haproxy

this page last updated: 2019-07-23 10:14:29

haproxy¶

Role Documentation¶

Welcome to the “haproxy” role documentation.

Role Defaults¶

This section highlights all of the defaults and variables set within the “haproxy” role.

defaults_maxconn_min: 4096
defaults_timeout_check: 10s
defaults_timeout_client: 2m
defaults_timeout_queue: 2m
defaults_timeout_server: 2m
global_maxconn_min: 20480
haproxy_config_file: /var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg

Role Variables: main.yml¶

metadata:
  description: Verify the HAProxy configuration has recommended values.
  groups:
  - post-deployment
  name: HAProxy configuration

Molecule Scenarios¶

Molecule is being used to test the “haproxy” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.

Scenario: default¶

Example default configuration¶

driver:
  name: docker
lint:
  enabled: true
log: true
platforms:
- easy_install:
  - pip
  environment:
    http_proxy: '{{ lookup(''env'', ''http_proxy'') }}'
    https_proxy: '{{ lookup(''env'', ''https_proxy'') }}'
  hostname: centos7
  image: centos:7
  name: centos7
  pkg_extras: python-setuptools haproxy
- environment:
    http_proxy: '{{ lookup(''env'', ''http_proxy'') }}'
    https_proxy: '{{ lookup(''env'', ''https_proxy'') }}'
  hostname: fedora28
  image: fedora:28
  name: fedora28
  pkg_extras: python*-setuptools haproxy
provisioner:
  env:
    ANSIBLE_LIBRARY: ../../../../library
    ANSIBLE_STDOUT_CALLBACK: yaml
  log: true
  name: ansible
scenario:
  test_sequence:
  - destroy
  - create
  - prepare
  - converge
  - verify
  - destroy
verifier:
  lint:
    name: flake8
  name: testinfra

Example default playbook¶

- gather_facts: false
  hosts: all
  name: Converge
  tasks:
  - copy:
      content: "# This file managed by Puppet\nglobal\n  daemon\n  group  haproxy\n\
        \  log  /dev/log local0\n  maxconn  100\n  pidfile  /var/run/haproxy.pid\n\
        \  ssl-default-bind-ciphers  !SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES\n\
        \  ssl-default-bind-options  no-sslv3 no-tlsv10\n  stats  socket /var/lib/haproxy/stats\
        \ mode 600 level user\n  stats  timeout 1s\n  user  haproxy\n\ndefaults\n\
        \  log  global\n  maxconn  100\n  mode  tcp\n  retries  1\n  timeout  http-request\
        \ 1s\n  timeout  queue 1s\n  timeout  connect 1s\n  timeout  client 1s\n \
        \ timeout  server 1s\n  timeout  check 1s\n"
      dest: /haproxy.cfg
    name: create haproxy config file
  - block:
    - include_role:
        name: haproxy
    rescue:
    - meta: clear_host_errors
      name: Clear host errors
    - debug:
        msg: The validation works! End the playbook run
    - meta: end_play
      name: End play
  - fail:
      msg: 'The haproxy role should have detected issues within haproxy

        configuration file!

        '
    name: Fail the test
  vars:
    haproxy_config_file: /haproxy.cfg