haproxy

Role Documentation

Welcome to the “haproxy” role documentation.

Role Defaults

This section highlights all of the defaults and variables set within the “haproxy” role.

defaults_maxconn_min: 4096
defaults_timeout_check: 10s
defaults_timeout_client: 2m
defaults_timeout_queue: 2m
defaults_timeout_server: 2m
global_maxconn_min: 20480
haproxy_config_file: /var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg

Role Variables: main.yml

metadata:
  description: Verify the HAProxy configuration has recommended values.
  groups:
  - post-deployment
  name: HAProxy configuration

Molecule Scenarios

Molecule is being used to test the “haproxy” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.

Scenario: default

Example default configuration
driver:
  name: docker
log: true
platforms:
- dockerfile: Dockerfile
  easy_install:
  - pip
  environment:
    http_proxy: '{{ lookup(''env'', ''http_proxy'') }}'
    https_proxy: '{{ lookup(''env'', ''https_proxy'') }}'
  hostname: centos7
  image: centos:7
  name: centos7
  pkg_extras: python-setuptools haproxy PyYAML
  volumes:
  - /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
- dockerfile: Dockerfile
  environment:
    http_proxy: '{{ lookup(''env'', ''http_proxy'') }}'
    https_proxy: '{{ lookup(''env'', ''https_proxy'') }}'
  hostname: centos8
  image: centos:8
  name: centos8
  pkg_extras: python*-setuptools haproxy python*-PyYAML
  volumes:
  - /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
provisioner:
  env:
    ANSIBLE_LIBRARY: ../../../../library
    ANSIBLE_STDOUT_CALLBACK: yaml
  log: true
  name: ansible
scenario:
  test_sequence:
  - destroy
  - create
  - prepare
  - converge
  - verify
  - destroy
verifier:
  name: testinfra
Example default playbook
- gather_facts: false
  hosts: all
  name: Converge
  tasks:
  - copy:
      content: "# This file managed by Puppet\nglobal\n  daemon\n  group  haproxy\n\
        \  log  /dev/log local0\n  maxconn  100\n  pidfile  /var/run/haproxy.pid\n\
        \  ssl-default-bind-ciphers  !SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES\n\
        \  ssl-default-bind-options  no-sslv3 no-tlsv10\n  stats  socket /var/lib/haproxy/stats\
        \ mode 600 level user\n  stats  timeout 1s\n  user  haproxy\n\ndefaults\n\
        \  log  global\n  maxconn  100\n  mode  tcp\n  retries  1\n  timeout  http-request\
        \ 1s\n  timeout  queue 1s\n  timeout  connect 1s\n  timeout  client 1s\n \
        \ timeout  server 1s\n  timeout  check 1s\n"
      dest: /haproxy.cfg
    name: create haproxy config file
  - block:
    - include_role:
        name: haproxy
    rescue:
    - meta: clear_host_errors
      name: Clear host errors
    - debug:
        msg: The validation works! End the playbook run
    - meta: end_play
      name: End play
  - fail:
      msg: 'The haproxy role should have detected issues within haproxy

        configuration file!

        '
    name: Fail the test
  vars:
    haproxy_config_file: /haproxy.cfg