param:cluster_vip_address} + port: 5000 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 5000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 5000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 5000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + keystone_admin_api: + type: openstack-service + service_name: keystone + binds: + - address: ${_param:cluster_vip_address} + port: 35357 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 35357 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 35357 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 35357 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/murano.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/murano.yml new file mode 100644 index 000000000..0427820ba --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/murano.yml @@ -0,0 +1,18 @@ +parameters: + haproxy: + proxy: + listen: + murano_api: + type: openstack-service + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8082 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8082 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8082
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/neutron.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/neutron.yml new file mode 100644 index 000000000..1f8b4d596 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/neutron.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + neutron_api: + type: openstack-service + service_name: neutron + binds: + - address: ${_param:cluster_vip_address} + port: 9696 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova-placement.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova-placement.yml new file mode 100644 index 000000000..e3b72b7dc --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova-placement.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + nova_placement_api: + mode: http + binds: + - address: ${_param:cluster_vip_address} + port: 8778 + options: + - httpclose + - httplog + health-check: + http: + options: + - expect status 401 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8778 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8778 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8778 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova.yml new file mode 100644 index 000000000..3865a822c --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova.yml @@ -0,0 +1,61 @@ +parameters: + haproxy: + proxy: + listen: + nova_ec2_api: + type: general-service + service_name: nova + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8773 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8773 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8773 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8773 + params: check + nova_api: + type: openstack-service + service_name: nova + binds: + - address: ${_param:cluster_vip_address} + port: 8774 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8774 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8774 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8774 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + nova_metadata_api: + type: openstack-service + binds: + - address: ${_param:cluster_vip_address} + port: 8775 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8775 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8775 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8775 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/novnc.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/novnc.yml new file mode 100644 index 000000000..78b7d98bd --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/novnc.yml @@ -0,0 +1,25 @@ +parameters: + haproxy: + proxy: + listen: + nova_novnc: + type: general-service + service_name: http + check: true + binds: + - address: ${_param:cluster_vip_address} + port: 6080 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 6080 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 6080 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 6080 + params: check + diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/sahara.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/sahara.yml new file mode 100644 index 000000000..3bbf8094c --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/sahara.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + sahara_api: + type: openstack-service + options: + - httplog + binds: + - address: ${_param:cluster_vip_address} + port: 8386 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8386 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8386 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8386 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml new file mode 100644 index 000000000..e5c25cfbd --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_devops_portal_bind_host: ${_param:haproxy_bind_address} + haproxy_devops_portal_bind_port: 8800 + haproxy_devops_portal_ssl: + enabled: false + haproxy: + proxy: + listen: + devops_portal: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_devops_portal_bind_host} + port: ${_param:haproxy_devops_portal_bind_port} + ssl: ${_param:haproxy_devops_portal_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18800 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18800 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18800 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml new file mode 100644 index 000000000..2f5d1ee40 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml @@ -0,0 +1,38 @@ +parameters: + _param: + haproxy_elasticsearch_bind_host: ${_param:haproxy_bind_address} + haproxy_elasticsearch_bind_port: 9200 + haproxy_elasticsearch_exposed_port: 19200 + haproxy_elasticsearch_ssl: + enabled: false + haproxy: + proxy: + listen: + elasticsearch: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_elasticsearch_bind_host} + port: ${_param:haproxy_elasticsearch_bind_port} + ssl: ${_param:haproxy_elasticsearch_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml new file mode 100644 index 000000000..1bc1f44c9 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml @@ -0,0 +1,32 @@ +parameters: + _param: + haproxy_postgresql_bind_host: ${_param:haproxy_bind_address} + haproxy_postgresql_bind_port: 5432 + haproxy_postgresql_exposed_port: 15432 + haproxy_postgresql_ssl: + enabled: false + haproxy: + proxy: + listen: + postgresql: + mode: tcp + balance: source + options: + - tcp-check + binds: + - address: ${_param:haproxy_postgresql_bind_host} + port: ${_param:haproxy_postgresql_bind_port} + ssl: ${_param:haproxy_postgresql_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: check port ${_param:haproxy_postgresql_exposed_port} + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: backup check port ${_param:haproxy_postgresql_exposed_port} + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: backup check port ${_param:haproxy_postgresql_exposed_port} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml new file mode 100644 index 000000000..db33352ca --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_pushkin_bind_host: ${_param:haproxy_bind_address} + haproxy_pushkin_bind_port: 8887 + haproxy_pushkin_exposed_port: 18887 + haproxy_pushkin_ssl: + enabled: false + haproxy: + proxy: + listen: + pushkin: + mode: http + options: + - httpchk GET /apps + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + sticks: + - http-check expect status 200 + binds: + - address: ${_param:haproxy_pushkin_bind_host} + port: ${_param:haproxy_pushkin_bind_port} + ssl: ${_param:haproxy_pushkin_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml new file mode 100644 index 000000000..fbabb381d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_rundeck_bind_host: ${_param:haproxy_bind_address} + haproxy_rundeck_bind_port: 4440 + haproxy_rundeck_ssl: + enabled: false + haproxy: + proxy: + listen: + rundeck: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_rundeck_bind_host} + port: ${_param:haproxy_rundeck_bind_port} + ssl: ${_param:haproxy_rundeck_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 14440 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 14440 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 14440 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml new file mode 100644 index 000000000..549869996 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_security_monkey_bind_host: ${_param:haproxy_bind_address} + haproxy_security_monkey_bind_port: 5001 + haproxy_security_monkey_exposed_port: 15001 + haproxy_security_monkey_ssl: + enabled: false + haproxy: + proxy: + listen: + security_monkey: + mode: http + options: + - httpchk GET / + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + sticks: + - http-check expect status 404 + binds: + - address: ${_param:haproxy_security_monkey_bind_host} + port: ${_param:haproxy_security_monkey_bind_port} + ssl: ${_param:haproxy_security_monkey_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/phpldapadmin.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/phpldapadmin.yml new file mode 100644 index 000000000..b2b7f93da --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/phpldapadmin.yml @@ -0,0 +1,30 @@ +parameters: + _param: + haproxy_phpldapadmin_bind_host: ${_param:haproxy_bind_address} + haproxy_phpldapadmin_bind_port: 8089 + haproxy: + proxy: + listen: + phpldapadmin: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_phpldapadmin_bind_host} + port: ${_param:haproxy_phpldapadmin_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18089 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18089 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18089 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/rabbitmq.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/rabbitmq.yml new file mode 100644 index 000000000..83992dd11 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/rabbitmq.yml @@ -0,0 +1,34 @@ +parameters: + haproxy: + proxy: + listen: + rabbitmq: + type: rabbitmq + service_name: rabbitmq + binds: + - address: ${_param:cluster_vip_address} + port: 5672 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 5672 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 5672 + params: backup check + rabbitmq_management: + type: rabbitmq + service_name: rabbitmq + binds: + - address: ${_param:cluster_vip_address} + port: 15672 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 15672 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 15672 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/radosgw.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/radosgw.yml new file mode 100644 index 000000000..369306ba4 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/radosgw.yml @@ -0,0 +1,26 @@ +parameters: + _param: + haproxy_radosgw_bind_port: 8080 + haproxy_radosgw_source_port: 8080 + haproxy: + proxy: + listen: + radosgw: + mode: tcp + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:haproxy_radosgw_bind_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_radosgw_source_port} + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_radosgw_source_port} + params: backup check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_radosgw_source_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/redis.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/redis.yml new file mode 100644 index 000000000..fc4695337 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/redis.yml @@ -0,0 +1,20 @@ +parameters: + haproxy: + proxy: + listen: + redis: + mode: tcp + service_name: redis + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 6379 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 6379 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 6379 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/salt.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/salt.yml new file mode 100644 index 000000000..ba54c0740 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/salt.yml @@ -0,0 +1,31 @@ +parameters: + haproxy: + proxy: + listen: + salt: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + timeout: + server: 20m + client: 20m + binds: + - address: ${_param:haproxy_bind_address} + port: 8000 + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 8000 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 8000 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 8000 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/sensu.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/sensu.yml new file mode 100644 index 000000000..739916cf1 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/sensu.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + sensu: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 4567 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 4567 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 4567 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/elasticsearch.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/elasticsearch.yml new file mode 100644 index 000000000..531d647f0 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/elasticsearch.yml @@ -0,0 +1,28 @@ +parameters: + haproxy: + proxy: + listen: + elasticsearch: + mode: http + options: + - httplog + - http-keep-alive + - prefer-last-server + - dontlog-normal + balance: roundrobin + binds: + - address: ${_param:cluster_vip_address} + port: 9200 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 9200 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 9200 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 9200 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/grafana.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/grafana.yml new file mode 100644 index 000000000..3f59ce268 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/grafana.yml @@ -0,0 +1,26 @@ +parameters: + haproxy: + proxy: + listen: + grafana: + mode: http + options: + - httplog + - dontlog-normal + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:cluster_grafana_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3000 + params: 'check' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3000 + params: 'check' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 3000 + params: 'check' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/influxdb.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/influxdb.yml new file mode 100644 index 000000000..02e25d7b2 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/influxdb.yml @@ -0,0 +1,28 @@ +parameters: + _param: + cluster_influxdb_port: ${_param:influxdb_port} + haproxy: + proxy: + listen: + influxdb: + mode: http + options: + - "httpchk GET /ping" + - httplog + - dontlog-normal + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:cluster_influxdb_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8086 + params: 'check' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8086 + params: 'backup check' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8086 + params: 'backup check' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/kibana.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/kibana.yml new file mode 100644 index 000000000..e92e38a43 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/kibana.yml @@ -0,0 +1,28 @@ +parameters: + haproxy: + proxy: + listen: + kibana: + mode: http + options: + - httplog + - http-keep-alive + - prefer-last-server + - dontlog-normal + balance: roundrobin + binds: + - address: ${_param:cluster_vip_address} + port: 5601 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 5601 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 5601 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 5601 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/redis.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/redis.yml new file mode 100644 index 000000000..881e8ed9a --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/redis.yml @@ -0,0 +1,32 @@ +parameters: + haproxy: + proxy: + listen: + redis: + mode: tcp + check: False + health-check: + tcp: + options: + - send PING\r\n + - expect string +PONG + - send info\ replication\r\n + - expect string role:master + - send QUIT\r\n + - expect string +OK + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:cluster_redis_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 6379 + params: 'check' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 6379 + params: 'check' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 6379 + params: 'check' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/sensu.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/sensu.yml new file mode 100644 index 000000000..33ab5bcd4 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/sensu.yml @@ -0,0 +1,28 @@ +parameters: + haproxy: + proxy: + listen: + sensu: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 4567 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 4567 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 4567 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 4567 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/uchiwa.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/uchiwa.yml new file mode 100644 index 000000000..3bec0e82b --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/uchiwa.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + uchiwa: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 3001 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3001 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3001 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 3001 + params: check + diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stats.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stats.yml new file mode 100644 index 000000000..1d093f17b --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stats.yml @@ -0,0 +1,12 @@ +parameters: + _param: + haproxy_stats_port: 9600 + haproxy: + proxy: + listen: + stats: + type: stats + check: false + binds: + - address: ${_param:haproxy_bind_address} + port: ${_param:haproxy_stats_port} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/uchiwa.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/uchiwa.yml new file mode 100644 index 000000000..1f25bc49c --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/uchiwa.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + uchiwa: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 80 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3000 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3000 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/single.yml b/mcp/reclass/classes/system/haproxy/proxy/single.yml new file mode 100644 index 000000000..dc9c6685a --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/single.yml @@ -0,0 +1,4 @@ +parameters: + haproxy: + proxy: + enabled: true |