cookbook 'haproxy', '= 7.0.0'
haproxy
(103) Versions
7.0.0
-
-
12.3.5
-
12.3.4
-
12.3.3
-
12.3.2
-
12.3.1
-
12.3.0
-
12.2.24
-
12.2.23
-
12.2.22
-
12.2.21
-
12.2.20
-
12.2.19
-
12.2.18
-
12.2.17
-
12.2.16
-
12.2.15
-
12.2.14
-
12.2.13
-
12.2.12
-
12.2.11
-
12.2.10
-
12.2.9
-
12.2.8
-
12.2.7
-
12.2.6
-
12.2.5
-
12.2.4
-
12.2.3
-
12.2.2
-
12.2.1
-
12.2.0
-
12.1.0
-
12.0.1
-
12.0.0
-
11.0.0
-
10.0.1
-
10.0.0
-
9.1.0
-
9.0.1
-
9.0.0
-
8.3.0
-
8.2.0
-
8.1.1
-
8.1.0
-
8.0.0
-
7.1.0
-
7.0.0
-
6.4.0
-
6.3.0
-
6.2.7
-
6.2.6
-
6.2.5
-
6.2.4
-
6.2.3
-
6.2.2
-
6.2.1
-
6.2.0
-
6.1.0
-
6.0.0
-
5.0.4
-
5.0.3
-
5.0.2
-
5.0.0
-
4.6.1
-
4.6.0
-
4.5.0
-
4.4.0
-
4.3.1
-
4.3.0
-
4.2.0
-
4.1.0
-
4.0.2
-
4.0.1
-
4.0.0
-
3.0.4
-
3.0.3
-
3.0.2
-
3.0.1
-
3.0.0
-
2.0.2
-
2.0.1
-
2.0.0
-
1.6.7
-
1.6.6
-
1.6.4
-
1.6.2
-
1.6.0
-
1.5.0
-
1.4.0
-
1.3.2
-
1.3.0
-
1.2.0
-
1.1.4
-
1.1.0
-
1.0.6
-
1.0.4
-
1.0.3
-
1.0.2
-
1.0.1
-
1.0.0
-
0.8.1
-
0.8.0
-
0.7.0
Follow165
- 12.3.5
- 12.3.4
- 12.3.3
- 12.3.2
- 12.3.1
- 12.3.0
- 12.2.24
- 12.2.23
- 12.2.22
- 12.2.21
- 12.2.20
- 12.2.19
- 12.2.18
- 12.2.17
- 12.2.16
- 12.2.15
- 12.2.14
- 12.2.13
- 12.2.12
- 12.2.11
- 12.2.10
- 12.2.9
- 12.2.8
- 12.2.7
- 12.2.6
- 12.2.5
- 12.2.4
- 12.2.3
- 12.2.2
- 12.2.1
- 12.2.0
- 12.1.0
- 12.0.1
- 12.0.0
- 11.0.0
- 10.0.1
- 10.0.0
- 9.1.0
- 9.0.1
- 9.0.0
- 8.3.0
- 8.2.0
- 8.1.1
- 8.1.0
- 8.0.0
- 7.1.0
- 7.0.0
- 6.4.0
- 6.3.0
- 6.2.7
- 6.2.6
- 6.2.5
- 6.2.4
- 6.2.3
- 6.2.2
- 6.2.1
- 6.2.0
- 6.1.0
- 6.0.0
- 5.0.4
- 5.0.3
- 5.0.2
- 5.0.0
- 4.6.1
- 4.6.0
- 4.5.0
- 4.4.0
- 4.3.1
- 4.3.0
- 4.2.0
- 4.1.0
- 4.0.2
- 4.0.1
- 4.0.0
- 3.0.4
- 3.0.3
- 3.0.2
- 3.0.1
- 3.0.0
- 2.0.2
- 2.0.1
- 2.0.0
- 1.6.7
- 1.6.6
- 1.6.4
- 1.6.2
- 1.6.0
- 1.5.0
- 1.4.0
- 1.3.2
- 1.3.0
- 1.2.0
- 1.1.4
- 1.1.0
- 1.0.6
- 1.0.4
- 1.0.3
- 1.0.2
- 1.0.1
- 1.0.0
- 0.8.1
- 0.8.0
- 0.7.0
Installs and configures haproxy
cookbook 'haproxy', '= 7.0.0', :supermarket
knife supermarket install haproxy
knife supermarket download haproxy
haproxy Cookbook
Installs and configures HAProxy.
Requirements
- HAProxy
stable
orLTS
- Chef 13+
Contributors
This project is made possible by our backers on OpenCollective
Platforms
This cookbook officially supports and is tested against the following platforms:
- debian: 8 & 9
- ubuntu: 16.04 & 18.04
- centos: 7
- amazonlinux: 2
- opensuseleap: 15
PRs are welcome to add support for additional platforms.
Examples
Please check for working examples in [TEST](./test/fixtures/cookbooks/test/)
Common Resource Features
HAProxy has many configurable options available, this cookbook makes the most popular options available as resource properties.
If you wish to use a HAProxy property that is not listed the extra_options
hash is available to take in any number of additional values.
For example, the ability to disable listeners is not provided out of the box. Further examples can be found in either test/fixtures/recipes
or spec/test/recipes
. If you have questions on how this works or would like to add more examples so it is easier to understand, please come talk to us on the Chef Community Slack on the #sous-chefs channel.
haproxy_listen 'disabled' do bind '0.0.0.0:1337' mode 'http' extra_options('disabled': '') end
The extra_options
hash is of String => String
or String => Array
. When an Array
value is provided. The values are looped over mapping the key to each value in the config.
For example:
haproxy_listen 'default' do extra_options( 'http-request' => [ 'set-header X-Public-User yes', 'del-header X-Bad-Header' ] ) end
Becomes:
listen default
...
http-request set-header X-Public-User yes
http-request del-header X-Bad-Header
Resources
- haproxy_acl
- haproxy_backend
- haproxy_cache
- haproxy_config_defaults
- haproxy_config_global
- haproxy_frontend
- haproxy_install
- haproxy_listen
- haproxy_resolver
- haproxy_service
- haproxy_use_backend
- haproxy_userlist
Configuration Validation
The haproxy.cfg
file has a few specific rule orderings that will generate validation errors if not loaded properly. If using any combination of the below rules, avoid the errors by loading the rules via extra_options
to specify the top down order as noted below in config file.
frontend & listen
tcp-request connection
tcp-request session
tcp-request content
monitor fail
block (deprecated)
http-request
reqxxx (any req excluding reqadd, e.g. reqdeny, reqallow)
reqadd
redirect
use_backend
extra_options( 'tcp-request' => 'connection set-src src,ipmask(24)', 'reqdeny' => '^Host:\ .*\.local', 'reqallow' => '^Host:\ www\.', 'use_backend' => 'dynamic' )
backend
http-request
reqxxx (any req excluding reqadd, e.g. reqdeny, reqallow)
reqadd
redirect
extra_options( 'http-request' => 'set-path /%[hdr(host)]%[path]', 'reqdeny' => '^Host:\ .*\.local', 'reqallow' => '^Host:\ www\.', 'redirect' => 'dynamic' )
License & Authors
- Author:: Dan Webb (https://github.com/damacus)
- Author:: Will Fisher (https://github.com/teknofire)
- Author:: Richard Shade (https://github.com/rshade)
- Author:: Joshua Timberman (joshua@chef.io)
- Author:: Aaron Baer (aaron@hw-ops.com)
- Author:: Justin Kolberg (justin@hw-ops.com)
Copyright:: Heavy Water Operations, LLC. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
haproxy Cookbook CHANGELOG
This file is used to list changes made in each version of the haproxy cookbook.
Unreleased
[v7.0.0] (2019-04-10)
- Add
health
to allowed values formode
onfrontend
,backend
,listen
,default
- Fix cookbook default value in
config_global
- Clean up unit and integration test content regular expressions
- Adds ius repo for CentOS and Redhat package installations (resolves #348)
- Add apt-update for debian platforms
- Move system command to a helper
- Remove
poise_service
dependency in favor of systemd_unit - Support only systemd init systems
[v6.4.0] (2019-03-20)
- Move resource documentation to dedicated folder with md per resource
- Fix source installs on CentOS 6
- Rename haproxy_cache
name
property ascache_name
[v6.3.0] (2019-02-18)
- Add haproxy_cache resource for caching small objects with HAProxy version >=1.8
- Expand integration test coverage to all stable and LTS HAProxy versions
- Documentation - clarify extra_options hash string => array option
- Clarify the supported platforms - add AmazonLinux 2, remove fedora & freebsd
[v6.2.7] (2019-01-10)
- Test for appropriate spacing from start of line and end of line
- Allow passing an array to
haproxy_listen
'shttp_request
param - Fix ordering for
haproxy_listen
:acl
directives should be applied beforehttp-request
- Add
hash_type
param tohaproxy_backend
,haproxy_listen
, andhaproxy_config_defaults
resources - Add
reqirep
andreqrep
params tohaproxy_backend
,haproxy_frontend
, andhaproxy_listen
resources - Add
sensitive
param tohaproxy_install
; set to false to show diff output during Chef run
[v6.2.6] (2018-11-05)
- Put
http_request
rules before theuse_backend
[v6.2.5] (2018-10-09)
- Drop Chef-12 support
- Drop CPU cookbook dependency
- Fix systemd wrapper, the wrapper is no longer included with haproxy versions greater than 1.8.
- Add rspec examples for resource usage
[v6.2.4] (2018-09-19)
- Added server property to listen resource and config template
[v6.2.3] (2018-08-03)
- Removed a few resource default values so they can be specified in the haproxy.cfg default section and added service reload exmample to the readme for config changes
[v6.2.2] (2018-08-03)
- Made
haproxy_install
source_url
property dynamic withsource_version
property and removed the need to specify checksum #307
[v6.2.1] (2018-08-01)
- Added compiling from source crypt support #305
[v6.2.0] (2018-05-11)
- Require Chef 12.20 or later
- Uses the build_essential resource not the default recipe so the cookbook can be skipped entirely if running on Chef 14+
[v6.1.0] (2018-04-12)
Breaking changes
- Adds
haproxy_service
resource see test suites for usage - Require Chef 12.20 or later
Improvements
- Uses the build_essential resource not the default recipe so the cookbook can be skipped entirely if running on Chef 14+
- Adds support for haproxy 1.8
- Simplify the kitchen matrix
- Remove kitchen.dokken.yml suites and inherit from kitchen.yml
- Use default action in tests (:create)
- Set the use_systemd property from the init package system
- Adding in systemd for SUSE Linux
- Fix source comparison
Testing Changes
- Test haproxy version 1.8.7 and 1.7.8
- Test on chef-client version 13.87 and 14
- Add notes on how we generate the travis.yml list
- Remove Amazon tests until a new dokken image is produced that is reliable
[v6.0.0] (2018-03-28)
- Remove
compat_resource
cookbok dependency and push the required Chef version to 12.20
[v5.0.4] (2018-03-28)
- Make 1.8.4 the default installed version (#279)
- Use dokken docker images
- Update tests for haproxy service
- tcplog is now a valid input for the
haproxy_config_defaults
resourcce (#284) - bin prefix is now reflexted in the service config. (#288, #289)
[v5.0.3] (2018-02-02)
- Fix foodcritic warning for not defining
name_property
[v5.0.2] (2017-11-29)
- Fixes typo in listen section, makes previously unprintable expressions, printable in http-request, http-response and
default_backend
.
[v5.0.1] (2017-08-10)
- Removed useless blank space in generated config file haproxy.cfg
[v5.0.0] (2017-08-07)
- updating service to use cookbook template
- Add option for install only #251
-
log
property
inglobal
resource can now be of typeArray
orString
. This fixes #252 - updating to haproxy 1.7.8, updating
source_version
in test files(kitchen,cookbook, etc) - fixing supports line #258
- updating properties to use
new_resource
[v4.6.1] (2017-08-02)
- Reload instead of restart on config change
- Specify -sf argument last to support haproxy < 1.6.0
[v4.6.0] (2017-07-13)
- Re-added
conf_template_source
- Re-added
conf_cookbook
- Support Array value for
extra_options
entries. (#245, #246)
[v4.5.0] (2017-06-29)
- Added
resolver
resource (#240)
[v4.4.0] (2017-06-28)
- Synced Debian/Ubuntu init script with latest upstream package changes
- Added
option
as an Arrayproperty
forbackend
resource. This fixes #234
[v4.3.1] (2017-06-13)
- Adding Oracle Linux 6 support
- Removing scientific linux support as we don't have a reliable image
[v4.3.0] (2017-05-31)
- Added Chefspec Matchers for the resources defined in this cookbook.
- Added
mode
property tobackend
andfrontend
resources. - Added
maxconn
toglobal
resource - Remove
default_backend
as a required property on thefrontend
resource
[v4.2.0] (2017-05-04)
- Added in
acl
resource, usage:test/fixtures/cookbooks/test/recipes/config_acl.rb
- Added in
use_backend
resource, usage:test/fixtures/cookbooks/test/recipes/config_acl.rb
- Cleaned up arrays in
templates/default/haproxy.cfg.erb
- Added
acl
anduse_backend
tolisten
resource. - Fixed init script for Amazon Linux.
- Added Amazon Linux as a supported platform.
- Pinned
build-essential
,>= 8.0.1
Pinned
poise-service
,>= 1.5.1
BREAKING CHANGES: This version removes
stats_socket
,stats_uri
andstats_timeout
properties from thehaproxy_global
andhaproxy_listen
resources in favour of using a hash to pass configuration options.
[v4.1.0] (2017-05-01)
- Adding
userlist
resource, to see usage:test/fixtures/cookbooks/test/recipes/config_1_userlist.rb
- Fixing
haproxy_retries
inhaproxy_config_defaults
resource - Updating source install test to take node attributes as haproxy.org is slow.
- Added chef-search example in:
test/fixtures/cookbooks/test/recipes/config_backend_search.rb
- Multiple addresses and ports on listener and frontend (#205)
[v4.0.2] (2017-04-21)
- Fix haproxy service start on Ubuntu 14.04 (#199)
- Reload HAProxy when changing configuration (#197)
[v4.0.1] (2017-04-20)
- Updating README.md
- Adding compat_resource for chef-12 support
- Improved rendering of the configuration file (#196)
[v4.0.0] (2017-04-18)
- COMPATIBILIY WARNING!!!! This version removes the existing recipes, attributes, and instance provider in favor of the new haproxy_install and haproxy_ configuration resources. Why not just leave them in place? Well unfortunately they were utterly broken for anything other than the most trivial usage. Rather than continue the user pain we've opted to remove them and point users to a more modern installation method. If you need the legacy installation methods simply pin to the 3.0.4 release.
- THIS IS GOING TO BREAK EVERYTHING YOU KNOW AND LOVE
- 12.5 or greater rewrite
- Custom Resource Only, no recipes
[v3.0.4] (2017-03-29)
- Fix bug introduced in (#174) (#182)
[v3.0.3] (2017-03-28)
- Multiple addresses and ports on listener and frontend (#174)
- Customize logging destination (#178)
- updating to use bats/serverspec (#179)
[v3.0.2] (2017-03-27)
- Allow server startup from
app_lb
recipe. (#171) - Use Delivery instead of Rake
- Make this cookbook compatible with Chef-13, note:
params
option is nowparameters
(#175)
[v3.0.1] (2017-01-30)
- Reload haproxy configuration on changes (#152)
- Merging in generic socket conf (#107)
- Updating config to use facilities hash dynamically (#102)
- Adding
tproxy
and splice per (#98 - Removing members with nil ips from member array. (#79)
[v3.0.0] (2017-01-24)
- Configurable debug options
- CentOS7 compatibility (#123)
- Adding poise-service for service management
- Updating source install to use Haproxy 1.7.2
- Chef >= 12.1 required
- Use
['haproxy']['source']['target_cpu']
instead of['haproxy']['source']['target_os']
to detect correct architecture. (#150)
[v2.0.2] (2016-12-30)
- Cookstyle fixes
- Travis testing updates
- Fixed the github URL for the repo in various locations
- Converted file modes to strings
- Updated the config resource to lazily evaluate node attribute values to better load the values when overridden in wrapper cookbooks
v2.0.1 (2016-12-08)
- Fixed dynamic configuration to properly template out frontend and backend sections
- Update Chef Brigade to Sous Chefs
- Updated contributing docs to remove the reference to the develop branch
v2.0.0 (2016-11-09)
Breaking Changes
- The default recipe is now an empty recipe with manual configuration performed in the 'manual' recipe
- Remove Chef 10 compatibility code
- Switch from Librarian to Berksfile
- Updated the source recipe to install 1.6.9 by default
Other changes
- Migrated this cookbook from Heavy Water to Chef Brigade so we can ensure more frequent releases and maintenance
- Added a code of conduct for the project. Read it.
- The haproxy config is now verified before the service restarts / reloads to prevent taking down haproxy with a bad config
- Several new syslog configuration attributes have been added
- A new attribute for stats_socket_level has been added
- A new attribute for retries has been added
- Added a chefignore file to speed up syncs from the server
- Added scientific and oracle as supported platforms in the metadata
- Added source_url, issues_url, and chef_version metadata
- Removed attributes from the metadata file as these are redundant
- Enabled why-run support in the default haproxy resource
- Removed broken tarball validation in the source recipe to prevented installs from completing
- Fixed source installs not running if an older version was present on the node
- Broke search logic out into a new_discovery recipe
- Added new node['haproxy']['pool_members'] and node['haproxy']['pool_members_option'] attributes
- Resolved all cookstyle and foodcritic warnings
- Added a new haproxy_config resource
- Added a Guardfile
- Update the Kitchen config file to use Bento boxes and new platforms
- Updates ChefSpec matchers to use the latest format
- Added testing in Travis CI with a Rakefile that runs cookstyle, foodcritic, and ChefSpec as well as a Kitchen Dokken config that does integration testing of the package install
v1.6.7
New Feature
- Added ChefSpec matchers and test coverage
Updates
- Replaced references to Opscode with Chef
v1.6.6
Bug
- CPU Tuning, corrects cpu_affinity resource triggers
Updates
- parameterize options for admin listener
- renamed templates/rhel to templates/redhat
- sort pool members by hostname to avoid needless restarts
- support amazon linux init script
- support to configure global options
v1.6.4
v1.6.2
Bug
- COOK-3424 - Haproxy cookbook attempts to alter an immutable attribute
New Feature
- COOK-3135 - Allow setting of members with default recipe without changing the template
v1.6.2
Bug
- COOK-3424 - Haproxy cookbook attempts to alter an immutable attribute
New Feature
- COOK-3135 - Allow setting of members with default recipe without changing the template
v1.6.0
New Feature
- Allow setting of members with default recipe without changing the template
v1.5.0
Improvement
- COOK-3660 - Make haproxy socket default user group configurable
- COOK-3537 - Add OpenSSL and zlib source configurations
New Feature
- COOK-2384 - Add LWRP for multiple haproxy sites/configs
v1.4.0
Improvement
New Feature
v1.3.2
Bug
- [COOK-3046]: haproxy default recipe broken by COOK-2656
Task
- [COOK-2009]: Add test-kitchen support to haproxy
v1.3.0
Improvement
- [COOK-2656]: Unify the haproxy.cfg with that from
app_lb
New Feature
- [COOK-1488]: Provide an option to build haproxy from source
v1.2.0
- [COOK-1936] - use frontend / backend logic
- [COOK-1937] - cleanup for configurations
- [COOK-1938] - more flexibility for options
- [COOK-1939] - reloading haproxy is better than restarting
- [COOK-1940] - haproxy stats listen on 0.0.0.0 by default
- [COOK-1944] - improve haproxy performance
v1.1.4
- [COOK-1839] - add httpchk configuration to
app_lb
template
v1.1.0
- [COOK-1275] - haproxy-default.erb should be a cookbook_file
- [COOK-1594] - Template-Service ordering issue in
app_lb
recipe
v1.0.6
- [COOK-1310] - redispatch flag has changed
v1.0.4
- [COOK-806] - load balancer should include an SSL option
- [COOK-805] - Fundamental haproxy load balancer options should be configurable
v1.0.3
- [COOK-620]
haproxy::app_lb
's template should use the member cloud private IP by default
v1.0.2
- fix regression introduced in v1.0.1
v1.0.1
- account for the case where load balancer is in the pool
v1.0.0
- Use
node.chef_environment
instead ofnode['app_environment']
Collaborator Number Metric
7.0.0 passed this metric
Contributing File Metric
7.0.0 passed this metric
Foodcritic Metric
7.0.0 passed this metric
No Binaries Metric
7.0.0 passed this metric
Testing File Metric
7.0.0 passed this metric
Version Tag Metric
7.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
7.0.0 passed this metric
7.0.0 passed this metric
Foodcritic Metric
7.0.0 passed this metric
No Binaries Metric
7.0.0 passed this metric
Testing File Metric
7.0.0 passed this metric
Version Tag Metric
7.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
7.0.0 passed this metric
7.0.0 passed this metric
Testing File Metric
7.0.0 passed this metric
Version Tag Metric
7.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
7.0.0 passed this metric
7.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number