e76519d2c8
In this change we do three things: 1) We make the class parameter 'ip' also be a list so that multiple bind addresses are possible 2) We remove the hard coded 1993 and move it to a parameter 3) Instead of passing only the controller_virtual_ip as the only bind address on all controllers which makes no sense (see linked LP) we also bind to the IP specified in the hiera key 'tripleo::haproxy::haproxy_stats_bind_address'. Tested this change with the accompanying THT patch and correctly got the haproxy stats on a custom network (internal_api and the controller vip): listen haproxy.stats bind fd00:fd00:fd00:2000::16:1993 transparent bind 192.168.24.15:1993 transparent mode http stats enable stats uri / stats auth admin:password I did not remove the controller_virtual_ip binding as that might be a breaking change for operators. We could think about deprecating it and removing it eventually. Related-Bug: #1830334 Change-Id: Iab5f11c3065ff34a3543621554e7f05161d069f2
78 lines
2.2 KiB
Puppet
78 lines
2.2 KiB
Puppet
# Copyright 2014 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
# == Class: tripleo::haproxy::stats
|
|
#
|
|
# Configure the HAProxy stats interface
|
|
#
|
|
# [*haproxy_listen_bind_param*]
|
|
# A list of params to be added to the HAProxy listener bind directive.
|
|
#
|
|
# [*ip*]
|
|
# IP Address(es) on which the stats interface is listening on.
|
|
# Can be a string or a list of ip addresses
|
|
#
|
|
# [*port*]
|
|
# Port on which to listen to for haproxy stats web interface
|
|
# Defaults to '1993'
|
|
#
|
|
# [*password*]
|
|
# Password for haproxy stats authentication. When set, authentication is
|
|
# enabled on the haproxy stats endpoint.
|
|
# A string.
|
|
# Defaults to undef
|
|
#
|
|
# [*certificate*]
|
|
# Filename of an HAProxy-compatible certificate and key file
|
|
# When set, enables SSL on the haproxy stats endpoint using the specified file.
|
|
# Defaults to undef
|
|
#
|
|
# [*user*]
|
|
# Username for haproxy stats authentication.
|
|
# A string.
|
|
# Defaults to 'admin'
|
|
#
|
|
class tripleo::haproxy::stats (
|
|
$haproxy_listen_bind_param,
|
|
$ip,
|
|
$port = '1993',
|
|
$password = undef,
|
|
$certificate = undef,
|
|
$user = 'admin'
|
|
) {
|
|
if $certificate {
|
|
$opts = union($haproxy_listen_bind_param, ['ssl', 'crt', $certificate])
|
|
} else {
|
|
$opts = $haproxy_listen_bind_param
|
|
}
|
|
|
|
$haproxy_stats_bind_opts = list_to_hash(suffix(any2array($ip), ":${port}"), $opts)
|
|
|
|
$stats_base = ['enable', 'uri /']
|
|
if $password {
|
|
$stats_config = union($stats_base, ["auth ${user}:${password}"])
|
|
} else {
|
|
$stats_config = $stats_base
|
|
}
|
|
haproxy::listen { 'haproxy.stats':
|
|
bind => $haproxy_stats_bind_opts,
|
|
mode => 'http',
|
|
options => {
|
|
'stats' => $stats_config,
|
|
},
|
|
collect_exported => false,
|
|
}
|
|
}
|