opendev/puppet-cgit
Code Issues Proposed changes
puppet-cgit/manifests/lb.pp
Glauco Oliveira 507f36a98c Fix loadbalancer manifest to be able to apply. 
There were two outstanding errors preventing us from applying this
manifest:
- It was assuming you always have a non-loopback network interface
configured to use IPv6
- It was assuming the service rsyslog was already defined

Our patch fixed these two problems allowing you to apply the script.

Change-Id: Ie2c2d6ec9740a1d57b0b82e431ad2161c2940a80
Co-Authored-By: Bruno Tavares <btavare@thoughtworks.com>
Co-Authored-By: Danilo Ramalho <dramalho@thoughtworks.com>
2015-09-14 14:38:47 -03:00

129 lines
3.6 KiB
Puppet
Raw Blame History

# Copyright 2014 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Class: cgit::lb
#
class cgit::lb (
$balancer_member_names = [],
$balancer_member_ips = [],
$balancer_member_http_ports = ['8080',],
$balancer_member_https_ports = ['4443',],
$balancer_member_git_ports = ['29418',],
) {
if ($::osfamily == 'RedHat') {
class { '::selinux':
mode => 'enforcing'
}
}
package { 'socat':
ensure => present,
}
package { 'lsof':
ensure => present,
}
class { '::haproxy':
enable => true,
global_options => {
'log' => '127.0.0.1 local0',
'chroot' => '/var/lib/haproxy',
'pidfile' => '/var/run/haproxy.pid',
'maxconn' => '4000',
'user' => 'haproxy',
'group' => 'haproxy',
'daemon' => '',
'stats' => 'socket /var/lib/haproxy/stats user root group root mode 0600 level admin'
},
}
# The three listen defines here are what the world will hit.
$haproxy_addresses = delete_undef_values([$::ipaddress, $::ipaddress6])
haproxy::listen { 'balance_git_http':
ipaddress => $haproxy_addresses,
ports => ['80'],
mode => 'tcp',
collect_exported => false,
options => {
'balance' => 'source',
'option' => [
'tcplog',
],
},
}
haproxy::listen { 'balance_git_https':
ipaddress => $haproxy_addresses,
ports => ['443'],
mode => 'tcp',
collect_exported => false,
options => {
'balance' => 'source',
'option' => [
'tcplog',
],
},
}
haproxy::listen { 'balance_git_daemon':
ipaddress => $haproxy_addresses,
ports => ['9418'],
mode => 'tcp',
collect_exported => false,
options => {
'maxconn' => '32',
'backlog' => '64',
'balance' => 'source',
'option' => [
'tcplog',
],
},
}
haproxy::balancermember { 'balance_git_http_member':
listening_service => 'balance_git_http',
server_names => $balancer_member_names,
ipaddresses => $balancer_member_ips,
ports => $balancer_member_http_ports,
}
haproxy::balancermember { 'balance_git_https_member':
listening_service => 'balance_git_https',
server_names => $balancer_member_names,
ipaddresses => $balancer_member_ips,
ports => $balancer_member_https_ports,
}
haproxy::balancermember { 'balance_git_daemon_member':
listening_service => 'balance_git_daemon',
server_names => $balancer_member_names,
ipaddresses => $balancer_member_ips,
ports => $balancer_member_git_ports,
options => 'maxqueue 512',
}
if (!defined(Service['rsyslog'])) {
service { 'rsyslog':
ensure => running,
enable => true,
}
}
file { '/etc/rsyslog.d/haproxy.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///modules/cgit/rsyslog.haproxy.conf',
notify => Service['rsyslog'],
}
}
View Git Blame Copy Permalink