From 9451ac61a04f84a8f361d2a49a63cec1a026b54e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rados=C5=82aw=20Piliszek?= Date: Tue, 22 Sep 2020 16:43:49 +0200 Subject: [PATCH] Change the default haproxy template to split variant This allows for more config flexibility - e.g. running multiple backends with a common frontend. It is not possible with the 'listen' approach (which enforces frontend). Additionally, it does not really make sense to support two ways to do the exact same thing as the process is automated and 'listen' is really meant for humans not willing to write separate sections. Hence this deprecates 'listen' variant. At the moment both templates work exactly the same. The real flexibility comes in following patches. Note this is a building block for future work on letsencrypt validator (which should offer backend and share frontend with any service running off 80/443 - which would be only horizon in the current default config), as well as any work towards single port (that is single frontend) and multiple services anchored at paths of it (which is the new recommended default). Change-Id: I2362aaa3e8069fe146d42947b8dddf49376174b5 Partially-Implements: blueprint letsencrypt-https --- ansible/roles/haproxy-config/defaults/main.yml | 3 ++- ...default-template-change-b5816d6ba87f3a4c.yaml | 16 ++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/haproxy-default-template-change-b5816d6ba87f3a4c.yaml diff --git a/ansible/roles/haproxy-config/defaults/main.yml b/ansible/roles/haproxy-config/defaults/main.yml index 97ef2a0998..4cfc7b7862 100644 --- a/ansible/roles/haproxy-config/defaults/main.yml +++ b/ansible/roles/haproxy-config/defaults/main.yml @@ -1,7 +1,8 @@ --- project_name: "haproxy-config" -haproxy_service_template: "haproxy_single_service_listen.cfg.j2" +# DEPRECATED(yoctozepto): using "haproxy_single_service_listen.cfg.j2" here is deprecated +haproxy_service_template: "haproxy_single_service_split.cfg.j2" # Extra frontend/backend options (additive with locally defined options) haproxy_frontend_http_extra: diff --git a/releasenotes/notes/haproxy-default-template-change-b5816d6ba87f3a4c.yaml b/releasenotes/notes/haproxy-default-template-change-b5816d6ba87f3a4c.yaml new file mode 100644 index 0000000000..5cc1bdd170 --- /dev/null +++ b/releasenotes/notes/haproxy-default-template-change-b5816d6ba87f3a4c.yaml @@ -0,0 +1,16 @@ +--- +upgrade: + - | + The default of ``haproxy_service_template`` changed to + ``haproxy_single_service_split.cfg.j2``. + This template allows more flexibility in service config. + The previously-default ``haproxy_single_service_listen.cfg.j2`` is now + deprecated for removal. + No action needs to be taken unless one relied on replacing the previous + default template contents with one's own (under the same name). +deprecations: + - | + The previous default of ``haproxy_service_template`` + (``haproxy_single_service_listen.cfg.j2``) is now deprecated for removal + as ``haproxy_single_service_split.cfg.j2`` takes it place to allow more + flexibility in service config.