Skip to content

add code for olam with haproxy #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 6, 2025
Merged

add code for olam with haproxy #67

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b3559c8
add vars and ports for haproxy
May 2, 2025
e852105
update nginx config with haproxy health checks
May 5, 2025
962f75f
add unique ports for haproxy
May 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions olam/default_vars.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ add_pah_ports: false
use_freeipa: false
use_git: false
add_cluster_ports: false
use_haproxy: false
add_haproxy_ports: false

use_kvm: false
create_vm: false
Expand Down
28 changes: 27 additions & 1 deletion olam/templates/ingress_security_rules.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,4 +79,30 @@ instance_ingress_security_rules:
destination_port_range:
max: 27199
min: 27199
{% endif %}
{% endif %}
{% if add_haproxy_ports %}
- source: "10.0.0.0/24"
protocol: 6
tcp_options:
destination_port_range:
max: 80
min: 80
- source: "10.0.0.0/24"
protocol: 6
tcp_options:
destination_port_range:
max: 443
min: 443
- source: "10.0.0.0/24"
protocol: 6
tcp_options:
destination_port_range:
max: 8080
min: 8080
- source: "0.0.0.0/0"
protocol: 6
tcp_options:
destination_port_range:
max: 8443
min: 8443
{% endif %}
74 changes: 24 additions & 50 deletions olam/templates/nginx.conf.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,56 +42,30 @@ http {
# for more information.
include /etc/nginx/conf.d/*.conf;

# server {
# listen 80 default_server;
# listen [::]:80 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
#
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
{% if use_haproxy %}
server {
listen 8080 default_server;
listen [::]:8080 default_server;
server_name _;
root /usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

# OCI LB health check
location /nginx-health {
access_log off;
add_header 'Content-Type' 'text/plain';
return 200 "healthy\n";
}

location /health {
access_log off;
add_header 'Content-Type' 'application/json';
return 200 '{"status":"UP"}';
}
}
{% endif %}

}