Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

haproxy (103) Versions 3.0.3

Installs and configures haproxy

Policyfile
Berkshelf
Knife
cookbook 'haproxy', '= 3.0.3', :supermarket
cookbook 'haproxy', '= 3.0.3'
knife supermarket install haproxy
knife supermarket download haproxy
README
Dependencies
Changelog
Quality 86%

haproxy Cookbook

Build Status Cookbook Version

Installs haproxy and prepares the configuration location.

Requirements

  • Chef 12.1+

Platforms

  • Ubuntu 12.04+
  • RHEL 6+, CentOS6+
  • RHEL 7+, CentOS7+
  • Debian 8+

Attributes

  • node['haproxy']['incoming_address'] - sets the address to bind the haproxy process on, 0.0.0.0 (all addresses) by default
  • node['haproxy']['incoming_port'] - sets the port on which haproxy listens
  • node['haproxy']['members'] - used by the default recipe to specify the member systems to add. Default
  [{
    "hostname" => "localhost",
    "ipaddress" => "127.0.0.1",
    "port" => 4000,
    "ssl_port" => 4000
  }, {
    "hostname" => "localhost",
    "ipaddress" => "127.0.0.1",
    "port" => 4001,
    "ssl_port" => 4001
  }]
  • node['haproxy']['member_port'] - the port that member systems will be listening on if not otherwise specified in the members attribute, default 8080

  • node['haproxy']['member_weight'] - the weight to apply to member systems if not otherwise specified in the members attribute, default 1

  • node['haproxy']['app_server_role'] - used by the app_lb recipe to search for a specific role of member systems. Default webserver.

  • node['haproxy']['balance_algorithm'] - sets the load balancing algorithm; defaults to roundrobin.

  • node['haproxy']['enable_ssl'] - whether or not to create listeners for ssl, default false

  • node['haproxy']['ssl_incoming_address'] - sets the address to bind the haproxy on for SSL, 0.0.0.0 (all addresses) by default

  • node['haproxy']['ssl_member_port'] - the port that member systems will be listening on for ssl, default 8443

  • node['haproxy']['ssl_incoming_port'] - sets the port on which haproxy listens for ssl, default 443

  • node['haproxy']['httpchk'] - used by the app_lb recipe. If set, will configure httpchk in haproxy.conf

  • node['haproxy']['ssl_httpchk'] - used by the app_lb recipe. If set and enable_ssl is true, will configure httpchk in haproxy.conf for the ssl_application section

  • node['haproxy']['enable_admin'] - whether to enable the admin interface. default true. Listens on port 22002.

  • node['haproxy']['admin']['address_bind'] - sets the address to bind the administrative interface on, 127.0.0.1 by default

  • node['haproxy']['admin']['port'] - sets the port for the administrative interface, 22002 by default

  • node['haproxy']['admin']['options'] - sets extras config parameters on the administrative interface, 'stats uri /' by default

  • node['haproxy']['enable_stats_socket'] - controls haproxy socket creation, false by default

  • node['haproxy']['stats_socket_path'] - location of haproxy socket, "/var/run/haproxy.sock" by default

  • node['haproxy']['stats_socket']['user'] - user for haproxy socket, default is node['haproxy']['user']

  • node['haproxy']['stats_socket']['group'] - group for haproxy socket, default is node['haproxy']['group']

  • node['haproxy']['pid_file'] - the PID file of the haproxy process, used in the tuning recipe.

  • node['haproxy']['global_options'] - global options, like tuning. Format must be of { 'option' => 'value' }; defaults to {}.

  • node['haproxy']['defaults_options'] - an array of options to use for the config file's defaults stanza, default is ["httplog", "dontlognull", "redispatch"]

  • node['haproxy']['defaults_timeouts']['connect'] - connect timeout in defaults stanza

  • node['haproxy']['defaults_timeouts']['client'] - client timeout in defaults stanza

  • node['haproxy']['defaults_timeouts']['server'] - server timeout in defaults stanza

  • node['haproxy']['x_forwarded_for'] - if true, creates an X-Forwarded-For header containing the original client's IP address. This option disables KeepAlive.

  • node['haproxy']['member_max_connections'] - the maxconn value to be set for each app server

  • node['haproxy']['cookie'] - if set, use this to pin connection to the same server with a cookie.

  • node['haproxy']['user'] - user that haproxy runs as

  • node['haproxy']['group'] - group that haproxy runs as

  • node['haproxy']['global_max_connections'] - in the app_lb config, set the global maxconn

  • node['haproxy']['member_max_connections'] - the maxconn value to be set for each app server if not otherwise specified in the members attribute

  • node['haproxy']['frontend_max_connections'] - in the app_lb config, set the the maxconn per frontend member

  • node['haproxy']['frontend_ssl_max_connections'] - in the app_lb config, set the maxconn per frontend member using SSL

  • node['haproxy']['install_method'] - determines which method is used to install haproxy, must be 'source' or 'package'. defaults to 'package'

  • node['haproxy']['conf_dir'] - the location of the haproxy config file

  • node['haproxy']['source']['version'] - the version of haproxy to install

  • node['haproxy']['source']['url'] - the full URL to the haproxy source package

  • node['haproxy']['source']['checksum'] - the checksum of the haproxy source package

  • node['haproxy']['source']['prefix'] - the prefix used to make install haproxy

  • node['haproxy']['source']['target_os'] - the target used to make haproxy

  • node['haproxy']['source']['target_cpu'] - the target cpu used to make haproxy

  • node['haproxy']['source']['target_arch'] - the target arch used to make haproxy

  • node['haproxy']['source']['use_pcre'] - whether to build with libpcre support

  • node['haproxy']['package']['version'] - the version of haproxy to install, default latest

  • node['haproxy']['pool_members'] - updated by discovery to store node information

  • node['haproxy']['conf_cookbook'] - used to update which cookbook holds the haproxy.cfg template

  • node['haproxy']['conf_template_source'] - name of the haproxy.cfg template

Recipes

default

manual

Sets up haproxy using statically defined configuration.

app_lb

Uses chef search to set up haproxy creating a dynamically defined configuration. See Usage below.

_discovery

Helper recipe that finds nodes with a attribute defined role name using search. Sets node['haproxy']['pool_members']

tuning

Uses the community cpu cookbook's cpu_affinity LWRP to set affinity for the haproxy process.

install_package

Installs haproxy through the package manager. Used by the default and app_lb recipes.

install_source

Installs haproxy from source. Used by the default and app_lb recipes.

Providers

haproxy_lb

Configure a part of haproxy (frontend|backend|listen). It is used in manual and app_lb recipes to configure default frontends and backends. Several common options can be set as attributes of the LWRP. Others can always be set with the parameters attribute. For instance,

haproxy_lb 'rabbitmq' do
  bind '0.0.0.0:5672'
  mode 'tcp'
  servers (1..4).map do |i|
    "rmq#{i} 10.0.0.#{i}:5672 check inter 10s rise 2 fall 3"
  end
  parameters({
    'maxconn' => 20000,
    'balance' => 'roundrobin'
  })
end

which will be translated into:

listen rabbitmq'
  bind 0.0.0.0:5672
  mode tcp
  rmq1 10.0.0.1:5672 check inter 10s rise 2 fall 3
  rmq2 10.0.0.2:5672 check inter 10s rise 2 fall 3
  rmq3 10.0.0.3:5672 check inter 10s rise 2 fall 3
  rmq4 10.0.0.4:5672 check inter 10s rise 2 fall 3
  maxconn 20000
  balance roundrobin

All options can also be set in the parameters instead. In that case, you might want to provide an array to parameters attributes to avoid conflicts for options occuring several times.

haproxy_lb 'rabbitmq' do
  parameters([
    'bind 0.0.0.0:5672',
    'mode tcp',
    'rmq1 10.0.0.1:5672 check inter 10s rise 2 fall 3',
    'rmq2 10.0.0.2:5672 check inter 10s rise 2 fall 3',
    'rmq3 10.0.0.3:5672 check inter 10s rise 2 fall 3',
    'rmq4 10.0.0.4:5672 check inter 10s rise 2 fall 3',
    'maxconn' => 20000,
    'balance' => 'roundrobin'
  ])
end

which will give the same result.

Finally you can also configure frontends and backends by specify the type attribute of the resource. See example in the manual recipe.

Instead of using lwrp, you can use node['haproxy']['listeners'] to configure all kind of listeners (listen, frontend and backend)

haproxy_config

This provider is used to write the actual haproxy.cfg file to the system. Location of haproxy.cfg.erb template file can be adjusted to support wrapper cookbook customizations.

haproxy_config "Write Config" do
  conf_dir node['haproxy']['conf_dir']
  conf_cookbook node['haproxy']['conf_cookbook']
  conf_template_source node['haproxy']['conf_template_source']
end

haproxy

The haproxy LWRP allows for a more freeform method of configuration. It will map a given data structure into the proper configuration format, making it easier for adjustment and expansion.

haproxy 'myhaproxy' do
  config Mash.new(
    :global => {
      :maxconn => node[:haproxy][:global_max_connections],
      :user => node[:haproxy][:user],
      :group => node[:haproxy][:group]
    },
    :defaults => {
      :log => :global,
      :mode => :tcp,
      :retries => 3,
      :timeout => 5
    },
    :frontend => {
      :srvs => {
        :maxconn => node[:haproxy][:frontend_max_connections],
        :bind => "#{node[:haproxy][:incoming_address]}:#{node[:haproxy][:incoming_port]}",
        :default_backend => :backend_servers
      }
    },
    :backend => {
      :backend_servers => {
        :mode => :tcp,
        :server => [
          "an_node 192.168.99.9:9999" => {
            :weight => 1,
            :maxconn => node[:haproxy][:member_max_connections]
          }
        ]
      }
    }
  )
end

Usage

Use either the manual recipe or the app_lb recipe.

When using the manual recipe, the members attribute specifies the http application servers. If you wish to use the node['haproxy']['listeners'] attribute or haproxy_lb lwrp instead then set node['haproxy']['enable_default_http'] to false.

"haproxy" => {
  "members" => [{
    "hostname" => "appserver1",
    "ipaddress" => "123.123.123.1",
    "port" => 8000,
    "ssl_port" => 8443,
    "weight" => 1,
    "max_connections" => 100
  }, {
    "hostname" => "appserver2",
    "ipaddress" => "123.123.123.2",
    "port" => 8000,
    "ssl_port" => 8443,
    "weight" => 1,
    "max_connections" => 100
  }, {
    "hostname" => "appserver3",
    "ipaddress" => "123.123.123.3",
    "port" => 8000,
    "ssl_port" => 8443,
    "weight" => 1,
    "max_connections" => 100
  }]
}

Note that the following attributes are optional

  • port will default to the value of node['haproxy']['member_port']
  • ssl_port will default to the value of node['haproxy']['ssl_member_port']
  • weight will default to the value of node['haproxy']['member_weight']
  • max_connections will default to the value of node['haproxy']['member_max_connections']

The app_lb recipe is designed to be used with the application cookbook, and provides search mechanism to find the appropriate application servers. Set this in a role that includes the haproxy::app_lb recipe. For example,

name 'load_balancer'
description 'haproxy load balancer'
run_list('recipe[haproxy::app_lb]')
override_attributes(
  'haproxy' => {
    'app_server_role' => 'webserver'
  }
)

The search uses the node's chef_environment. For example, create environments/production.rb, then upload it to the server with knife

License & Authors

Copyright:: Heavy Water Operations, LLC.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

haproxy Cookbook CHANGELOG

This file is used to list changes made in each version of the haproxy cookbook. (@sun77)

v3.0.3 (28-03-2017)

  • Multiple addresses and ports on listener and frontend [#174][]
  • Customize logging destination [#178][]
  • updating to use bats/serverspec [#179][]

v3.0.2 (27-03-2017)

  • Allow server startup from app_lb recipe. [#171][]
  • Use Delivery instead of Rake
  • Make this cookbook compatible with Chef-13, note: params option is now parameters [#175][]

v3.0.1 (2017-1-30)

  • Reload haproxy configuration on changes [#152][]
  • merging in generic socket conf [#107][]
  • updating config to use facilities hash dynamically [#102][]
  • adding tproxy and splice per [#98][]
  • removing members with nil ips from member array. [#79][]

v3.0.0 (2017-1-24)

  • Configurable debug options
  • Merging [#123][] - CentOS7 compatibility
  • Adding poise-service for service management
  • Adding changes to match PR [#91][].
  • updating source install to use Haproxy 1.7.2
  • Chef >= 12.1 required
  • changing ['haproxy']['source']['target_os'], ['haproxy']['source']['target_cpu'] to use proper architecture, Issue: [#150][]

v2.0.2 (2016-12-30)

  • Cookstyle fixes
  • Travis testing updates
  • Fixed the github URL for the repo in various locations
  • Converted file modes to strings
  • Updated the config resource to lazily evaluate node attribute values to better load the values when overriden in wrapper cookbooks

v2.0.1 (2016-12-08)

  • Fixed dynamic configuration to properly template out frontend and backend sections
  • Update Chef Brigade to Sous Chefs
  • Updated contributing docs to remove the reference to the develop branch

v2.0.0 (2016-11-09)

Breaking Changes

  • The default recipe is now an empty recipe with manual configuration performed in the 'manual' recipe
  • Remove Chef 10 compatibility code
  • Switch from Librarian to Berksfile
  • Updated the source recipe to install 1.6.9 by default

Other changes

  • Migrated this cookbook from Heavy Water to Chef Brigade so we can ensure more frequent releases and maintenance
  • Added a code of conduct for the project. Read it.
  • The haproxy config is now verified before the service restarts / reloads to prevent taking down haproxy with a bad config
  • Several new syslog configuration attributes have been added
  • A new attribute for stats_socket_level has been added
  • A new attribute for retries has been added
  • Added a chefignore file to speed up syncs from the server
  • Added scientific and oracle as supported platforms in the metadata
  • Added source_url, issues_url, and chef_version metadata
  • Removed attributes from the metadata file as these are redundant
  • Enabled why-run support in the default haproxy resource
  • Removed broken tarball validation in the source recipe to prevented installs from completing
  • Fixed source installs not running if an older version was present on the node
  • Broke search logic out into a new_discovery recipe
  • Added new node['haproxy']['pool_members'] and node['haproxy']['pool_members_option'] attributes
  • Resolved all cookstyle and foodcritic warnings
  • Added a new haproxy_config resource
  • Added a Guardfile
  • Update the Kitchen config file to use Bento boxes and new platforms
  • Updates ChefSpec matchers to use the latest format
  • Added testing in Travis CI with a Rakefile that runs cookstyle, foodcritic, and ChefSpec as well as a Kitchen Dokken config that does integration testing of the package install

v1.6.7

New Feature

  • Added ChefSpec matchers and test coverage

Updates

  • Replaced references to Opscode with Chef

v1.6.6

Bug

  • CPU Tuning, corrects cpu_affinity resource triggers

Updates

  • parameterize options for admin listener
  • renamed templates/rhel to templates/redhat
  • sort pool members by hostname to avoid needless restarts
  • support amazon linux init script
  • support to configure global options

v1.6.4

v1.6.2

Bug

  • COOK-3424 - Haproxy cookbook attempts to alter an immutable attribute

New Feature

  • COOK-3135 - Allow setting of members with default recipe without changing the template

v1.6.2

Bug

  • COOK-3424 - Haproxy cookbook attempts to alter an immutable attribute

New Feature

  • COOK-3135 - Allow setting of members with default recipe without changing the template

v1.6.0

New Feature

  • Allow setting of members with default recipe without changing the template

v1.5.0

Improvement

  • COOK-3660 - Make haproxy socket default user group configurable
  • COOK-3537 - Add OpenSSL and zlib source configurations

New Feature

  • COOK-2384 - Add LWRP for multiple haproxy sites/configs

v1.4.0

Improvement

  • COOK-3237 - Enable cookie-based persistence in a backend
  • COOK-3216 - Add metadata attributes

New Feature

v1.3.2

Bug

  • [COOK-3046]: haproxy default recipe broken by COOK-2656

Task

  • [COOK-2009]: Add test-kitchen support to haproxy

v1.3.0

Improvement

  • [COOK-2656]: Unify the haproxy.cfg with that from app_lb

New Feature

  • [COOK-1488]: Provide an option to build haproxy from source

v1.2.0

  • [COOK-1936] - use frontend / backend logic
  • [COOK-1937] - cleanup for configurations
  • [COOK-1938] - more flexibility for options
  • [COOK-1939] - reloading haproxy is better than restarting
  • [COOK-1940] - haproxy stats listen on 0.0.0.0 by default
  • [COOK-1944] - improve haproxy performance

v1.1.4

  • [COOK-1839] - add httpchk configuration to app_lb template

v1.1.0

  • [COOK-1275] - haproxy-default.erb should be a cookbook_file
  • [COOK-1594] - Template-Service ordering issue in app_lb recipe

v1.0.6

  • [COOK-1310] - redispatch flag has changed

v1.0.4

  • [COOK-806] - load balancer should include an SSL option
  • [COOK-805] - Fundamental haproxy load balancer options should be configurable

v1.0.3

  • [COOK-620] haproxy::app_lb's template should use the member cloud private IP by default

v1.0.2

  • fix regression introduced in v1.0.1

v1.0.1

  • account for the case where load balancer is in the pool

v1.0.0

  • Use node.chef_environment instead of node['app_environment']

Collaborator Number Metric
            

3.0.3 passed this metric

Contributing File Metric
            

3.0.3 passed this metric

Foodcritic Metric
            

3.0.3 passed this metric

License Metric
            

3.0.3 passed this metric

No Binaries Metric
            

3.0.3 passed this metric

Testing File Metric
            

3.0.3 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of http://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

3.0.3 passed this metric