Support different configuration scenarios for the swarm stack

2020-10-03 18:24:20 +02:00 · 2020-10-03 18:24:20 +02:00 · 9070d75ea1
parent 6fd6c5e21d
commit 9070d75ea1
3 changed files with 41 additions and 4 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -8,8 +8,18 @@ haproxy_pkg_state: present
 haproxy_enabled: True
 haproxy_k_bind_non_local_ip: True
 haproxy_docker_container: False
+haproxy_docker_version: '{{ haproxy_version }}.4'
+haproxy_docker_image: 'haproxytech/haproxy-debian:{{ haproxy_version }}.4'
 haproxy_docker_compose_dir: /srv/haproxy_swarm
 haproxy_ha_with_keepalived: False
+haproxy_docker_swarm_networks:
+  - 'portainer_{{ docker_swarm_portainer_network }}'
+haproxy_docker_swarm_additional_networks: []
+
+haproxy_docker_swarm_haproxy_constraints:
+  - 'node.role == manager'
+haproxy_docker_swarm_additional_services: []
+#  - { acl_name: 'service', acl_rule: 'hdr_dom(host) -i service.example.com', service_name: 'service-', service_replica_num: '1', service_port: '9999', service_overlay_network: 'service-network', allowed_networks: '192.168.1.0/24 192.168.2.0/24' }

 haproxy_default_port: 80
 haproxy_terminate_tls: False
--- a/tasks/haproxy-docker-service.yml
+++ b/tasks/haproxy-docker-service.yml
@ -5,7 +5,7 @@
    file: dest={{ haproxy_docker_compose_dir }} state=directory mode='0755'

  - name: Install the docker compose file
-    template: src=haproxy-docker-compose.yml.j2 dest={{ haproxy_docker_compose_dir }}/docker-compose.yml mode='0644'
+    template: src=haproxy-docker-stack.yml.j2 dest={{ haproxy_docker_compose_dir }}/docker-haproxy-stack.yml mode='0644'

  - name: Create the local haproxy configuration directory
    file: dest=/etc/haproxy state=directory mode='0755'
@ -18,7 +18,7 @@
      name: haproxy
      state: present
      compose:
-        - '{{ haproxy_docker_compose_dir }}/docker-compose.yml'
+        - '{{ haproxy_docker_compose_dir }}/docker-haproxy-stack.yml'
    run_once: True

  when: docker_swarm_manager_main_node is defined and docker_swarm_manager_main_node | bool
--- a/templates/haproxy-docker-compose.yml.j2
+++ b/templates/haproxy-docker-compose.yml.j2
@ -2,7 +2,7 @@ version: '3.6'

 services:
  haproxy:
-    image: haproxytech/haproxy-debian:{{ haproxy_version }}
+    image: {{ haproxy_docker_image }}
    volumes:
      - {{ haproxy_cert_dir }}:{{ haproxy_cert_dir }}:ro
      - /etc/haproxy:/usr/local/etc/haproxy:ro
@ -10,21 +10,48 @@ services:
      - target: {{ haproxy_default_port }}
        published: {{ haproxy_default_port }}
        protocol: tcp
+{% if docker_swarm_haproxy_installation_type == 'mesh' %}
+        mode: ingress
+{% else %}
        mode: host
+{% endif %}
      - target: {{ haproxy_ssl_port }}
        published: {{ haproxy_ssl_port }}
        protocol: tcp
+{% if docker_swarm_haproxy_installation_type == 'mesh' %}
+        mode: ingress
+{% else %}
        mode: host
+{% endif %}
      - target: {{ haproxy_admin_port }}
        published: {{ haproxy_admin_port }}
        protocol: tcp
+{% if docker_swarm_haproxy_installation_type == 'mesh' %}
+        mode: ingress
+{% else %}
        mode: host
+{% endif %}
    dns: [127.0.0.11]
+    networks:
+{% for net in haproxy_docker_swarm_networks %}
+      - {{ net }}
+{% endfor %}
+{% for othernet in haproxy_docker_swarm_additional_networks %}
+      - {{ othernet }}
+{% endfor %}
    deploy:
+{% if docker_swarm_haproxy_installation_type == 'keepalive' or docker_swarm_haproxy_installation_type == 'mesh' %}
      mode: replicated
      replicas: 1
+{% endif %}
+{% if docker_swarm_haproxy_installation_type == 'global' %}
+      mode: global
+{% endif %}
      placement:
-        constraints: [node.role == manager]
+        constraints:
+{% for constr in docker_swarm_haproxy_constraints %}
+          - {{ constr }}
+{% endfor %}
      restart_policy:
        condition: on-failure
        delay: 20s