Commit 783b34d8 authored by Vincent Pelletier's avatar Vincent Pelletier Committed by Julien Muchembled

erp5: Stop using slapos.cookbook:haproxy .

Fixes backend maxconn value: it's now equal to zope's number of threads.
Instead, generate configuration file from template and wrapper from
stand-alone recipe.
One local-only feature is lost: haproxy-ctl command is not present, but its
usage should be rare enough to not be a problem now. Socket is present
anyway, so any tool able to access a unix socket would do (ex: socat).
parent e4c1dd8a
...@@ -213,7 +213,7 @@ md5sum = 564006953b7d7a12d40a14b6648b32f0 ...@@ -213,7 +213,7 @@ md5sum = 564006953b7d7a12d40a14b6648b32f0
# XXX: "template.cfg" is hardcoded in instanciation recipe # XXX: "template.cfg" is hardcoded in instanciation recipe
filename = template.cfg filename = template.cfg
template = ${:_profile_base_location_}/instance.cfg.in template = ${:_profile_base_location_}/instance.cfg.in
md5sum = 826e50b6465ce9e9a7534c1707e88e82 md5sum = f71e14621d90903eba1b943401548b8a
extra-context = extra-context =
key mariadb_link_binary template-mariadb:link-binary key mariadb_link_binary template-mariadb:link-binary
key zope_link_binary template-zope:link-binary key zope_link_binary template-zope:link-binary
...@@ -254,6 +254,7 @@ extra-context = ...@@ -254,6 +254,7 @@ extra-context =
key template_balancer template-balancer:target key template_balancer template-balancer:target
key template_cloudooo template-cloudooo:target key template_cloudooo template-cloudooo:target
key template_erp5 template-erp5:target key template_erp5 template-erp5:target
key template_haproxy_cfg template-haproxy-cfg:target
key template_kumofs template-kumofs:target key template_kumofs template-kumofs:target
key template_logrotate_base template-logrotate-base:rendered key template_logrotate_base template-logrotate-base:rendered
key template_mariadb template-mariadb:target key template_mariadb template-mariadb:target
...@@ -284,7 +285,7 @@ md5sum = 32de16140a294a7e456a9665124bdb93 ...@@ -284,7 +285,7 @@ md5sum = 32de16140a294a7e456a9665124bdb93
[template-zope] [template-zope]
< = download-base < = download-base
filename = instance-zope.cfg.in filename = instance-zope.cfg.in
md5sum = e1764e796fc8335aac4704bdc2956c35 md5sum = 882927b01ee5d5d5c05b9eb8bf3b5255
link-binary = link-binary =
${coreutils:location}/bin/basename ${coreutils:location}/bin/basename
${coreutils:location}/bin/cat ${coreutils:location}/bin/cat
...@@ -311,7 +312,12 @@ link-binary = ...@@ -311,7 +312,12 @@ link-binary =
[template-balancer] [template-balancer]
< = download-base < = download-base
filename = instance-balancer.cfg.in filename = instance-balancer.cfg.in
md5sum = 2e27ba1ab4fd24ec7df8b6f5d9835b44 md5sum = 4157bc5954e1ced1dac1295994c9d715
[template-haproxy-cfg]
< = download-base
filename = haproxy.cfg.in
md5sum = 9f8bdf49366eee04c2add5c203d20cd0
[template-logrotate-base] [template-logrotate-base]
< = template-jinja2-base < = template-jinja2-base
......
global
maxconn 4096
stats socket {{ parameter_dict['socket-path'] }} level admin
defaults
log global
mode http
option httplog
option dontlognull
retries 1
option redispatch
maxconn 2000
cookie SERVERID insert
balance roundrobin
stats uri /haproxy
stats realm Global\ statistics
{% set server_check_path = parameter_dict['server-check-path'] -%}
{% if server_check_path -%}
option httpchk GET {{ server_check_path }}
{% endif -%}
# it is useless to have timeout much bigger than the one of apache.
# By default apache use 300s, so we set slightly more in order to
# make sure that apache will first stop the connection.
timeout server 305s
# Stop waiting in queue for a zope to become available.
# If no zope can be reached after one minute, consider the request will
# never succeed.
timeout queue 60s
# The connection should be immediate on LAN,
# so we should not set more than 5 seconds, and it could be already too much
timeout connect 5s
# As requested in haproxy doc, make this "at least equal to timeout server".
timeout client 305s
# Use "option forceclose" to not preserve client & server persistent connections
# while handling every incoming request individually, dispatching them one after
# another to servers, in HTTP close mode. This is really needed when haproxy
# is configured with maxconn to 1, without this option browsers are unable
# to render a page
option forceclose
{% for name, (port, backend_list) in parameter_dict['backend-dict'].items() -%}
listen {{ name }} {{ parameter_dict['ip'] }}:{{ port }}
{% for address, connection_count in backend_list -%}
{% set server_name = name ~ '-' ~ loop.index0 -%}
server {{ server_name }} {{ address }} cookie {{ server_name }} check inter 3s rise 1 fall 2 maxqueue 5 maxconn {{ connection_count }}
{% endfor -%}
{% endfor %}
...@@ -10,9 +10,9 @@ per partition. No more (undefined result), no less (IndexError). ...@@ -10,9 +10,9 @@ per partition. No more (undefined result), no less (IndexError).
# And think of a way to specify which urls goe through varnish, which go # And think of a way to specify which urls goe through varnish, which go
# directly to haproxy. (maybe just passing literal configuration file chunk) # directly to haproxy. (maybe just passing literal configuration file chunk)
{% set ipv4 = (ipv4_set | list)[0] -%} {% set ipv4 = (ipv4_set | list)[0] -%}
{% set ipv6 = (ipv6_set | list)[0] -%}
{% if use_ipv6 -%} {% if use_ipv6 -%}
{% set ipv6 = (ipv6_set | list)[0] -%}
[zope-tunnel-base] [zope-tunnel-base]
recipe = slapos.cookbook:ipv4toipv6 recipe = slapos.cookbook:ipv4toipv6
runner-path = ${directory:services}/${:base-name} runner-path = ${directory:services}/${:base-name}
...@@ -28,7 +28,7 @@ ipv4 = {{ ipv4 }} ...@@ -28,7 +28,7 @@ ipv4 = {{ ipv4 }}
{% set zope_family_address_list = [] -%} {% set zope_family_address_list = [] -%}
{% for parameter_id in parameter_id_list -%} {% for parameter_id in parameter_id_list -%}
{% set zope_address_list = slapparameter_dict[parameter_id] -%} {% set zope_address_list = slapparameter_dict[parameter_id] -%}
{% for zope_address in zope_address_list -%} {% for zope_address, maxconn in zope_address_list -%}
{% if use_ipv6 -%} {% if use_ipv6 -%}
[{{ section('zope-tunnel-' ~ next_port) }}] [{{ section('zope-tunnel-' ~ next_port) }}]
< = zope-tunnel-base < = zope-tunnel-base
...@@ -41,7 +41,7 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }} ...@@ -41,7 +41,7 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }}
{% else -%} {% else -%}
{% set zope_effective_address = zope_address -%} {% set zope_effective_address = zope_address -%}
{% endif -%} {% endif -%}
{% do zope_family_address_list.append(zope_effective_address) -%} {% do zope_family_address_list.append((zope_effective_address, maxconn)) -%}
{% endfor -%} {% endfor -%}
{% endfor -%} {% endfor -%}
{% set haproxy_port = next_port -%} {% set haproxy_port = next_port -%}
...@@ -51,17 +51,24 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }} ...@@ -51,17 +51,24 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }}
{% set next_port = next_port + 1 -%} {% set next_port = next_port + 1 -%}
{% endfor -%} {% endfor -%}
[haproxy] [haproxy-cfg-parameter-dict]
recipe = slapos.cookbook:haproxy
conf-path = ${directory:etc}/haproxy.cfg
ip = {{ ipv4 }}
maxconn = {{ slapparameter_dict['haproxy-maxconn'] }}
server-check-path = {{ slapparameter_dict['haproxy-server-check-path'] }}
wrapper-path = ${directory:services}/haproxy
ctl-path = ${directory:bin}/haproxy-ctl
socket-path = ${directory:run}/haproxy.sock socket-path = ${directory:run}/haproxy.sock
binary-path = {{ parameter_dict['haproxy'] }}/sbin/haproxy server-check-path = {{ slapparameter_dict['haproxy-server-check-path'] }}
backend-dict = {{ dumps(haproxy_dict) }} backend-dict = {{ dumps(haproxy_dict) }}
ip = {{ ipv4 }}
[haproxy-cfg]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-haproxy-cfg'] }}
rendered = ${directory:etc}/haproxy.cfg
context = section parameter_dict haproxy-cfg-parameter-dict
[{{ section('haproxy') }}]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/haproxy
command-line = "{{ parameter_dict['haproxy'] }}/sbin/haproxy" -f "${haproxy-cfg:rendered}"
{# TODO: build socat and wrap it as "${directory:bin}/haproxy-ctl" to connect to "${haproxy-cfg-parameter-dict:socket-path}" #}
[apache] [apache]
recipe = slapos.cookbook:apache.zope.backend recipe = slapos.cookbook:apache.zope.backend
......
...@@ -262,7 +262,7 @@ path = ${directory:promises}/{{ name }} ...@@ -262,7 +262,7 @@ path = ${directory:promises}/{{ name }}
base-name = {{ zope_tunnel_base_name }} base-name = {{ zope_tunnel_base_name }}
ipv6-port = {{ port }} ipv6-port = {{ port }}
ipv4-port = {{ port }} ipv4-port = {{ port }}
{% do publish_list.append("[" ~ ipv6 ~ "]:" ~ port) -%} {% do publish_list.append(("[" ~ ipv6 ~ "]:" ~ port, thread_amount)) -%}
[{{ section("promise-tunnel-" ~ name) }}] [{{ section("promise-tunnel-" ~ name) }}]
recipe = slapos.cookbook:check_port_listening recipe = slapos.cookbook:check_port_listening
...@@ -270,7 +270,7 @@ hostname = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6}' }} ...@@ -270,7 +270,7 @@ hostname = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6}' }}
port = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6-port}' }} port = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6-port}' }}
path = ${directory:promises}/{{ zope_tunnel_base_name }} path = ${directory:promises}/{{ zope_tunnel_base_name }}
{% else -%} {% else -%}
{% do publish_list.append(ipv4 ~ ":" ~ port) -%} {% do publish_list.append((ipv4 ~ ":" ~ port, thread_amount)) -%}
{% endif -%} {% endif -%}
[{{ section('logrotate-entry-' ~ name) }}] [{{ section('logrotate-entry-' ~ name) }}]
......
...@@ -85,6 +85,7 @@ instance-logrotate-cfg = {{ template_logrotate_base }} ...@@ -85,6 +85,7 @@ instance-logrotate-cfg = {{ template_logrotate_base }}
bin-directory = {{ bin_directory }} bin-directory = {{ bin_directory }}
6tunnel = {{ sixtunnel_location }} 6tunnel = {{ sixtunnel_location }}
dash = {{ dash_location }} dash = {{ dash_location }}
template-haproxy-cfg = {{ template_haproxy_cfg }}
[dynamic-template-balancer] [dynamic-template-balancer]
< = jinja2-template-base < = jinja2-template-base
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment