cody/convert-images-for-web
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Configured haproxies

Browse Source
This commit is contained in:
Jacob Cody Wimer
2019-04-08 10:53:13 -04:00
parent a5e3dbd8ba
commit 98810165e0
9 changed files with 204 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
group_vars/all
View File

@@ -16,3 +16,7 @@ proxmox_user: "root@pam"
proxmox_password: "{{ lookup('env', 'PROXMOX_PASSWORD') }}" proxmox_password: "{{ lookup('env', 'PROXMOX_PASSWORD') }}"
ubuntu_template_vm_name: "ubuntu-server-1604" ubuntu_template_vm_name: "ubuntu-server-1604"
dns_server: "10.0.0.204" dns_server: "10.0.0.204"
# haproxies
vip_interface: ens18
vip_address: 10.0.0.200

29
hosts
View File

@@ -1,8 +1,6 @@
[standard] [standard]
#haproxy VIP 10.0.0.200 #haproxy VIP 10.0.0.200
#tenvis 10.0.0.205 #tenvis 10.0.0.205
haproxy-1 ansible_host=10.0.0.209 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
haproxy-2 ansible_host=10.0.0.202 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
registry ansible_host=10.0.0.221 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1 registry ansible_host=10.0.0.221 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
ns ansible_host=10.0.0.204 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1 ns ansible_host=10.0.0.204 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
gitea ansible_host=10.0.0.212 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1 gitea ansible_host=10.0.0.212 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
@@ -11,22 +9,25 @@ vpn ansible_host=10.0.0.203 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=256
plex ansible_host=10.0.0.210 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1 plex ansible_host=10.0.0.210 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
bastion ansible_host=10.0.0.215 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1 bastion ansible_host=10.0.0.215 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
[haproxy]
haproxy-1 ansible_host=10.0.0.209 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
haproxy-2 ansible_host=10.0.0.202 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
[developer-machines] [developer-machines]
#codydev ansible_host=10.0.0.207 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=2048 cpus=2
codydev ansible_host=10.0.0.216 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1 codydev ansible_host=10.0.0.216 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=2560 cpus=1
#[swarm-bootstrap] [swarm-bootstrap]
#swarm-manager-02 ansible_host=10.0.0.225 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=1024 cpus=2 swarm-manager-02 ansible_host=10.0.0.225 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=1024 cpus=2
#[swarm-managers] [swarm-managers]
#swarm-manager-01 ansible_host=10.0.0.206 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=1024 cpus=2 swarm-manager-01 ansible_host=10.0.0.206 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=1024 cpus=2
#swarm-manager-03 ansible_host=10.0.0.220 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=1024 cpus=2 swarm-manager-03 ansible_host=10.0.0.220 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=1024 cpus=2
#[swarm-workers] [swarm-workers]
#swarm-worker-01 ansible_host=10.0.0.208 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4 swarm-worker-01 ansible_host=10.0.0.208 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4
#swarm-worker-02 ansible_host=10.0.0.213 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4 swarm-worker-02 ansible_host=10.0.0.213 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4
#swarm-worker-03 ansible_host=10.0.0.214 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4 swarm-worker-03 ansible_host=10.0.0.214 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4
#swarm-worker-04 ansible_host=10.0.0.222 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4 swarm-worker-04 ansible_host=10.0.0.222 hypervisor=rack2 hypervisor_ip=10.0.0.153 memory=4096 cpus=4
[kube-masters] [kube-masters]
kube-master-1 ansible_host=10.0.0.230 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=5120 cpus=2 kube-master-1 ansible_host=10.0.0.230 hypervisor=rack1 hypervisor_ip=10.0.0.152 memory=5120 cpus=2
@@ -43,7 +44,7 @@ kube-worker-3 ansible_host=10.0.0.235 hypervisor=rack1 hypervisor_ip=10.0.0.152
#template=10.0.0.211 #template=10.0.0.211
###### INFO ###### ###### INFO ######
# Next available IP is 217 # Next available IP is 217 207 is also available from old codydev
# These machines have IPs 200-254 # These machines have IPs 200-254
# Current consumption # Current consumption

8
playbooks/site.yml
View File

@@ -19,6 +19,14 @@
tasks: tasks:
- include: ../roles/common/tasks/main.yml - include: ../roles/common/tasks/main.yml
- name: Set up haproxies
hosts: haproxy
user: root
serial: 100%
tasks:
- include: ../roles/haproxy/tasks/main.yml
- include: ../roles/keepalived/tasks/main.yml
- name: Set up developer machine - name: Set up developer machine
hosts: developer-machines hosts: developer-machines
user: root user: root

34
roles/haproxy/tasks/main.yml Normal file
View File

@@ -0,0 +1,34 @@
---
- name: Install haproxy
command: >
bash -c "apt-get update -qq
apt-get install -y -qq haproxy"
become: true
- name: Copy haproxy config
template:
src: ../roles/haproxy/templates/haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
register: haproxy_cfg
become: true
- name: Set haproxy.cfg permissions
file:
path: /etc/haproxy/haproxy.cfg
mode: 0644
become: true
- name: Set haproxy as enabled
lineinfile:
path: /etc/default/haproxy
regexp: '^ENABLED='
line: 'ENABLED=1'
become: true
- name: Restart haproxy if /etc/haproxy/haproxy.cfg or /etc/default/haproxy changes.
service:
name: haproxy
state: restarted
when: haproxy_cfg.changed
become: true

53
roles/haproxy/templates/haproxy.cfg.j2 Normal file
View File

@@ -0,0 +1,53 @@
global
chroot /var/lib/haproxy
daemon
group haproxy
log 127.0.0.1 local2
maxconn 21000
pidfile /run/haproxy.pid
user haproxy
defaults
log global
mode http
timeout connect 5000ms
timeout client 240000ms
timeout server 240000ms
timeout check 10000ms
listen stats
bind *:2016
mode http
stats enable
stats uri /haproxy
stats hide-version
stats refresh 5s
stats realm Haproxy\ Statistics
listen http
bind *:80
mode tcp
balance roundrobin
{% for node in groups['swarm-bootstrap'] %}
server {{node}} {{ hostvars[node]['ansible_host'] }}:80 check fall 3 inter 3s rise 2
{% endfor %}
{% for node in groups['swarm-managers'] %}
server {{node}} {{ hostvars[node]['ansible_host'] }}:80 check fall 3 inter 3s rise 2
{% endfor %}
{% for node in groups['swarm-workers'] %}
server {{node}} {{ hostvars[node]['ansible_host'] }}:80 check fall 3 inter 3s rise 2
{% endfor %}
listen https
bind *:443
mode tcp
balance roundrobin
{% for node in groups['swarm-bootstrap'] %}
server {{node}} {{ hostvars[node]['ansible_host'] }}:443 check fall 3 inter 3s rise 2
{% endfor %}
{% for node in groups['swarm-managers'] %}
server {{node}} {{ hostvars[node]['ansible_host'] }}:443 check fall 3 inter 3s rise 2
{% endfor %}
{% for node in groups['swarm-workers'] %}
server {{node}} {{ hostvars[node]['ansible_host'] }}:443 check fall 3 inter 3s rise 2
{% endfor %}

3
roles/keepalived/defaults/main.yml Normal file
View File

@@ -0,0 +1,3 @@
---
vip_interface: ens18
vip_address: 10.0.0.200

27
roles/keepalived/tasks/main.yml Normal file
View File

@@ -0,0 +1,27 @@
---
- name: Install keepalived
command: >
bash -c "apt-get update
apt-get install -y keepalived"
become: true
- name: Copy keepalived haproxy script
template:
src: ../templates/keepalived_haproxy.j2
dest: /usr/local/bin/keepalived_haproxy
mode: a+x
become: true
- name: Write Keepalived Config
template:
src: ../templates/keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
mode: a+x
become: true
- name: Ensure Keepalived enabled and running
service:
name: keepalived
state: restarted
enabled: true
become: true

40
roles/keepalived/templates/keepalived.conf.j2 Normal file
View File

@@ -0,0 +1,40 @@
global_defs {
router_id HOME-PROXY.WIMER.HOME
}
vrrp_script check_vip {
script "curl http://localhost:2016/haproxy"
interval 2
weight -100
}
vrrp_instance HAPROXY_API_FRONT {
{% if play_hosts|first == inventory_hostname %}
state MASTER
priority 150
{% else %}
state BACKUP
priority 100
{% endif %}
interface {{ vip_interface }}
virtual_router_id {{ vip_address.split('.')[3] }}
advert_int 1
authentication {
auth_type PASS
auth_pass home
}
dont_track_primary
track_script {
check_vip
}
virtual_ipaddress {
{{ vip_address }} dev {{ vip_interface }}
}
notify /usr/local/bin/keepalived_haproxy
smtp_alert
}

20
roles/keepalived/templates/keepalived_haproxy.j2 Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/bash
TYPE=${1}
NAME=${2}
STATE=${3}
case ${STATE} in
"MASTER") service haproxy start
exit 0
;;
"BACKUP") service haproxy start
exit 0
;;
"FAULT") service haproxy stop
exit 0
;;
*) echo "unknown state"
exit 1
;;
esac