Puppet Class: profile::openstack::eqiad1::haproxy

Defined in:
modules/profile/manifests/openstack/eqiad1/haproxy.pp

Overview

Parameters:

  • acme_chief_cert_name (Optional[String]) (defaults to: lookup('profile::openstack::eqiad1::haproxy::acme_chief_cert_name', {default_value => undef}))
  • openstack_controllers (Array[Stdlib::Fqdn]) (defaults to: lookup('profile::openstack::eqiad1::openstack_controllers'))
  • designate_hosts (Array[Stdlib::Fqdn]) (defaults to: lookup('profile::openstack::eqiad1::designate_hosts'))
  • glance_api_bind_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::glance::api_bind_port'))
  • placement_api_bind_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::placement::api_bind_port'))
  • cinder_api_bind_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::cinder::api_bind_port'))
  • trove_api_bind_port (Stdlib::Port) (defaults to: lookup('profile::openstack::base::trove::api_bind_port'))
  • keystone_admin_bind_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::keystone::admin_bind_port'))
  • keystone_public_bind_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::keystone::public_bind_port'))
  • neutron_bind_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::neutron::bind_port'))
  • nova_metadata_listen_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::nova::metadata_listen_port'))
  • galera_listen_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::galera::listen_port'))
  • galera_primary_host (Stdlib::Fqdn) (defaults to: lookup('profile::openstack::eqiad1::galera::primary_host'))
  • nova_osapi_compute_listen_port (Stdlib::Port) (defaults to: lookup('profile::openstack::eqiad1::nova::osapi_compute_listen_port')) 


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
 
# File 'modules/profile/manifests/openstack/eqiad1/haproxy.pp', line 1

class profile::openstack::eqiad1::haproxy(
    Optional[String] $acme_chief_cert_name = lookup('profile::openstack::eqiad1::haproxy::acme_chief_cert_name', {default_value => undef}),
    Array[Stdlib::Fqdn] $openstack_controllers = lookup('profile::openstack::eqiad1::openstack_controllers'),
    Array[Stdlib::Fqdn] $designate_hosts = lookup('profile::openstack::eqiad1::designate_hosts'),
    Stdlib::Port $glance_api_bind_port = lookup('profile::openstack::eqiad1::glance::api_bind_port'),
    Stdlib::Port $placement_api_bind_port = lookup('profile::openstack::eqiad1::placement::api_bind_port'),
    Stdlib::Port $cinder_api_bind_port = lookup('profile::openstack::eqiad1::cinder::api_bind_port'),
    Stdlib::Port $trove_api_bind_port = lookup('profile::openstack::base::trove::api_bind_port'),
    Stdlib::Port $keystone_admin_bind_port = lookup('profile::openstack::eqiad1::keystone::admin_bind_port'),
    Stdlib::Port $keystone_public_bind_port = lookup('profile::openstack::eqiad1::keystone::public_bind_port'),
    Stdlib::Port $neutron_bind_port = lookup('profile::openstack::eqiad1::neutron::bind_port'),
    Stdlib::Port $nova_metadata_listen_port = lookup('profile::openstack::eqiad1::nova::metadata_listen_port'),
    Stdlib::Port $galera_listen_port = lookup('profile::openstack::eqiad1::galera::listen_port'),
    Stdlib::Fqdn $galera_primary_host = lookup('profile::openstack::eqiad1::galera::primary_host'),
    Stdlib::Port $nova_osapi_compute_listen_port = lookup('profile::openstack::eqiad1::nova::osapi_compute_listen_port'),
) {
    if $acme_chief_cert_name != undef {
        acme_chief::cert { $acme_chief_cert_name:
            puppet_svc => 'haproxy',
        }
    }

    profile::openstack::base::haproxy::site { 'designate':
        servers                => $designate_hosts,
        healthcheck_method     => 'HEAD',
        healthcheck_path       => '/',
        port_frontend          => 9001,
        port_backend           => 9001,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 29001,
    }

    profile::openstack::base::haproxy::site { 'keystone_admin':
        servers                => $openstack_controllers,
        healthcheck_method     => 'GET',
        healthcheck_path       => '/',
        port_frontend          => 35357,
        port_backend           => $keystone_admin_bind_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 25357,
    }

    profile::openstack::base::haproxy::site { 'keystone_public':
        servers                => $openstack_controllers,
        healthcheck_method     => 'GET',
        healthcheck_path       => '/',
        port_frontend          => 5000,
        port_backend           => $keystone_public_bind_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 25000,
    }

    profile::openstack::base::haproxy::site { 'glance_api':
        servers                => $openstack_controllers,
        healthcheck_method     => 'GET',
        healthcheck_path       => '/',
        port_frontend          => 9292,
        port_backend           => $glance_api_bind_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 29292,
    }

    profile::openstack::base::haproxy::site { 'cinder_api':
        servers                => $openstack_controllers,
        healthcheck_method     => 'GET',
        healthcheck_path       => '/',
        port_frontend          => 8776,
        port_backend           => $cinder_api_bind_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 28776,
    }

    profile::openstack::base::haproxy::site { 'trove_api':
        servers                => $openstack_controllers,
        healthcheck_method     => 'GET',
        healthcheck_path       => '/',
        port_frontend          => 8779,
        port_backend           => $trove_api_bind_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 28779,
    }

    profile::openstack::base::haproxy::site { 'neutron':
        servers                => $openstack_controllers,
        healthcheck_method     => 'GET',
        healthcheck_path       => '/',
        port_frontend          => 9696,
        port_backend           => $neutron_bind_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 29696,
    }

    profile::openstack::base::haproxy::site { 'nova_api':
        servers                => $openstack_controllers,
        healthcheck_method     => 'HEAD',
        healthcheck_path       => '/',
        port_frontend          => 8774,
        port_backend           => $nova_osapi_compute_listen_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 28774,
    }

    profile::openstack::base::haproxy::site { 'placement_api':
        servers                => $openstack_controllers,
        healthcheck_method     => 'GET',
        healthcheck_path       => '/',
        port_frontend          => 8778,
        port_backend           => $placement_api_bind_port,
        frontend_tls_cert_name => $acme_chief_cert_name,
        port_frontend_tls      => 28778,
    }

    profile::openstack::base::haproxy::site { 'nova_metadata':
        servers            => $openstack_controllers,
        healthcheck_method => 'HEAD',
        healthcheck_path   => '/',
        port_frontend      => 8775,
        port_backend       => $nova_metadata_listen_port,
    }

    profile::openstack::base::haproxy::site { 'mysql':
        servers             => $openstack_controllers,
        port_frontend       => 3306,
        port_backend        => $galera_listen_port,
        primary_host        => $galera_primary_host,
        healthcheck_options => ['option httpchk'],
        type                => 'tcp'
    }
}