From 28fa6e0a948d9d3ac09e905fe73fc55ebfbf0906 Mon Sep 17 00:00:00 2001
From: pa <pa@crans.org>
Date: Sun, 17 Jan 2021 20:13:30 +0100
Subject: [PATCH] [keepalived] Rafraichissement de la conf
---
group_vars/keepalived.yml | 31 ++++++++++++-------
host_vars/routeur-daniel.adm.crans.org.yml | 10 +++---
host_vars/routeur-jack.adm.crans.org.yml | 21 +++++++++++++
host_vars/routeur-sam.adm.crans.org.yml | 14 ++++-----
.../templates/keepalived/keepalived.conf.j2 | 2 +-
5 files changed, 51 insertions(+), 27 deletions(-)
create mode 100644 host_vars/routeur-jack.adm.crans.org.yml
diff --git a/group_vars/keepalived.yml b/group_vars/keepalived.yml
index 2b4fbd40..fbdbb47c 100644
--- a/group_vars/keepalived.yml
+++ b/group_vars/keepalived.yml
@@ -5,26 +5,33 @@ glob_keepalived:
mail_destination: root@crans.org
smtp_server: smtp.adm.crans.org
pool:
- dhcp:
+ all:
password: "plopisverysecure"
id: 60
ipv6: yes
notify: /usr/scripts/notify-dhcp
zones:
+ - vlan: zayo
+ ipv4: 158.255.113.73/31
+ brd: false
+ ipv6: 2001:1b48:2:103::bb:2/126
+ - vlan: srv
+ ipv4: 185.230.79.62/26
+ ipv6: 2a0c:700:2::ff:fe00:9902/64
+ - vlan: srv_nat
+ ipv4: 172.16.3.99/24
+ ipv6: 2a0c:700:3::ff:fe00:9903/64
+ - vlan: accueil
+ ipv4: 172.16.14.99/24
+ - vlan: infra
+ ipv4: 172.16.32.99/22
+ ipv6: fd00::11:0:ff:fe00:9911/64
- vlan: adh
ipv4: 185.230.78.99/24
- brd: true
ipv6: 2a0c:700:12::ff:fe00:9912/48
- vlan: adh_nat
ipv4: 100.64.0.99/16
- brd: true
ipv6: 2a0c:700:13::ff:fe00:9913/48
- radius:
- password: 'plopisverysecure'
- id: 61
- ipv6: yes
- zones:
- - vlan: infra
- ipv4: 172.16.32.99/22
- brd: true
- ipv6: fd00::11:0:ff:fe00:9911/64
+ - vlan: federez
+ ipv4: 100.65.0.99/16
+ ipv6: 2a0c:700:254::ff:fe00:99fe/64
diff --git a/host_vars/routeur-daniel.adm.crans.org.yml b/host_vars/routeur-daniel.adm.crans.org.yml
index c3d4db4a..450e7f92 100644
--- a/host_vars/routeur-daniel.adm.crans.org.yml
+++ b/host_vars/routeur-daniel.adm.crans.org.yml
@@ -6,17 +6,15 @@ interfaces:
infra: ens21
adh: ens22
adh_nat: ens23
+ zayo: enp1s3
+ federez: enp1s4
firewall:
version: HEAD
loc_keepalived:
instances:
- - name: dhcp
- tag: VI_DHCP
- state: BACKUP
- priority: 100
- - name: radius
- tag: VI_RAD
+ - name: all
+ tag: VI_ALL
state: BACKUP
priority: 100
diff --git a/host_vars/routeur-jack.adm.crans.org.yml b/host_vars/routeur-jack.adm.crans.org.yml
new file mode 100644
index 00000000..ce28f34d
--- /dev/null
+++ b/host_vars/routeur-jack.adm.crans.org.yml
@@ -0,0 +1,21 @@
+---
+interfaces:
+ adm: ens18
+ srv: ens19
+ srv_nat: ens20
+ infra: ens21
+ adh: ens22
+ adh_nat: ens23
+ zayo: enp1s3
+ federez: enp1s4
+ accueil: ens1
+
+firewall:
+ version: HEAD
+
+loc_keepalived:
+ instances:
+ - name: all
+ tag: VI_ALL
+ state: BACKUP
+ priority: 50
diff --git a/host_vars/routeur-sam.adm.crans.org.yml b/host_vars/routeur-sam.adm.crans.org.yml
index ea5639d5..0ba9d389 100644
--- a/host_vars/routeur-sam.adm.crans.org.yml
+++ b/host_vars/routeur-sam.adm.crans.org.yml
@@ -1,24 +1,22 @@
---
interfaces:
- adm: ens18
srv: ens19
srv_nat: ens20
+ adm: ens18
infra: ens21
adh: ens22
adh_nat: ens23
- srv_old: ens1
+ zayo: enp1s3
+ federez: enp1s4
+ accueil: ens1
firewall:
version: HEAD
loc_keepalived:
instances:
- - name: dhcp
- tag: VI_DHCP
- state: MASTER
- priority: 150
- - name: radius
- tag: VI_RAD
+ - name: all
+ tag: VI_ALL
state: MASTER
priority: 150
diff --git a/roles/keepalived/templates/keepalived/keepalived.conf.j2 b/roles/keepalived/templates/keepalived/keepalived.conf.j2
index ee797434..35c954c7 100644
--- a/roles/keepalived/templates/keepalived/keepalived.conf.j2
+++ b/roles/keepalived/templates/keepalived/keepalived.conf.j2
@@ -26,7 +26,7 @@ vrrp_instance {{ instance.tag }}4 {
virtual_ipaddress {
{% for zone in keepalived.pool[instance.name].zones %}
-{% if zone.brd %}
+{% if zone.brd is undefined or zone.brd %}
{{ zone.ipv4 }} brd {{ zone.ipv4 | ipaddr('broadcast') }} dev {{ interfaces[zone.vlan] }} scope global
{% else %}
{{ zone.ipv4 }} dev {{ interfaces[zone.vlan] }} scope global
--
GitLab