tripleo_haproxy¶
About The Role¶
An Ansible role to check if the HAProxy configuration has recommended
values.
Requirements¶
This role requires and Up and Running Overcloud.
Dependencies¶
None.
Example Playbook¶
- hosts: undercloud
roles:
- { role: tripleo_haproxy }
License¶
Apache
Full Description¶
Role Documentation¶
Welcome to the “tripleo_haproxy” role documentation.
Role Defaults¶
This section highlights all of the defaults and variables set within the “tripleo_haproxy” role.
defaults_maxconn_min: 4096
defaults_timeout_check: 10s
defaults_timeout_client: 2m
defaults_timeout_queue: 2m
defaults_timeout_server: 2m
global_maxconn_min: 20480
haproxy_config_file: /var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg
Molecule Scenarios¶
Molecule is being used to test the “tripleo_haproxy” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.
Scenario: default¶
Example default configuration¶
driver:
name: podman
log: true
platforms:
- dockerfile: ../../../../.config/molecule/Dockerfile
environment:
http_proxy: '{{ lookup(''env'', ''http_proxy'') }}'
https_proxy: '{{ lookup(''env'', ''https_proxy'') }}'
hostname: centos
image: centos/centos:stream8
name: centos
pkg_extras: python*-setuptools python*-pyyaml
privileged: true
registry:
url: quay.io
ulimits:
- host
volumes:
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
provisioner:
env:
ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-/usr/share/ansible/plugins/modules}
ANSIBLE_ROLES_PATH: ${ANSIBLE_ROLES_PATH}:${HOME}/zuul-jobs/roles
ANSIBLE_STDOUT_CALLBACK: yaml
inventory:
hosts:
all:
hosts:
centos:
ansible_python_interpreter: /usr/bin/python3
log: true
name: ansible
options:
vvv: true
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- verify
- destroy
verifier:
name: ansible
Molecule Inventory¶
hosts:
all:
hosts:
centos:
ansible_python_interpreter: /usr/bin/python3
Example default playbook¶
- gather_facts: false
hosts: all
name: Converge
tasks:
- copy:
content: "# This file managed by Puppet\nglobal\n daemon\n group haproxy\n\
\ log /dev/log local0\n maxconn 100\n pidfile /var/run/haproxy.pid\n\
\ ssl-default-bind-ciphers !SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES\n\
\ ssl-default-bind-options no-sslv3 no-tlsv10\n stats socket /var/lib/haproxy/stats\
\ mode 600 level user\n stats timeout 1s\n user haproxy\n\ndefaults\n\
\ log global\n maxconn 100\n mode tcp\n retries 1\n timeout http-request\
\ 1s\n timeout queue 1s\n timeout connect 1s\n timeout client 1s\n \
\ timeout server 2m\n timeout check 10s\n"
dest: /haproxy.cfg
name: create haproxy config file
- block:
- include_role:
name: tripleo_haproxy
rescue:
- meta: clear_host_errors
name: Clear host errors
- debug:
msg: The validation works! End the playbook run
- meta: end_play
name: End play
- fail:
msg: 'The haproxy role should have detected issues within haproxy
configuration file!
'
name: Fail the test
vars:
haproxy_config_file: /haproxy.cfg
