Dustin C. Hatch
3ca94d2bf4
HAProxy can export stats in Prometheus format, but this requires special configuration of a dedicated front-end. To support this, the _haproxy_ Ansible role now has a pair of variables, `haproxy_enable_stats` and `haproxy_stats_port`, which control whether or not the stats front-end is enabled, and if so, what port it listens on. Note that on Fedora with the default SELinux policy, the port must be labelled either `http_port_t` or `http_cache_port_t`.
69 lines
1.5 KiB
YAML
69 lines
1.5 KiB
YAML
- name: load distribution-specific values
|
|
include_vars: '{{ item }}'
|
|
with_first_found:
|
|
- '{{ ansible_distribution }}.yml'
|
|
- defaults.yml
|
|
|
|
- name: ensure haproxy is installed
|
|
package:
|
|
name=haproxy
|
|
state=present
|
|
tags:
|
|
- install
|
|
|
|
- name: ensure default haproxy configuration file is empty
|
|
copy:
|
|
src: haproxy.cfg
|
|
dest: /etc/haproxy
|
|
mode: u=rw,go=r
|
|
notify: restart haproxy
|
|
- name: ensure haproxy global configuration is set
|
|
template:
|
|
src: global.cfg.j2
|
|
dest: /etc/haproxy/conf.d/10-global.cfg
|
|
mode: u=rw,go=r
|
|
notify: restart haproxy
|
|
- name: ensure haproxy defaults are set
|
|
template:
|
|
src: defaults.cfg.j2
|
|
dest: /etc/haproxy/conf.d/20-defaults.cfg
|
|
mode: u=rw,go=r
|
|
notify: restart haproxy
|
|
- name: ensure haproxy stats frontend is configured
|
|
template:
|
|
src: stats.cfg.j2
|
|
dest: /etc/haproxy/conf.d/30-stats.cfg
|
|
mode: u=rw,go=r
|
|
notify: reload haproxy
|
|
tags:
|
|
- config
|
|
- stats
|
|
|
|
- name: ensure haproxy starts at boot
|
|
service:
|
|
name: haproxy
|
|
enabled: true
|
|
tags:
|
|
- service
|
|
|
|
- name: ensure haproxy is running
|
|
service:
|
|
name: haproxy
|
|
state: started
|
|
tags:
|
|
- service
|
|
|
|
- name: ensure firewall is configured for haproxy stats
|
|
firewalld:
|
|
port: '{{ haproxy_stats_port }}/tcp'
|
|
immediate: '{{ item == "immediate" }}'
|
|
permanent: '{{ item == "permanent" }}'
|
|
state: enabled
|
|
loop:
|
|
- immediate
|
|
- permanent
|
|
when: host_uses_firewalld|d(true) and haproxy_enable_stats
|
|
tags:
|
|
- firewalld
|
|
- stats
|