Support plain http haproxy listener.

This commit is contained in:
Andrea Dell'Amico 2023-10-06 16:08:01 +02:00
parent 342a257713
commit 7f73d9759e
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
2 changed files with 54 additions and 12 deletions

View File

@ -73,6 +73,28 @@ listen local_stats
stats uri / stats uri /
stats realm HAProxy\ Statistics stats realm HAProxy\ Statistics
{% if docker_swarm_haproxy_plain_http_listener %}
frontend http_{{ docker_swarm_haproxy_plain_http_port }}
bind *:{{ docker_swarm_haproxy_plain_http_port }} {% if docker_swarm_haproxy_installation_type == 'global' %}accept-proxy{% endif %}
mode http
option http-keep-alive
option forwardfor
{% for srv in docker_swarm_haproxy_plain_http_services %}
acl {{ srv.acl_name }} {{ srv.acl_rule }}
{%if srv.acl_path_rule is defined %}acl {{ srv.acl_name }}_path {{ srv.acl_path_rule }}{% endif %}
{% if srv.allowed_networks is defined %}
acl {{ srv.acl_name }}_nets src {% for net in srv.allowed_networks %} {{ net }}{% endfor %}
http-request deny if {{ srv.acl_name }} !{{ srv.acl_name }}_nets
{% endif %}
use_backend {{ srv.acl_name }}_bck if {{ srv.acl_name }} {%if srv.acl_path_rule is defined %}{{ srv.acl_name }}_path
{% endfor %}
{% endif %}
frontend http frontend http
bind *:{{ https_port }} ssl crt {{ haproxy_cert_dir }}{% if docker_swarm_haproxy_http2_enabled %} alpn h2,http/1.1{% endif %}{% if docker_swarm_haproxy_installation_type == 'global' %} accept-proxy{% endif %} bind *:{{ https_port }} ssl crt {{ haproxy_cert_dir }}{% if docker_swarm_haproxy_http2_enabled %} alpn h2,http/1.1{% endif %}{% if docker_swarm_haproxy_installation_type == 'global' %} accept-proxy{% endif %}
@ -155,14 +177,6 @@ frontend docker_ft
default_backend swarm_api_bck default_backend swarm_api_bck
{% endif %} {% endif %}
{% if docker_swarm_haproxy_shinyproxy_metrics %}
# shinyproxy opens a second port, 9090, to expose its metrics to prometheus
frontend shinyproxy_metrics
bind :9090
mode http
default_backend shinyproxy_metrics_bck
{% endif %}
{% for srv in docker_swarm_haproxy_additional_services %} {% for srv in docker_swarm_haproxy_additional_services %}
{% if srv.mode is defined and srv.mode == 'tcp' %} {% if srv.mode is defined and srv.mode == 'tcp' %}
frontend {{ srv.acl_name }} frontend {{ srv.acl_name }}
@ -177,6 +191,7 @@ frontend {{ srv.acl_name }}
{% endif %} {% endif %}
{% endfor %} {% endfor %}
# #
# Backends # Backends
# #
@ -238,3 +253,27 @@ backend {{ srv.acl_name }}_bck
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% if docker_swarm_haproxy_plain_http_listener %}
{% for srv in docker_swarm_haproxy_plain_http_services %}
backend {{ srv.acl_name }}_bck
mode http
option httpchk
balance {{ srv.balance_type | default('roundrobin') }}
{% if srv.http_check_enabled is defined and srv.http_check_enabled %}
http-check send {{ srv.http_check }}
http-check expect {{ srv.http_check_expect }}
{% endif %}
{% if srv.stick_sessions %}
{% if srv.stick_on_cookie %}
dynamic-cookie-key {{ srv.acl_name }}
cookie {{ srv.stick_cookie }} dynamic
{% else %}
stick on src
stick-table {{ srv.stick_table }} peers mypeers
{% endif %}
{% endif %}
server-template {{ srv.service_name }}- {{ srv.service_replica_num }} {{ srv.stack_name }}_{{ srv.service_name }}:{{ srv.service_port }} {{ srv.backend_options | default('') }} {% if srv.http_check_enabled is defined and srv.http_check_enabled %}check {{ srv.check_options | default('') }}{% endif %} resolvers docker init-addr libc,none
{% endfor %}
{% endif %}

View File

@ -1,22 +1,25 @@
--- ---
haproxy_docker_container: True haproxy_docker_container: true
haproxy_ha_with_keepalived: '{{ docker_swarm_haproxy_keepalive_installation }}' haproxy_ha_with_keepalived: '{{ docker_swarm_haproxy_keepalive_installation }}'
keepalived_install: '{{ docker_swarm_haproxy_keepalive_installation }}' keepalived_install: '{{ docker_swarm_haproxy_keepalive_installation }}'
keepalived_vrouter_id: '{{ docker_swarm_keepalived_vrouter_id }}' keepalived_vrouter_id: '{{ docker_swarm_keepalived_vrouter_id }}'
keepalived_use_unicast: False keepalived_use_unicast: false
keepalived_floating_ip1: '{{ docker_swarm_keepalived_floating_ip }}' keepalived_floating_ip1: '{{ docker_swarm_keepalived_floating_ip }}'
keepalived_instance1_name: '{{ docker_swarm_keepalived_instance_name }}' keepalived_instance1_name: '{{ docker_swarm_keepalived_instance_name }}'
keepalived_nagios_check: False keepalived_nagios_check: false
keepalived_service_to_check: 'haproxy' keepalived_service_to_check: 'haproxy'
keepalived_script1_check: "/usr/bin/docker container ls --filter name=haproxy | /bin/grep haproxy" keepalived_script1_check: "/usr/bin/docker container ls --filter name=haproxy | /bin/grep haproxy"
docker_swarm_haproxy_constraints: '{{ haproxy_docker_swarm_haproxy_constraints }}' docker_swarm_haproxy_constraints: '{{ haproxy_docker_swarm_haproxy_constraints }}'
# The allowed_networks parameter is optional # The allowed_networks parameter is optional
docker_swarm_haproxy_additional_services: '{{ haproxy_docker_swarm_additional_services }}' docker_swarm_haproxy_additional_services: '{{ haproxy_docker_swarm_additional_services }}'
docker_haproxy_service_name: 'haproxy_haproxy' docker_haproxy_service_name: 'haproxy_haproxy'
docker_swarm_haproxy_networks: '{{ haproxy_docker_swarm_networks }}' docker_swarm_haproxy_networks: '{{ haproxy_docker_swarm_networks }}'
docker_swarm_haproxy_plain_http_listener: "{{ haproxy_docker_swarm_plain_http_listener }}"
docker_swarm_haproxy_plain_http_port: "{{ haproxy_docker_swarm_plain_http_port }}"
docker_swarm_haproxy_plain_http_services: "{{ haproxy_docker_swarm_plain_http_services }}"
docker_swarm_haproxy_additional_networks: '{{ haproxy_docker_swarm_additional_networks }}' docker_swarm_haproxy_additional_networks: '{{ haproxy_docker_swarm_additional_networks }}'
keepalived_scripts: keepalived_scripts: