Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make keepalived role more configurable (issue #683) #684

Merged
merged 6 commits into from
Jul 1, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions roles/keepalived/defaults/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
---

keepalived_instances:
- name: VI_1
state: BACKUP
interface: "{{ vip_interface }}"
virtual_router_id: "{{ keepalived_virtual_router_id | default(123) }}"
priority: 100
advert_int: 2
check_status_command: /usr/libexec/keepalived/haproxy_check.sh
authentication:
auth_type: PASS
auth_pass: "1ce24b6e"
virtual_ipaddresses:
- "{{ cluster_vip }}"
2 changes: 1 addition & 1 deletion roles/keepalived/handlers/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
ansible_ssh_port | default(22)
)
}}
ignore_errors: true # show the error and continue the playbook execution
ignore_errors: true # noqa ignore-errors # show the error and continue the playbook execution
listen: "restart keepalived"

...
8 changes: 6 additions & 2 deletions roles/keepalived/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
state: directory
owner: root
group: root
mode: "0750"
tags: keepalived_conf, keepalived

- name: Create vrrp_script "/usr/libexec/keepalived/haproxy_check.sh"
Expand All @@ -46,6 +47,9 @@
ansible.builtin.template:
src: templates/keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
owner: root
group: root
mode: "0644"
notify: "restart keepalived"
when: add_balancer is not defined or not add_balancer|bool
tags: keepalived_conf, keepalived
Expand Down Expand Up @@ -88,13 +92,13 @@
when: add_balancer is defined and add_balancer|bool
tags: keepalived_conf, keepalived

- name: selinux | change the keepalived_t domain to permissive
- name: Selinux | Change the keepalived_t domain to permissive
community.general.selinux_permissive:
name: keepalived_t
permissive: true
when: ansible_selinux.status is defined and
ansible_selinux.status == 'enabled'
ignore_errors: true
ignore_errors: true # noqa ignore-errors
tags: keepalived, keepalived_selinux

...
48 changes: 28 additions & 20 deletions roles/keepalived/templates/keepalived.conf.j2
Original file line number Diff line number Diff line change
Expand Up @@ -3,27 +3,35 @@ global_defs {
enable_script_security
script_user root
}

vrrp_script haproxy_check {
script "/usr/libexec/keepalived/haproxy_check.sh"

{% for instance in keepalived_instances %}
{% if instance.check_status_command is defined %}
vrrp_script chk_command_{{ instance.virtual_router_id }} {
script "{{ instance.check_status_command }}"
interval 2
weight 2
}

vrrp_instance VI_1 {
interface {{ vip_interface }}
virtual_router_id {{ keepalived_virtual_router_id | default(123) }}
priority 100
advert_int 2
state BACKUP
virtual_ipaddress {
{{ cluster_vip }}
}
track_script {
haproxy_check
}
authentication {
auth_type PASS
auth_pass 1ce24b6e
}
{% endif %}

vrrp_instance {{ instance.name }} {
interface {{ instance.interface }}
virtual_router_id {{ instance.virtual_router_id }}
priority {{ instance.priority }}
advert_int {{ instance.advert_int }}
state {{ instance.state }}
virtual_ipaddress {
{% for ip in instance.virtual_ipaddresses %}
{{ ip }}
{% endfor %}
}
{% if instance.check_status_command is defined %}
track_script {
chk_command_{{ instance.virtual_router_id }}
}
{% endif %}
authentication {
auth_type {{ instance.authentication.auth_type }}
auth_pass {{ instance.authentication.auth_pass }}
}
}
{% endfor %}
Loading