Skip to content
This role deployed HAPROXY,KEEPALIVED STATS AND HATOP
HCL
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
ansible
img
terraform
README.md

README.md

haproxy-ansible-kubernetes

This role install HAPROXY,KEEPALIVED,STATS AND HATOP

1- Launch ha-proxy ansible you need update the inventory with you haproxy ips.

  • based in openshift and kubespray documentation:

https://blog.openshift.com/haproxy-highly-available-keepalived/

https://github.com/kubernetes-sigs/kubespray/blob/master/docs/ha-mode.md

inventory example

root@jenkins:/tmp/haproxy-ansible-kubernetes/ansible# cat inventory/hosts.ini
[all]
haproxy1 ansible_host=172.16.250.151 ip=172.16.250.151 state=MASTER priority=100
haproxy2 ansible_host=172.16.250.152 ip=172.16.250.152 state=BACKUP priority=98

[haproxy]
haproxy1
haproxy2

[keepalived]
haproxy1
haproxy2

Configure VIP (Loadbalancer IP for k8s)

root@jenkins:/tmp/haproxy-ansible-kubernetes/ansible# ls
inventory  playbook.yml  roles
root@jenkins:/tmp/haproxy-ansible-kubernetes/ansible# cat inventory/group_vars/keepalived/keepalived.yml

VIP - LOADBALANCER IP

keepalived_loadbalancer_vip: '172.16.250.150'

HAProxy - Frontend and Backends

In this example I have two kubernetes clusters configured in my haproxy.yml (openshift and k8s-native with kubespray)

root@jenkins:/tmp/haproxy-ansible-kubernetes/ansible/inventory/group_vars# cat haproxy/haproxy.yml
---
haproxy_global_maxconn: 50000
haproxy_global_ulimit: 100042

haproxy_frontends:
  - name: 'openshift_router_http'
    bind: '*:80'
    backends:
      - 'openshift_router80'
  - name: 'openshift_router_ssl'
    bind: '*:443'
    backends:
      - 'openshift_router443'
  - name: 'openshift_router_mgmt'
    bind: '*:8443'
    backends:
      - 'openshift_mgmt8443'
  - name: 'kubernetes_api'
    bind: '*:6443'
    backends:
      - 'kubernetes_api6443'
  - name: 'kubernetes_traefik_http'
    bind: '*:9090'
    backends:
      - 'kubernetes_traefik9090'


haproxy_backends:
  - name: 'openshift_router80'
    balance: 'source'
    mode: 'tcp'
    server:
      - name: 'master0.itshell.local'
        value: '172.16.250.160:80'
        extra: 'check'
      - name: 'master1.itshell.local'
        value: '172.16.250.161:80'
        extra: 'check'
      - name: 'master2.itshell.local'
        value: '172.16.250.162:80'
        extra: 'check'
  - name: 'openshift_router443'
    balance: 'source'
    mode: 'tcp'
    server:
      - name: 'master0.itshell.local'
        value: '172.16.250.160:443'
        extra: 'check'
      - name: 'master1.itshell.local'
        value: '172.16.250.161:443'
        extra: 'check'
      - name: 'master2.itshell.local'
        value: '172.16.250.162:443'
        extra: 'check'
  - name: 'openshift_mgmt8443'
    balance: 'source'
    mode: 'tcp'
    server:
      - name: 'master0.itshell.local'
        value: '172.16.250.160:8443'
        extra: 'check'
      - name: 'master1.itshell.local'
        value: '172.16.250.161:8443'
        extra: 'check'
      - name: 'master2.itshell.local'
        value: '172.16.250.162:8443'
        extra: 'check'
  - name: 'kubernetes_api6443'
    balance: 'source'
    mode: 'tcp'
    server:
      - name: 'kub0'
        value: '172.16.250.180:6443'
        extra: 'check'
      - name: 'kub1'
        value: '172.16.250.181:6443'
        extra: 'check'
      - name: 'kub2'
        value: '172.16.250.182:6443'
        extra: 'check'
  - name: 'kubernetes_traefik9090'
    balance: 'source'
    mode: 'tcp'
    server:
      - name: 'minion0'
        value: '172.16.250.190:80'
        extra: 'check'
      - name: 'minion1'
        value: '172.16.250.191:80'
        extra: 'check'

2- Later, The complete step1 you are ready to launch ansible-playbook.(optional launch common and syslog)

---
- name: haproxy provision
  hosts: haproxy
  become: yes
  become_user: 'root'
  become_method: 'sudo'

  roles:
   #  - { role: common, tags: pkg-common }
   #  - { role: rsyslog, tags: rsyslog }
    - { role: haproxy, tags: haproxy } 
    - { role: keepalived, tags: keepalived }
root@jenkins# sudo ansible-playbook -i inventory/hosts.ini playbook.yml --extra-vars="install=True allow_restart=True" -vvvv

alt text

3- playbook results:

alt text

Check ping VIP IP

alt text

Check haproxy stats using HATOP (inside one haproxy execute)

hatop -s /var/lib/haproxy/stats

alt text

Check haproxy stats using url

http://172.16.250.150:9000/haproxy_stats

alt text

alt text

alt text

alt text

alt text

alt text

alt text

ENJOY

You can’t perform that action at this time.