From 109399d71ea4d371083e9ca8728dbed8b772ec31 Mon Sep 17 00:00:00 2001 From: Arne Oslebo <arne.oslebo@uninett.no> Date: Fri, 2 Oct 2020 11:35:33 +0200 Subject: [PATCH] bugfixes for haproxy image and playbook --- group_vars/all/main.yml | 2 +- roles/build/files/haproxy.cfg | 8 -------- roles/build/templates/haproxy/Dockerfile.j2 | 9 ++------- roles/docker/tasks/haproxy.yml | 2 ++ roles/haproxy/tasks/main.yml | 10 ++++++---- roles/haproxy/templates/haproxy.cfg.j2 | 2 +- 6 files changed, 12 insertions(+), 21 deletions(-) delete mode 100644 roles/build/files/haproxy.cfg diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml index 14a5b81..f73b42c 100644 --- a/group_vars/all/main.yml +++ b/group_vars/all/main.yml @@ -1,6 +1,6 @@ --- -dslproxy: "<CHANGE_ME:hostname>" +dslproxy: "arne-centos2.cert-labs.uninett.no" # TheHive Button plugin THEHIVE_URL: "https://hive.gn4-3-wp8-soc.sunet.se/" diff --git a/roles/build/files/haproxy.cfg b/roles/build/files/haproxy.cfg deleted file mode 100644 index 3f2dab4..0000000 --- a/roles/build/files/haproxy.cfg +++ /dev/null @@ -1,8 +0,0 @@ -global - quiet - -defaults - maxconn 5000 - timeout connect 5s - timeout client 20s - timeout server 20s diff --git a/roles/build/templates/haproxy/Dockerfile.j2 b/roles/build/templates/haproxy/Dockerfile.j2 index 602eb65..17b595f 100644 --- a/roles/build/templates/haproxy/Dockerfile.j2 +++ b/roles/build/templates/haproxy/Dockerfile.j2 @@ -1,4 +1,4 @@ -FROM gn43-dsl/centos:7a20200612 +FROM gn43-dsl/centos:{{version}}{{suffix}} ENV HAPROXY_VERSION 2.2.3 ENV HAPROXY_URL https://www.haproxy.org/download/2.2/src/haproxy-2.2.3.tar.gz @@ -23,6 +23,7 @@ RUN \ zlib-devel \ iptables \ pcre2-devel \ + daemonize \ pth-devel && \ `# Install newest openssl...` \ wget -O /tmp/openssl.tgz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \ @@ -68,9 +69,3 @@ ENTRYPOINT ["/bin/bash"] # "when the SIGTERM signal is sent to the haproxy process, it immediately quits and all established connections are closed" # "graceful stop is triggered when the SIGUSR1 signal is sent to the haproxy process" STOPSIGNAL SIGUSR1 - -COPY haproxy-entrypoint.sh / -ENTRYPOINT ["/haproxy-entrypoint.sh"] - -COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg -CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] diff --git a/roles/docker/tasks/haproxy.yml b/roles/docker/tasks/haproxy.yml index 0cc981e..687ee07 100644 --- a/roles/docker/tasks/haproxy.yml +++ b/roles/docker/tasks/haproxy.yml @@ -15,6 +15,8 @@ - "9443:9443" - "9200:9200" - "7750:7750" + entrypoint: "/bin/bash" + interactive: "yes" tags: - start diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml index b8f8f88..910599e 100644 --- a/roles/haproxy/tasks/main.yml +++ b/roles/haproxy/tasks/main.yml @@ -7,11 +7,13 @@ dest: /usr/local/etc/haproxy/haproxy.cfg tags: - start - - reconf -- name: Restart haproxy - shell: kill -USR2 1 +- name: Start haproxy + shell: "daemonize -c / -p /haproxy.pid /usr/local/sbin/haproxy -f /usr/local/etc/haproxy/haproxy.cfg" tags: - start - - reconf + +#- name: Stop haproxy +# tags: +# - stop diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2 index 107ba0b..c4df653 100644 --- a/roles/haproxy/templates/haproxy.cfg.j2 +++ b/roles/haproxy/templates/haproxy.cfg.j2 @@ -27,7 +27,7 @@ listen nifiserv balance source option tcpka {% for nifihost in groups['nificontainers'] %} - server {{nifihost}} {{nifihost}}:9443 ssl check verify none + server {{nifihost}} {{nifihost}}:9443 check {% endfor %} listen odfeserv -- GitLab