stackforge/puppet-openstack-cloud
Code Issues Proposed changes

load-balancer: binding refactorization

Browse Source 
- remove the $*_internal parameters
- be able to specify multiple public VIPs in both $vip_public_ip and $vip_internal_ip
- allow the $*_api parameters to be either:
    true: listen on both public & internal VIPs
    false: don't listen at all
    one or more IP addresses: this service is bound specifically to these VIPs (check later that these VIPs are declared either in $vip_public_ip or $vip_internal_ip.)

Bug #237
This commit is contained in:
Emilien Macchi
2014-05-01 19:29:10 +02:00
parent 13798ec0e9
commit d4050e9b17
3 changed files with 275 additions and 300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

362
manifests/loadbalancer.pp
View File

@@ -51,108 +51,111 @@
#
# [*swift_api*]
# (optional) Enable or not Swift public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*ceilometer_api*]
# (optional) Enable or not Ceilometer public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*cinder_api*]
# (optional) Enable or not Cinder public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*glance_api*]
# (optional) Enable or not Glance API public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*glance_registry*]
# (optional) Enable or not Glance Registry public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*neutron_api*]
# (optional) Enable or not Neutron public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*heat_api*]
# (optional) Enable or not Heat public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*heat_cfn_api*]
# (optional) Enable or not Heat CFN public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*heat_cloudwatch_api*]
# (optional) Enable or not Heat Cloudwatch public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*nova_api*]
# (optional) Enable or not Nova public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*ec2_api*]
# (optional) Enable or not EC2 public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*metadata_api*]
# (optional) Enable or not Metadata public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*keystone_api*]
# (optional) Enable or not Keystone public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*keystone_api_admin*]
# (optional) Enable or not Keystone admin binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
# If set to false, no binding will be configure
# Defaults to true
#
# [*keystone_api_internal*]
# (optional) Enable or not Keystone internal binding.
# Defaults to true
#
# [*cinder_api_internal*]
# (optional) Enable or not Cinder internal binding.
# Defaults to true
#
# [*ceilometer_api_internal*]
# (optional) Enable or not Ceilometer internal binding.
# Defaults to true
#
# [*glance_api_internal*]
# (optional) Enable or not Glance API internal binding.
# Defaults to true
#
# [*glance_registry_internal*]
# (optional) Enable or not Glance Registry internal binding.
# Defaults to true
#
# [*nova_api_internal*]
# (optional) Enable or not Nova internal binding.
# Defaults to true
#
# [*ec2_api_internal*]
# (optional) Enable or not EC2 internal binding.
# Defaults to true
#
# [*neutron_api_internal*]
# (optional) Enable or not Neutron internal binding.
# Defaults to true
#
# [*swift_api_internal*]
# (optional) Enable or not Swift internal binding.
# Defaults to true
#
# [*heat_api_internal*]
# (optional) Enable or not Heat internal binding.
# Defaults to true
#
# [*heat_cfn_api_internal*]
# (optional) Enable or not Heat CFN internal binding.
# Defaults to true
#
# [*heat_cloudwatch_api_internal*]
# (optional) Enable or not Heat Cloudwatch internal binding.
# Defaults to true
# [*vip_public_ip*]
# (optional) Array or string for public VIP
# Should be part of keepalived_public_ips
# Defaults to '127.0.0.2'
#
# [*vip_internal_ip*]
# (optional) Array or string for internal VIP
# Should be part of keepalived_internal_ips
# Defaults to false (backward compatibility)
class cloud::loadbalancer(
$swift_api = true,
$ceilometer_api = true,
@@ -167,26 +170,13 @@ class cloud::loadbalancer(
$ec2_api = true,
$metadata_api = true,
$keystone_api = true,
$swift_api_internal = true,
$ceilometer_api_internal = true,
$cinder_api_internal = true,
$glance_api_internal = true,
$glance_registry_internal = true,
$neutron_api_internal = true,
$heat_api_internal = true,
$heat_cfn_api_internal = true,
$heat_cloudwatch_api_internal = true,
$nova_api_internal = true,
$ec2_api_internal = true,
$metadata_api_internal = true,
$keystone_api_internal = true,
$keystone_api_admin = true,
$horizon = true,
$horizon_ssl = false,
$spice = true,
$haproxy_auth = 'admin:changeme',
$keepalived_state = 'BACKUP',
$keepalived_priority = 50,
$keepalived_priority = '50',
$keepalived_public_interface = 'eth0',
$keepalived_public_ipvs = ['127.0.0.1'],
$keepalived_internal_interface = 'eth1',
@@ -195,7 +185,7 @@ class cloud::loadbalancer(
$ks_cinder_public_port = 8776,
$ks_ec2_public_port = 8773,
$ks_glance_api_public_port = 9292,
$ks_glance_registry_public_port = 9191,
$ks_glance_registry_internal_port = 9191,
$ks_heat_cfn_public_port = 8000,
$ks_heat_cloudwatch_public_port = 8003,
$ks_heat_public_port = 8004,
@@ -207,7 +197,7 @@ class cloud::loadbalancer(
$ks_swift_public_port = 8080,
$horizon_port = 80,
$spice_port = 6082,
$vip_public_ip = '127.0.0.2',
$vip_public_ip = '127.0.0.1',
$vip_internal_ip = false,
$galera_ip = '127.0.0.1',
# Deprecated parameters
@@ -240,19 +230,11 @@ class cloud::loadbalancer(
fail('galera_ip should be part of keepalived_public_ipvs or keepalived_internal_ipvs.')
}
# Ensure HAproxy service is only started on MASTER node
# It avoids binding warnings when running Puppet on BACKUP nodes where HAproxy
# tries to bind the services to the VIP which is not here.
if $keepalived_state == 'BACKUP' {
$manage_haproxy_service = false
} else {
$manage_haproxy_service = true
}
# Ensure Keepalived is started before HAproxy to avoid binding errors.
# HAproxy is managed by Keepalived.
class { 'keepalived': } ->
class { 'haproxy':
service_manage => $manage_haproxy_service
service_manage => false
}
keepalived::vrrp_script { 'haproxy':
@@ -300,210 +282,88 @@ class cloud::loadbalancer(
}
}
if $keystone_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
# Instanciate HAproxy binding
cloud::loadbalancer::binding { 'keystone_api_cluster':
ip => $keystone_api,
port => $ks_keystone_public_port;
}
if $keystone_api {
cloud::loadbalancer::listen_http {
'keystone_api_cluster':
ports => $ks_keystone_public_port,
listen_ip => $listen_ip_real;
'keystone_api_admin_cluster':
ports => $ks_keystone_admin_port,
listen_ip => $listen_ip_real;
}
cloud::loadbalancer::binding { 'keystone_api_admin_cluster':
ip => $keystone_api_admin,
port => $ks_keystone_admin_port;
}
if $swift_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
cloud::loadbalancer::binding { 'swift_api_cluster':
ip => $swift_api,
port => $ks_swift_public_port,
httpchk => 'httpchk /healthcheck';
}
if $swift_api {
cloud::loadbalancer::listen_http{
'swift_api_cluster':
ports => $ks_swift_public_port,
httpchk => 'httpchk /healthcheck',
listen_ip => $listen_ip_real;
}
cloud::loadbalancer::binding { 'nova_api_cluster':
ip => $nova_api,
port => $ks_nova_public_port;
}
if $nova_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
cloud::loadbalancer::binding { 'ec2_api_cluster':
ip => $ec2_api,
port => $ks_ec2_public_port;
}
if $nova_api {
cloud::loadbalancer::listen_http{
'nova_api_cluster':
ports => $ks_nova_public_port,
listen_ip => $listen_ip_real;
}
cloud::loadbalancer::binding { 'metadata_api_cluster':
ip => $metadata_api,
port => $ks_metadata_public_port;
}
if $ec2_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
cloud::loadbalancer::binding { 'spice_cluster':
ip => $spice,
port => $spice_port,
httpchk => 'httpchk GET /';
}
if $ec2_api {
cloud::loadbalancer::listen_http{
'ec2_api_cluster':
ports => $ks_ec2_public_port,
listen_ip => $listen_ip_real;
}
cloud::loadbalancer::binding { 'glance_api_cluster':
ip => $glance_api,
port => $ks_glance_api_public_port;
}
if $metadata_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
cloud::loadbalancer::binding { 'glance_registry_cluster':
ip => $glance_registry,
port => $ks_glance_registry_internal_port;
}
if $metadata_api {
cloud::loadbalancer::listen_http{
'metadata_api_cluster':
ports => $ks_metadata_public_port,
listen_ip => $listen_ip_real;
}
cloud::loadbalancer::binding { 'neutron_api_cluster':
ip => $neutron_api,
port => $ks_neutron_public_port;
}
if $spice {
cloud::loadbalancer::listen_http{
'spice_cluster':
ports => $spice_port,
listen_ip => $vip_public_ip,
httpchk => 'httpchk GET /';
}
cloud::loadbalancer::binding { 'cinder_api_cluster':
ip => $cinder_api,
port => $ks_cinder_public_port;
}
if $glance_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
cloud::loadbalancer::binding { 'ceilometer_api_cluster':
ip => $ceilometer_api,
port => $ks_ceilometer_public_port;
}
if $glance_api {
cloud::loadbalancer::listen_http{
'glance_api_cluster':
ports => $ks_glance_api_public_port,
listen_ip => $listen_ip_real;
}
cloud::loadbalancer::binding { 'heat_api_cluster':
ip => $heat_api,
port => $ks_heat_public_port;
}
if $glance_registry_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
cloud::loadbalancer::binding { 'heat_api_cfn_cluster':
ip => $heat_cfn_api,
port => $ks_heat_cfn_public_port;
}
if $glance_registry {
warning('Glance Registry should not be exposed to public network.')
cloud::loadbalancer::listen_http{
'glance_registry_cluster':
ports => $ks_glance_registry_internal_port,
listen_ip => $listen_ip_real;
}
}
if $neutron_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
}
if $neutron_api {
cloud::loadbalancer::listen_http{
'neutron_api_cluster':
ports => $ks_neutron_public_port,
listen_ip => $listen_ip_real;
}
}
if $cinder_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
}
if $cinder_api {
cloud::loadbalancer::listen_http{
'cinder_api_cluster':
ports => $ks_cinder_public_port,
listen_ip => $listen_ip_real;
}
}
if $ceilometer_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
}
if $ceilometer_api {
cloud::loadbalancer::listen_http{
'ceilometer_api_cluster':
ports => $ks_ceilometer_public_port,
listen_ip => $listen_ip_real;
}
}
if $heat_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
}
if $heat_api {
cloud::loadbalancer::listen_http{
'heat_api_cluster':
ports => $ks_heat_public_port,
listen_ip => $listen_ip_real;
}
}
if $heat_cfn_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
}
if $heat_cfn_api {
cloud::loadbalancer::listen_http{
'heat_cfn_api_cluster':
ports => $ks_heat_cfn_public_port,
listen_ip => $listen_ip_real;
}
}
if $heat_cloudwatch_api_internal and $vip_internal_ip and $keepalived_internal_ipvs {
$listen_ip_real = [$vip_public_ip, $vip_internal_ip]
} else {
$listen_ip_real = $vip_public_ip
}
if $heat_cloudwatch_api {
cloud::loadbalancer::listen_http{
'heat_cloudwatch_api_cluster':
ports => $ks_heat_cloudwatch_public_port,
listen_ip => $listen_ip_real;
}
cloud::loadbalancer::binding { 'heat_api_cloudwatch_cluster':
ip => $heat_cloudwatch_api,
port => $ks_heat_cloudwatch_public_port;
}
if $horizon {
if $horizon_ssl {
cloud::loadbalancer::listen_https{
'horizon_cluster':
ports => $horizon_port,
listen_ip => $vip_public_ip;
cloud::loadbalancer::listen_https{ 'horizon_cluster':
ports => $horizon_port,
listen_ip => $vip_public_ip;
}
} else {
# Horizon URL is not the same on Red Hat and Debian/Ubuntu
if $::operatingsystem == 'RedHat' {
$horizon_auth_url = 'dashboard'
} else {
$horizon_auth_url = 'horizon'
}
cloud::loadbalancer::listen_http{
'horizon_cluster':
ports => $horizon_port,
httpchk => "httpchk GET /$horizon_auth_url HTTP/1.0\r\nUser-Agent:\ HAproxy-${::hostname}",
options => { 'cookie' => 'sessionid prefix', 'balance' => 'leastconn' },
listen_ip => $vip_public_ip;
cloud::loadbalancer::listen_http{ 'horizon_cluster':
ports => $horizon_port,
httpchk => "httpchk GET /$horizon_auth_url HTTP/1.0\r\nUser-Agent:\ HAproxy-${::hostname}",
options => { 'cookie' => 'sessionid prefix', 'balance' => 'leastconn' },
listen_ip => $vip_public_ip;
}
}
}

62
manifests/loadbalancer/binding.pp Normal file
View File

@@ -0,0 +1,62 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
define cloud::loadbalancer::binding (
$ip,
$port,
$httpchk = undef
){
include cloud::loadbalancer
# join all VIP together
$vip_public_ip_array = any2array($::cloud::loadbalancer::vip_public_ip)
$vip_internal_ip_array = any2array($::cloud::loadbalancer::vip_internal_ip)
if $::cloud::loadbalancer::vip_public_ip and $::cloud::loadbalancer::vip_internal_ip {
$all_vip = join([$vip_public_ip_array,$vip_internal_ip_array], ',')
}
if $::cloud::loadbalancer::vip_public_ip and ! $::cloud::loadbalancer::vip_internal_ip {
$all_vip = join($vip_public_ip_array, ',')
}
if ! $::cloud::loadbalancer::vip_public_ip and $::cloud::loadbalancer::vip_internal_ip {
$all_vip = join($vip_internal_ip_array, ',')
}
if ! $::cloud::loadbalancer::vip_internal_ip and ! $::cloud::loadbalancer::vip_public_ip {
fail('vip_public_ip and vip_internal_ip are both set to false, no binding is possible.')
}
# when we do not want binding
if ($ip == false) {
notice("no HAproxy binding for ${name} has been enabled.")
} else {
# when we want both internal & public binding
if ($ip == true) {
$listen_ip_real = $all_vip
} else {
# when binding is specified in parameter
if ($ip in $all_vip) {
$listen_ip_real = $ip
} else {
fail("${ip} is not part of VIP pools.")
}
cloud::loadbalancer::listen_http { $name:
ports => $port,
httpchk => $httpchk,
listen_ip => $listen_ip_real;
}
}
}
}

151
spec/classes/cloud_loadbalancer_spec.rb
View File

@@ -20,48 +20,57 @@ require 'spec_helper'
describe 'cloud::loadbalancer' do
let :default_params do
{ :ceilometer_api => true,
:cinder_api => true,
:glance_api => true,
:neutron_api => true,
:heat_api => true,
:heat_cfn_api => true,
:heat_cloudwatch_api => true,
:nova_api => true,
:ec2_api => true,
:metadata_api => true,
:swift_api => true,
:keystone_api_admin => true,
:keystone_api => true,
:horizon => true,
:horizon_ssl => false,
:spice => true,
:haproxy_auth => 'root:secrete',
:keepalived_state => 'BACKUP',
:keepalived_priority => 50,
:keepalived_public_interface => 'eth0',
:keepalived_public_ipvs => ['10.0.0.1', '10.0.0.2'],
:horizon_port => '80',
:spice_port => '6082',
:vip_public_ip => '10.0.0.1',
:vip_internal_ip => false,
:galera_ip => '10.0.0.2',
:ks_ceilometer_public_port => '8777',
:ks_nova_public_port => '8774',
:ks_ec2_public_port => '8773',
:ks_metadata_public_port => '8777',
:ks_glance_api_public_port => '9292',
:ks_glance_registry_internal_port => '9191',
:ks_swift_public_port => '8080',
:ks_keystone_public_port => '5000',
:ks_keystone_admin_port => '35357',
:ks_cinder_public_port => '8776',
:ks_neutron_public_port => '9696',
:ks_heat_public_port => '8004',
:ks_heat_cfn_public_port => '8000',
:ks_heat_cloudwatch_public_port => '8003' }
end
let :params do
{ }
end
shared_examples_for 'openstack loadbalancer' do
let :params do
{ :ceilometer_api => true,
:cinder_api => true,
:glance_api => true,
:neutron_api => true,
:heat_api => true,
:heat_cfn_api => true,
:heat_cloudwatch_api => true,
:nova_api => true,
:ec2_api => true,
:metadata_api => true,
:swift_api => true,
:keystone_api_admin => true,
:keystone_api => true,
:horizon => true,
:horizon_ssl => false,
:spice => true,
:haproxy_auth => 'root:secrete',
:keepalived_state => 'BACKUP',
:keepalived_priority => 50,
:keepalived_public_interface => 'eth0',
:keepalived_public_ipvs => ['10.0.0.1', '10.0.0.2'],
:horizon_port => '80',
:spice_port => '6082',
:vip_public_ip => '10.0.0.1',
:galera_ip => '10.0.0.2',
:ks_ceilometer_public_port => '8777',
:ks_nova_public_port => '8774',
:ks_ec2_public_port => '8773',
:ks_metadata_public_port => '8777',
:ks_glance_api_public_port => '9292',
:ks_glance_registry_internal_port => '9191',
:ks_swift_public_port => '8080',
:ks_keystone_public_port => '5000',
:ks_keystone_admin_port => '35357',
:ks_cinder_public_port => '8776',
:ks_neutron_public_port => '9696',
:ks_heat_public_port => '8004',
:ks_heat_cfn_public_port => '8000',
:ks_heat_cloudwatch_public_port => '8003' }
let :p do
default_params.merge(params)
end
it 'configure haproxy server' do
@@ -72,6 +81,36 @@ describe 'cloud::loadbalancer' do
should contain_class('keepalived')
end # configure keepalived server
context 'configure an OpenStack service haproxy listen with public binding only' do
before do
params.merge!(
:keystone_api => '10.0.0.2',
:vip_public_ip => '10.0.0.2',
:keepalived_public_ipvs => ['10.0.0.2'],
:vip_internal_ip => false,
)
end
it { should contain_haproxy__listen('keystone_api_cluster').with(
:ipaddress => ['10.0.0.2'],
:ports => '5000'
)}
end
context 'configure an OpenStack service haproxy listen with both public and internal binding' do
before :each do
params.merge!(
:nova_api => true,
:vip_public_ip => '10.0.0.2',
:vip_internal_ip => '192.168.0.1',
:keepalived_internal_ipvs => ['192.168.0.1', '192.168.0.2']
)
end
it { should contain_haproxy__listen('nova_api_cluster').with(
:ipaddress => ['10.0.0.2','192.168.0.1'],
:ports => '8774'
)}
end
context 'configure an internal VIP' do
before do
params.merge!(:keepalived_internal_ipvs => ['192.168.0.1'])
@@ -82,7 +121,7 @@ describe 'cloud::loadbalancer' do
'virtual_ips' => ['192.168.0.1 dev eth1'],
'track_script' => ['haproxy'],
'state' => 'BACKUP',
'priority' => params[:keepalived_priority],
'priority' => '50',
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})
@@ -104,7 +143,7 @@ describe 'cloud::loadbalancer' do
'virtual_ips' => ['192.168.0.2 dev eth3'],
'track_script' => ['haproxy'],
'state' => 'BACKUP',
'priority' => params[:keepalived_priority],
'priority' => p[:keepalived_priority],
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})
@@ -114,11 +153,11 @@ describe 'cloud::loadbalancer' do
context 'when keepalived and HAproxy are in backup' do
it 'configure vrrp_instance with BACKUP state' do
should contain_keepalived__instance('1').with({
'interface' => params[:keepalived_public_interface],
'interface' => p[:keepalived_public_interface],
'virtual_ips' => ['10.0.0.1 dev eth0', '10.0.0.2 dev eth0'],
'track_script' => ['haproxy'],
'state' => params[:keepalived_state],
'priority' => params[:keepalived_priority],
'state' => p[:keepalived_state],
'priority' => p[:keepalived_priority],
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})
@@ -134,16 +173,16 @@ describe 'cloud::loadbalancer' do
end
it 'configure vrrp_instance with MASTER state' do
should contain_keepalived__instance('1').with({
'interface' => params[:keepalived_public_interface],
'interface' => p[:keepalived_public_interface],
'track_script' => ['haproxy'],
'state' => 'MASTER',
'priority' => params[:keepalived_priority],
'priority' => p[:keepalived_priority],
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})
end
it 'configure haproxy server with service managed' do
should contain_class('haproxy').with(:service_manage => true)
should contain_class('haproxy').with(:service_manage => false)
end # configure haproxy server
end # configure keepalived in master
@@ -163,7 +202,7 @@ describe 'cloud::loadbalancer' do
)}
end # configure monitor haproxy listen
context 'configure monitor haproxy listen' do
context 'configure galera haproxy listen' do
it { should contain_haproxy__listen('galera_cluster').with(
:ipaddress => params[:galera_ip],
:ports => '3306',
@@ -197,6 +236,20 @@ describe 'cloud::loadbalancer' do
it_raises 'a Puppet::Error', /vip_internal_ip should be part of keepalived_internal_ipvs./
end
context 'with non-valid OpenStack VIP' do
before do
params.merge!(
:vip_public_ip => '172.16.0.1',
:vip_internal_ip => '192.168.0.1',
:galera_ip => '192.168.0.1',
:keepalived_internal_ipvs => ['192.168.0.1'],
:keepalived_public_ipvs => ['172.16.0.1'],
:keystone_api => '10.0.0.1'
)
end
it_raises 'a Puppet::Error', /10.0.0.1 is not part of VIP pools./
end
context 'with a Galera VIP not in the keepalived VIP list' do
before do
params.merge!(