cookbook 'haproxy', '= 12.0.0'
haproxy
(103) Versions
12.0.0
-
-
12.3.5
-
12.3.4
-
12.3.3
-
12.3.2
-
12.3.1
-
12.3.0
-
12.2.24
-
12.2.23
-
12.2.22
-
12.2.21
-
12.2.20
-
12.2.19
-
12.2.18
-
12.2.17
-
12.2.16
-
12.2.15
-
12.2.14
-
12.2.13
-
12.2.12
-
12.2.11
-
12.2.10
-
12.2.9
-
12.2.8
-
12.2.7
-
12.2.6
-
12.2.5
-
12.2.4
-
12.2.3
-
12.2.2
-
12.2.1
-
12.2.0
-
12.1.0
-
12.0.1
-
12.0.0
-
11.0.0
-
10.0.1
-
10.0.0
-
9.1.0
-
9.0.1
-
9.0.0
-
8.3.0
-
8.2.0
-
8.1.1
-
8.1.0
-
8.0.0
-
7.1.0
-
7.0.0
-
6.4.0
-
6.3.0
-
6.2.7
-
6.2.6
-
6.2.5
-
6.2.4
-
6.2.3
-
6.2.2
-
6.2.1
-
6.2.0
-
6.1.0
-
6.0.0
-
5.0.4
-
5.0.3
-
5.0.2
-
5.0.0
-
4.6.1
-
4.6.0
-
4.5.0
-
4.4.0
-
4.3.1
-
4.3.0
-
4.2.0
-
4.1.0
-
4.0.2
-
4.0.1
-
4.0.0
-
3.0.4
-
3.0.3
-
3.0.2
-
3.0.1
-
3.0.0
-
2.0.2
-
2.0.1
-
2.0.0
-
1.6.7
-
1.6.6
-
1.6.4
-
1.6.2
-
1.6.0
-
1.5.0
-
1.4.0
-
1.3.2
-
1.3.0
-
1.2.0
-
1.1.4
-
1.1.0
-
1.0.6
-
1.0.4
-
1.0.3
-
1.0.2
-
1.0.1
-
1.0.0
-
0.8.1
-
0.8.0
-
0.7.0
Follow165
- 12.3.5
- 12.3.4
- 12.3.3
- 12.3.2
- 12.3.1
- 12.3.0
- 12.2.24
- 12.2.23
- 12.2.22
- 12.2.21
- 12.2.20
- 12.2.19
- 12.2.18
- 12.2.17
- 12.2.16
- 12.2.15
- 12.2.14
- 12.2.13
- 12.2.12
- 12.2.11
- 12.2.10
- 12.2.9
- 12.2.8
- 12.2.7
- 12.2.6
- 12.2.5
- 12.2.4
- 12.2.3
- 12.2.2
- 12.2.1
- 12.2.0
- 12.1.0
- 12.0.1
- 12.0.0
- 11.0.0
- 10.0.1
- 10.0.0
- 9.1.0
- 9.0.1
- 9.0.0
- 8.3.0
- 8.2.0
- 8.1.1
- 8.1.0
- 8.0.0
- 7.1.0
- 7.0.0
- 6.4.0
- 6.3.0
- 6.2.7
- 6.2.6
- 6.2.5
- 6.2.4
- 6.2.3
- 6.2.2
- 6.2.1
- 6.2.0
- 6.1.0
- 6.0.0
- 5.0.4
- 5.0.3
- 5.0.2
- 5.0.0
- 4.6.1
- 4.6.0
- 4.5.0
- 4.4.0
- 4.3.1
- 4.3.0
- 4.2.0
- 4.1.0
- 4.0.2
- 4.0.1
- 4.0.0
- 3.0.4
- 3.0.3
- 3.0.2
- 3.0.1
- 3.0.0
- 2.0.2
- 2.0.1
- 2.0.0
- 1.6.7
- 1.6.6
- 1.6.4
- 1.6.2
- 1.6.0
- 1.5.0
- 1.4.0
- 1.3.2
- 1.3.0
- 1.2.0
- 1.1.4
- 1.1.0
- 1.0.6
- 1.0.4
- 1.0.3
- 1.0.2
- 1.0.1
- 1.0.0
- 0.8.1
- 0.8.0
- 0.7.0
Installs and configures haproxy
cookbook 'haproxy', '= 12.0.0', :supermarket
knife supermarket install haproxy
knife supermarket download haproxy
haproxy Cookbook
Installs and configures HAProxy.
Maintainers
This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit sous-chefs.org or come chat with us on the Chef Community Slack in #sous-chefs.
Requirements
- HAProxy
stable
orLTS
- Chef 13.9+
Platforms
This cookbook officially supports and is tested against the following platforms:
- debian: 8 & 9
- ubuntu: 16.04 & 18.04
- centos: 7
- amazonlinux: 2
PRs are welcome to add support for additional platforms.
Examples
Please check for working examples in [TEST](./test/fixtures/cookbooks/test/)
Common Resource Features
HAProxy has many configurable options available, this cookbook makes the most popular options available as resource properties.
If you wish to use a HAProxy property that is not listed the extra_options
hash is available to take in any number of additional values.
For example, the ability to disable listeners is not provided out of the box. Further examples can be found in either test/fixtures/recipes
or spec/test/recipes
. If you have questions on how this works or would like to add more examples so it is easier to understand, please come talk to us on the Chef Community Slack on the #sous-chefs channel.
haproxy_listen 'disabled' do bind '0.0.0.0:1337' mode 'http' extra_options('disabled': '') end
The extra_options
hash is of String => String
or String => Array
. When an Array
value is provided. The values are looped over mapping the key to each value in the config.
For example:
haproxy_listen 'default' do extra_options( 'http-request' => [ 'set-header X-Public-User yes', 'del-header X-Bad-Header' ] ) end
Becomes:
listen default ... http-request set-header X-Public-User yes http-request del-header X-Bad-Header
Resources
- haproxy_acl
- haproxy_backend
- haproxy_cache
- haproxy_config_defaults
- haproxy_config_global
- haproxy_fastcgi
- haproxy_frontend
- haproxy_install
- haproxy_listen
- haproxy_mailer
- haproxy_peer
- haproxy_resolver
- haproxy_service
- haproxy_use_backend
- haproxy_userlist
Configuration Validation
The haproxy.cfg
file has a few specific rule orderings that will generate validation errors if not loaded properly. If using any combination of the below rules, avoid the errors by loading the rules via extra_options
to specify the top down order as noted below in config file.
frontend & listen
tcp-request connection tcp-request session tcp-request content monitor fail block (deprecated) http-request reqxxx (any req excluding reqadd, e.g. reqdeny, reqallow) reqadd redirect use_backend
extra_options( 'tcp-request' => 'connection set-src src,ipmask(24)', 'reqdeny' => '^Host:\ .*\.local', 'reqallow' => '^Host:\ www\.', 'use_backend' => 'dynamic' )
backend
http-request reqxxx (any req excluding reqadd, e.g. reqdeny, reqallow) reqadd redirect
extra_options( 'http-request' => 'set-path /%[hdr(host)]%[path]', 'reqdeny' => '^Host:\ .*\.local', 'reqallow' => '^Host:\ www\.', 'redirect' => 'dynamic' )
Contributors
This project exists thanks to all the people who contribute.
Backers
Thank you to all our backers!
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website.
haproxy Cookbook CHANGELOG
This file is used to list changes made in each version of the haproxy cookbook.
12.0.0 - 2021-05-13
- Refactor to use resource partials
- Add delete action to most resources
- Convert
install
resource boolean strings to true/false - Ensure section is created before adding an ACL
11.0.0 - 2021-05-07
- Drop testing for Debian 8, Ubuntu 16.04 & Ubuntu 18.04
- Add testing for Debian 9 Ubuntu 20.04 & Ubuntu 21.04
- Fix the minimum Chef version to 15.3 unified_mode was introduced in 15.3
- Change kitchen to use the Bento provided Amazonlinux2 image
- Fix test suite
10.0.1 - 2021-04-26
- Add missing configuration file properties to all resources
10.0.0 - 2021-04-24
- Add configuration test function to the service resource - @bmhughes
- Fix generating multiple actions from the service resource - @bmhughes
- Kitchen test with CentOS 8/8 stream - @bmhughes
- Fix IUS repo causing a run failure on an unsupported platform - @bmhughes
- Move configuration resource creation into resource helper module - @bmhughes
[v9.1.0] (2020-10-07)
Added
- testing for haproxy 2.2
Removed
- testing for haproxy 1.9 & 2.1
[v9.0.1] (2020-09-15)
Added
- added lua compilation flags to
haproxy_install
resource
Fixed
- resolved cookstyle error: libraries/helpers.rb:19:24 refactor:
ChefCorrectness/InvalidPlatformFamilyInCase
- Updated IUS repo url to
https://repo.ius.io/ius-release-el7.rpm
Changed
- Turn on unified_mode for all resources
[v9.0.0] (2020-02-21)
Changed
- Removed
depends_on
build-essential, as this is now in Chef Core
Fixed
- Cookstyle fixes for cookstyle version 5.20
[v8.3.0] (2020-01-09)
Added
- on
haproxy_install
epel is now a configurable option
Changed
- Migrated testing to github actions
Fixed
- ius repo will only echo out if enabled
[v8.2.0] (2019-12-23)
Added
-
fastcgi
resource to support FastCGI applications
Changed
- Default source install version is haproxy 2.1
Fixed
- Bug with single newline between resources when multiple of the same type are defined
Removed
-
.foodcritic
as it is no longer run by deliver local. -
.rubocop.yml
as no longer required.
[v8.1.1] (2019-10-02)
Changed
- Updated
config_defaults
resourccestats
property default value to empty hash. - Updated metadata.rb chef_version to >=13.9 due to resource
description
.
[v8.1.0] (2019-06-24)
Changed
- Updated build target to linux-glibc for haproxy 2.0 compatibility.
- Updated integration tests to cover haproxy 2.0.
- Moved install resource target_os check to libraries.
[v8.0.0] (2019-05-29)
Added
- The bind config hash joins with a space instead of a colon.
- The peer resource.
- The mailer resource.
[v7.1.0] (2019-04-16)
Changed
- Clean up unused templates and files.
Fixed
- Name conflict with systemd_unit in service resource.
[v7.0.0] (2019-04-10)
Added
-
health
to allowed values formode
onfrontend
,backend
,listen
,default
. -
apt-update
for debian platforms. - ius repo for CentOS and Redhat package installations (resolves #348).
Changed
- Clean up unit and integration test content regular expressions.
- Move system command to a helper.
- Support only systemd init systems.
Removed
- Remove
poise_service
dependency in favor of systemd_unit.
Fixed
- Fix cookbook default value in
config_global
.
[v6.4.0] (2019-03-20)
Changed
- Move resource documentation to dedicated folder with md per resource.
- Rename haproxy_cache
name
property ascache_name
.
Fixed
- Source installs on CentOS 6.
[v6.3.0] (2019-02-18)
Added
- Haproxy_cache resource for caching small objects with HAProxy version >=1.8.
Changed
- Expand integration test coverage to all stable and LTS HAProxy versions.
- Documentation - clarify extra_options hash string => array option.
- Clarify the supported platforms - add AmazonLinux 2, remove fedora & freebsd.
[v6.2.7] (2019-01-10)
Added
- Test for appropriate spacing from start of line and end of line.
-
hash_type
param tohaproxy_backend
,haproxy_listen
, andhaproxy_config_defaults
resources. -
reqirep
andreqrep
params tohaproxy_backend
,haproxy_frontend
, andhaproxy_listen
resources. -
sensitive
param tohaproxy_install
; set to false to show diff output during Chef run.
Changed
- Allow passing an array to
haproxy_listen
'shttp_request
param.
Fixed
- Fix ordering for
haproxy_listen
:acl
directives should be applied beforehttp-request
.
[v6.2.6] (2018-11-05)
Changed
- Put
http_request
rules before theuse_backend
.
[v6.2.5] (2018-10-09)
Added
- rspec examples for resource usage.
Removed
- Chef-12 support.
- CPU cookbook dependency.
Fixed
- Systemd wrapper, the wrapper is no longer included with haproxy versions greater than 1.8.
[v6.2.4] (2018-09-19)
Added
- Server property to listen resource and config template.
[v6.2.3] (2018-08-03)
Removed
- A few resource default values so they can be specified in the haproxy.cfg default section and added service reload exmample to the readme for config changes.
[v6.2.2] (2018-08-03)
Changed
- Made
haproxy_install
source_url
property dynamic withsource_version
property and removed the need to specify checksum #307.
[v6.2.1] (2018-08-01)
Added
- Compiling from source crypt support #305.
[v6.2.0] (2018-05-11)
Changed
- Require Chef 12.20 or later.
- Uses the build_essential resource not the default recipe so the cookbook can be skipped entirely if running on Chef 14+.
[v6.1.0] (2018-04-12)
Breaking changes
Added
-
haproxy_service
resource see test suites for usage. - Support for haproxy 1.8.
- Test haproxy version 1.8.7 and 1.7.8.
- Test on chef-client version 13.87 and 14.
- Notes on how we generate the travis.yml list.
Changed
- Require Chef 12.20 or later.
- Uses the build_essential resource not the default recipe so the cookbook can be skipped entirely if running on Chef 14+.
- Simplify the kitchen matrix.
- Use default action in tests (:create).
- Set the use_systemd property from the init package system.
- Adding in systemd for SUSE Linux.
Removed
-
kitchen.dokken.yml
suites and inherit from kitchen.yml. - Amazon tests until a new dokken image is produced that is reliable.
Fixed
- Source comparison.
[v6.0.0] (2018-03-28)
Removed
-
compat_resource
cookbok dependency and push the required Chef version to 12.20
[v5.0.4] (2018-03-28)
Changed
- Make 1.8.4 the default installed version (#279)
- Use dokken docker images
- Update tests for haproxy service
- tcplog is now a valid input for the
haproxy_config_defaults
resource (#284) - bin prefix is now reflected in the service config. (#288, #289)
[v5.0.3] (2018-02-02)
Fixed
-
foodcritic
warning for not definingname_property
.
[v5.0.2] (2017-11-29)
Fixed
- Typo in listen section, makes previously unprintable expressions, printable in http-request, http-response and
default_backend
.
[v5.0.1] (2017-08-10)
Removed
- useless blank space in generated config file haproxy.cfg
[v5.0.0] (2017-08-07)
Added
- Option for install only #251.
Changed
- Updating service to use cookbook template.
- updating to haproxy 1.7.8, updating
source_version
in test files(kitchen,cookbook, etc) - updating properties to use
new_resource
Fixed
-
log
property
inglobal
resource can now be of typeArray
orString
. This fixes #252 - fixing supports line #258
[v4.6.1] (2017-08-02)
Changed
- Reload instead of restart on config change
- Specify -sf argument last to support haproxy < 1.6.0
[v4.6.0] (2017-07-13)
Added
conf_template_source
conf_cookbook
- Support Array value for
extra_options
entries. (#245, #246)
[v4.5.0] (2017-06-29)
Added
-
resolver
resource (#240)
[v4.4.0] (2017-06-28)
Added
-
option
as an Arrayproperty
forbackend
resource. This fixes #234 - Synced Debian/Ubuntu init script with latest upstream package changes
[v4.3.1] (2017-06-13)
Added
- Oracle Linux 6 support
Removed
- Scientific linux support as we don't have a reliable image
[v4.3.0] (2017-05-31)
Added
- Chefspec Matchers for the resources defined in this cookbook.
-
mode
property tobackend
andfrontend
resources. -
maxconn
toglobal
resource.
Removed
-
default_backend
as a required property on thefrontend
resource.
[v4.2.0] (2017-05-04)
Added
- In
acl
resource, usage:test/fixtures/cookbooks/test/recipes/config_acl.rb
- In
use_backend
resource, usage:test/fixtures/cookbooks/test/recipes/config_acl.rb
-
acl
anduse_backend
tolisten
resource. - Amazon Linux as a supported platform.
Changed
- Pinned
build-essential
,>= 8.0.1
- Pinned
poise-service
,>= 1.5.1
- Cleaned up arrays in
templates/default/haproxy.cfg.erb
Fixed
- Init script for Amazon Linux.
BREAKING CHANGES
- This version removes
stats_socket
,stats_uri
andstats_timeout
properties from thehaproxy_global
andhaproxy_listen
resources in favour of using a hash to pass configuration options.
[v4.1.0] (2017-05-01)
Added
-
userlist
resource, to see usage:test/fixtures/cookbooks/test/recipes/config_1_userlist.rb
- chef-search example in:
test/fixtures/cookbooks/test/recipes/config_backend_search.rb
- Multiple addresses and ports on listener and frontend (#205)
Changed
- Updating source install test to take node attributes as haproxy.org is slow.
Fixed
-
haproxy_retries
inhaproxy_config_defaults
resource
[v4.0.2] (2017-04-21)
Fixed
- haproxy service start on Ubuntu 14.04 (#199)
- Reload HAProxy when changing configuration (#197)
[v4.0.1] (2017-04-20)
Added
- Updating README.md
- Adding compat_resource for chef-12 support
- Improvement when rendering the configuration file (#196)
[v4.0.0] (2017-04-18)
COMPATIBILIY WARNING
- This version removes the existing recipes, attributes, and instance provider in favor of the new haproxy_install and haproxy_ configuration resources. Why not just leave them in place? Well unfortunately they were utterly broken for anything other than the most trivial usage. Rather than continue the user pain we've opted to remove them and point users to a more modern installation method. If you need the legacy installation methods simply pin to the 3.0.4 release.
- THIS IS GOING TO BREAK EVERYTHING YOU KNOW AND LOVE
- 12.5 or greater rewrite
- Custom Resource Only, no recipes
[v3.0.4] (2017-03-29)
Fixed
- Bug introduced in (#174) (#182)
[v3.0.3] (2017-03-28)
Added
- Multiple addresses and ports on listener and frontend (#174)
- Customize logging destination (#178)
Changed
- Updating to use bats/serverspec (#179)
[v3.0.2] (2017-03-27)
Added
- Allow server startup from
app_lb
recipe. (#171) - Use Delivery instead of Rake
- Make this cookbook compatible with Chef-13, note:
params
option is nowparameters
(#175)
[v3.0.1] (2017-01-30)
Added
- Reload haproxy configuration on changes (#152)
- Merging in generic socket conf (#107)
- Updating config to use facilities hash dynamically (#102)
- Adding
tproxy
and splice per (#98)
Removed
- Members with nil ips from member array. (#79)
[v3.0.0] (2017-01-24)
Added
- Configurable debug options
- CentOS7 compatibility (#123)
- Adding poise-service for service management
Changed
- Updating source install to use Haproxy 1.7.2
- Chef >= 12.1 required
- Use
['haproxy']['source']['target_cpu']
instead of['haproxy']['source']['target_os']
to detect correct architecture. (#150)
[v2.0.2] (2016-12-30)
Fixed
- Cookstyle
- The github URL for the repo in various locations
Changed
- Travis testing updates
- Converted file modes to strings
- Updated the config resource to lazily evaluate node attribute values to better load the values when overridden in wrapper cookbooks
v2.0.1 (2016-12-08)
Fixed
- Dynamic configuration to properly template out frontend and backend sections
Chnaged
- Update Chef Brigade to Sous Chefs
- Updated contributing docs to remove the reference to the develop branch
v2.0.0 (2016-11-09)
Breaking Changes
- The default recipe is now an empty recipe with manual configuration performed in the 'manual' recipe
- Remove Chef 10 compatibility code
- Switch from Librarian to Berksfile
- Updated the source recipe to install 1.6.9 by default
Added
- Migrated this cookbook from Heavy Water to Chef Brigade so we can ensure more frequent releases and maintenance
- A code of conduct for the project. Read it.
- Several new syslog configuration attributes
- A new attribute for stats_socket_level
- A new attribute for retries
- A chefignore file to speed up syncs from the server
- Scientific and oracle as supported platforms in the metadata
- source_url, issues_url, and chef_version metadata
- Enabled why-run support in the default haproxy resource
- New haproxy_config resource
- Guardfile
- Testing in Travis CI with a Rakefile that runs cookstyle, foodcritic, and ChefSpec as well as a Kitchen Dokken config that does integration testing of the package install
- New node['haproxy']['pool_members'] and node['haproxy']['pool_members_option'] attributes
Changed
- The haproxy config is now verified before the service restarts / reloads to prevent taking down haproxy with a bad config
- Update the Kitchen config file to use Bento boxes and new platforms
- Update ChefSpec matchers to use the latest format
- Broke search logic out into a new_discovery recipe
Removed
- Attributes from the metadata file as these are redundant
- Broken tarball validation in the source recipe to prevented installs from completing
Fixed
- Source installs not running if an older version was present on the node
- Resolved all cookstyle and foodcritic warnings
v1.6.7
Added
- ChefSpec matchers and test coverage
Changed
- Replaced references to Opscode with Chef
v1.6.6
Changed
- Parameterize options for admin listener.
- Renamed templates/rhel to templates/redhat.
- Sort pool members by hostname to avoid needless restarts.
- Support amazon linux init script.
- Support to configure global options.
Fixed
- CPU Tuning, corrects cpu_affinity resource triggers
v1.6.4
v1.6.2
Added
- COOK-3135 - Allow setting of members with default recipe without changing the template.
Fixed
- COOK-3424 - Haproxy cookbook attempts to alter an immutable attribute.
v1.6.0
Added
- Allow setting of members with default recipe without changing the template.
v1.5.0
Added
- COOK-3660 - Make haproxy socket default user group configurable
- COOK-3537 - Add OpenSSL and zlib source configurations
- COOK-2384 - Add LWRP for multiple haproxy sites/configs
v1.4.0
Added
- COOK-3237 - Enable cookie-based persistence in a backend
- COOK-3216 - Metadata attributes
- COOK-3211 - Support RHEL
- COOK-3133 - Allow configuration of a global stats socket
v1.3.2
Fixed
- [COOK-3046]: haproxy default recipe broken by COOK-2656.
Added
- [COOK-2009]: Test-kitchen support to haproxy.
v1.3.0
Changed
- [COOK-2656]: Unify the haproxy.cfg with that from
app_lb
.
Added
- [COOK-1488]: Provide an option to build haproxy from source.
v1.2.0
Added
- [COOK-1936] - use frontend / backend logic.
- [COOK-1937] - cleanup for configurations.
- [COOK-1938] - more flexibility for options.
- [COOK-1939] - reloading haproxy is better than restarting.
- [COOK-1940] - haproxy stats listen on 0.0.0.0 by default.
- [COOK-1944] - improve haproxy performance.
v1.1.4
Added
- [COOK-1839] -
httpchk
configuration toapp_lb
template.
v1.1.0
Changed
- [COOK-1275] - haproxy-default.erb should be a cookbook_file.
Fixed
- [COOK-1594] - Template-Service ordering issue in
app_lb
recipe.
v1.0.6
Changed
- [COOK-1310] - Redispatch flag has changed.
v1.0.4
Changed
- [COOK-806] - Load balancer should include an SSL option.
- [COOK-805] - Fundamental haproxy load balancer options should be configurable.
v1.0.3
Changed
- [COOK-620]
haproxy::app_lb
's template should use the member cloud private IP by default.
v1.0.2
Fixed
- Regression introduced in v1.0.1.
v1.0.1
Added
- Account for the case where load balancer is in the pool.
v1.0.0
Changed
- Use
node.chef_environment
instead ofnode['app_environment']
.