summaryrefslogtreecommitdiff
path: root/puppet/modules/haproxy/manifests
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-07-12 16:46:22 -0400
committerMicah <micah@leap.se>2016-07-12 16:46:22 -0400
commita658f5c30ada5e03468257f90d08f6cd2ba25488 (patch)
treefed00e79d5ae1b32ec7488e6a790c0a1467e6d9d /puppet/modules/haproxy/manifests
parent04279dd8d1390d61d696d2c14817199304ccd4d8 (diff)
git subrepo clone https://leap.se/git/puppet_haproxy puppet/modules/haproxy
subrepo: subdir: "puppet/modules/haproxy" merged: "af322a7" upstream: origin: "https://leap.se/git/puppet_haproxy" branch: "master" commit: "af322a7" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Iabf2dd01dc00acd7d886420968bda9aab7190770
Diffstat (limited to 'puppet/modules/haproxy/manifests')
-rw-r--r--puppet/modules/haproxy/manifests/balancermember.pp95
-rw-r--r--puppet/modules/haproxy/manifests/init.pp149
-rw-r--r--puppet/modules/haproxy/manifests/listen.pp95
-rw-r--r--puppet/modules/haproxy/manifests/params.pp65
4 files changed, 404 insertions, 0 deletions
diff --git a/puppet/modules/haproxy/manifests/balancermember.pp b/puppet/modules/haproxy/manifests/balancermember.pp
new file mode 100644
index 00000000..a0e27539
--- /dev/null
+++ b/puppet/modules/haproxy/manifests/balancermember.pp
@@ -0,0 +1,95 @@
+# == Define Resource Type: haproxy::balancermember
+#
+# This type will setup a balancer member inside a listening service
+# configuration block in /etc/haproxy/haproxy.cfg on the load balancer.
+# currently it only has the ability to specify the instance name,
+# ip address, port, and whether or not it is a backup. More features
+# can be added as needed. The best way to implement this is to export
+# this resource for all haproxy balancer member servers, and then collect
+# them on the main haproxy load balancer.
+#
+# === Requirement/Dependencies:
+#
+# Currently requires the ripienaar/concat module on the Puppet Forge and
+# uses storeconfigs on the Puppet Master to export/collect resources
+# from all balancer members.
+#
+# === Parameters
+#
+# [*name*]
+# The title of the resource is arbitrary and only utilized in the concat
+# fragment name.
+#
+# [*listening_service*]
+# The haproxy service's instance name (or, the title of the
+# haproxy::listen resource). This must match up with a declared
+# haproxy::listen resource.
+#
+# [*ports*]
+# An array or commas-separated list of ports for which the balancer member
+# will accept connections from the load balancer. Note that cookie values
+# aren't yet supported, but shouldn't be difficult to add to the
+# configuration. If you use an array in server_names and ipaddresses, the
+# same port is used for all balancermembers.
+#
+# [*server_names*]
+# The name of the balancer member server as known to haproxy in the
+# listening service's configuration block. This defaults to the
+# hostname. Can be an array of the same length as ipaddresses,
+# in which case a balancermember is created for each pair of
+# server_names and ipaddresses (in lockstep).
+#
+# [*ipaddresses*]
+# The ip address used to contact the balancer member server.
+# Can be an array, see documentation to server_names.
+#
+# [*options*]
+# An array of options to be specified after the server declaration
+# in the listening service's configuration block.
+#
+#
+# === Examples
+#
+# Exporting the resource for a balancer member:
+#
+# @@haproxy::balancermember { 'haproxy':
+# listening_service => 'puppet00',
+# ports => '8140',
+# server_names => $::hostname,
+# ipaddresses => $::ipaddress,
+# options => 'check',
+# }
+#
+#
+# Collecting the resource on a load balancer
+#
+# Haproxy::Balancermember <<| listening_service == 'puppet00' |>>
+#
+# Creating the resource for multiple balancer members at once
+# (for single-pass installation of haproxy without requiring a first
+# pass to export the resources if you know the members in advance):
+#
+# haproxy::balancermember { 'haproxy':
+# listening_service => 'puppet00',
+# ports => '8140',
+# server_names => ['server01', 'server02'],
+# ipaddresses => ['192.168.56.200', '192.168.56.201'],
+# options => 'check',
+# }
+#
+# (this resource can be declared anywhere)
+#
+define haproxy::balancermember (
+ $listening_service,
+ $ports,
+ $server_names = $::hostname,
+ $ipaddresses = $::ipaddress,
+ $options = ''
+) {
+ # Template uses $ipaddresses, $server_name, $ports, $option
+ concat::fragment { "${listening_service}_balancermember_${name}":
+ order => "20-${listening_service}-${name}",
+ target => '/etc/haproxy/haproxy.cfg',
+ content => template('haproxy/haproxy_balancermember.erb'),
+ }
+}
diff --git a/puppet/modules/haproxy/manifests/init.pp b/puppet/modules/haproxy/manifests/init.pp
new file mode 100644
index 00000000..b91591a3
--- /dev/null
+++ b/puppet/modules/haproxy/manifests/init.pp
@@ -0,0 +1,149 @@
+# == Class: haproxy
+#
+# A Puppet module, using storeconfigs, to model an haproxy configuration.
+# Currently VERY limited - Pull requests accepted!
+#
+# === Requirement/Dependencies:
+#
+# Currently requires the ripienaar/concat module on the Puppet Forge and
+# uses storeconfigs on the Puppet Master to export/collect resources
+# from all balancer members.
+#
+# === Parameters
+#
+# [*enable*]
+# Chooses whether haproxy should be installed or ensured absent.
+# Currently ONLY accepts valid boolean true/false values.
+#
+# [*version*]
+# Allows you to specify what version of the package to install.
+# Default is simply 'present'
+#
+# [*global_options*]
+# A hash of all the haproxy global options. If you want to specify more
+# than one option (i.e. multiple timeout or stats options), pass those
+# options as an array and you will get a line for each of them in the
+# resultant haproxy.cfg file.
+#
+# [*defaults_options*]
+# A hash of all the haproxy defaults options. If you want to specify more
+# than one option (i.e. multiple timeout or stats options), pass those
+# options as an array and you will get a line for each of them in the
+# resultant haproxy.cfg file.
+#
+#
+# === Examples
+#
+# class { 'haproxy':
+# enable => true,
+# global_options => {
+# 'log' => "${::ipaddress} local0",
+# 'chroot' => '/var/lib/haproxy',
+# 'pidfile' => '/var/run/haproxy.pid',
+# 'maxconn' => '4000',
+# 'user' => 'haproxy',
+# 'group' => 'haproxy',
+# 'daemon' => '',
+# 'stats' => 'socket /var/lib/haproxy/stats'
+# },
+# defaults_options => {
+# 'log' => 'global',
+# 'stats' => 'enable',
+# 'option' => 'redispatch',
+# 'retries' => '3',
+# 'timeout' => [
+# 'http-request 10s',
+# 'queue 1m',
+# 'connect 10s',
+# 'client 1m',
+# 'server 1m',
+# 'check 10s'
+# ],
+# 'maxconn' => '8000'
+# },
+# }
+#
+class haproxy (
+ $manage_service = true,
+ $enable = true,
+ $version = 'present',
+ $global_options = $haproxy::params::global_options,
+ $defaults_options = $haproxy::params::defaults_options
+) inherits haproxy::params {
+ include concat::setup
+
+ package { 'haproxy':
+ ensure => $enable ? {
+ true => $version,
+ false => absent,
+ },
+ name => 'haproxy',
+ }
+
+ if $enable {
+ concat { '/etc/haproxy/haproxy.cfg':
+ owner => '0',
+ group => '0',
+ mode => '0644',
+ require => Package['haproxy'],
+ notify => $manage_service ? {
+ true => Service['haproxy'],
+ false => undef,
+ },
+ }
+
+ # Simple Header
+ concat::fragment { '00-header':
+ target => '/etc/haproxy/haproxy.cfg',
+ order => '01',
+ content => "# This file managed by Puppet\n",
+ }
+
+ # Template uses $global_options, $defaults_options
+ concat::fragment { 'haproxy-base':
+ target => '/etc/haproxy/haproxy.cfg',
+ order => '10',
+ content => template('haproxy/haproxy-base.cfg.erb'),
+ }
+
+ if ($::osfamily == 'Debian') {
+ file { '/etc/default/haproxy':
+ content => 'ENABLED=1',
+ require => Package['haproxy'],
+ before => $manage_service ? {
+ true => Service['haproxy'],
+ false => undef,
+ },
+ }
+ }
+
+ file { $global_options['chroot']:
+ ensure => directory,
+ owner => $global_options['user'],
+ group => $global_options['group'],
+ mode => '0550',
+ require => Package['haproxy']
+ }
+
+ }
+
+ if $manage_service {
+ service { 'haproxy':
+ ensure => $enable ? {
+ true => running,
+ false => stopped,
+ },
+ enable => $enable ? {
+ true => true,
+ false => false,
+ },
+ name => 'haproxy',
+ hasrestart => true,
+ hasstatus => true,
+ require => [
+ Concat['/etc/haproxy/haproxy.cfg'],
+ File[$global_options['chroot']],
+ ],
+ }
+ }
+}
diff --git a/puppet/modules/haproxy/manifests/listen.pp b/puppet/modules/haproxy/manifests/listen.pp
new file mode 100644
index 00000000..00636e3d
--- /dev/null
+++ b/puppet/modules/haproxy/manifests/listen.pp
@@ -0,0 +1,95 @@
+# == Define Resource Type: haproxy::listen
+#
+# This type will setup a listening service configuration block inside
+# the haproxy.cfg file on an haproxy load balancer. Each listening service
+# configuration needs one or more load balancer member server (that can be
+# declared with the haproxy::balancermember defined resource type). Using
+# storeconfigs, you can export the haproxy::balancermember resources on all
+# load balancer member servers, and then collect them on a single haproxy
+# load balancer server.
+#
+# === Requirement/Dependencies:
+#
+# Currently requires the ripienaar/concat module on the Puppet Forge and
+# uses storeconfigs on the Puppet Master to export/collect resources
+# from all balancer members.
+#
+# === Parameters
+#
+# [*name*]
+# The namevar of the defined resource type is the listening service's name.
+# This name goes right after the 'listen' statement in haproxy.cfg
+#
+# [*ports*]
+# Ports on which the proxy will listen for connections on the ip address
+# specified in the virtual_ip parameter. Accepts either a single
+# comma-separated string or an array of strings which may be ports or
+# hyphenated port ranges.
+#
+# [*ipaddress*]
+# The ip address the proxy binds to. Empty addresses, '*', and '0.0.0.0'
+# mean that the proxy listens to all valid addresses on the system.
+#
+# [*mode*]
+# The mode of operation for the listening service. Valid values are 'tcp',
+# HTTP', and 'health'.
+#
+# [*options*]
+# A hash of options that are inserted into the listening service
+# configuration block.
+#
+# [*collect_exported*]
+# Boolean, default 'true'. True means 'collect exported @@balancermember resources'
+# (for the case when every balancermember node exports itself), false means
+# 'rely on the existing declared balancermember resources' (for the case when you
+# know the full set of balancermembers in advance and use haproxy::balancermember
+# with array arguments, which allows you to deploy everything in 1 run)
+#
+#
+# === Examples
+#
+# Exporting the resource for a balancer member:
+#
+# haproxy::listen { 'puppet00':
+# ipaddress => $::ipaddress,
+# ports => '18140',
+# mode => 'tcp',
+# options => {
+# 'option' => [
+# 'tcplog',
+# 'ssl-hello-chk'
+# ],
+# 'balance' => 'roundrobin'
+# },
+# }
+#
+# === Authors
+#
+# Gary Larizza <gary@puppetlabs.com>
+#
+define haproxy::listen (
+ $ports,
+ $ipaddress = [$::ipaddress],
+ $mode = 'tcp',
+ $collect_exported = true,
+ $options = {
+ 'option' => [
+ 'tcplog',
+ 'ssl-hello-chk'
+ ],
+ 'balance' => 'roundrobin'
+ }
+) {
+ # Template uses: $name, $ipaddress, $ports, $options
+ concat::fragment { "${name}_listen_block":
+ order => "20-${name}-00",
+ target => '/etc/haproxy/haproxy.cfg',
+ content => template('haproxy/haproxy_listen_block.erb'),
+ }
+
+ if $collect_exported {
+ Haproxy::Balancermember <<| listening_service == $name |>>
+ }
+ # else: the resources have been created and they introduced their
+ # concat fragments. We don't have to do anything about them.
+}
diff --git a/puppet/modules/haproxy/manifests/params.pp b/puppet/modules/haproxy/manifests/params.pp
new file mode 100644
index 00000000..53442ddc
--- /dev/null
+++ b/puppet/modules/haproxy/manifests/params.pp
@@ -0,0 +1,65 @@
+# == Class: haproxy::params
+#
+# This is a container class holding default parameters for for haproxy class.
+# currently, only the Redhat family is supported, but this can be easily
+# extended by changing package names and configuration file paths.
+#
+class haproxy::params {
+ case $osfamily {
+ Redhat: {
+ $global_options = {
+ 'log' => "${::ipaddress} local0",
+ 'chroot' => '/var/lib/haproxy',
+ 'pidfile' => '/var/run/haproxy.pid',
+ 'maxconn' => '4000',
+ 'user' => 'haproxy',
+ 'group' => 'haproxy',
+ 'daemon' => '',
+ 'stats' => 'socket /var/lib/haproxy/stats'
+ }
+ $defaults_options = {
+ 'log' => 'global',
+ 'stats' => 'enable',
+ 'option' => 'redispatch',
+ 'retries' => '3',
+ 'timeout' => [
+ 'http-request 10s',
+ 'queue 1m',
+ 'connect 10s',
+ 'client 1m',
+ 'server 1m',
+ 'check 10s',
+ ],
+ 'maxconn' => '8000'
+ }
+ }
+ Debian: {
+ $global_options = {
+ 'log' => "${::ipaddress} local0",
+ 'chroot' => '/var/lib/haproxy',
+ 'pidfile' => '/var/run/haproxy.pid',
+ 'maxconn' => '4000',
+ 'user' => 'haproxy',
+ 'group' => 'haproxy',
+ 'daemon' => '',
+ 'stats' => 'socket /var/lib/haproxy/stats'
+ }
+ $defaults_options = {
+ 'log' => 'global',
+ 'stats' => 'enable',
+ 'option' => 'redispatch',
+ 'retries' => '3',
+ 'timeout' => [
+ 'http-request 10s',
+ 'queue 1m',
+ 'connect 10s',
+ 'client 1m',
+ 'server 1m',
+ 'check 10s',
+ ],
+ 'maxconn' => '8000'
+ }
+ }
+ default: { fail("The $::osfamily operating system is not supported with the haproxy module") }
+ }
+}