Merge pull request #614 from enovance/bind_ipv4_ipv6_haproxy
loadbalancer: Allow user to bind multiple public/private ips
This commit is contained in:
Emilien Macchi
commit
4075c5f08b
@ -98,7 +98,7 @@ fixtures:
|
||||
ref: '4592bfd59cd5d4795069798a14b483e16c98c1ff'
|
||||
'stdlib':
|
||||
repo: 'git://github.com/enovance/puppetlabs-stdlib.git'
|
||||
ref: '224b8f9a191f635b03ee900a9bf87bfdb0f1a6ed'
|
||||
ref: '8a9b2dfc0e463bec39c00c82c30e0a8a8b7867f3'
|
||||
'xinetd':
|
||||
repo: 'git://github.com/enovance/puppetlabs-xinetd.git'
|
||||
ref: '7557af0e418d1a587df04fe7d01322ff2473c32e'
|
||||
|
||||
@ -140,9 +140,11 @@ mod 'ssh',
|
||||
mod 'rsyslog',
|
||||
:git => 'git://github.com/enovance/puppet-rsyslog.git',
|
||||
:ref => '67c7c501b916ebd1a27a8a218d49602339526c4f'
|
||||
#TODO(Spredzy) come back to upstream after
|
||||
# https://github.com/puppetlabs/puppetlabs-stdlib/pull/319
|
||||
mod 'stdlib',
|
||||
:git => 'git://github.com/enovance/puppetlabs-stdlib.git',
|
||||
:ref => '224b8f9a191f635b03ee900a9bf87bfdb0f1a6ed'
|
||||
:ref => '8a9b2dfc0e463bec39c00c82c30e0a8a8b7867f3'
|
||||
mod 'sysctl',
|
||||
:git => 'git://github.com/enovance/puppet-sysctl.git',
|
||||
:ref => '4a463384e844f51b270428643a5b8beb3628e854'
|
||||
|
||||
@ -192,7 +192,7 @@ class cloud::loadbalancer(
|
||||
$keepalived_public_interface = 'eth0',
|
||||
$keepalived_public_ipvs = ['127.0.0.1'],
|
||||
$keepalived_internal_interface = 'eth1',
|
||||
$keepalived_internal_ipvs = false,
|
||||
$keepalived_internal_ipvs = [],
|
||||
$ceilometer_bind_options = [],
|
||||
$cinder_bind_options = [],
|
||||
$ec2_bind_options = [],
|
||||
@ -259,13 +259,13 @@ class cloud::loadbalancer(
|
||||
# end of deprecation support
|
||||
|
||||
# Fail if OpenStack and Galera VIP are not in the VIP list
|
||||
if $vip_public_ip and !($vip_public_ip in $keepalived_public_ipvs_real) {
|
||||
if $vip_public_ip and !(member(any2array($keepalived_public_ipvs_real), $vip_public_ip)) {
|
||||
fail('vip_public_ip should be part of keepalived_public_ipvs.')
|
||||
}
|
||||
if $vip_internal_ip and !($vip_internal_ip in $keepalived_internal_ipvs) {
|
||||
if $vip_internal_ip and !(member(any2array($keepalived_internal_ipvs),$vip_internal_ip)) {
|
||||
fail('vip_internal_ip should be part of keepalived_internal_ipvs.')
|
||||
}
|
||||
if $galera_ip and !(($galera_ip in $keepalived_public_ipvs_real) or ($galera_ip in $keepalived_internal_ipvs)) {
|
||||
if $galera_ip and !((member(any2array($keepalived_public_ipvs_real),$galera_ip)) or (member(any2array($keepalived_internal_ipvs),$galera_ip))) {
|
||||
fail('galera_ip should be part of keepalived_public_ipvs or keepalived_internal_ipvs.')
|
||||
}
|
||||
|
||||
@ -289,7 +289,7 @@ class cloud::loadbalancer(
|
||||
notify_backup => '"/etc/init.d/haproxy stop"',
|
||||
}
|
||||
|
||||
if $keepalived_internal_ipvs {
|
||||
if !empty($keepalived_internal_ipvs) {
|
||||
if ! $keepalived_vrrp_interface {
|
||||
$keepalived_vrrp_interface_internal = $keepalived_internal_interface
|
||||
} else {
|
||||
@ -484,7 +484,7 @@ class cloud::loadbalancer(
|
||||
bind_options => $horizon_ssl_bind_options,
|
||||
}
|
||||
|
||||
if ($galera_ip in $keepalived_public_ipvs_real) {
|
||||
if (member(any2array($keepalived_public_ipvs_real), $galera_ip)) {
|
||||
warning('Exposing Galera cluster to public network is a security issue.')
|
||||
}
|
||||
haproxy::listen { 'galera_cluster':
|
||||
|
||||
@ -49,7 +49,7 @@ define cloud::loadbalancer::binding (
|
||||
$listen_ip_real = $all_vip_array
|
||||
} else {
|
||||
# when binding is specified in parameter
|
||||
if ($ip in $all_vip_array) {
|
||||
if (member($all_vip_array, $ip)) {
|
||||
$listen_ip_real = $ip
|
||||
} else {
|
||||
fail("${ip} is not part of VIP pools.")
|
||||
|
||||
@ -22,7 +22,7 @@ define cloud::loadbalancer::listen_http(
|
||||
$httpchk = 'httpchk',
|
||||
$options = {},
|
||||
$bind_options = [],
|
||||
$listen_ip = '0.0.0.0') {
|
||||
$listen_ip = ['0.0.0.0']) {
|
||||
|
||||
$options_basic = {'mode' => 'http',
|
||||
'balance' => 'roundrobin',
|
||||
|
||||
@ -247,6 +247,23 @@ describe 'cloud::loadbalancer' do
|
||||
)}
|
||||
end
|
||||
|
||||
context 'configure OpenStack binding on IPv4 and IPv6 public ip' do
|
||||
before do
|
||||
params.merge!(
|
||||
:nova_api => true,
|
||||
:galera_ip => '172.16.0.1',
|
||||
:vip_public_ip => ['172.16.0.1', '2001:0db8:85a3:0000:0000:8a2e:0370:7334'],
|
||||
:vip_internal_ip => '192.168.0.1',
|
||||
:keepalived_public_ipvs => ['172.16.0.1', '172.16.0.2', '2001:0db8:85a3:0000:0000:8a2e:0370:7334'],
|
||||
:keepalived_internal_ipvs => ['192.168.0.1', '192.168.0.2']
|
||||
)
|
||||
end
|
||||
it { should contain_haproxy__listen('nova_api_cluster').with(
|
||||
:ipaddress => ['172.16.0.1', '2001:0db8:85a3:0000:0000:8a2e:0370:7334', '192.168.0.1'],
|
||||
:ports => '8774'
|
||||
)}
|
||||
end
|
||||
|
||||
context 'disable an OpenStack service binding' do
|
||||
before do
|
||||
params.merge!(:metadata_api => false)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user