openstack-heat-templates/LB-HAproxy.yaml at master · mandic-cloud/openstack-heat-templates · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
heat_template_version: 2016-04-08

description: A Group of Load Balanced Servers

parameters:

  app_port:
    type: number
    default: 80
    description: Port used by the servers
  flavor:
    type: string
    description: Flavor used for servers
    constraints:
    - custom_constraint: nova.flavor
    default: g1.micro
  image:
    type: string
    description: Image used for servers
    constraints:
    - custom_constraint: glance.image
    default: linux-ubuntu-16-64b-base
  lb_port:
    type: number
    default: 80
    description: Port used by the load balancer
  private_network:
    type: string
    description: Network used by the servers
    constraints:
    - custom_constraint: neutron.network
    default: net-int1
  key_name:
    type: string
    description: An ssh keypair name used for accessing the server.
    constraints:
    - custom_constraint: nova.keypair
    default: devel
  public_network:
    type: string
    description: Network used by the load balancer
    constraints:
    - custom_constraint: neutron.network
#  subnet:
#    type: string
#    description: Subnet on which the load balancer will be located
#    constraints:
#    - custom_constraint: neutron.subnet
#    default: 2be387a8-f9a4-4422-aeff-44780a82579e

resources:

  sec_group:
    type: OS::Neutron::SecurityGroup
    properties:
      rules:
      - remote_ip_prefix: 0.0.0.0/0
        protocol: tcp
        port_range_min: { get_param: app_port }
        port_range_max: { get_param: app_port }
      - remote_ip_prefix: 0.0.0.0/0
        protocol: icmp
      - remote_ip_prefix: 0.0.0.0/0
        protocol: tcp
        port_range_min: 22
        port_range_max: 22
# A ResourceGroup with a nested server template
# is a cleaner way of doing multiple servers.
# These are placed inline for the sake of the
# keeping the example in the App Catalog in a
# single template.
#
# A Resource Group would be as follows:
#
#  group:
#    type: OS::Heat::ResourceGroup
#    properties:
#      count: 2
#      resource_def:
#        type: lb_server.yaml
#
# The lb_server template would create the
# server and member resources.

  serverlb_port:
    type: OS::Neutron::Port
    properties:
      network_id: { get_param: private_network }
      #fixed_ips:
      #  - subnet_id: { get_param: private_subnet }
      security_groups: [{ get_resource: sec_group }]

  serverlb:
    type: OS::Nova::Server
    properties:
      image: { get_param: image }
      flavor: { get_param: flavor }
      networks:
        - port: { get_resource: serverlb_port }
      user_data_format: RAW
      key_name: { get_param: key_name }
      user_data:
        str_replace:
          template: |
            #!/bin/bash
            sudo -i
            apt-get update
            apt-get install -y haproxy
            cat <<EOF > /etc/haproxy/haproxy.cfg
            global
               log         127.0.0.1 local2
               chroot      /var/lib/haproxy
               pidfile     /var/run/haproxy.pid
               maxconn     4000
               user        haproxy
               group       haproxy
               daemon
               stats socket /var/lib/haproxy/stats
            defaults
               mode                    http
               log                     global
               option                  httplog
               option                  dontlognull
               option http-server-close
               option forwardfor       except 127.0.0.0/8
               option                  redispatch
               retries                 3
               timeout http-request    10s
               timeout queue           1m
               timeout connect         10s
               timeout client          1m
               timeout server          1m
               timeout http-keep-alive 10s
               timeout check           10s
               maxconn                 3000
            frontend http
               bind *:80
               default_backend web-servers
            backend web-servers
               balance     roundrobin
               option httpchk GET /
               option  httplog
               server web1 WEB1:80
               server web2 WEB2:80
            EOF
            service haproxy restart
          params:
            WEB1: { get_attr: [ serverweb1, first_address ]}
            WEB2: { get_attr: [ serverweb2, first_address ]}

  serverweb1:
    type: OS::Nova::Server
    properties:
      image: { get_param: image }
      flavor: { get_param: flavor }
      networks: [{ network: { get_param: private_network }}]
      security_groups: [{ get_resource: sec_group }]
      user_data_format: RAW
      key_name: { get_param: key_name }
      user_data:
        str_replace:
          template: |
            #!/bin/bash
            sudo -i
            apt-get update
            apt-get install -y apache2
            echo 'Apache-node1' > /var/www/html/index.html
          params:
            PORT: { get_param: app_port }

  serverweb2:
    type: OS::Nova::Server
    properties:
      image: { get_param: image }
      flavor: { get_param: flavor }
      networks: [{ network: { get_param: private_network }}]
      security_groups: [{ get_resource: sec_group }]
      user_data_format: RAW
      key_name: { get_param: key_name }
      user_data:
        str_replace:
          template: |
            #!/bin/bash
            sudo -i
            apt-get update
            apt-get install -y apache2
            echo 'Apache-node2' > /var/www/html/index.html
          params:
            PORT: { get_param: app_port }

#  pool_member1:
#    type: OS::Neutron::LBaaS::PoolMember
#    properties:
#      pool: { get_resource: pool }
#      address: { get_attr: [ serverweb1, first_address ]}
#      protocol_port: { get_param: app_port }
#      subnet: sub4-int1

#  pool_member2:
#    type: OS::Neutron::LBaaS::PoolMember
#    properties:
#      pool: { get_resource: pool }
#      address: { get_attr: [ serverweb2, first_address ]}
#      protocol_port: { get_param: app_port }
#      subnet: sub4-int1

#  monitor:
#    type: OS::Neutron::LBaaS::HealthMonitor
#    properties:
#      delay: 3
#      type: PING
#      timeout: 3
#      max_retries: 3
#      pool: { get_resource: pool }

#  pool:
#    type: OS::Neutron::LBaaS::Pool
#    properties:
#      lb_algorithm: ROUND_ROBIN
#      protocol: HTTP
#      listener: { get_resource: listener }

#  listener:
#    type: OS::Neutron::LBaaS::Listener
#    properties:
#      loadbalancer: { get_resource: loadbalancer }
#      protocol: HTTP
#      protocol_port: { get_param: lb_port }

#  loadbalancer:
#    type: OS::Neutron::LBaaS::LoadBalancer
#    properties:
#      vip_subnet: sub4-int1

  floating_ip:
    type: OS::Neutron::FloatingIP
    properties:
      floating_network: { get_param: public_network }
      port_id: { get_resource: serverlb_port }

outputs:

  lburl:
    description: URL of the loadbalancer
    value:
      str_replace:
        template: http://IP_ADDRESS:PORT
        params:
          IP_ADDRESS: { get_attr: [ floating_ip, floating_ip_address ] }
          PORT: { get_param: lb_port }
    description: >
      This URL is the "external" URL that can be used to access the
      load balancer.