Adding option for authentication
This commit is contained in:
parent
184abe0197
commit
1d325903d5
3 changed files with 10 additions and 1 deletions
|
@ -12,12 +12,13 @@ Ansible playbook that provisions a group of servers to run HAProxy with a shared
|
||||||
| haproxy_keepalived_adapter_vlan | No | | | When specified, this will setup the given vlan and use that for the keepalived communication to keep the traffic out of the primary network |
|
| haproxy_keepalived_adapter_vlan | No | | | When specified, this will setup the given vlan and use that for the keepalived communication to keep the traffic out of the primary network |
|
||||||
| haproxy_keepalived_ip | Yes | 172.16.10.1/24 | | IP to use for the keepalived communication |
|
| haproxy_keepalived_ip | Yes | 172.16.10.1/24 | | IP to use for the keepalived communication |
|
||||||
| haproxy_keepalived_process_weight | Yes | 10 | | Weight used for tracking the haproxy process on the server |
|
| haproxy_keepalived_process_weight | Yes | 10 | | Weight used for tracking the haproxy process on the server |
|
||||||
|
| haproxy_listen_ports | Yes | 22/tcp, 80/tcp, 443/tcp, 9999/tcp | | The firewall ports/protocols that should be opened on the firewall |
|
||||||
| haproxy_shared_ip | Yes | | | Shared IP that will be used by the group |
|
| haproxy_shared_ip | Yes | | | Shared IP that will be used by the group |
|
||||||
| haproxy_shared_ip_subnet | Yes | /24 | | Subnet for the shared IP |
|
| haproxy_shared_ip_subnet | Yes | /24 | | Subnet for the shared IP |
|
||||||
|
| haproxy_shared_password | No | | | Optional password that should be used for the keepalived authentication |
|
||||||
| haproxy_shared_priority | Yes | 100 | | Keepalived priority for the host - this will |
|
| haproxy_shared_priority | Yes | 100 | | Keepalived priority for the host - this will |
|
||||||
| haproxy_shared_state | Yes | MASTER | MASTER/BACKUP | What state the keepalived configuration will start with for the desired host - After config starts it will determine if other members exist and adjust based on priority |
|
| haproxy_shared_state | Yes | MASTER | MASTER/BACKUP | What state the keepalived configuration will start with for the desired host - After config starts it will determine if other members exist and adjust based on priority |
|
||||||
| haproxy_shared_virtual_router_id | Yes | 25 | | Virtual Router ID for the keepalived configuration - This should be the same for the group |
|
| haproxy_shared_virtual_router_id | Yes | 25 | | Virtual Router ID for the keepalived configuration - This should be the same for the group |
|
||||||
| haproxy_listen_ports | Yes | 22/tcp, 80/tcp, 443/tcp, 9999/tcp | | The firewall ports/protocols that should be opened on the firewall |
|
|
||||||
|
|
||||||
## Example
|
## Example
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,7 @@ haproxy_config_file: "example.haproxy.cfg.j2"
|
||||||
haproxy_shared_ip: ""
|
haproxy_shared_ip: ""
|
||||||
haproxy_shared_ip_subnet: "/24"
|
haproxy_shared_ip_subnet: "/24"
|
||||||
haproxy_shared_virtual_router_id: 25
|
haproxy_shared_virtual_router_id: 25
|
||||||
|
haproxy_shared_password: ""
|
||||||
haproxy_keepalived_process_weight: 10
|
haproxy_keepalived_process_weight: 10
|
||||||
haproxy_listen_ports:
|
haproxy_listen_ports:
|
||||||
- port : 22
|
- port : 22
|
||||||
|
|
|
@ -14,6 +14,13 @@ vrrp_instance VI_1 {
|
||||||
virtual_router_id {{ haproxy_shared_virtual_router_id }}
|
virtual_router_id {{ haproxy_shared_virtual_router_id }}
|
||||||
priority {{ haproxy_shared_priority }}
|
priority {{ haproxy_shared_priority }}
|
||||||
|
|
||||||
|
{% if haproxy_shared_password != '' %}
|
||||||
|
authentication {
|
||||||
|
auth_type PASS
|
||||||
|
auth_pass {{ haproxy_shared_password }}
|
||||||
|
}
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
virtual_ipaddress {
|
virtual_ipaddress {
|
||||||
{{ haproxy_shared_ip }}{{ haproxy_shared_ip_subnet }} dev {{ haproxy_bind_adapter }}
|
{{ haproxy_shared_ip }}{{ haproxy_shared_ip_subnet }} dev {{ haproxy_bind_adapter }}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue