diff --git a/inventory/service/group_vars/gitea-lb.yaml b/inventory/service/group_vars/gitea-lb.yaml index 41780cc8e8..6b9f3d8d91 100644 --- a/inventory/service/group_vars/gitea-lb.yaml +++ b/inventory/service/group_vars/gitea-lb.yaml @@ -5,40 +5,56 @@ gitea_lb_listeners: servers: - name: 'gitea01.opendev.org' address: '38.108.68.172:3080' + check_method: 'check' - name: 'gitea02.opendev.org' address: '38.108.68.23:3080' + check_method: 'check' - name: 'gitea03.opendev.org' address: '38.108.68.110:3080' + check_method: 'check' - name: 'gitea04.opendev.org' address: '38.108.68.147:3080' + check_method: 'check' - name: 'gitea05.opendev.org' address: '38.108.68.131:3080' + check_method: 'check' - name: 'gitea06.opendev.org' address: '38.108.68.250:3080' + check_method: 'check' - name: 'gitea07.opendev.org' address: '38.108.68.134:3080' + check_method: 'check' - name: 'gitea08.opendev.org' address: '38.108.68.205:3080' + check_method: 'check' - name: balance_git_https bind: - ':::443' servers: - name: 'gitea01.opendev.org' address: '38.108.68.172:3081' + check_method: 'check-ssl verify none' - name: 'gitea02.opendev.org' address: '38.108.68.23:3081' + check_method: 'check-ssl verify none' - name: 'gitea03.opendev.org' address: '38.108.68.110:3081' + check_method: 'check-ssl verify none' - name: 'gitea04.opendev.org' address: '38.108.68.147:3081' + check_method: 'check-ssl verify none' - name: 'gitea05.opendev.org' address: '38.108.68.131:3081' + check_method: 'check-ssl verify none' - name: 'gitea06.opendev.org' address: '38.108.68.250:3081' + check_method: 'check-ssl verify none' - name: 'gitea07.opendev.org' address: '38.108.68.134:3081' + check_method: 'check-ssl verify none' - name: 'gitea08.opendev.org' address: '38.108.68.205:3081' + check_method: 'check-ssl verify none' iptables_extra_public_tcp_ports: - 443 - 80 diff --git a/playbooks/roles/gitea-lb/templates/gitea-haproxy.cfg.j2 b/playbooks/roles/gitea-lb/templates/gitea-haproxy.cfg.j2 index 200de378ba..916f39738a 100644 --- a/playbooks/roles/gitea-lb/templates/gitea-haproxy.cfg.j2 +++ b/playbooks/roles/gitea-lb/templates/gitea-haproxy.cfg.j2 @@ -27,10 +27,10 @@ listen {{ listener.name }} {% endfor %} mode tcp balance source - option tcp-check + option httpchk {% for server in listener.servers %} - server {{ server.name }} {{ server.address }} check + server {{ server.name }} {{ server.address }} {{ server.check_method }} {% endfor %} {% endfor %} diff --git a/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 b/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 index 9eb0f3f456..5b70eb3c8b 100644 --- a/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 +++ b/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 @@ -5,9 +5,11 @@ gitea_lb_listeners: servers: - name: "gitea99.opendev.org" address: "{{ (hostvars['gitea99.opendev.org'] | default({})).get('nodepool', {}).get('public_ipv4', '') }}:3080" + check_method: "check" - name: balance_git_https bind: - ":::443" servers: - name: "gitea99.opendev.org" address: "{{ (hostvars['gitea99.opendev.org'] | default({})).get('nodepool', {}).get('public_ipv4', '') }}:3000" + check_method: "check-ssl verify none"