forked from OpenStackCookbook/OpenStackCookbook
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcookbook.yaml
178 lines (164 loc) · 5.53 KB
/
cookbook.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
heat_template_version: 2013-05-23
description: >
HOT template to deploy two instances running Apache, and an extra instance running
HA Proxy that load balances traffic between then assigns a floating IP addresses
to the HA Proxy instance from the Public Network
parameters:
key_name:
type: string
description: Name of keypair to assign to servers
image:
type: string
description: Name of image to use for servers
flavor:
type: string
description: Flavor to use for servers
public_net_id:
type: string
description: >
ID of public network for which floating IP addresses will be allocated
private_net_id:
type: string
description: ID of private network into which servers get deployed
private_subnet_id:
type: string
description: ID of private sub network into which servers get deployed
resources:
webserver1:
type: OS::Nova::Server
properties:
name: Webserver1
image: { get_param: image }
flavor: { get_param: flavor }
key_name: { get_param: key_name }
networks:
- port: { get_resource: webserver1_port }
config_drive: "true"
user_data: |
#!/bin/bash -v
export DEBIAN_FRONTEND=noninteractive
export http_proxy=http://192.168.100.1:3128/
apt-get update
apt-get -y install apache2
webserver1_port:
type: OS::Neutron::Port
properties:
network_id: { get_param: private_net_id }
fixed_ips:
- subnet_id: { get_param: private_subnet_id }
security_groups: [{ get_resource: server_security_group }]
webserver2:
type: OS::Nova::Server
properties:
name: Webserver2
image: { get_param: image }
flavor: { get_param: flavor }
key_name: { get_param: key_name }
networks:
- port: { get_resource: webserver2_port }
config_drive: "true"
user_data: |
#!/bin/bash -v
export DEBIAN_FRONTEND=noninteractive
export http_proxy=http://192.168.100.1:3128/
apt-get update
apt-get -y install apache2
webserver2_port:
type: OS::Neutron::Port
properties:
network_id: { get_param: private_net_id }
fixed_ips:
- subnet_id: { get_param: private_subnet_id }
security_groups: [{ get_resource: server_security_group }]
haproxy:
type: OS::Nova::Server
properties:
name: HAProxy
image: { get_param: image }
flavor: { get_param: flavor }
key_name: { get_param: key_name }
networks:
- port: { get_resource: haproxy_port }
config_drive: "true"
user_data:
str_replace:
template: |
#!/bin/bash -v
#Install and configure haproxy
export DEBIAN_FRONTEND=noninteractive
export http_proxy=http://192.168.100.1:3128/
apt-get update
apt-get -y install haproxy
rm -rf /etc/haproxy/haproxy.cfg
echo "
global
log 127.0.0.1 local0 debug
maxconn 45000 # Total Max Connections. This is dependent on ul imit
user haproxy
group haproxy
daemon
defaults
log global
mode http
option dontlognull
retries 3
option redispatch
timeout server 86400000
timeout connect 86400000
timeout client 86400000
timeout queue 1000s
listen http_web 0.0.0.0:80
mode http
stats enable
stats uri /haproxy?stats
option httpclose
option forwardfor
balance roundrobin # Load Balancing algorithm
server Webserver1 %webserver1_ip% check
server Webserver2 %webserver2_ip% check
" >> /etc/haproxy/haproxy.cfg
sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/haproxy
service haproxy start
params:
"%webserver1_ip%": { get_attr: [ webserver1, first_address ] }
"%webserver2_ip%": { get_attr: [ webserver2, first_address ] }
haproxy_port:
type: OS::Neutron::Port
properties:
network_id: { get_param: private_net_id }
fixed_ips:
- subnet_id: { get_param: private_subnet_id }
security_groups: [{ get_resource: server_security_group }]
haproxy_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: { get_param: public_net_id }
port_id: { get_resource: haproxy_port }
server_security_group:
type: OS::Neutron::SecurityGroup
properties:
description: Webserver Rules
name: webserver
rules:
- direction: ingress
ethertype: IPv4
port_range_max: 22
port_range_min: 22
protocol: tcp
remote_ip_prefix: 0.0.0.0/0
- direction: ingress
ethertype: IPv4
port_range_min: 80
port_range_max: 80
protocol: tcp
remote_ip_prefix: 0.0.0.0/0
outputs:
webserver1_private_ip:
description: IP address of webserver1 in private network
value: { get_attr: [ webserver1, first_address ] }
webserver2_private_ip:
description: IP address of webserver2 in private network
value: { get_attr: [ webserver2, first_address ] }
haproxy_public_ip:
description: Floating IP address of haproxy in public network
value: { get_attr: [ haproxy_floating_ip, floating_ip_address ] }