From 3ea51cefe98a05ff9a27c60ecb13b89514eb2ea1 Mon Sep 17 00:00:00 2001
From: Jim Rollenhagen <jim@jimrollenhagen.com>
Date: Thu, 27 Dec 2018 12:18:15 -0500
Subject: [PATCH] Allow separate listen port in haproxy-config templates

This allows a service to pass in a different listening port than haproxy
listens on for the service. This allows haproxy to live on the same
network interface as the services, and will be used by services in
subsequent changes.

Change-Id: Id1d2429a4c800628cb43e0fb7d2b69131e71ee1c
Implements: blueprint service-hostnames
---
 .../templates/haproxy_single_service_listen.cfg.j2  | 13 ++++++++-----
 .../templates/haproxy_single_service_split.cfg.j2   |  8 +++++---
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/ansible/roles/haproxy-config/templates/haproxy_single_service_listen.cfg.j2 b/ansible/roles/haproxy-config/templates/haproxy_single_service_listen.cfg.j2
index 0baa25cc80..528472616f 100644
--- a/ansible/roles/haproxy-config/templates/haproxy_single_service_listen.cfg.j2
+++ b/ansible/roles/haproxy-config/templates/haproxy_single_service_listen.cfg.j2
@@ -6,7 +6,8 @@ userlist {{ service_name }}-user
   user {{ auth_user }} insecure-password {{ auth_pass }}
 {% endmacro %}
 
-{%- macro listen_macro(service_name, service_port, service_mode, external,
+{%- macro listen_macro(service_name, service_port, listen_port,
+                       service_mode, external,
                        haproxy_http_extra, haproxy_tcp_extra, host_group,
                        custom_member_list, auth_user, auth_pass) %}
 listen {{ service_name }}
@@ -56,7 +57,7 @@ listen {{ service_name }}
                 {% set api_interface = "ansible_%s"|format(hostvars[host]['api_interface']) %}
                 {% set host_name = hostvars[host]['ansible_hostname'] %}
                 {% set host_ip = hostvars[host][api_interface]['ipv4']['address'] %}
-    server {{ host_name }} {{ host_ip }}:{{ service_port }} {{ haproxy_health_check }}
+    server {{ host_name }} {{ host_ip }}:{{ listen_port }} {{ haproxy_health_check }}
             {% endfor %}
         {% endif %}
     {% endif %}
@@ -69,6 +70,8 @@ listen {{ service_name }}
     {# Skip anything that is external when the external vip is not enabled #}
     {% if haproxy_service.enabled|bool and (not external or haproxy_enable_external_vip|bool)%}
         {# Here we define variables and their defaults #}
+        {# services can be listening on a different port than haproxy #}
+        {% set listen_port = haproxy_service.listen_port|default(haproxy_service.port) %}
         {# Custom member list can use jinja to generate a semicolon separated list #}
         {% set custom_member_list = haproxy_service.custom_member_list|default(none) %}
         {# Mode defaults to http #}
@@ -84,8 +87,8 @@ listen {{ service_name }}
         {% if auth_user and auth_pass %}
 {{ userlist_macro(haproxy_name, auth_user, auth_pass) }}
         {% endif %}
-{{ listen_macro(haproxy_name, haproxy_service.port, mode, external,
-                haproxy_http_extra, haproxy_tcp_extra, host_group,
-                custom_member_list, auth_user, auth_pass) }}
+{{ listen_macro(haproxy_name, haproxy_service.port, listen_port,
+                mode, external, haproxy_http_extra, haproxy_tcp_extra,
+                host_group, custom_member_list, auth_user, auth_pass) }}
     {% endif %}
 {%- endfor -%}
diff --git a/ansible/roles/haproxy-config/templates/haproxy_single_service_split.cfg.j2 b/ansible/roles/haproxy-config/templates/haproxy_single_service_split.cfg.j2
index f20418ebcb..6bd563f0ab 100644
--- a/ansible/roles/haproxy-config/templates/haproxy_single_service_split.cfg.j2
+++ b/ansible/roles/haproxy-config/templates/haproxy_single_service_split.cfg.j2
@@ -45,7 +45,7 @@ frontend {{ service_name }}_front
     {% endif %}
 {% endmacro %}
 
-{%- macro backend_macro(service_name, service_port, service_mode, host_group,
+{%- macro backend_macro(service_name, listen_port, service_mode, host_group,
                         custom_member_list, backend_http_extra,
                         backend_tcp_extra, auth_user, auth_pass) %}
 backend {{ service_name }}_back
@@ -77,7 +77,7 @@ backend {{ service_name }}_back
             {% set api_interface = "ansible_%s"|format(hostvars[host]['api_interface']) %}
             {% set host_name = hostvars[host]['ansible_hostname'] %}
             {% set host_ip = hostvars[host][api_interface]['ipv4']['address'] %}
-    server {{ host_name }} {{ host_ip }}:{{ service_port }} {{ haproxy_health_check }}
+    server {{ host_name }} {{ host_ip }}:{{ listen_port }} {{ haproxy_health_check }}
         {% endfor %}
     {% endif %}
 {% endmacro %}
@@ -89,6 +89,8 @@ backend {{ service_name }}_back
     {# Skip anything that is external when the external vip is not enabled #}
     {% if haproxy_service.enabled|bool and (not external or haproxy_enable_external_vip|bool)%}
         {# Here we define variables and their defaults #}
+        {# services can be listening on a different port than haproxy #}
+        {% set listen_port = haproxy_service.listen_port|default(haproxy_service.port) %}
         {# Custom member list can use jinja to generate a semicolon separated list #}
         {% set custom_member_list = haproxy_service.custom_member_list|default() %}
         {# Mode defaults to http #}
@@ -110,7 +112,7 @@ backend {{ service_name }}_back
                   frontend_http_extra, frontend_tcp_extra) }}
         {# Redirect (to https) is a special case, as it does not include a backend #}
         {% if haproxy_service.mode != 'redirect' %}
-{{ backend_macro(haproxy_name, haproxy_service.port, mode, host_group,
+{{ backend_macro(haproxy_name, listen_port, mode, host_group,
                  custom_member_list, backend_http_extra, backend_tcp_extra,
                  auth_user, auth_pass) }}
         {% endif %}