Respect haproxy_bind_internal_lb_vip_* variables

At the moment we assume that haproxy should be fine listening on internal_lb_vip_address, but in real life deployments these are FQDN and in case of using DNS RR, this assumption is invalid. We can be smarter and check if haproxy_bind_internal_lb_vip_* variables are defined, and fallback to previous behaviour if not. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/852039 Change-Id: Ic0b9646d566425878930eb88745e35f9e6cc2e11
2023-08-17 12:49:02 +02:00 · 2023-08-17 12:49:02 +02:00 · a8c1590983
commit a8c1590983
parent 391cf35b21
5 changed files with 30 additions and 6 deletions
--- a/inventory/group_vars/galera_all.yml
+++ b/inventory/group_vars/galera_all.yml
@ -58,7 +58,11 @@ haproxy_galera_service:
  haproxy_service_name: galera
  haproxy_backend_nodes: "{{ (groups['galera_all'] | default([]))[:1] }}"  # list expected
  haproxy_backup_nodes: "{{ (groups['galera_all'] | default([]))[1:] }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
  haproxy_port: 3306
  haproxy_check_port: 9200
  haproxy_balance_type: tcp
--- a/inventory/group_vars/neutron_all/haproxy_service.yml
+++ b/inventory/group_vars/neutron_all/haproxy_service.yml
@ -32,7 +32,11 @@ haproxy_neutron_server_service:
 haproxy_opendaylight_neutron_service:
  haproxy_service_name: opendaylight-neutron
  haproxy_backend_nodes: "{{ groups['neutron_server'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
  haproxy_port: 8180
  haproxy_balance_type: tcp
  haproxy_timeout_client: 5000s
@ -43,7 +47,11 @@ haproxy_opendaylight_neutron_service:
 haproxy_opendaylight_websocket_service:
  haproxy_service_name: opendaylight-websocket
  haproxy_backend_nodes: "{{ groups['neutron_server'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
  haproxy_port: 8185
  haproxy_balance_type: tcp
  haproxy_timeout_client: 5000s
--- a/inventory/group_vars/nova_all/haproxy_service.yml
+++ b/inventory/group_vars/nova_all/haproxy_service.yml
@ -24,7 +24,11 @@ haproxy_nova_metadata_allowlist_networks: "{{ haproxy_allowlist_networks }}"
 haproxy_nova_api_metadata_service:
  haproxy_service_name: nova_api_metadata
  haproxy_backend_nodes: "{{ groups['nova_api_metadata'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
  haproxy_port: 8775
  haproxy_ssl: "{{ haproxy_ssl_all_vips }}"
  haproxy_balance_type: http
--- a/inventory/group_vars/rabbitmq_all.yml
+++ b/inventory/group_vars/rabbitmq_all.yml
@ -41,7 +41,11 @@ haproxy_rabbitmq_service:
  haproxy_ssl: "{{ rabbitmq_management_ssl | bool }}"
  haproxy_backend_ssl: "{{ rabbitmq_management_ssl | bool }}"
  haproxy_backend_ca: False
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
  haproxy_port: "{{ (rabbitmq_management_ssl | bool) | ternary(15671, 15672) }}"
  haproxy_balance_type: http
  haproxy_backend_options:
--- a/inventory/group_vars/repo_all.yml
+++ b/inventory/group_vars/repo_all.yml
@ -34,7 +34,11 @@ openstack_repo_server_enable_glusterfs: True
 haproxy_repo_service:
  haproxy_service_name: repo_all
  haproxy_backend_nodes: "{{ groups['repo_all'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
  haproxy_port: 8181
  haproxy_ssl: "{{ haproxy_ssl_all_vips }}"
  haproxy_balance_type: http