From 8228b5ea1295e7cc99bfad7305fecf946a110dcd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rados=C5=82aw=20Piliszek?= <radoslaw.piliszek@gmail.com>
Date: Sun, 23 Aug 2020 20:33:51 +0200
Subject: [PATCH] Make keep-alive timeout configurable

Change-Id: Iffadcddfb70650cdf4c6c4d9ec3b7471d63f5ff8
Closes-Bug: #1892622
---
 ansible/roles/glance/defaults/main.yml          |  4 ++++
 .../glance/templates/glance-tls-proxy.cfg.j2    |  1 +
 ansible/roles/haproxy/defaults/main.yml         |  1 +
 .../roles/haproxy/templates/haproxy_main.cfg.j2 |  1 +
 .../notes/bug-1892622-c14ece962ec98632.yaml     | 17 +++++++++++++++++
 5 files changed, 24 insertions(+)
 create mode 100644 releasenotes/notes/bug-1892622-c14ece962ec98632.yaml

diff --git a/ansible/roles/glance/defaults/main.yml b/ansible/roles/glance/defaults/main.yml
index 98c0fb8da4..b91199663d 100644
--- a/ansible/roles/glance/defaults/main.yml
+++ b/ansible/roles/glance/defaults/main.yml
@@ -224,11 +224,15 @@ glance_tls_proxy_max_connections: 40000
 glance_tls_proxy_processes: 1
 glance_tls_proxy_process_cpu_map: "no"
 glance_tls_proxy_defaults_max_connections: 10000
+
+# Glance TLS proxy timeout values
 glance_tls_proxy_http_request_timeout: "10s"
+glance_tls_proxy_http_keep_alive_timeout: "10s"
 glance_tls_proxy_queue_timeout: "1m"
 glance_tls_proxy_connect_timeout: "10s"
 glance_tls_proxy_client_timeout: "{{ haproxy_glance_api_client_timeout}}"
 glance_tls_proxy_server_timeout: "{{ haproxy_glance_api_server_timeout }}"
 glance_tls_proxy_check_timeout: "10s"
+
 # Check http://www.haproxy.org/download/1.5/doc/configuration.txt for available options
 glance_tls_proxy_defaults_balance: "roundrobin"
diff --git a/ansible/roles/glance/templates/glance-tls-proxy.cfg.j2 b/ansible/roles/glance/templates/glance-tls-proxy.cfg.j2
index d58b00420d..ef86c225d2 100644
--- a/ansible/roles/glance/templates/glance-tls-proxy.cfg.j2
+++ b/ansible/roles/glance/templates/glance-tls-proxy.cfg.j2
@@ -21,6 +21,7 @@ defaults
     option redispatch
     retries 3
     timeout http-request {{ glance_tls_proxy_http_request_timeout }}
+    timeout http-keep-alive {{ glance_tls_proxy_http_keep_alive_timeout }}
     timeout queue {{ glance_tls_proxy_queue_timeout }}
     timeout connect {{ glance_tls_proxy_connect_timeout }}
     timeout client {{ glance_tls_proxy_client_timeout }}
diff --git a/ansible/roles/haproxy/defaults/main.yml b/ansible/roles/haproxy/defaults/main.yml
index 8e8769854c..9db1d9d03b 100644
--- a/ansible/roles/haproxy/defaults/main.yml
+++ b/ansible/roles/haproxy/defaults/main.yml
@@ -66,6 +66,7 @@ keepalived_extra_volumes: "{{ default_extra_volumes }}"
 
 # Default timeout values
 haproxy_http_request_timeout: "10s"
+haproxy_http_keep_alive_timeout: "10s"
 haproxy_queue_timeout: "1m"
 haproxy_connect_timeout: "10s"
 haproxy_client_timeout: "1m"
diff --git a/ansible/roles/haproxy/templates/haproxy_main.cfg.j2 b/ansible/roles/haproxy/templates/haproxy_main.cfg.j2
index 815fc05364..df25c2e55a 100644
--- a/ansible/roles/haproxy/templates/haproxy_main.cfg.j2
+++ b/ansible/roles/haproxy/templates/haproxy_main.cfg.j2
@@ -27,6 +27,7 @@ defaults
     option redispatch
     retries 3
     timeout http-request {{ haproxy_http_request_timeout }}
+    timeout http-keep-alive {{ haproxy_http_keep_alive_timeout }}
     timeout queue {{ haproxy_queue_timeout }}
     timeout connect {{ haproxy_connect_timeout }}
     timeout client {{ haproxy_client_timeout }}
diff --git a/releasenotes/notes/bug-1892622-c14ece962ec98632.yaml b/releasenotes/notes/bug-1892622-c14ece962ec98632.yaml
new file mode 100644
index 0000000000..b0ddcfa32e
--- /dev/null
+++ b/releasenotes/notes/bug-1892622-c14ece962ec98632.yaml
@@ -0,0 +1,17 @@
+---
+features:
+  - |
+    Makes it possible to set HAProxy's ``timeout http-keep-alive`` via
+    ``haproxy_http_keep_alive_timeout``. The default is 10s, like the
+    previous default that applied via ``haproxy_http_request_timeout``.
+    `LP#1892622 <https://launchpad.net/bugs/1892622>`__
+upgrade:
+  - |
+    HAProxy's ``timeout http-keep-alive`` is now set via
+    ``haproxy_http_keep_alive_timeout``. The default is 10s, like the
+    previous default that applied via ``haproxy_http_request_timeout``,
+    but the new variable does not follow the old one so might need customising
+    if the former was customised for keep-alive purposes.
+    Do note the two values do not have to have the same value and often do not.
+    Please read the linked record for background.
+    `LP#1892622 <https://launchpad.net/bugs/1892622>`__