rhtconsulting.haproxy
HAProxy
This is an Ansible role for installing and setting up HAProxy, which is used to balance the load for one or more applications.
The idea behind this role is that instead of needing to configure HAProxy's frontend and backend servers, the user can simply focus on their load-balanced applications. The role will manage the necessary HAProxy configurations automatically based on the user's input.
Requirements
Here are the requirements for this role to work.
Packages
These packages must be installed for the role to function properly:
- haproxy
Services
These services must be active to allow the role to configure them:
- firewalld
Role Variables
This section outlines the expected parameters for the role.
| Parameter | Required | Default | Choices | Comments |
|---|---|---|---|---|
| haproxy_applications | yes | A list defining applications to be load balanced. |
haproxy_applications
The haproxy_applications parameter is a list that describes the applications to load balance, with each item in the list containing the following fields.
| Parameter | Required | Default | Choices | Comments |
|---|---|---|---|---|
| name | yes | The application's name, used in HAProxy settings. It should be descriptive and must match /a-zA-Z0-9-_/. |
||
| domain | yes | Fully Qualified Domain Name (FQDN) that points to the HAProxy server(s) for load balancing. It can be a simple FQDN or a regex pattern. | ||
| domain_is_regex | no | false | true, false | Set to true if domain is a regex, otherwise set to false. |
| expose_http | no | false | true, false | Set to true to expose the application over HTTP, otherwise false. |
| expose_https | no | false | true, false | Set to true to expose the application over HTTPS, otherwise false. |
| redirect_http_to_https | no | false | true, false | Set to true to redirect HTTP to HTTPS automatically, otherwise false. |
| servers | yes | A list defining the servers for load balancing. |
servers
Each application in haproxy_applications must have a servers key that is a list of servers to load balance. Each server definition may include:
| Parameter | Required | Default | Choices | Comments |
|---|---|---|---|---|
| name | yes | Name for the server, displayed in HAProxy stats. Must match /a-zA-Z0-9-_/. |
||
| address | yes | FQDN or IP address of the server to load balance. | ||
| port_http | no | 80 | HTTP port of the server when expose_http is true. |
|
| port_https | no | 443 | HTTPS port of the server when expose_https is true. |
Example Playbooks
Load balance Ansible Tower
- name: HAProxy
hosts: haproxy
roles:
- role: haproxy
haproxy_applications:
- name: ansible-tower
domain: tower.example.com
expose_https: True
redirect_http_to_https: True
servers:
- name: tower0002
address: tower0002.example.com
- name: tower0003
address: tower0003.example.com
- name: tower0004
address: tower0004.example.com
Load balance OpenShift Container Platform (OCP) masters and routers
- name: HAProxy
hosts: haproxy
roles:
- role: haproxy
haproxy_applications:
- name: ocp-admin
domain: ocp.example.com
expose_https: True
redirect_http_to_https: True
servers:
- name: ocp0002-master
address: ocp0002.example.com
- name: ocp0003-master
address: ocp0003.example.com
- name: ocp0004-master
address: ocp0004.example.com
- name: ocp-router
domain: .*.apps.example.com
domain_is_regex: True
expose_https: True
expose_http: True
redirect_http_to_https: False
servers:
- name: ocp0005-infra
address: ocp0005.example.com
- name: ocp0006-infra
address: ocp0006.example.com
- name: ocp0007-infra
address: ocp0007.example.com
Author Information
- Red Hat Consulting
- Ian Tewksbury (itewk@redhat.com)
Ansible role for installing and configuring HAProxy for one or many frontend and backend servers.
ansible-galaxy install rhtconsulting.haproxy