Merge pull request #47 from jcftang/wip-haproxy

Example HAProxy configuration

group_vars/all

@@ -20,6 +20,7 @@ mds: true # disable mds configuration in ceph.conf
 # Rados Gateway options
 radosgw: true
 redhat_distro_ceph_extra: centos6.4 # supported distros are centos6.3, centos6.4, centos6, fedora18, fedora19, opensuse12.2, rhel6.3, rhel6.4, rhel6.5, rhel6, sles11sp2
+radosgw_interface: eth1 # the public interface which the radosgw talks to the world with, this variable is used in the haproxy role, this does not need to be set if haproxy is not used.
 
 # OSD options
 journal_size: 100

roles/haproxy/files/precise/haproxy

@@ -0,0 +1,4 @@
+# Set ENABLED to 1 if you want the init script to start haproxy.
+ENABLED=1
+# Add extra flags here.
+#EXTRAOPTS="-de -m 16"

roles/haproxy/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+## Check distribution release
+#
+
+- include: precise.yml
+  when: ansible_distribution_release == 'precise'

roles/haproxy/handlers/precise.yml

@@ -0,0 +1,3 @@
+---
+- name: restart haproxy
+  service: name=haproxy state=restarted

roles/haproxy/tasks/main.yml

@@ -0,0 +1,6 @@
+---
+## Check distribution release
+#
+
+- include: precise.yml
+  when: ansible_distribution_release == 'precise'

roles/haproxy/tasks/precise.yml

@@ -0,0 +1,15 @@
+---
+- apt_repository: repo=ppa:vbernat/haproxy-1.5 state=present
+
+- apt: name={{ item }} state=present
+  with_items:
+   - haproxy
+   - socat
+
+- copy: src=precise/haproxy dest=/etc/default/haproxy
+  notify: restart haproxy
+
+- template: src=precise/haproxy.cfg dest=/etc/haproxy/haproxy.cfg backup=yes
+  notify: restart haproxy
+
+- service: name=haproxy state=started enabled=yes

roles/haproxy/templates/precise/haproxy.cfg

@@ -0,0 +1,58 @@
+#
+# {{ ansible_managed }}
+#
+global
+    log /dev/log	local0
+    log /dev/log	local1 notice
+    chroot /var/lib/haproxy
+    user haproxy
+    group haproxy
+    daemon
+    stats socket /var/lib/haproxy/stats level admin
+
+defaults
+    log	global
+    mode	http
+    option	httplog
+    option	dontlognull
+    contimeout 5000
+    clitimeout 50000
+    srvtimeout 50000
+    errorfile 400 /etc/haproxy/errors/400.http
+    errorfile 403 /etc/haproxy/errors/403.http
+    errorfile 408 /etc/haproxy/errors/408.http
+    errorfile 500 /etc/haproxy/errors/500.http
+    errorfile 502 /etc/haproxy/errors/502.http
+    errorfile 503 /etc/haproxy/errors/503.http
+    errorfile 504 /etc/haproxy/errors/504.http
+
+frontend http_frontend
+    bind *:80
+    mode http
+    option httpclose
+    option forwardfor
+    default_backend rgw
+
+frontend https_frontend
+    bind *:443 ssl crt /etc/ceph/radosgw-key-cert.pem
+    mode http
+    option httpclose
+    option forwardfor
+    reqadd X-Forwarded-Proto:\ https
+    default_backend rgw
+
+backend rgw
+    mode http
+    balance roundrobin
+    cookie RADOSGWLB insert indirect nocache
+{% for host in groups['rgws'] %}
+    server {{ hostvars[host].ansible_hostname }} {{ hostvars[host]['ansible_' + radosgw_interface ].ipv4.address }}:80 check cookie {{ hostvars[host].ansible_hostname }}
+{% endfor %}
+
+listen stats :8080
+    mode http
+    stats enable
+    stats hide-version
+    stats realm Haproxy\ Statistics
+    stats uri /
+    #stats auth Username:Password