Please Help with HAProxy + Puppet
354 views
Skip to first unread message
max.bri...@gmail.com
Apr 29, 2013, 12:04:14 AM4/29/13
to puppet...@googlegroups.com
Hi,
I am trying to get HAProxy running. I have the puppet master setup serving configurations to two agents. One is the HAproxy server and the other is a simple web server (certname=webserver2). HAproxy is being deployed by puppet on the proxy server as expected. But the generated HAProxy configuration is what i don't understand. I do not see any single reference to the IP address of webserver2 to which the traffic should be forwarded. All IPs included in the haproxy config are those of the HAProxy server itsself.
I am likely misunderstanding something or missing something that should be done. Please help me through this. My goal is to balance (round robin) traffic to two servers webserver1 and webserver2
Thanks alot.
Here is my puppet master site.pp:
node /^haproxy.*/ {
Haproxy::Balancermember <<| listening_service == 'puppet00' |>>
class { 'haproxy': }
haproxy::listen {
'puppet00': ipaddress => $::ipaddress,
ports => ['55672','5672'], }
}
node 'webserver2' {
@@haproxy::balancermember {
$fqdn: listening_service => 'puppet00',
server_names => $::hostname,
ipaddresses => $::ipaddress,
ports => ['55672','5672'],
options => 'check'
}
}
Here is the haproxy.cfg that is generated:
# This file managed by Puppet
global
chroot /var/lib/haproxy
daemon
group haproxy
log 10.28.92.145 local0
maxconn 4000
pidfile /var/run/haproxy.pid
stats socket /var/lib/haproxy/stats
user haproxy
defaults
log global
maxconn 8000
option redispatch
retries 3
stats enable
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout check 10s
listen puppet00 10.28.92.145:55672,10.28.92.145:5672
balance roundrobin
option tcplog
option ssl-hello-chk
I am trying to get HAProxy running. I have the puppet master setup serving configurations to two agents. One is the HAproxy server and the other is a simple web server (certname=webserver2). HAproxy is being deployed by puppet on the proxy server as expected. But the generated HAProxy configuration is what i don't understand. I do not see any single reference to the IP address of webserver2 to which the traffic should be forwarded. All IPs included in the haproxy config are those of the HAProxy server itsself.
I am likely misunderstanding something or missing something that should be done. Please help me through this. My goal is to balance (round robin) traffic to two servers webserver1 and webserver2
Thanks alot.
Here is my puppet master site.pp:
node /^haproxy.*/ {
Haproxy::Balancermember <<| listening_service == 'puppet00' |>>
class { 'haproxy': }
haproxy::listen {
'puppet00': ipaddress => $::ipaddress,
ports => ['55672','5672'], }
}
node 'webserver2' {
@@haproxy::balancermember {
$fqdn: listening_service => 'puppet00',
server_names => $::hostname,
ipaddresses => $::ipaddress,
ports => ['55672','5672'],
options => 'check'
}
}
Here is the haproxy.cfg that is generated:
# This file managed by Puppet
global
chroot /var/lib/haproxy
daemon
group haproxy
log 10.28.92.145 local0
maxconn 4000
pidfile /var/run/haproxy.pid
stats socket /var/lib/haproxy/stats
user haproxy
defaults
log global
maxconn 8000
option redispatch
retries 3
stats enable
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout check 10s
listen puppet00 10.28.92.145:55672,10.28.92.145:5672
balance roundrobin
option tcplog
option ssl-hello-chk
ryr...@gmail.com
Apr 9, 2014, 2:44:43 PM4/9/14
to puppet...@googlegroups.com
Did you ever figure this out? I'm having the same trouble and all my googling is leading back to this same unanswered question of yours on google groups, stackoverflow, etc.
Christopher Wood
Apr 9, 2014, 3:17:10 PM4/9/14
to puppet...@googlegroups.com
Not that I've ever had this issue, but it might be helpful to check that storeconfigs is set on the puppetmaster and the simplest of exported resources are functioning. Maybe try with ssh host keys?
@@sshkey { $::fqdn:
host_aliases => $::hostname,
key => $::sshrsakey,
target => '/tmp/ssh_known_hosts',
type => ssh-rsa,
}
Then on the collecting host:
Sshkey <<| |>>
If you see a file with your host keys then you know exported resources are working and you can take a closer look at the HAProxy bit.
> listen puppet00 [1]10.28.92.145:55672,[2]10.28.92.145:5672
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [3]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [4]https://groups.google.com/d/msgid/puppet-users/bbfeeddf-c61e-4a3a-ab31-2efefa9177cd%40googlegroups.com.
> For more options, visit [5]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. http://10.28.92.145:55672/
> 2. http://10.28.92.145:5672/
> 3. mailto:puppet-users...@googlegroups.com
> 4. https://groups.google.com/d/msgid/puppet-users/bbfeeddf-c61e-4a3a-ab31-2efefa9177cd%40googlegroups.com?utm_medium=email&utm_source=footer
> 5. https://groups.google.com/d/optout
@@sshkey { $::fqdn:
host_aliases => $::hostname,
key => $::sshrsakey,
target => '/tmp/ssh_known_hosts',
type => ssh-rsa,
}
Then on the collecting host:
Sshkey <<| |>>
If you see a file with your host keys then you know exported resources are working and you can take a closer look at the HAProxy bit.
> balance roundrobin
> option tcplog
> option ssl-hello-chk
>
> --
> option tcplog
> option ssl-hello-chk
>
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [3]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [4]https://groups.google.com/d/msgid/puppet-users/bbfeeddf-c61e-4a3a-ab31-2efefa9177cd%40googlegroups.com.
> For more options, visit [5]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. http://10.28.92.145:55672/
> 2. http://10.28.92.145:5672/
> 3. mailto:puppet-users...@googlegroups.com
> 4. https://groups.google.com/d/msgid/puppet-users/bbfeeddf-c61e-4a3a-ab31-2efefa9177cd%40googlegroups.com?utm_medium=email&utm_source=footer
> 5. https://groups.google.com/d/optout
ryr...@gmail.com
Apr 9, 2014, 6:10:47 PM4/9/14
to puppet...@googlegroups.com
I think you're right Chris, I am not using puppet enterprise and I had not set up puppetdb or storeconfigs so no exporting or collecting is going to work without that. I guess most puppet users would realize this but for newbs like me it might be nice if the plugin doc mentioned that dependency.
On Monday, April 29, 2013 12:04:14 AM UTC-4, max.bri...@gmail.com wrote:
Christopher Wood
Apr 9, 2014, 6:34:37 PM4/9/14
to puppet...@googlegroups.com
Having been there, definitely give the puppetlabs puppetdb module a go:
http://forge.puppetlabs.com/puppetlabs/puppetdb
Puppetdb and storeconfigs are easier than they look, and once these are set up you'll get the result you want.
> listen puppet00 [1]10.28.92.145:55672,[2]10.28.92.145:5672
> 5. https://groups.google.com/d/optout
http://forge.puppetlabs.com/puppetlabs/puppetdb
Puppetdb and storeconfigs are easier than they look, and once these are set up you'll get the result you want.
> balance roundrobin
> option tcplog
> option ssl-hello-chk
>
> option tcplog
> option ssl-hello-chk
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [3]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [4]https://groups.google.com/d/msgid/puppet-users/12492585-2fe8-4060-93ac-4795c268a87f%40googlegroups.com.
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [3]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> For more options, visit [5]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. http://10.28.92.145:55672/
> 2. http://10.28.92.145:5672/
> 3. mailto:puppet-users...@googlegroups.com
> 4. https://groups.google.com/d/msgid/puppet-users/12492585-2fe8-4060-93ac-4795c268a87f%40googlegroups.com?utm_medium=email&utm_source=footer
>
> References
>
> Visible links
> 1. http://10.28.92.145:55672/
> 2. http://10.28.92.145:5672/
> 3. mailto:puppet-users...@googlegroups.com
> 5. https://groups.google.com/d/optout
Reply all
Reply to author
Forward
0 new messages