Add parameters for template of type None
Haproxy formula allows to set listen template type
to None which gives opportunity to set configuration
parametes manually. The patch adds ability to set more
parameters if needed
Change-Id: Idbae84b2462826523713e69fb9da7ce2e1816fed
Related-PROD: PROD-19713
diff --git a/README.rst b/README.rst
index ca1650e..9710e5f 100644
--- a/README.rst
+++ b/README.rst
@@ -561,6 +561,67 @@
...
type: http
+Implement haproxy configuration without specifying certain type or with type='None'.
+This approach allows to set all major haproxy parameters manually.
+Sample pillar:
+
+.. code-block:: yaml
+
+ haproxy:
+ proxy:
+ listen:
+ manila_api:
+ type: None
+ mode: tcp
+ balance: roundrobin
+ timeout:
+ check: 10
+ client: 20
+ http_request:
+ - action: "add-header X-Forwarded-Proto https"
+ condition: "if { ssl_fc }"
+ options: ${_param:haproxy_https_check_options}
+ capture:
+ - cookie ASPSESSION len 32
+ - request header Host len 15
+ compression:
+ - algo gzip
+ - type text/html text/plain
+ declare_capture: request len 50
+ email_alert:
+ - myhostname myserver
+ - from server@localhost
+ - level warning
+ errorfile:
+ file_500:
+ code: 500
+ file: /tmp/error_500.log
+ file_404:
+ code: 400
+ file: /tmp/error_400.log
+ max_keep_alive_queue: 100
+ maxconn: 10000
+ reqadd:
+ - X-Proto:\ SSL if is-ssl
+ reqirep:
+ - ^Host:\ www.mydomain.com Host:\ www
+ modify_headers:
+ - reqallow ^Host:\ www\.
+ - reqdel ^Host:\ .*\.local
+ - reqdeny ^Host:\ .*\.local
+ - reqiallow ^Host:\ www\.
+ - reqidel ^Host:\ .*\.local
+ - reqideny ^Host:\ .*\.local
+ - reqipass ^Host:\ .*\.local
+ - reqpass ^Host:\ .*\.local
+ - reqitarpit ^Host:\ .*\.local
+ - reqtarpit ^Host:\ .*\.local
+ retries: 10
+ stats:
+ - enable
+ - auth admin1:AdMiN123
+ rate_limit_sessions: 1000
+
Read more
=========
diff --git a/haproxy/files/haproxy.cfg b/haproxy/files/haproxy.cfg
index 6db883a..3927794 100644
--- a/haproxy/files/haproxy.cfg
+++ b/haproxy/files/haproxy.cfg
@@ -180,6 +180,29 @@
{%- for aclname, acl in listen.get('acl', {}).iteritems() %}
acl {{ aclname }} {{ acl }}
{%- endfor %}
+ {%- for capture in listen.get('capture', []) %}
+ capture {{ capture }}
+ {%- endfor %}
+ {%- for compression in listen.get('compression', []) %}
+ compression {{ compression }}
+ {%- endfor %}
+ {%- if listen.declare_capture is defined %}
+ declare capture {{ listen.declare_capture }}
+ {%- endif %}
+ {%- for email_alert in listen.get('email_alert', []) %}
+ email-alert {{ email_alert }}
+ {%- endfor %}
+ {%- if listen.errorfile is defined %}
+ {%- for errorfile_name, errorfile in listen.get('errorfile', {}).iteritems() %}
+ errorfile {{ errorfile.code }} {{ errorfile.file }}
+ {%- endfor %}
+ {%- endif %}
+ {%- if listen.max_keep_alive_queue is defined %}
+ max-keep-alive-queue {{ listen.max_keep_alive_queue }}
+ {%- endif %}
+ {%- if listen.maxconn is defined %}
+ maxconn {{ listen.maxconn }}
+ {%- endif %}
{%- for http_request in listen.get('http_request', []) %}
http-request {{ http_request.action }}{% if http_request.condition is defined %} {{ http_request.condition }}{% endif %}
{%- endfor %}
@@ -193,17 +216,17 @@
option {{ option }}
{%- endfor %}
{%- for type, checks in listen.get('health-check', {}).iteritems() %}
- {%- if checks.get('enabled', True) %}
- {%- if type == 'http' and 'httpchk' not in listen.get('options', [])|join('|') %}
+ {%- if checks.get('enabled', True) %}
+ {%- if type == 'http' and 'httpchk' not in listen.get('options', [])|join('|') %}
option httpchk
- {%- endif %}
- {%- if type == 'tcp' and 'tcp-check' not in listen.get('options', [])|join('|') %}
+ {%- endif %}
+ {%- if type == 'tcp' and 'tcp-check' not in listen.get('options', [])|join('|') %}
option tcp-check
- {%- endif %}
- {%- for option in checks.get('options', []) %}
+ {%- endif %}
+ {%- for option in checks.get('options', []) %}
{{ type }}-check {{ option }}
- {%- endfor %}
- {%- endif %}
+ {%- endfor %}
+ {%- endif %}
{%- endfor %}
{%- for stick in listen.get('sticks', []) %}
{{ stick }}
@@ -214,13 +237,25 @@
{%- for reqirep in listen.get('reqirep', []) %}
reqirep {{ reqirep }}
{%- endfor %}
+ {%- for modify_header in listen.get('modify_headers', []) %}
+ {{ modify_header }}
+ {%- endfor %}
+ {%- if listen.retries is defined %}
+ retries {{ listen.retries }}
+ {%- endif %}
+ {%- for stat in listen.get('stats', []) %}
+ stats {{ stat }}
+ {%- endfor %}
+ {%- if listen.rate_limit_sessions is defined %}
+ rate-limit sessions {{ listen.rate_limit_sessions }}
+ {%- endif %}
{%- endif %}
{%- for server in listen.get('servers', []) %}
- {%- set port_range_length=server.get('port_range_length', 1) %}
- {%- set port_range_start_offset=server.get('port_range_start_offset', 0) %}
- {%- for worker_port in range(port_range_start_offset, port_range_length) %}
+ {%- set port_range_length=server.get('port_range_length', 1) %}
+ {%- set port_range_start_offset=server.get('port_range_start_offset', 0) %}
+ {%- for worker_port in range(port_range_start_offset, port_range_length) %}
server {{ server.name }}{% if worker_port > 0 %}p{{ worker_port }}{% endif %} {{ server.host }}:{{ server.port + worker_port }} {{ server.get('params', '') }}
- {%- endfor %}
+ {%- endfor %}
{%- endfor %}
{%- endif %}
{%- endif %}