Resource Type: opnsense_haproxy_backend

Defined in:
lib/puppet/type/opnsense_haproxy_backend.rb

Summary

Manage opnsense haproxy backends

Overview

This type provides Puppet with the capabilities to manage haproxy backends

Examples:

opnsense_haproxy_backend { 'webserver_pool':
  device                           => 'opnsense-test.device.com',
  enabled                          => true,
  description                      => 'backend for webserver',
  mode                             => 'http',
  algorithm                        => 'source',
  random_draws                     => '2',
  proxy_protocol                   => '',
  linked_servers                   => [],
  linked_resolver                  => '',
  resolver_opts                    => [],
  resolve_prefer                   => '',
  source                           => '',
  health_check_enabled             => true,
  health_check                     => '',
  health_check_log_status          => false,
  check_interval                   => '',
  check_down_interval              => '',
  health_check_fall                => '',
  health_check_rise                => '',
  linked_mailer                    => '',
  http2_enabled                    => false,
  http2_enabled_nontls             => false,
  ba_advertised_protocols          => ['h2', 'http11'],
  persistence                      => 'sticktable',
  persistence_cookiemode           => 'piggyback',
  persistence_cookiename           => 'SRVCOOKIE',
  persistence_stripquotes          => false,
  stickiness_pattern               => 'sourceipv4',
  stickiness_data_types            => [],
  stickiness_expire                => '30m',
  stickiness_size                  => '50k',
  stickiness_cookiename            => '',
  stickiness_cookielength          => '',
  stickiness_conn_rate_period      => '10s',
  stickiness_sess_rate_period      => '10s',
  stickiness_http_req_rate_period  => '10s',
  stickiness_http_err_rate_period  => '10s',
  stickiness_bytes_in_rate_period  => '1m',
  stickiness_bytes_out_rate_period => '1m',
  basic_auth_enabled               => false,
  basic_auth_users                 => [],
  basic_auth_groups                => [],
  tuning_timeout_connect           => '',
  tuning_timeout_check             => '',
  tuning_timeout_server            => '',
  tuning_retries                   => '',
  custom_options                   => '',
  tuning_defaultserver             => '',
  tuning_noport                    => false,
  tuning_httpreuse                 => 'safe',
  tuning_caching                   => false,
  linked_actions                   => [],
  linked_errorfiles                => [],
  ensure                           => 'present',
}

Properties

  • algorithm (defaults to: source)

    Define the load balancing algorithm to be used in a backend pool.

  • ba_advertised_protocols (defaults to: ["h2"])

    Enable support for HTTP/2 even if TLS is not enabled.

  • basic_auth_enabled

    Enable HTTP basic authentication.

  • basic_auth_groups (defaults to: [])

    Specify the uuids of the basic auth groups for this backend.

  • basic_auth_users (defaults to: [])

    Specify the uuids of the basic auth users for this backend.

  • check_down_interval

    Sets the interval (in ms) for running health checks on a configured server when the server state is DOWN

  • check_interval

    Sets the interval (in ms) for running health checks on all configured servers.

  • custom_options

    These lines will be added to the HAProxy backend configuration.

  • description

    The backend description.

  • enabled (defaults to: true)

    Enable or disable this backend.

  • ensure (defaults to: present)

    Whether this resource should be present or absent on the target system.

  • health_check

    Specify the uuid of the health check for servers in this backend.

  • health_check_enabled (defaults to: true)

    Enable or disable health checking.

  • health_check_fall

    The number of consecutive unsuccessful health checks before a server is considered as unavailable.

  • health_check_log_status

    Enable to log health check status updates.

  • health_check_rise

    The number of consecutive successful health checks before a server is considered as available.

  • http2_enabled

    Enable support for end-to-end HTTP/2 communication.

  • http2_enabled_nontls

    Enable support for HTTP/2 even if TLS is not enabled.

  • linked_actions (defaults to: [])

    Specify the uuids of the rules to be included in this backend.

  • linked_errorfiles (defaults to: [])

    Specify the uuids of the error messages to be included in this backend.

  • linked_mailer

    Specify the uuid of the e-mail alert configuration linked to this backend.

  • linked_resolver

    Specify the uuid of the custom resolver configuration that should be used for all servers in this backend.

  • linked_servers (defaults to: [])

    Specify the uuids of the servers linked to this backend.

  • mode (defaults to: http)

    Set the running mode or protocol of the backend pool.

  • persistence (defaults to: sticktable)

    Choose how HAProxy should track user-to-server mappings.

  • persistence_cookiemode (defaults to: piggyback)

    Cookie mode to use for persistence.

  • persistence_cookiename (defaults to: SRVCOOKIE)

    Cookie name to use for persistence.

  • persistence_stripquotes (defaults to: true)

    Enable to automatically strip quotes from the cookie value.

  • proxy_protocol (defaults to: '')

    Enforces use of the PROXY protocol over any connection established to the configured servers.

  • random_draws (defaults to: 2)

    When using the Random Balancing Algorithm, this value indicates the number of draws.

  • resolve_prefer (defaults to: '')

    When DNS resolution is enabled and multiple IP addresses from different families are returned use this.

  • resolver_opts (defaults to: [])

    Add resolver options.

  • source

    Sets the source address which will be used when connecting to the server(s).

  • stickiness_bytes_in_rate_period (defaults to: 1m)

    The length of the period over which the average is measured. Valid suffixes d, h, m, s, ms, us

  • stickiness_bytes_out_rate_period (defaults to: 1m)

    The length of the period over which the average is measured. Valid suffixes d, h, m, s, ms, us

  • stickiness_conn_rate_period (defaults to: 10s)

    The length of the period over which the average is measured. Valid suffixes d, h, m, s, ms, us

  • stickiness_cookielength

    The maximum number of characters that will be stored in the stick table.

  • stickiness_cookiename

    Cookie name to use for stick table.

  • stickiness_data_types (defaults to: [])

    This is used to store additional information in the stick-table.

  • stickiness_expire (defaults to: 30m)

    The maximum duration of an entry in the stick table. Valid suffixes d, h, m, s, ms.

  • stickiness_http_err_rate_period (defaults to: 10s)

    The length of the period over which the average is measured. Valid suffixes d, h, m, s, ms, us

  • stickiness_http_req_rate_period (defaults to: 10s)

    The length of the period over which the average is measured. Valid suffixes d, h, m, s, ms, us

  • stickiness_pattern (defaults to: sourceipv4)

    Choose a request pattern to associate a user to a server.

  • stickiness_sess_rate_period (defaults to: 10s)

    The length of the period over which the average is measured. Valid suffixes d, h, m, s, ms, us

  • stickiness_size (defaults to: 50k)

    The maximum number of entries that can fit in the stick table. Valid suffixes k, m, g.

  • tuning_caching

    Enable caching of responses from this backend.

  • tuning_defaultserver

    Default option for all server entries.

  • tuning_httpreuse (defaults to: safe)

    Choose a request pattern to associate a user to a server.

  • tuning_noport

    Don’t use port on server, use the same port as frontend receive.

  • tuning_retries

    Set the number of retries to perform on a server after a connection failure.

  • tuning_timeout_check

    Sets an additional read timeout for running health checks on a server. Valid suffixes d, h, m, s, ms, us

  • tuning_timeout_connect

    Set the maximum time to wait for a connection attempt to a server to succeed. Valid suffixes d, h, m, s, ms, us

  • tuning_timeout_server

    Set the maximum inactivity time on the server side. Valid suffixes d, h, m, s, ms, us

  • uuid

    The uuid of the backend.

Parameters

  • device (namevar)

    The name of the opnsense_device type you want to manage.

  • name (namevar)

    The name of the resource you want to manage.