Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

haproxy (104) Versions 6.2.6

Installs and configures haproxy

Policyfile
Berkshelf
Knife
cookbook 'haproxy', '= 6.2.6', :supermarket
cookbook 'haproxy', '= 6.2.6'
knife supermarket install haproxy
knife supermarket download haproxy
README
Dependencies
Changelog
Quality 100%

haproxy Cookbook

CircleCI Cookbook Version

Installs and configures haproxy.

Requirements

  • Chef 13+

Platforms

  • Ubuntu Ubuntu 16.04+
  • RedHat 6+ family
  • Debian 8+

Examples

Please check for working examples in [TEST](./test/fixtures/cookbooks/test/)

Common Resource Features

HAProxy has many configurable options available, this cookbook makes the most popular options available as resource properties.

If you wish to use a HAProxy property that is not listed the extra_options hash is available to take in any number of additional values.

For example, the ability to disable listeners is not provided out of the box. Further examples can be found in either test/fixtures/recipes or spec/test/recipes. If you have questions on how this works or would like to add more examples so it is easier to understand, please come talk to us on the Chef Community Slack on the #sous-chefs channel.

haproxy_listen 'disabled' do
  bind '0.0.0.0:1337'
  mode 'http'
  extra_options('disabled': '')
end

Resources

haproxy_acl

Access Control Lists creates a new ACL <aclname> or completes an existing one with new tests.

The actions generally consist in blocking a request, selecting a backend, or adding a header.

Introduced: v4.2.0

Actions

  • :create

Properties

  • acl - (is: [String, Array])
  • section - (is: String)
  • section_name - (is: String)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_acl 'gina_host hdr(host) -i foo.bar.com' do
  section 'frontend'
  section_name 'http'
end
haproxy_acl 'acls for frontend:http' do
  section 'frontend'
  section_name 'http'
  acl [
    'rrhost_host hdr(host) -i dave.foo.bar.com foo.foo.com',
    'tile_host hdr(host) -i dough.foo.bar.com',
  ]
end
haproxy_acl 'acls for listen' do
  section 'listen'
  section_name 'admin'
  acl ['network_allowed src 127.0.0.1']
end

haproxy_backend

Backend describes a set of servers to which the proxy will connect to forward incoming connections.

Introduced: v4.0.0

Actions

  • :create

Properties

  • mode - (is: String)
  • server - (is: Array)
  • tcp_request - (is: Array)
  • acl - (is: Array)
  • option - (is: Array)
  • extra_options - (is: Hash)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_backend 'servers' do
  server ['server1 127.0.0.1:8000 maxconn 32']
end
haproxy_backend 'tiles_public' do
  server ['tile0 10.0.0.10:80 check weight 1 maxconn 100',
          'tile1 10.0.0.10:80 check weight 1 maxconn 100']
  tcp_request ['content track-sc2 src',
               'content reject if conn_rate_abuse mark_as_abuser']
  option %w(httplog dontlognull forwardfor)
  acl ['conn_rate_abuse sc2_conn_rate gt 3000',
       'data_rate_abuse sc2_bytes_out_rate gt 20000000',
       'mark_as_abuser sc1_inc_gpc0 gt 0',
     ]
  extra_options(
    'stick-table' => 'type ip size 200k expire 2m store conn_rate(60s),bytes_out_rate(60s)',
    'http-request' => 'set-header X-Public-User yes'
  )
end

haproxy_config_defaults

Defaults sets default parameters for all other sections following its declaration. Those default parameters are reset by the next "defaults" section.

Introduced: v4.0.0

Actions

  • :create

Properties

  • timeout - (is: Hash)
  • log - (is: String)
  • mode - (is: String)
  • balance - (is: )
  • option - (is: Array)
  • stats - (is: Hash)
  • maxconn - (is: Integer)
  • extra_options - (is: Hash)
  • haproxy_retries - (is: Integer)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_config_defaults 'defaults' do
  mode 'http'
  timeout connect: '5000ms',
          client: '5000ms',
          server: '5000ms'
  haproxy_retries 5
end
haproxy_config_defaults 'defaults' do
  mode 'http'
  timeout connect: '5s',
          client: '50s',
          server: '50s'
  log 'global'
  retries 3
end

haproxy_config_global

Parameters in the "global" section are process-wide and often OS-specific.

They are generally set once for all and do not need being changed once correct.

Introduced: v4.0.0

Actions

  • :create

Properties

  • haproxy_user - (is: String)
  • haproxy_group - (is: String)
  • pidfile - (is: String)
  • log - (is: [String, Array])
  • daemon - (is: [TrueClass, FalseClass])
  • debug_option - (is: String)
  • stats - (is: Hash)
  • maxconn - (is: Integer)
  • config_cookbook - (is: String)
  • chroot - (is: String)
  • log_tag - (is: String)
  • tuning - (is: Hash)
  • extra_options - (is: Hash)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_config_global '' do
  chroot '/var/lib/haproxy'
  daemon true
  maxconn 256
  log '/dev/log local0'
  log_tag 'WARDEN'
  pidfile '/var/run/haproxy.pid'
  stats socket: '/var/lib/haproxy/stats level admin'
  tuning 'bufsize' => '262144'
end
haproxy_config_global 'global' do
  daemon false
  maxconn 4097
  chroot '/var/lib/haproxy'
  stats socket: '/var/lib/haproxy/haproxy.stat mode 600 level admin',
        timeout: '2m'
end

haproxy_frontend

Frontend describes a set of listening sockets accepting client connections.

Introduced: v4.0.0

Actions

  • :create

Properties

  • bind - (is: [String, Hash])
  • mode - (is: String)
  • maxconn - (is: Integer)
  • default_backend - (is: String)
  • use_backend - (is: Array)
  • acl - (is: Array)
  • option - (is: Array)
  • stats - (is: Hash)
  • extra_options - (is: Hash)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_frontend 'http-in' do
  bind '*:80'
  default_backend 'servers'
end

haproxy_frontend 'tcp-in' do
  mode 'tcp'
  bind '*:3307'
  default_backend 'tcp-servers'
end

haproxy_install

Install HAProxy from package or source.

Introduced: v4.0.0

Actions

  • :create

Properties

  • install_type - (is: String)
  • conf_template_source - (is: String)
  • conf_cookbook - (is: String)
  • conf_file_mode - (is: String)
  • bin_prefix - (is: String)
  • config_dir - (is: String)
  • config_file - (is: String)
  • haproxy_user - (is: String)
  • haproxy_group - (is: String)
  • install_only - (is: [true, false])
  • service_name - (is: String)
  • use_systemd - (is: String)
  • package_name - (is: String)
  • package_version - (is: [String, nil])
  • source_version - (is: String)
  • source_url - (is: String)
  • source_checksum - (is: String)
  • source_target_cpu - (is: [String, nil])
  • source_target_arch - (is: [String, nil])
  • source_target_os - (is: String)
  • use_libcrypt - (is: String)
  • use_pcre - (is: String)
  • use_openssl - (is: String)
  • use_zlib - (is: String)
  • use_linux_tproxy - (is: String)
  • use_linux_splice - (is: String)

Examples

haproxy_install 'package'
haproxy_install 'source' do
  source_url node['haproxy']['source_url']
  source_checksum node['haproxy']['source_checksum']
  source_version node['haproxy']['source_version']
  use_pcre '1'
  use_openssl '1'
  use_zlib '1'
  use_linux_tproxy '1'
  use_linux_splice '1'
end

haproxy_listen

Listen defines a complete proxy with its frontend and backend parts combined in one section.

It is generally useful for TCP-only traffic.

Introduced: v4.0.0

Actions

  • :create

Properties

  • mode - (is: String)
  • bind - (is: [String, Hash])
  • maxconn - (is: Integer)
  • stats - (is: Hash)
  • http_request - (is: String)
  • http_response - (is: String)
  • default_backend - (is: String)
  • use_backend - (is: Array)
  • acl - (is: Array)
  • extra_options - (is: Hash)
  • server - (is: Array)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_listen 'admin' do
  bind '0.0.0.0:1337'
  mode 'http'
  stats uri: '/',
        realm: 'Haproxy-Statistics',
        auth: 'user:pwd'
  http_request 'add-header X-Proto http'
  http_response 'set-header Expires %[date(3600),http_date]'
  default_backend 'servers'
  extra_options('bind-process' => 'odd')
  server ['admin0 10.0.0.10:80 check weight 1 maxconn 100',
          'admin1 10.0.0.10:80 check weight 1 maxconn 100']
end

haproxy_resolver

Configuration related to name resolution in HAProxy. There can be as many as resolvers section as needed.

Each section can contain many name servers.

Introduced: v4.5.0

Actions

  • :create

Properties

  • nameserver - (is: Array)
  • extra_options - (is: Hash)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_resolver 'dns' do
  nameserver ['google 8.8.8.8:53']
  extra_options('resolve_retries' => 30,
                'timeout' => 'retry 1s')
  notifies :restart, 'haproxy_service[haproxy]', :delayed
end

haproxy_service

Installs HAProxy as a systemd or sysvinit service.
To reload HAProxy service add a subscribes option to the resource block. See example below.

Introduced: v4.0.0

Actions

  • :create
  • :start
  • :stop
  • :restart
  • :reload
  • :enable

Properties

  • bin_prefix - (is: String)
  • config_dir - (is: String)
  • config_file - (is: String)
  • haproxy_user - (is: String)
  • haproxy_group - (is: String)
  • service_name - (is: String)

Examples

haproxy_service 'haproxy'
haproxy_service 'haproxy' do
  subscribes :reload, 'template[/etc/haproxy/haproxy.cfg]', :immediately
end

haproxy_use_backend

Switch to a specific backend if/unless an ACL-based condition is matched.

Introduced: v4.2.0

Actions

  • :create

Properties

  • use_backend - (is: [String, Array])
  • section - (is: String)
  • section_name - (is: String)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_use_backend 'gina if gina_host' do
  section 'frontend'
  section_name 'http'
end
haproxy_use_backend 'use_backends for frontend:http' do
  section 'frontend'
  section_name 'http'
  use_backend [
    'rrhost if rrhost_host',
    'tiles_public if tile_host',
  ]
end

haproxy_userlist

Control access to frontend/backend/listen sections or to http stats by allowing only authenticated and authorized users.

Introduced: v4.1.0

Actions

  • :create

Properties

  • group - (is: Hash)
  • user - (is: Hash)
  • config_dir - (is: String)
  • config_file - (is: String)

Examples

haproxy_userlist 'mylist' do
  group 'G1' => 'users tiger,scott',
        'G2' => 'users xdb,scott'
  user  'tiger' => 'password $6$k6y3o.eP$JlKBx9za9667qe4(...)xHSwRv6J.C0/D7cV91',
        'scott' => 'insecure-password elgato',
        'xdb' => 'insecure-password hello'
end

License & Authors

Copyright:: Heavy Water Operations, LLC.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

haproxy Cookbook CHANGELOG

This file is used to list changes made in each version of the haproxy cookbook.

unreleased

[v6.2.6](2018-11-05)

  • Put http_request rules before the use_backend

[v6.2.5](2018-10-09)

  • Drop Chef-12 support
  • Drop CPU cookbook dependency
  • Fix systemd wrapper, the wrapper is no longer included with haproxy versions greater than 1.8.
  • Add rspec examples for resource usage

[v6.2.4] (2018-09-19)

  • Added server property to listen resource and config template

[v6.2.3] (2018-08-03)

  • Removed a few resource default values so they can be specified in the haproxy.cfg default section and added service reload exmample to the readme for config changes

[v6.2.2] (2018-08-03)

  • Made haproxy_install source_url property dynamic with source_version property and removed the need to specify checksum #307

[v6.2.1] (2018-08-01)

  • Added compiling from source crypt support #305

[v6.2.0] (2018-05-11)

  • Require Chef 12.20 or later
  • Uses the build_essential resource not the default recipe so the cookbook can be skipped entirely if running on Chef 14+

[v6.1.0] (2018-04-12)

Breaking changes

  • Adds haproxy_service resource see test suites for usage
  • Require Chef 12.20 or later

Improvements

  • Uses the build_essential resource not the default recipe so the cookbook can be skipped entirely if running on Chef 14+
  • Adds support for haproxy 1.8
  • Simplify the kitchen matrix
  • Remove kitchen.dokken.yml suites and inherit from kitchen.yml
  • Use default action in tests (:create)
  • Set the use_systemd property from the init package system
  • Adding in systemd for SUSE Linux
  • Fix source comparison

Testing Changes

  • Test haproxy version 1.8.7 and 1.7.8
  • Test on chef-client version 13.87 and 14
  • Add notes on how we generate the travis.yml list
  • Remove Amazon tests until a new dokken image is produced that is reliable

[v6.0.0] (2018-03-28)

  • Remove compat_resource cookbok dependency and push the required Chef version to 12.20

[v5.0.4] (2018-03-28)

  • Make 1.8.4 the default installed version (#279)
  • Use dokken docker images
  • Update tests for haproxy service
  • tcplog is now a valid input for the haproxy_config_defaults resourcce (#284)
  • bin prefix is now reflexted in the service config. (#288, #289)

[v5.0.3] (2018-02-02)

  • Fix foodcritic warning for not defining name_property

[v5.0.2] (2017-11-29)

  • Fixes typo in listen section, makes previously unprintable expressions, printable in http-request, http-response and default_backend.

[v5.0.1] (2017-08-10)

  • Removed useless blank space in generated config file haproxy.cfg

[v5.0.0] (2017-08-07)

  • updating service to use cookbook template
  • Add option for install only #251
  • log property in global resource can now be of type Array or String. This fixes #252
  • updating to haproxy 1.7.8, updating source_version in test files(kitchen,cookbook, etc)
  • fixing supports line #258
  • updating properties to use new_resource

[v4.6.1] (2017-08-02)

  • Reload instead of restart on config change
  • Specify -sf argument last to support haproxy < 1.6.0

[v4.6.0] (2017-07-13)

  • Re-added conf_template_source
  • Re-added conf_cookbook
  • Support Array value for extra_options entries. (#245, #246)

[v4.5.0] (2017-06-29)

  • Added resolver resource (#240)

[v4.4.0] (2017-06-28)

  • Synced Debian/Ubuntu init script with latest upstream package changes
  • Added option as an Array property for backend resource. This fixes #234

[v4.3.1] (2017-06-13)

  • Adding Oracle Linux 6 support
  • Removing scientific linux support as we don't have a reliable image

[v4.3.0] (2017-05-31)

  • Added Chefspec Matchers for the resources defined in this cookbook.
  • Added mode property to backend and frontend resources.
  • Added maxconn to global resource
  • Remove default_backend as a required property on the frontend resource

[v4.2.0] (2017-05-04)

  • Added in acl resource, usage: test/fixtures/cookbooks/test/recipes/config_acl.rb
  • Added in use_backend resource, usage: test/fixtures/cookbooks/test/recipes/config_acl.rb
  • Cleaned up arrays in templates/default/haproxy.cfg.erb
  • Added acl and use_backend to listen resource.
  • Fixed init script for Amazon Linux.
  • Added Amazon Linux as a supported platform.
  • Pinned build-essential, >= 8.0.1
  • Pinned poise-service, >= 1.5.1

  • BREAKING CHANGES: This version removes stats_socket, stats_uri and stats_timeout properties from the haproxy_global and haproxy_listen resources in favour of using a hash to pass configuration options.

[v4.1.0] (2017-05-01)

  • Adding userlist resource, to see usage: test/fixtures/cookbooks/test/recipes/config_1_userlist.rb
  • Fixing haproxy_retries in haproxy_config_defaults resource
  • Updating source install test to take node attributes as haproxy.org is slow.
  • Added chef-search example in: test/fixtures/cookbooks/test/recipes/config_backend_search.rb
  • Multiple addresses and ports on listener and frontend (#205)

[v4.0.2] (2017-04-21)

  • Fix haproxy service start on Ubuntu 14.04 (#199)
  • Reload HAProxy when changing configuration (#197)

[v4.0.1] (2017-04-20)

  • Updating README.md
  • Adding compat_resource for chef-12 support
  • Improved rendering of the configuration file (#196)

[v4.0.0] (2017-04-18)

  • COMPATIBILIY WARNING!!!! This version removes the existing recipes, attributes, and instance provider in favor of the new haproxy_install and haproxy_ configuration resources. Why not just leave them in place? Well unfortunately they were utterly broken for anything other than the most trivial usage. Rather than continue the user pain we've opted to remove them and point users to a more modern installation method. If you need the legacy installation methods simply pin to the 3.0.4 release.
  • THIS IS GOING TO BREAK EVERYTHING YOU KNOW AND LOVE
  • 12.5 or greater rewrite
  • Custom Resource Only, no recipes

[v3.0.4] (2017-03-29)

  • Fix bug introduced in (#174) (#182)

[v3.0.3] (2017-03-28)

  • Multiple addresses and ports on listener and frontend (#174)
  • Customize logging destination (#178)
  • updating to use bats/serverspec (#179)

[v3.0.2] (2017-03-27)

  • Allow server startup from app_lb recipe. (#171)
  • Use Delivery instead of Rake
  • Make this cookbook compatible with Chef-13, note: params option is now parameters (#175)

[v3.0.1] (2017-01-30)

  • Reload haproxy configuration on changes (#152)
  • Merging in generic socket conf (#107)
  • Updating config to use facilities hash dynamically (#102)
  • Adding tproxy and splice per (#98
  • Removing members with nil ips from member array. (#79)

[v3.0.0] (2017-01-24)

  • Configurable debug options
  • CentOS7 compatibility (#123)
  • Adding poise-service for service management
  • Updating source install to use Haproxy 1.7.2
  • Chef >= 12.1 required
  • Use ['haproxy']['source']['target_cpu'] instead of ['haproxy']['source']['target_os'] to detect correct architecture. (#150)

[v2.0.2] (2016-12-30)

  • Cookstyle fixes
  • Travis testing updates
  • Fixed the github URL for the repo in various locations
  • Converted file modes to strings
  • Updated the config resource to lazily evaluate node attribute values to better load the values when overridden in wrapper cookbooks

v2.0.1 (2016-12-08)

  • Fixed dynamic configuration to properly template out frontend and backend sections
  • Update Chef Brigade to Sous Chefs
  • Updated contributing docs to remove the reference to the develop branch

v2.0.0 (2016-11-09)

Breaking Changes

  • The default recipe is now an empty recipe with manual configuration performed in the 'manual' recipe
  • Remove Chef 10 compatibility code
  • Switch from Librarian to Berksfile
  • Updated the source recipe to install 1.6.9 by default

Other changes

  • Migrated this cookbook from Heavy Water to Chef Brigade so we can ensure more frequent releases and maintenance
  • Added a code of conduct for the project. Read it.
  • The haproxy config is now verified before the service restarts / reloads to prevent taking down haproxy with a bad config
  • Several new syslog configuration attributes have been added
  • A new attribute for stats_socket_level has been added
  • A new attribute for retries has been added
  • Added a chefignore file to speed up syncs from the server
  • Added scientific and oracle as supported platforms in the metadata
  • Added source_url, issues_url, and chef_version metadata
  • Removed attributes from the metadata file as these are redundant
  • Enabled why-run support in the default haproxy resource
  • Removed broken tarball validation in the source recipe to prevented installs from completing
  • Fixed source installs not running if an older version was present on the node
  • Broke search logic out into a new_discovery recipe
  • Added new node['haproxy']['pool_members'] and node['haproxy']['pool_members_option'] attributes
  • Resolved all cookstyle and foodcritic warnings
  • Added a new haproxy_config resource
  • Added a Guardfile
  • Update the Kitchen config file to use Bento boxes and new platforms
  • Updates ChefSpec matchers to use the latest format
  • Added testing in Travis CI with a Rakefile that runs cookstyle, foodcritic, and ChefSpec as well as a Kitchen Dokken config that does integration testing of the package install

v1.6.7

New Feature

  • Added ChefSpec matchers and test coverage

Updates

  • Replaced references to Opscode with Chef

v1.6.6

Bug

  • CPU Tuning, corrects cpu_affinity resource triggers

Updates

  • parameterize options for admin listener
  • renamed templates/rhel to templates/redhat
  • sort pool members by hostname to avoid needless restarts
  • support amazon linux init script
  • support to configure global options

v1.6.4

v1.6.2

Bug

  • COOK-3424 - Haproxy cookbook attempts to alter an immutable attribute

New Feature

  • COOK-3135 - Allow setting of members with default recipe without changing the template

v1.6.2

Bug

  • COOK-3424 - Haproxy cookbook attempts to alter an immutable attribute

New Feature

  • COOK-3135 - Allow setting of members with default recipe without changing the template

v1.6.0

New Feature

  • Allow setting of members with default recipe without changing the template

v1.5.0

Improvement

  • COOK-3660 - Make haproxy socket default user group configurable
  • COOK-3537 - Add OpenSSL and zlib source configurations

New Feature

  • COOK-2384 - Add LWRP for multiple haproxy sites/configs

v1.4.0

Improvement

  • COOK-3237 - Enable cookie-based persistence in a backend
  • COOK-3216 - Add metadata attributes

New Feature

v1.3.2

Bug

  • [COOK-3046]: haproxy default recipe broken by COOK-2656

Task

  • [COOK-2009]: Add test-kitchen support to haproxy

v1.3.0

Improvement

  • [COOK-2656]: Unify the haproxy.cfg with that from app_lb

New Feature

  • [COOK-1488]: Provide an option to build haproxy from source

v1.2.0

  • [COOK-1936] - use frontend / backend logic
  • [COOK-1937] - cleanup for configurations
  • [COOK-1938] - more flexibility for options
  • [COOK-1939] - reloading haproxy is better than restarting
  • [COOK-1940] - haproxy stats listen on 0.0.0.0 by default
  • [COOK-1944] - improve haproxy performance

v1.1.4

  • [COOK-1839] - add httpchk configuration to app_lb template

v1.1.0

  • [COOK-1275] - haproxy-default.erb should be a cookbook_file
  • [COOK-1594] - Template-Service ordering issue in app_lb recipe

v1.0.6

  • [COOK-1310] - redispatch flag has changed

v1.0.4

  • [COOK-806] - load balancer should include an SSL option
  • [COOK-805] - Fundamental haproxy load balancer options should be configurable

v1.0.3

  • [COOK-620] haproxy::app_lb's template should use the member cloud private IP by default

v1.0.2

  • fix regression introduced in v1.0.1

v1.0.1

  • account for the case where load balancer is in the pool

v1.0.0

  • Use node.chef_environment instead of node['app_environment']

Collaborator Number Metric
            

6.2.6 passed this metric

Contributing File Metric
            

6.2.6 passed this metric

Foodcritic Metric
            

6.2.6 passed this metric

No Binaries Metric
            

6.2.6 passed this metric

Testing File Metric
            

6.2.6 passed this metric

Version Tag Metric
            

6.2.6 passed this metric