stackforge/puppet-openstack-cloud
Code Issues Proposed changes
puppet-openstack-cloud/manifests/loadbalancer.pp
Emilien Macchi 77d0da8b8c lb: fix lint
2014-05-06 09:08:32 +02:00

238 lines
7.4 KiB
Puppet
Raw Blame History

#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# HAproxy nodes
#
class cloud::loadbalancer(
$swift_api = true,
$ceilometer_api = true,
$cinder_api = true,
$glance_api = true,
$glance_registry = true,
$neutron_api = true,
$heat_api = true,
$heat_cfn_api = true,
$heat_cloudwatch_api = true,
$nova_api = true,
$ec2_api = true,
$metadata_api = true,
$keystone_api_admin = true,
$keystone_api = true,
$horizon = true,
$horizon_ssl = false,
$spice = true,
$haproxy_auth = 'admin:changeme',
$keepalived_state = 'BACKUP',
$keepalived_priority = 50,
$keepalived_interface = 'eth0',
$keepalived_ipvs = ['127.0.0.1'],
$keepalived_localhost_ip = '127.0.0.1',
$ks_cinder_public_port = 8776,
$ks_ceilometer_public_port = 8777,
$ks_ec2_public_port = 8773,
$ks_glance_api_public_port = 9292,
$ks_glance_registry_internal_port = 9191,
$ks_heat_public_port = 8004,
$ks_heat_cfn_public_port = 8000,
$ks_heat_cloudwatch_public_port = 8003,
$ks_keystone_admin_port = 35357,
$ks_keystone_public_port = 5000,
$ks_metadata_public_port = 8775,
$ks_neutron_public_port = 9696,
$ks_nova_public_port = 8774,
$ks_swift_public_port = 8080,
$horizon_port = 80,
$spice_port = 6082,
$vip_public_ip = '127.0.0.2',
$galera_ip = '127.0.0.1'
){
# Ensure Keepalived is started before HAproxy to avoid binding errors.
class { 'keepalived': } ->
class { 'haproxy': }
keepalived::vrrp_script { 'haproxy':
name_is_process => true
}
keepalived::instance { '1':
interface => $keepalived_interface,
virtual_ips => unique(split(join(flatten([$keepalived_ipvs, ['']]), " dev ${keepalived_interface},"), ',')),
state => $keepalived_state,
track_script => ['haproxy'],
priority => $keepalived_priority,
notify_master => '"/etc/init.d/haproxy start"',
notify_backup => '"/etc/init.d/haproxy stop"',
}
file { '/etc/logrotate.d/haproxy':
ensure => file,
source => 'puppet:///modules/cloud/logrotate/haproxy',
owner => root,
group => root,
mode => '0644';
}
haproxy::listen { 'monitor':
ipaddress => $vip_public_ip,
ports => '9300',
options => {
'mode' => 'http',
'monitor-uri' => '/status',
'stats' => ['enable','uri /admin','realm Haproxy\ Statistics',"auth ${haproxy_auth}", 'refresh 5s' ],
'' => template('cloud/loadbalancer/monitor.erb'),
}
}
if $keystone_api {
cloud::loadbalancer::listen_http {
'keystone_api_cluster':
ports => $ks_keystone_public_port,
listen_ip => $vip_public_ip;
'keystone_api_admin_cluster':
ports => $ks_keystone_admin_port,
listen_ip => $vip_public_ip;
}
}
if $swift_api {
cloud::loadbalancer::listen_http{
'swift_api_cluster':
ports => $ks_swift_public_port,
httpchk => 'httpchk /healthcheck',
listen_ip => $vip_public_ip;
}
}
if $nova_api {
cloud::loadbalancer::listen_http{
'nova_api_cluster':
ports => $ks_nova_public_port,
listen_ip => $vip_public_ip;
}
}
if $ec2_api {
cloud::loadbalancer::listen_http{
'ec2_api_cluster':
ports => $ks_ec2_public_port,
listen_ip => $vip_public_ip;
}
}
if $metadata_api {
cloud::loadbalancer::listen_http{
'metadata_api_cluster':
ports => $ks_metadata_public_port,
listen_ip => $vip_public_ip;
}
}
if $spice {
cloud::loadbalancer::listen_http{
'spice_cluster':
ports => $spice_port,
listen_ip => $vip_public_ip,
httpchk => 'httpchk GET /';
}
}
if $glance_api {
cloud::loadbalancer::listen_http{
'glance_api_cluster':
ports => $ks_glance_api_public_port,
listen_ip => $vip_public_ip;
}
}
if $glance_registry {
cloud::loadbalancer::listen_http{
'glance_registry_cluster':
ports => $ks_glance_registry_internal_port,
listen_ip => $vip_public_ip;
}
}
if $neutron_api {
cloud::loadbalancer::listen_http{
'neutron_api_cluster':
ports => $ks_neutron_public_port,
listen_ip => $vip_public_ip;
}
}
if $cinder_api {
cloud::loadbalancer::listen_http{
'cinder_api_cluster':
ports => $ks_cinder_public_port,
listen_ip => $vip_public_ip;
}
}
if $ceilometer_api {
cloud::loadbalancer::listen_http{
'ceilometer_api_cluster':
ports => $ks_ceilometer_public_port,
listen_ip => $vip_public_ip;
}
}
if $heat_api {
cloud::loadbalancer::listen_http{
'heat_api_cluster':
ports => $ks_heat_public_port,
listen_ip => $vip_public_ip;
}
}
if $heat_cfn_api {
cloud::loadbalancer::listen_http{
'heat_api_cfn_cluster':
ports => $ks_heat_cfn_public_port,
listen_ip => $vip_public_ip;
}
}
if $heat_cloudwatch_api {
cloud::loadbalancer::listen_http{
'heat_api_cloudwatch_cluster':
ports => $ks_heat_cloudwatch_public_port,
listen_ip => $vip_public_ip;
}
}
if $horizon {
if $horizon_ssl {
cloud::loadbalancer::listen_https{
'horizon_cluster':
ports => $horizon_port,
listen_ip => $vip_public_ip;
}
} else {
# Horizon URL is not the same on Red Hat and Debian/Ubuntu
if $::operatingsystem == 'RedHat' {
$horizon_auth_url = 'dashboard'
} else {
$horizon_auth_url = 'horizon'
}
cloud::loadbalancer::listen_http{ 'horizon_cluster':
ports => $horizon_port,
httpchk => "httpchk GET \"/${horizon_auth_url} HTTP/1.0\r\nUser-Agent: HAProxy-${::hostname}\"",
options => { 'cookie' => 'sessionid prefix', 'balance' => 'leastconn' },
listen_ip => $vip_public_ip;
}
}
}
haproxy::listen { 'galera_cluster':
ipaddress => $galera_ip,
ports => 3306,
options => {
'mode' => 'tcp',
'balance' => 'roundrobin',
'option' => ['tcpka', 'tcplog', 'httpchk'], #httpchk mandatory expect 200 on port 9000
'timeout client' => '400s',
'timeout server' => '400s',
}
}
}
View Git Blame Copy Permalink