Merge "Update HAProxy for multi-OS support"

2016-05-31 14:07:09 +00:00 · 2016-05-31 14:07:09 +00:00 · 61339f1e9d
commit 61339f1e9d
parent 336d8daead 8ae51276c4
18 changed files with 338 additions and 286 deletions
--- a/playbooks/roles/haproxy_server/defaults/main.yml
+++ b/playbooks/roles/haproxy_server/defaults/main.yml
@ -13,41 +13,18 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # Defines that the role will be deployed on a host machine
 is_metal: true
 ## APT Cache options
 cache_timeout: 600
 haproxy_apt_repo_url: "http://ppa.launchpad.net/vbernat/haproxy-1.5/ubuntu"
 haproxy_apt_repo:
  repo: "deb {{ haproxy_apt_repo_url }} {{ ansible_distribution_release }} main"
  state: "present"
 # Haproxy GPG Keys
 haproxy_gpg_keys:
  - key_name: 'haproxy'
    keyserver: 'hkp://keyserver.ubuntu.com:80'
    fallback_keyserver: 'hkp://p80.pool.sks-keyservers.net:80'
    hash_id: '0xcffb779aadc995e4f350a060505d97a41c61b9cd'
 haproxy_pre_apt_packages:
  - python-software-properties
  - software-properties-common
  - debconf-utils
 haproxy_apt_packages:
  - haproxy
  - hatop
  - rsyslog  # Used for local logging
  - vim-haproxy
  - psmisc
 ## Haproxy Configuration
 haproxy_rise: 3
 haproxy_fall: 3
 haproxy_interval: 12000
 ## Haproxy standard API
 haproxy_repo: {}
 haproxy_gpg_keys: []
 haproxy_pre_packages: []
 haproxy_packages: []
 haproxy_pinned_packages: []
 ## Haproxy Stats
 haproxy_stats_enabled: False
 haproxy_stats_bind_address: 127.0.0.1
@ -84,3 +61,5 @@ haproxy_ssl_pem: /etc/ssl/private/haproxy.pem
 haproxy_ssl_ca_cert: /etc/ssl/certs/haproxy-ca.pem
 haproxy_ssl_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT/CN={{ external_lb_vip_address }}/subjectAltName=IP.1={{ external_lb_vip_address }}"
 haproxy_ssl_cipher_suite: "{{ ssl_cipher_suite }}"
 haproxy_hatop_download_url: "http://hatop.googlecode.com/files/hatop-0.7.7.tar.gz"
--- a/playbooks/roles/haproxy_server/files/haproxy.default
+++ b/playbooks/roles/haproxy_server/files/haproxy.default
@ -1,8 +1,2 @@
 # Set ENABLED to 1 if you want the init script to start haproxy.
 ENABLED=1
 # Add extra flags here.
 #EXTRAOPTS="-de -m 16"
 # Conf.d style configuration dir. Init script has been hacked to support this.
 CONFIG_DIR=/etc/haproxy/conf.d
--- a/playbooks/roles/haproxy_server/files/haproxy.sh
+++ b/playbooks/roles/haproxy_server/files/haproxy.sh
@ -1,171 +0,0 @@
 #!/bin/sh
 ### BEGIN INIT INFO
 # Provides:          haproxy
 # Required-Start:    $local_fs $network $remote_fs
 # Required-Stop:     $local_fs $remote_fs
 # Default-Start:     2 3 4 5
 # Default-Stop:      0 1 6
 # Short-Description: fast and reliable load balancing reverse proxy
 # Description:       This file should be used to start and stop haproxy.
 ### END INIT INFO
 # Author: Arnaud Cornet <acornet@debian.org>
 PATH=/sbin:/usr/sbin:/bin:/usr/bin
 PIDFILE=/var/run/haproxy.pid
 CONFIG=/etc/haproxy/haproxy.cfg
 HAPROXY=/usr/sbin/haproxy
 EXTRAOPTS=
 ENABLED=0
 test -x $HAPROXY || exit 0
 if [ -e /etc/default/haproxy ]; then
        . /etc/default/haproxy
 fi
 test -f "$CONFIG" || exit 0
 test "$ENABLED" != "0" || exit 0
 [ -f /etc/default/rcS ] && . /etc/default/rcS
 . /lib/lsb/init-functions
 CONFIG_DIR_FILES=""
 if [ ! -z "$CONFIG_DIR" ]; then
  for file in $CONFIG_DIR/*; do
    CONFIG_DIR_FILES="$CONFIG_DIR_FILES -f $file"
  done
 fi
 haproxy_start()
 {
        start-stop-daemon --start --pidfile "$PIDFILE" \
                --exec $HAPROXY -- -f "$CONFIG" $CONFIG_DIR_FILES -D -p "$PIDFILE" \
                $EXTRAOPTS || return 2
        return 0
 }
 haproxy_stop()
 {
        if [ ! -f $PIDFILE ] ; then
                # This is a success according to LSB
                return 0
        fi
        for pid in $(cat $PIDFILE) ; do
                /bin/kill $pid || return 4
        done
        rm -f $PIDFILE
        return 0
 }
 haproxy_reload()
 {
        $HAPROXY -f "$CONFIG" $CONFIG_DIR_FILES -p $PIDFILE -D $EXTRAOPTS -sf $(cat $PIDFILE) \
                || return 2
        return 0
 }
 haproxy_status()
 {
        if [ ! -f $PIDFILE ] ; then
                # program not running
                return 3
        fi
        for pid in $(cat $PIDFILE) ; do
                if ! ps --no-headers p "$pid" | grep haproxy > /dev/null ; then
                        # program running, bogus pidfile
                        return 1
                fi
        done
        return 0
 }
 case "$1" in
 start)
        log_daemon_msg "Starting haproxy" "haproxy"
        haproxy_start
        ret=$?
        case "$ret" in
        0)
                log_end_msg 0
                ;;
        1)
                log_end_msg 1
                echo "pid file '$PIDFILE' found, haproxy not started."
                ;;
        2)
                log_end_msg 1
                ;;
        esac
        exit $ret
        ;;
 stop)
        log_daemon_msg "Stopping haproxy" "haproxy"
        haproxy_stop
        ret=$?
        case "$ret" in
        0|1)
                log_end_msg 0
                ;;
        2)
                log_end_msg 1
                ;;
        esac
        exit $ret
        ;;
 reload|force-reload)
        log_daemon_msg "Reloading haproxy" "haproxy"
        haproxy_reload
        ret=$?
        case "$ret" in
        0|1)
                log_end_msg 0
                ;;
        2)
                log_end_msg 1
                ;;
        esac
        exit $ret
        ;;
 restart)
        log_daemon_msg "Restarting haproxy" "haproxy"
        haproxy_stop
        haproxy_start
        ret=$?
        case "$ret" in
        0)
                log_end_msg 0
                ;;
        1)
                log_end_msg 1
                ;;
        2)
                log_end_msg 1
                ;;
        esac
        exit $ret
        ;;
 status)
        haproxy_status
        ret=$?
        case "$ret" in
        0)
                echo "haproxy is running."
                ;;
        1)
                echo "haproxy dead, but $PIDFILE exists."
                ;;
        *)
                echo "haproxy not running."
                ;;
        esac
        exit $ret
        ;;
 *)
        echo "Usage: /etc/init.d/haproxy {start|stop|reload|restart|status}"
        exit 2
        ;;
 esac
--- a/playbooks/roles/haproxy_server/meta/main.yml
+++ b/playbooks/roles/haproxy_server/meta/main.yml
@ -23,10 +23,20 @@ galaxy_info:
    - name: Ubuntu
      versions:
        - trusty
        - xenial
    - name: EL
      versions:
        - 7
  categories:
    - cloud
    - python
    - development
    - openstack
 dependencies:
-  - apt_package_pinning
+  - role: apt_package_pinning
    apt_pinned_packages: [{ package: "*", release: LP-PPA-vbernat-haproxy-1.5, priority: "1001" }]
    apt_package_pinning_file_name: "haproxy_pin.pref"
    when:
      - ansible_pkg_mgr == 'apt'
      - haproxy_ssl | bool
      - ansible_distribution_version | version_compare('16.04', '<')
--- a/playbooks/roles/haproxy_server/tasks/haproxy_add_ppa_repo.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_add_ppa_repo.yml
@ -13,6 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # NOTE(cloudnull) This file can be removed when we drop 14.04 support
 #TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
 #when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
 #in 1.9.x or we move to 2.0 (if tested working)
@ -38,7 +40,7 @@
  until: install_packages|success
  retries: 5
  delay: 2
-  with_items: haproxy_pre_apt_packages
+  with_items: "{{ haproxy_pre_packages }}"
  tags:
    - haproxy-pre-apt-packages
@ -54,7 +56,7 @@
  ignore_errors: True
  retries: 5
  delay: 2
-  with_items: haproxy_gpg_keys
+  with_items: "{{ haproxy_gpg_keys }}"
  tags:
    - haproxy-apt-keys
@ -68,25 +70,18 @@
  until: add_keys_fallback|success
  retries: 5
  delay: 2
-  with_items: haproxy_gpg_keys
+  with_items: "{{ haproxy_gpg_keys }}"
  when: add_keys|failed and (item.fallback_keyserver is defined or item.fallback_url is defined)
  tags:
    - haproxy-apt-keys
 - name: Drop haproxy repo pin
  template:
    src: "haproxy_pin.pref.j2"
    dest: "/etc/apt/preferences.d/haproxy_pin.pref"
    owner: "root"
    group: "root"
    mode: "0644"
  tags:
    - haproxy-repo-pin
 - name: Add haproxy repo(s)
  apt_repository:
-    repo: "{{ haproxy_apt_repo.repo }}"
+    repo: "{{ haproxy_repo.repo }}"
-    state: "{{ haproxy_apt_repo.state }}"
+    state: "{{ haproxy_repo.state }}"
  when:
    - haproxy_repo.repo is defined
    - haproxy_repo.state is defined
  register: add_repos
  until: add_repos|success
  retries: 5
--- a/playbooks/roles/haproxy_server/tasks/haproxy_install.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_install.yml
@ -13,54 +13,27 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
-#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
+- include: haproxy_install_apt.yml
-#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
+  when:
-#in 1.9.x or we move to 2.0 (if tested working)
+    - ansible_pkg_mgr == 'apt'
 - name: Check apt last update file
  stat:
    path: /var/cache/apt
  register: apt_cache_stat
  tags:
-    - haproxy-apt-packages
+    - install-apt
- name: Update apt if needed
+- include: haproxy_install_yum.yml
-  apt:
+  when:
-    update_cache: yes
+    - ansible_pkg_mgr == 'yum'
  when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}"
  tags:
-    - haproxy-apt-packages
+    - install-yum
- name: Install HAProxy Packages
+- include: haproxy_install_hatop.yml
  apt:
    pkg: "{{ item }}"
    state: latest
  register: install_packages
  until: install_packages|success
  retries: 5
  delay: 2
  with_items: haproxy_apt_packages
  tags:
    - haproxy-apt-packages
- name: Replace haproxy DEFAULT file
+- name: Create haproxy conf.d dir
  copy:
    src: haproxy.default
    dest: /etc/default/haproxy
  tags:
    - haproxy-config
 - name: Replace haproxy init script to allow conf.d
  copy:
    src: haproxy.sh
    dest: /etc/init.d/haproxy
    mode: "0755"
  tags:
    - haproxy-config
 - name: Create haproxy conf.d
  file:
-    path: /etc/haproxy/conf.d
+    path: "{{ item.path }}"
    state: directory
-    recurse: yes
+    mode: "0755"
  with_items:
    - { path: "/etc/haproxy" }
    - { path: "/etc/haproxy/conf.d" }
  tags:
    - haproxy-config
--- a/playbooks/roles/haproxy_server/tasks/haproxy_install_apt.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_install_apt.yml
@ -0,0 +1,59 @@
 ---
 # Copyright 2016, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # NOTE(cloudnull) This can be removed when we drop 14.04 support
 - include: haproxy_add_ppa_repo.yml
  when:
    - haproxy_ssl | bool
    - ansible_distribution_version | version_compare('16.04', '<')
 #TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
 #when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
 #in 1.9.x or we move to 2.0 (if tested working)
 - name: Check apt last update file
  stat:
    path: /var/cache/apt
  register: apt_cache_stat
  tags:
    - haproxy-apt-packages
 - name: Update apt if needed
  apt:
    update_cache: yes
  when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}"
  tags:
    - haproxy-apt-packages
 - name: Install HAProxy Packages
  apt:
    pkg: "{{ item }}"
    state: latest
  register: install_packages
  until: install_packages|success
  retries: 5
  delay: 2
  with_items: haproxy_packages
  tags:
    - haproxy-apt-packages
 # NOTE(cloudnull) This can be removed when we drop 14.04 support
 - name: Replace haproxy DEFAULT file
  copy:
    src: haproxy.default
    dest: /etc/default/haproxy
  when:
    - ansible_distribution_version | version_compare('16.04', '<')
  tags:
    - haproxy-config
--- a/playbooks/roles/haproxy_server/tasks/haproxy_install_hatop.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_install_hatop.yml
@ -0,0 +1,36 @@
 ---
 # Copyright 2016, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 - name: Download HATop
  get_url:
    url: "{{ haproxy_hatop_download_url }}"
    dest: "/var/cache/{{ haproxy_hatop_download_url | basename }}"
    force: yes
 - name: Create HATop directory
  file:
    path: "/opt/{{ haproxy_hatop_download_url | basename | replace('.tar.gz', '') }}"
    state: directory
 - name: Unarchive HATop
  unarchive:
    src: "/var/cache/{{ haproxy_hatop_download_url | basename }}"
    dest: "/opt"
    copy: "no"
 - name: Install HATop
  command: "install -m 755 bin/hatop /usr/local/bin"
  args:
    chdir: "/opt/{{ haproxy_hatop_download_url | basename | replace('.tar.gz', '') }}"
--- a/playbooks/roles/haproxy_server/tasks/haproxy_install_yum.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_install_yum.yml
@ -0,0 +1,26 @@
 ---
 # Copyright 2016, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 - name: Install yum packages
  yum:
    pkg: "{{ item }}"
    state: present
  register: install_packages
  until: install_packages|success
  retries: 5
  delay: 2
  with_items: haproxy_packages
  tags:
    - haproxy-yum-packages
--- a/playbooks/roles/haproxy_server/tasks/haproxy_post_install.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_post_install.yml
@ -20,25 +20,42 @@
    sysctl_set: yes
    state: present
  when: haproxy_bind_on_non_local | bool
  tags:
    - haproxy-base-config
    - haproxy-config
 - name: Drop base haproxy config
  template:
-    src: "{{ item }}"
+    src: "haproxy.cfg.j2"
-    dest: "/etc/haproxy/haproxy.cfg"
+    dest: "/etc/haproxy/conf.d/00-haproxy"
  with_items:
    - haproxy.cfg.j2
  notify: Restart haproxy
  tags:
    - haproxy-base-config
    - haproxy-config
 - name: Drop haproxy logging config
  copy:
-    src: "{{ item }}"
+    src: "haproxy-logging.cfg"
    dest: "/etc/rsyslog.d/99-haproxy-local-logging.conf"
  with_items:
    - haproxy-logging.cfg
  notify: Restart rsyslog
  tags:
    - haproxy-base-config
    - haproxy-config
 - include: haproxy_service_config.yml
 - name: Regenerate haproxy configuration
  assemble:
    src: "/etc/haproxy/conf.d"
    dest: "/etc/haproxy/haproxy.cfg"
  notify: Restart haproxy
  tags:
    - haproxy-base-config
    - haproxy-config
 - name: Enable haproxy services
  service:
    name: "haproxy"
    enabled: "yes"
  tags:
    - haproxy-config
--- a/playbooks/roles/haproxy_server/tasks/haproxy_pre_install.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_pre_install.yml
@ -13,11 +13,41 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # NOTE(cloudnull):
 #  While the haproxy distro packages provide for an haproxy
 #  group this group is being created upfront to support
 #  log aggregation links as well as ensure common user
 #  functionality across various distros that we support.
 - name: Create the haproxy system group
  group:
    name: "haproxy"
    state: "present"
    system: "yes"
  tags:
    - haproxy-group
 # NOTE(cloudnull):
 #  While the haproxy distro packages provide for an haproxy
 #  user this user is being created upfront to support
 #  log aggregation links as well as ensure common user
 #  functionality across various distros that we support.
 - name: Create the haproxy system user
  user:
    name: "haproxy"
    group: "haproxy"
    comment: "haproxy user"
    shell: "/bin/false"
    system: "yes"
    createhome: "yes"
    home: "/var/lib/haproxy"
  tags:
    - haproxy-user
 - name: Test for log directory or link
  shell: |
    if [ -h "/var/log/haproxy"  ]; then
-      chown -h syslog:adm "/var/log/haproxy"
+      chown -h haproxy:adm "/var/log/haproxy"
-      chown -R syslog:adm "$(readlink /var/log/haproxy)"
+      chown -R haproxy:adm "$(readlink /var/log/haproxy)"
    else
      exit 1
    fi
@ -30,11 +60,9 @@
 - name: Create haproxy log dir
  file:
-    path: "{{ item.path }}"
+    path: "/var/log/haproxy"
    state: directory
-    mode: "{{ item.mode|default('0755') }}"
+    mode: "0755"
  with_items:
    - { path: "/var/log/haproxy" }
  when: log_dir | changed
  tags:
    - haproxy-dirs
--- a/playbooks/roles/haproxy_server/tasks/haproxy_ssl_configuration.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_ssl_configuration.yml
@ -42,6 +42,13 @@
  tags:
    - haproxy-ssl
 - name: Ensure the private ssl directory exists
  file:
    dest: "/etc/ssl/private"
    state: "directory"
  tags:
    - haproxy-ssl
 - name: Remove signed certs and keys for regen
  file:
    dest: "{{ haproxy_ssl_cert }}"
--- a/playbooks/roles/haproxy_server/tasks/main.yml
+++ b/playbooks/roles/haproxy_server/tasks/main.yml
@ -13,10 +13,17 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
- include: haproxy_pre_install.yml
+- name: Gather variables for each operating system
  include_vars: "{{ item }}"
  with_first_found:
    - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
    - "{{ ansible_distribution | lower }}.yml"
    - "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
    - "{{ ansible_os_family | lower }}.yml"
  tags:
    - always
- include: haproxy_add_ppa_repo.yml
+- include: haproxy_pre_install.yml
  when: haproxy_ssl | bool
 - include: haproxy_install.yml
--- a/playbooks/roles/haproxy_server/templates/haproxy_pin.pref.j2
+++ b/playbooks/roles/haproxy_server/templates/haproxy_pin.pref.j2
@ -1,5 +0,0 @@
 # {{ ansible_managed }}
 Package: *
 Pin: release o=LP-PPA-vbernat-haproxy-1.5
 Pin-Priority: 1001
--- a/playbooks/roles/haproxy_server/vars/redhat-7.yml
+++ b/playbooks/roles/haproxy_server/vars/redhat-7.yml
@ -0,0 +1,18 @@
 ---
 # Copyright 2016, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 haproxy_packages:
  - haproxy
  - rsyslog  # Used for local logging
--- a/playbooks/roles/haproxy_server/vars/ubuntu-14.04.yml
+++ b/playbooks/roles/haproxy_server/vars/ubuntu-14.04.yml
@ -0,0 +1,40 @@
 ---
 # Copyright 2016, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ## APT Cache options
 cache_timeout: 600
 haproxy_apt_repo_url: "http://ppa.launchpad.net/vbernat/haproxy-1.5/ubuntu"
 haproxy_repo:
  repo: "deb {{ haproxy_apt_repo_url }} {{ ansible_distribution_release }} main"
  state: "present"
 # Haproxy GPG Keys
 haproxy_gpg_keys:
  - key_name: 'haproxy'
    keyserver: 'hkp://keyserver.ubuntu.com:80'
    fallback_keyserver: 'hkp://p80.pool.sks-keyservers.net:80'
    hash_id: '0xcffb779aadc995e4f350a060505d97a41c61b9cd'
 haproxy_pre_packages:
  - python-software-properties
  - software-properties-common
  - debconf-utils
 haproxy_packages:
  - haproxy
  - rsyslog  # Used for local logging
  - vim-haproxy
  - psmisc
--- a/playbooks/roles/haproxy_server/vars/ubuntu-16.04.yml
+++ b/playbooks/roles/haproxy_server/vars/ubuntu-16.04.yml
@ -0,0 +1,28 @@
 ---
 # Copyright 2016, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ## APT Cache options
 cache_timeout: 600
 haproxy_pre_packages:
  - python-software-properties
  - software-properties-common
  - debconf-utils
 haproxy_packages:
  - haproxy
  - rsyslog  # Used for local logging
  - vim-haproxy
  - psmisc
--- a/releasenotes/notes/haproxy-centos-support-de39c19d6a89b6a5.yaml
+++ b/releasenotes/notes/haproxy-centos-support-de39c19d6a89b6a5.yaml
@ -0,0 +1,11 @@
 ---
 features:
  - CentOS 7 and Ubuntu 16.04 support have been added to the ``haproxy`` role.
  - The ``haproxy`` role installs *hatop* from source to ensure that the same operator
    tooling is available across all supported distributions. The download URL for
    the source can be set using the variable ``haproxy_hatop_download_url``.
 upgrade:
  - Within the ``haproxy`` role *hatop* has been changed from a package installation
    to a source-based installation. This has been done to ensure that the same operator
    tooling is available across all supported distributions. The download URL for
    the source can be set using the variable ``haproxy_hatop_download_url``.