Merge "Fix tripleo::haproxy::stats to be more correct and flexible"

2019-05-30 16:48:15 +00:00 · 2019-05-30 16:48:15 +00:00 · 935e5c4f37
commit 935e5c4f37
parent c6858e7a1c e76519d2c8
2 changed files with 22 additions and 9 deletions
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@ -113,6 +113,12 @@
 #  A string.
 #  Defaults to undef
 #
+# [*haproxy_stats_bind_address*]
+#  Bind address for where the haproxy stats web interface should listen on in addition
+#  to the controller_virtual_ip
+#  A string.or an array
+#  Defaults to undef
+#
 # [*service_certificate*]
 #  Filename of an HAProxy-compatible certificate and key file
 #  When set, enables SSL on the public API endpoints using the specified file.
@ -601,6 +607,7 @@ class tripleo::haproxy (
  $haproxy_socket_access_level = 'user',
  $haproxy_stats_user          = 'admin',
  $haproxy_stats_password      = undef,
+  $haproxy_stats_bind_address  = undef,
  $manage_firewall             = hiera('tripleo::firewall::manage_firewall', true),
  $controller_hosts            = hiera('controller_node_ips'),
  $controller_hosts_names      = hiera('controller_node_names', undef),
@ -886,9 +893,12 @@ class tripleo::haproxy (
    } else {
      $haproxy_stats_certificate_real = undef
    }
+    $haproxy_stats_ips_raw = union(any2array($controller_virtual_ip), any2array($haproxy_stats_bind_address))
+    $haproxy_stats_ips = delete_undef_values($haproxy_stats_ips_raw)
+
    class { '::tripleo::haproxy::stats':
      haproxy_listen_bind_param => $haproxy_listen_bind_param,
-      ip                        => $controller_virtual_ip,
+      ip                        => $haproxy_stats_ips,
      password                  => $haproxy_stats_password,
      certificate               => $haproxy_stats_certificate_real,
      user                      => $haproxy_stats_user,
--- a/manifests/haproxy/stats.pp
+++ b/manifests/haproxy/stats.pp
@ -21,8 +21,12 @@
 #  A list of params to be added to the HAProxy listener bind directive.
 #
 # [*ip*]
-#  IP Address on which the stats interface is listening on. This right now
-#  assumes that it's in the ctlplane network.
+#  IP Address(es) on which the stats interface is listening on.
+#  Can be a string or a list of ip addresses
+#
+# [*port*]
+#  Port on which to listen to for haproxy stats web interface
+#  Defaults to '1993'
 #
 # [*password*]
 #  Password for haproxy stats authentication.  When set, authentication is
@ -43,20 +47,19 @@
 class tripleo::haproxy::stats (
  $haproxy_listen_bind_param,
  $ip,
+  $port        = '1993',
  $password    = undef,
  $certificate = undef,
  $user        = 'admin'
 ) {
  if $certificate {
-    $haproxy_stats_bind_opts = {
-      "${ip}:1993" => union($haproxy_listen_bind_param, ['ssl', 'crt', $certificate]),
-    }
+    $opts = union($haproxy_listen_bind_param, ['ssl', 'crt', $certificate])
  } else {
-    $haproxy_stats_bind_opts = {
-      "${ip}:1993" => $haproxy_listen_bind_param,
-    }
+    $opts = $haproxy_listen_bind_param
  }

+  $haproxy_stats_bind_opts = list_to_hash(suffix(any2array($ip), ":${port}"), $opts)
+
  $stats_base = ['enable', 'uri /']
  if $password {
    $stats_config = union($stats_base, ["auth ${user}:${password}"])