library/roles/iptables: Rules for the keepalived communications.

library/roles/keepalived: Role that installs and configures keepalived. The template is specific for the haproxy use case.

iptables/templates/iptables-rules.v4.j2

@@ -240,6 +240,10 @@
 {% endfor %}
 {% endif %}
 {% endif %}
+{% if keepalived_enabled is defined and keepalived_enabled %}
+-A INPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
+-A OUTPUT -p vrrp -d {{ keepalived_mcast_addr }} -j ACCEPT
+{% endif %}
 #
 -A INPUT -s 125.24.0.0/14 -j DROP
 {% if iptables_input_default_policy == 'REJECT' %}

keepalived/defaults/main.yml

@@ -0,0 +1,36 @@
+---
+# http://www.keepalived.org/
+#
+keepalived_install: False
+keepalived_enabled: '{{ keepalived_install }}'
+keepalived_version: 1.1.20
+keepalived_repo: 'ppa:keepalived/stable'
+keepalived_pkg_state: latest
+# Use 'keepalived={{ keepalived_version }}' if you want a specific version
+keepalived_pkgs:
+  - keepalived
+
+keepalived_mcast_addr: 224.0.0.0/8
+keepalived_floating_ip1: 127.0.0.1
+keepalived_script1_name: chk_haproxy
+keepalived_inst_priority: 100
+
+keepalived_scripts:
+  - name: '{{ keepalived_script1_name }}'
+    script: 'killall -0 haproxy'
+    # In seconds
+    interval: 2
+    # Priority increment
+    weight: 2
+
+keepalived_instances:
+  - name: VI_1
+    interface: eth0
+    state: MASTER
+    vrouter_id: 51
+    priority: '{{ keepalived_inst_priority }}'
+    v_addr:
+      - '{{ keepalived_floating_ip1 }}'
+    track_script:
+      - '{{ keepalived_script1_name }}'
+    

keepalived/handlers/main.yml

@@ -0,0 +1,4 @@
+---
+- name: restart keepalived
+  service: name=keepalived state=restarted
+  when: keepalived_enabled

keepalived/tasks/main.yml

@@ -0,0 +1,35 @@
+---
+- block:
+    
+    - name: Install the keepalived repository
+      apt_repository: repo={{ keepalived_repo }}
+
+    - name: Install the keepalived package
+      apt: name={{ item }} state={{ keepalived_pkg_state }}  update_cache=yes
+      with_items: '{{ keepalived_pkgs }}'
+
+    - name: Install the keepalived configuration
+      template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf
+      notify: restart keepalived
+
+    - name: Ensure that keepalived is started and enabled
+      service: name=keepalived state=started enabled=yes
+      when: keepalived_enabled
+
+    - name: Ensure that keepalived is stopped and disabled
+      service: name=keepalived state=stopped enabled=no
+      when: not keepalived_enabled
+
+  tags: keepalived
+  when: keepalived_install
+
+
+- block:
+    
+    - name: Remove the keepalived package if we do not want it
+      apt: name={{ item }} state=absent
+      with_items: '{{ keepalived_pkgs }}'
+
+  tags: keepalived
+  when: not keepalived_install
+

keepalived/templates/keepalived.conf.j2

@@ -0,0 +1,26 @@
+{% for script in keepalived_scripts %}
+vrrp_script {{ script.name }} {
+        script "{{ script.script }}"
+        interval {{ script.interval }}
+        weight {{ script.weight }}
+}
+{% endfor %}
+
+{% for instance in keepalived_instances %}
+vrrp_instance {{ instance.name }} {
+        interface {{ instance.interface }}
+        state {{ instance.state }}
+        virtual_router_id {{ instance.vrouter_id }}
+        priority {{ instance.priority }}
+        virtual_ipaddress {
+        {% for addr in instance.v_addr %}
+            {{ addr }}
+        {% endfor %}
+        }
+        track_script {
+        {% for trk in instance.track_script %}
+            {{ trk }}
+        {% endfor %}
+        }
+}
+{% endfor %}