diff --git a/library/roles/keepalived/defaults/main.yml b/library/roles/keepalived/defaults/main.yml index 7a24eff4..e0a286d7 100644 --- a/library/roles/keepalived/defaults/main.yml +++ b/library/roles/keepalived/defaults/main.yml @@ -17,20 +17,26 @@ keepalived_unicast_peer_ip: - 127.0.0.2 keepalived_mcast_addr: 224.0.0.0/8 keepalived_floating_ip1: 127.0.0.1 -keepalived_script1_name: chk_haproxy +keepalived_script1_name: keepalived_check_service_status +# We set haproxy as the default because most of our keepalived use is haproxy related +keepalived_service_to_check: 'haproxy' +keepalived_script1_check: '/bin/pidof {{ keepalived_service_to_check }}' keepalived_inst_priority: 100 keepalived_vrouter_id: 51 keepalived_non_local_bind: True keepalived_enable_script_security: True keepalived_script_username: keepalived_script +keepalived_script_user_home: '/var/lib/keepalived' keepalived_nagios_check: False keepalived_notify_script: /usr/local/bin/keepalived_notify +keepalived_check_script: '/usr/local/bin/{{ keepalived_script1_name }}' +# The service must install its own script if it is too complex to be managed by the provided one keepalived_scripts: - name: '{{ keepalived_script1_name }}' - script: 'killall -0 haproxy' + script: '{{ keepalived_check_script }}' # In seconds interval: 2 # Priority increment diff --git a/library/roles/keepalived/tasks/main.yml b/library/roles/keepalived/tasks/main.yml index b76a6fa7..b011fe69 100644 --- a/library/roles/keepalived/tasks/main.yml +++ b/library/roles/keepalived/tasks/main.yml @@ -8,12 +8,19 @@ apt: name={{ keepalived_pkgs }} state={{ keepalived_pkg_state }} cache_valid_time=1800 - name: Install the user that the keepalived scripts will run under - user: name={{ keepalived_script_username }} home=/var/lib/keepalived createhome=no shell=/usr/sbin/nologin system=yes + user: name={{ keepalived_script_username }} home={{ keepalived_script_user_home }} createhome=no shell=/usr/sbin/nologin system=yes + + - name: Create the keepalive script user directory + file: dest={{ keepalived_script_user_home }} state=directory owner={{ keepalived_script_username }} group={{ keepalived_script_username }} mode=0750 - name: Install the keepalived configuration template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf owner=root group=root mode=0600 notify: restart keepalived + - name: Install the keepalived default check script + template: src=keepalived_check_service_status.sh.j2 dest=/usr/local/bin/keepalived_check_service_status owner=root group=root mode=0755 + notify: restart keepalived + - name: Install the keepalived notify scripts template: src=keepalived_notify.sh.j2 dest={{ item.notify }} owner=root group={{ keepalived_script_username }} mode=0754 with_items: '{{ keepalived_instances }}' @@ -38,16 +45,6 @@ value: 1 when: not keepalived_non_local_bind - - name: Install the keepalived NRPE nagios check - copy: src=check_keepalived_state dest={{ nagios_plugins_dir }}/check_keepalived_state owner=root group=root mode=0555 - with_items: '{{ keepalived_instances }}' - when: keepalived_nagios_check - - - name: Install the keepalived NRPE command configuration - template: src=keepalived-nrpe.cfg.j2 dest={{ nrpe_include_dir }}/keepalived-nrpe.cfg owner=root group=root mode=0444 - notify: Reload NRPE server - when: keepalived_nagios_check - - name: Ensure that keepalived is started and enabled service: name=keepalived state=started enabled=yes when: keepalived_enabled @@ -59,6 +56,20 @@ tags: keepalived when: keepalived_install +- block: + - name: Install the keepalived NRPE nagios check + copy: src=check_keepalived_state dest={{ nagios_plugins_dir }}/check_keepalived_state owner=root group=root mode=0555 + with_items: '{{ keepalived_instances }}' + + - name: Install the keepalived NRPE command configuration + template: src=keepalived-nrpe.cfg.j2 dest={{ nrpe_include_dir }}/keepalived-nrpe.cfg owner=root group=root mode=0444 + notify: Reload NRPE server + + tags: keepalived + when: + - keepalived_install + - keepalived_nagios_check + - block: - name: Remove the keepalived package if we do not want it apt: name={{ keepalived_pkgs }} state=absent @@ -73,7 +84,6 @@ - name: Remove the keepalived NRPE command configuration file: dest={{ nrpe_include_dir }}/keepalived-nrpe.cfg state=absent - notify: Reload NRPE server tags: keepalived when: not keepalived_install diff --git a/library/roles/keepalived/templates/keepalived_check_service_status.sh.j2 b/library/roles/keepalived/templates/keepalived_check_service_status.sh.j2 new file mode 100644 index 00000000..5f8bba67 --- /dev/null +++ b/library/roles/keepalived/templates/keepalived_check_service_status.sh.j2 @@ -0,0 +1,5 @@ +!#/bin/bash + +{{ keepalived_script1_check }} + +exit $? diff --git a/library/roles/keepalived/templates/keepalived_notify.sh.j2 b/library/roles/keepalived/templates/keepalived_notify.sh.j2 index a3e4b75c..6654c17f 100644 --- a/library/roles/keepalived/templates/keepalived_notify.sh.j2 +++ b/library/roles/keepalived/templates/keepalived_notify.sh.j2 @@ -1,8 +1,9 @@ #!/bin/bash # -# echo $1 $2 is in $3 state > /var/run/keepalive.state +# echo $1 $2 is in $3 state > /var/lib/keepalived/keepalive.state # -export PATH="/sbin:/usr/sbin:/bin:/usr/bin:$PATH" +umask 022 +export PATH="/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin:$PATH" TYPE=$1 NAME=$2 STATE=$3 @@ -12,10 +13,7 @@ RETVAL=0 {{ keepalived_notify_extra_params }} {% endif %} - -{% if keepalived_nagios_check %} -echo "$TYPE $NAME is in $STATE state" > /var/run/keepalive.state -{% endif %} +echo "$TYPE $NAME is in $STATE state" > {{ keepalived_script_user_home }}/keepalive.state exit $RETVAL