From e60a35f360281e0b650d6181d4b45bce66b9457f Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Thu, 12 Jun 2014 11:06:36 +0200 Subject: [PATCH] allow HAProxy to bind to a non-local IP address This is needed since HAProxy will be running on each of our load-balancer nodes, yet keepalived will ensure that our virtual IP address exists on only one of our load-balancer nodes at any given time. Signed-off-by: Emilien Macchi --- manifests/loadbalancer.pp | 6 ++++++ spec/classes/cloud_loadbalancer_spec.rb | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp index 82c1ff5a..7079347a 100644 --- a/manifests/loadbalancer.pp +++ b/manifests/loadbalancer.pp @@ -395,4 +395,10 @@ class cloud::loadbalancer( } } + # Allow HAProxy to bind to a non-local IP address + $haproxy_sysctl_settings = { + 'net.ipv4.ip_nonlocal_bind' => { value => 1 } + } + create_resources(sysctl::value,$haproxy_sysctl_settings) + } diff --git a/spec/classes/cloud_loadbalancer_spec.rb b/spec/classes/cloud_loadbalancer_spec.rb index 7b60d445..c03b35a3 100644 --- a/spec/classes/cloud_loadbalancer_spec.rb +++ b/spec/classes/cloud_loadbalancer_spec.rb @@ -73,6 +73,12 @@ describe 'cloud::loadbalancer' do should contain_class('keepalived') end # configure keepalived server + it 'configure sysctl to allow HAproxy to bind to a non-local IP address' do + should contain_exec('exec_sysctl_net.ipv4.ip_nonlocal_bind').with_command( + 'sysctl -w net.ipv4.ip_nonlocal_bind=1' + ) + end + context 'configure an internal VIP' do before do params.merge!(:keepalived_internal_ipvs => ['192.168.0.1'])