diff --git a/iptables/templates/iptables-rules.v4.j2 b/iptables/templates/iptables-rules.v4.j2 index e0425b4b..f28fb135 100644 --- a/iptables/templates/iptables-rules.v4.j2 +++ b/iptables/templates/iptables-rules.v4.j2 @@ -240,6 +240,10 @@ {% endfor %} {% endif %} {% endif %} +{% if keepalived_enabled is defined and keepalived_enabled %} +-A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT +-A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT +{% endif %} # -A INPUT -s 125.24.0.0/14 -j DROP {% if iptables_input_default_policy == 'REJECT' %} diff --git a/keepalived/defaults/main.yml b/keepalived/defaults/main.yml new file mode 100644 index 00000000..3f692919 --- /dev/null +++ b/keepalived/defaults/main.yml @@ -0,0 +1,36 @@ +--- +# http://www.keepalived.org/ +# +keepalived_install: False +keepalived_enabled: '{{ keepalived_install }}' +keepalived_version: 1.1.20 +keepalived_repo: 'ppa:keepalived/stable' +keepalived_pkg_state: latest +# Use 'keepalived={{ keepalived_version }}' if you want a specific version +keepalived_pkgs: + - keepalived + +keepalived_mcast_addr: 224.0.0.0/8 +keepalived_floating_ip1: 127.0.0.1 +keepalived_script1_name: chk_haproxy +keepalived_inst_priority: 100 + +keepalived_scripts: + - name: '{{ keepalived_script1_name }}' + script: 'killall -0 haproxy' + # In seconds + interval: 2 + # Priority increment + weight: 2 + +keepalived_instances: + - name: VI_1 + interface: eth0 + state: MASTER + vrouter_id: 51 + priority: '{{ keepalived_inst_priority }}' + v_addr: + - '{{ keepalived_floating_ip1 }}' + track_script: + - '{{ keepalived_script1_name }}' + diff --git a/keepalived/handlers/main.yml b/keepalived/handlers/main.yml new file mode 100644 index 00000000..be4ad3ff --- /dev/null +++ b/keepalived/handlers/main.yml @@ -0,0 +1,4 @@ +--- +- name: restart keepalived + service: name=keepalived state=restarted + when: keepalived_enabled diff --git a/keepalived/tasks/main.yml b/keepalived/tasks/main.yml new file mode 100644 index 00000000..ed63310e --- /dev/null +++ b/keepalived/tasks/main.yml @@ -0,0 +1,35 @@ +--- +- block: + + - name: Install the keepalived repository + apt_repository: repo={{ keepalived_repo }} + + - name: Install the keepalived package + apt: name={{ item }} state={{ keepalived_pkg_state }} update_cache=yes + with_items: '{{ keepalived_pkgs }}' + + - name: Install the keepalived configuration + template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf + notify: restart keepalived + + - name: Ensure that keepalived is started and enabled + service: name=keepalived state=started enabled=yes + when: keepalived_enabled + + - name: Ensure that keepalived is stopped and disabled + service: name=keepalived state=stopped enabled=no + when: not keepalived_enabled + + tags: keepalived + when: keepalived_install + + +- block: + + - name: Remove the keepalived package if we do not want it + apt: name={{ item }} state=absent + with_items: '{{ keepalived_pkgs }}' + + tags: keepalived + when: not keepalived_install + diff --git a/keepalived/templates/keepalived.conf.j2 b/keepalived/templates/keepalived.conf.j2 new file mode 100644 index 00000000..14e23776 --- /dev/null +++ b/keepalived/templates/keepalived.conf.j2 @@ -0,0 +1,26 @@ +{% for script in keepalived_scripts %} +vrrp_script {{ script.name }} { + script "{{ script.script }}" + interval {{ script.interval }} + weight {{ script.weight }} +} +{% endfor %} + +{% for instance in keepalived_instances %} +vrrp_instance {{ instance.name }} { + interface {{ instance.interface }} + state {{ instance.state }} + virtual_router_id {{ instance.vrouter_id }} + priority {{ instance.priority }} + virtual_ipaddress { + {% for addr in instance.v_addr %} + {{ addr }} + {% endfor %} + } + track_script { + {% for trk in instance.track_script %} + {{ trk }} + {% endfor %} + } +} +{% endfor %}