691f81a6d9
In order to remove service currently we need to satisfy one of conditions: - haproxy_backend_nodes and haproxy_backup_nodes are empty and defined but must be defined - haproxy_service_enabled is False - state is absent There's big issue with logic regarding haproxy_backend_nodes and haproxy_backup_nodes since they both should be defined and empy, but in case haproxy_backup_nodes is not defined but haproxy_backend_nodes is empty we should consider this as condition for removal as well. But this will make it too complicated. This change suggest consider rely only on haproxy_service_enabled and state keys of haproxy_service_configs, as it's sufficient to drop service based on these 2 options. Change-Id: Ib37445ad852bcbd8d44d9eda9293565a4e52262b
56 lines
2.0 KiB
YAML
56 lines
2.0 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Create haproxy service config files
|
|
template:
|
|
src: service.j2
|
|
dest: "/etc/haproxy/conf.d/{{ item.service.haproxy_service_name }}"
|
|
with_items: "{{ haproxy_service_configs }}"
|
|
when:
|
|
- (item.service.haproxy_backend_nodes is defined and
|
|
item.service.haproxy_backend_nodes | length > 0) or
|
|
(item.service.haproxy_backup_nodes is defined and
|
|
item.service.haproxy_backup_nodes | length > 0) or
|
|
item.service.haproxy_frontend_only | default('False')
|
|
- (item.service.haproxy_service_enabled | default('True')) | bool
|
|
- (item.service.state is not defined or item.service.state != 'absent')
|
|
notify: Regenerate haproxy configuration
|
|
tags:
|
|
- haproxy-service-config
|
|
|
|
- name: Remove haproxy service config files for absent services
|
|
file:
|
|
path: "/etc/haproxy/conf.d/{{ item.service.haproxy_service_name }}"
|
|
state: absent
|
|
notify: Regenerate haproxy configuration
|
|
with_items: "{{ haproxy_service_configs }}"
|
|
when:
|
|
- ((item.service.haproxy_service_enabled | default('True')) | bool) is falsy or
|
|
(item.service.state is defined and item.service.state == 'absent')
|
|
tags:
|
|
- haproxy-service-config
|
|
|
|
- name: Prevent SELinux from preventing haproxy from binding to arbitrary ports
|
|
seboolean:
|
|
name: haproxy_connect_any
|
|
state: yes
|
|
persistent: yes
|
|
tags:
|
|
- haproxy-service-config
|
|
notify:
|
|
- Reload haproxy
|
|
when:
|
|
- ansible_facts['selinux']['status'] == "enabled"
|