diff --git a/group_vars/all b/group_vars/all index 7caa4846d..c212ee193 100644 --- a/group_vars/all +++ b/group_vars/all @@ -20,6 +20,7 @@ mds: true # disable mds configuration in ceph.conf # Rados Gateway options radosgw: true redhat_distro_ceph_extra: centos6.4 # supported distros are centos6.3, centos6.4, centos6, fedora18, fedora19, opensuse12.2, rhel6.3, rhel6.4, rhel6.5, rhel6, sles11sp2 +radosgw_interface: eth1 # the public interface which the radosgw talks to the world with, this variable is used in the haproxy role, this does not need to be set if haproxy is not used. # OSD options journal_size: 100 diff --git a/roles/haproxy/files/precise/haproxy b/roles/haproxy/files/precise/haproxy new file mode 100644 index 000000000..9a2ee791c --- /dev/null +++ b/roles/haproxy/files/precise/haproxy @@ -0,0 +1,4 @@ +# Set ENABLED to 1 if you want the init script to start haproxy. +ENABLED=1 +# Add extra flags here. +#EXTRAOPTS="-de -m 16" diff --git a/roles/haproxy/handlers/main.yml b/roles/haproxy/handlers/main.yml new file mode 100644 index 000000000..bbc920704 --- /dev/null +++ b/roles/haproxy/handlers/main.yml @@ -0,0 +1,6 @@ +--- +## Check distribution release +# + +- include: precise.yml + when: ansible_distribution_release == 'precise' diff --git a/roles/haproxy/handlers/precise.yml b/roles/haproxy/handlers/precise.yml new file mode 100644 index 000000000..2de15f457 --- /dev/null +++ b/roles/haproxy/handlers/precise.yml @@ -0,0 +1,3 @@ +--- +- name: restart haproxy + service: name=haproxy state=restarted diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml new file mode 100644 index 000000000..bbc920704 --- /dev/null +++ b/roles/haproxy/tasks/main.yml @@ -0,0 +1,6 @@ +--- +## Check distribution release +# + +- include: precise.yml + when: ansible_distribution_release == 'precise' diff --git a/roles/haproxy/tasks/precise.yml b/roles/haproxy/tasks/precise.yml new file mode 100644 index 000000000..d1e2f0518 --- /dev/null +++ b/roles/haproxy/tasks/precise.yml @@ -0,0 +1,15 @@ +--- +- apt_repository: repo=ppa:vbernat/haproxy-1.5 state=present + +- apt: name={{ item }} state=present + with_items: + - haproxy + - socat + +- copy: src=precise/haproxy dest=/etc/default/haproxy + notify: restart haproxy + +- template: src=precise/haproxy.cfg dest=/etc/haproxy/haproxy.cfg backup=yes + notify: restart haproxy + +- service: name=haproxy state=started enabled=yes diff --git a/roles/haproxy/templates/precise/haproxy.cfg b/roles/haproxy/templates/precise/haproxy.cfg new file mode 100644 index 000000000..b3e10bcba --- /dev/null +++ b/roles/haproxy/templates/precise/haproxy.cfg @@ -0,0 +1,58 @@ +# +# {{ ansible_managed }} +# +global + log /dev/log local0 + log /dev/log local1 notice + chroot /var/lib/haproxy + user haproxy + group haproxy + daemon + stats socket /var/lib/haproxy/stats level admin + +defaults + log global + mode http + option httplog + option dontlognull + contimeout 5000 + clitimeout 50000 + srvtimeout 50000 + errorfile 400 /etc/haproxy/errors/400.http + errorfile 403 /etc/haproxy/errors/403.http + errorfile 408 /etc/haproxy/errors/408.http + errorfile 500 /etc/haproxy/errors/500.http + errorfile 502 /etc/haproxy/errors/502.http + errorfile 503 /etc/haproxy/errors/503.http + errorfile 504 /etc/haproxy/errors/504.http + +frontend http_frontend + bind *:80 + mode http + option httpclose + option forwardfor + default_backend rgw + +frontend https_frontend + bind *:443 ssl crt /etc/ceph/radosgw-key-cert.pem + mode http + option httpclose + option forwardfor + reqadd X-Forwarded-Proto:\ https + default_backend rgw + +backend rgw + mode http + balance roundrobin + cookie RADOSGWLB insert indirect nocache +{% for host in groups['rgws'] %} + server {{ hostvars[host].ansible_hostname }} {{ hostvars[host]['ansible_' + radosgw_interface ].ipv4.address }}:80 check cookie {{ hostvars[host].ansible_hostname }} +{% endfor %} + +listen stats :8080 + mode http + stats enable + stats hide-version + stats realm Haproxy\ Statistics + stats uri / + #stats auth Username:Password