HAproxy bindings

[alexarefev]

Currently, HAProxy as a dedicated balancer (the balancer node does not has any other roles except the balancer) has the following bindings for frontends:

frontend https
    bind                :::443
    bind                0.0.0.0:443
...
frontend http
    bind                :::80
    bind                0.0.0.0:80

Current configuration does not cover any possible cases. For instance, the balancer may have more than one physical network interface and additional interface should not be listened by HAproxy.

[koryaga]

@theboringstuff pls assess

[theboringstuff]

I think we are just lacking feature which would allow us to flexibly specify which interfaces haproxy should bind.
It is assumed that haproxy should listen to at least assigned vrrp ips, but in practice it listens all interfaces on dedicated lb.

I suggest that we do not break backward compatibility. If we want to make binding more flexible, we could introduce additional optional parameters, like:

# For each vrrp_ips
bindLoadBalancer: true    # Default: true. If true, vrrp_ip belonging to LB node will be added to bindings. Maintenance mode is controlled additionally.

# For load balancer
bindAll: true     # Default: true for dedicated LB, false in other case. If true - bind to all interfaces, except maintenance mode.
bindCustom:    # Default: nil. Additional user-defined IPs to bind to. 
  - node: lb-1
    bindings:
    - ip: 1.1.1.1
    - ip: 2.2.2.2
  - node: lb-2
    bindings:
    - ip: 3.3.3.3
    - ip: 4.4.4.4

So basically algorithm is following, for each LB node:

1. If bindAll==true - just bind 0.0.0.0, except maintenance mode
2. If bindAll==false
   1. For assigned vrrp ips check bindLoadBalancer param. Add to bindings if true (considering maintenance mode params).
   2. If bindCustom!=nil - add custom to bindings.
   3. If bindings are empty - fail. Otherwise use bindings.