unicast_peer #2

Merged
pulsar merged 3 commits from unicast_peer into master 2023-09-26 15:13:11 +00:00
5 changed files with 63 additions and 1 deletions

View File

@ -52,6 +52,19 @@ Adresse IPv6 de failover.
*<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
### keepalived_peers
Passer en unicast en utilisant cette liste d'IP.
*<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
### keepalived_notify_script_enabled
Booléen permettant d'activer le script de notification.<br>
Le script est déployé dans `/etc/keepalived/notify.sh`.
*<span style="text-decoration: underline">Valeur par défaut:</span> `false`*
### keepalived_track_scripts
Liste de script dont le code retour doit être à zéro pour que le membre conserve ou puisse prendre l'IP de failover.

View File

@ -11,6 +11,10 @@ keepalived_mail_from: ""
keepalived_ipv4: ""
keepalived_ipv6: ""
keepalived_peers: []
keepalived_notify_script_enabled: false
keepalived_track_scripts: []
# Exemple:
# - name: check_haproxy_8080

View File

@ -14,3 +14,10 @@ galaxy_info:
dependencies:
- role: users
vars:
users_role_keepalived:
- name: keepalived_script
comment: "Dedicated user for keepalived script"
update_password: on_create
password_lock: true
shell: /bin/bash

View File

@ -1,7 +1,7 @@
---
# tasks file for keepalived
- name: Installer keepalived
- name: Installer le paquet
ansible.builtin.apt:
name: keepalived
become: true
@ -15,3 +15,25 @@
dest: /etc/keepalived/keepalived.conf
become: true
notify: Redémarrer keepalived.service
- name: Déployer les scripts
ansible.builtin.copy:
src: keepalived/notify.sh
dest: /etc/keepalived/
owner: keepalived_script
group: keepalived_script
mode: u=rx,g=rx,o=
when: keepalived_notify_script_enabled
become: true
notify: Redémarrer keepalived.service
- name: Déployer le fichier de configuration de sudoers
ansible.builtin.copy:
src: keepalived/sudoers
dest: /etc/sudoers.d/keepalived
owner: root
group: root
mode: u=rw,g=r,o=r
validate: /usr/sbin/visudo -cf %s
when: "'keepalived/sudoers' is file"
become: true

View File

@ -13,6 +13,7 @@ global_defs {
smtp_connect_timeout 30
{% endif %}
script_user keepalived_script
enable_script_security
max_auto_priority 50
}
@ -40,6 +41,17 @@ vrrp_instance VIP_{{ keepalived_uid }} {
virtual_router_id {{ keepalived_uid }}
advert_int 1
{% if keepalived_peers | length > 0 %}
unicast_src_ip {{ ansible_facts[keepalived_interface]['ipv4']['address'] }}
unicast_peer {
{% for peer in keepalived_peers %}
{% if peer != ansible_facts[keepalived_interface]['ipv4']['address'] %}
{{ peer }}
{% endif %}
{% endfor %}
}
{% endif %}
{% if keepalived_ipv4 | length > 0 %}
virtual_ipaddress {
{{ keepalived_ipv4 }} dev {{ keepalived_interface }} scope global
@ -52,6 +64,10 @@ vrrp_instance VIP_{{ keepalived_uid }} {
}
{% endif %}
{% if keepalived_notify_script_enabled %}
notify /etc/keepalived/notify.sh
{% endif %}
{% if keepalived_track_scripts | length > 0 %}
track_script {
{% for script in keepalived_track_scripts %}