library/roles/iptables: Rules for the keepalived communications.
library/roles/keepalived: Role that installs and configures keepalived. The template is specific for the haproxy use case.
This commit is contained in:
parent
57da7a671e
commit
a4159b2769
|
@ -240,6 +240,10 @@
|
|||
{% endfor %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% if keepalived_enabled is defined and keepalived_enabled %}
|
||||
-A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
|
||||
-A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
|
||||
{% endif %}
|
||||
#
|
||||
-A INPUT -s 125.24.0.0/14 -j DROP
|
||||
{% if iptables_input_default_policy == 'REJECT' %}
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
# http://www.keepalived.org/
|
||||
#
|
||||
keepalived_install: False
|
||||
keepalived_enabled: '{{ keepalived_install }}'
|
||||
keepalived_version: 1.1.20
|
||||
keepalived_repo: 'ppa:keepalived/stable'
|
||||
keepalived_pkg_state: latest
|
||||
# Use 'keepalived={{ keepalived_version }}' if you want a specific version
|
||||
keepalived_pkgs:
|
||||
- keepalived
|
||||
|
||||
keepalived_mcast_addr: 224.0.0.0/8
|
||||
keepalived_floating_ip1: 127.0.0.1
|
||||
keepalived_script1_name: chk_haproxy
|
||||
keepalived_inst_priority: 100
|
||||
|
||||
keepalived_scripts:
|
||||
- name: '{{ keepalived_script1_name }}'
|
||||
script: 'killall -0 haproxy'
|
||||
# In seconds
|
||||
interval: 2
|
||||
# Priority increment
|
||||
weight: 2
|
||||
|
||||
keepalived_instances:
|
||||
- name: VI_1
|
||||
interface: eth0
|
||||
state: MASTER
|
||||
vrouter_id: 51
|
||||
priority: '{{ keepalived_inst_priority }}'
|
||||
v_addr:
|
||||
- '{{ keepalived_floating_ip1 }}'
|
||||
track_script:
|
||||
- '{{ keepalived_script1_name }}'
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: restart keepalived
|
||||
service: name=keepalived state=restarted
|
||||
when: keepalived_enabled
|
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
- block:
|
||||
|
||||
- name: Install the keepalived repository
|
||||
apt_repository: repo={{ keepalived_repo }}
|
||||
|
||||
- name: Install the keepalived package
|
||||
apt: name={{ item }} state={{ keepalived_pkg_state }} update_cache=yes
|
||||
with_items: '{{ keepalived_pkgs }}'
|
||||
|
||||
- name: Install the keepalived configuration
|
||||
template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf
|
||||
notify: restart keepalived
|
||||
|
||||
- name: Ensure that keepalived is started and enabled
|
||||
service: name=keepalived state=started enabled=yes
|
||||
when: keepalived_enabled
|
||||
|
||||
- name: Ensure that keepalived is stopped and disabled
|
||||
service: name=keepalived state=stopped enabled=no
|
||||
when: not keepalived_enabled
|
||||
|
||||
tags: keepalived
|
||||
when: keepalived_install
|
||||
|
||||
|
||||
- block:
|
||||
|
||||
- name: Remove the keepalived package if we do not want it
|
||||
apt: name={{ item }} state=absent
|
||||
with_items: '{{ keepalived_pkgs }}'
|
||||
|
||||
tags: keepalived
|
||||
when: not keepalived_install
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
{% for script in keepalived_scripts %}
|
||||
vrrp_script {{ script.name }} {
|
||||
script "{{ script.script }}"
|
||||
interval {{ script.interval }}
|
||||
weight {{ script.weight }}
|
||||
}
|
||||
{% endfor %}
|
||||
|
||||
{% for instance in keepalived_instances %}
|
||||
vrrp_instance {{ instance.name }} {
|
||||
interface {{ instance.interface }}
|
||||
state {{ instance.state }}
|
||||
virtual_router_id {{ instance.vrouter_id }}
|
||||
priority {{ instance.priority }}
|
||||
virtual_ipaddress {
|
||||
{% for addr in instance.v_addr %}
|
||||
{{ addr }}
|
||||
{% endfor %}
|
||||
}
|
||||
track_script {
|
||||
{% for trk in instance.track_script %}
|
||||
{{ trk }}
|
||||
{% endfor %}
|
||||
}
|
||||
}
|
||||
{% endfor %}
|
Loading…
Reference in New Issue