diff --git a/group_vars/keepalived.yml b/group_vars/keepalived.yml
index 47059bf164c93680b5cbfbf5d8f0b50aedfa7de0..39f72b8c349c814c58d6bf70a12697dbcae92f10 100644
--- a/group_vars/keepalived.yml
+++ b/group_vars/keepalived.yml
@@ -1,37 +1,25 @@
---
-
glob_keepalived:
mail_source: keepalived@crans.org
- mail_destination: root@crans.org
+ mail_destination: shirenn@crans.org
smtp_server: smtp.adm.crans.org
pool:
- all:
+ VI_ALL:
password: "{{ vault.keepalived.password }}"
id: 60
ipv6: yes
- notify: /usr/scripts/notify-dhcp
+ notify: /var/local/services/keepalived/keepalived.py
zones:
- - vlan: zayo
- ipv4: 158.255.113.73/31
- brd: false
- ipv6: 2001:1b48:2:103::bb:2/126
- vlan: srv
- ipv4: 185.230.79.62/26
- ipv6: 2a0c:700:2::ff:fe00:9902/64
+ ipv4: 185.230.79.61/26
+ ipv6: 2a0c:700:2::ff:fe01:9902/64
- vlan: srv_nat
- ipv4: 172.16.3.99/24
- ipv6: 2a0c:700:3::ff:fe00:9903/64
- - vlan: accueil
- ipv4: 172.16.14.99/24
- - vlan: infra
- ipv4: 172.16.32.99/22
- ipv6: fd00::11:0:ff:fe00:9911/64
+ ipv4: 172.16.3.199/24
+ ipv6: 2a0c:700:3::ff:fe01:9903/64
- vlan: adh
- ipv4: 185.230.78.99/24
- ipv6: 2a0c:700:12::ff:fe00:9912/48
- - vlan: adh_nat
- ipv4: 100.64.0.99/16
- ipv6: 2a0c:700:13::ff:fe00:9913/48
- - vlan: federez
- ipv4: 100.65.0.99/16
- ipv6: 2a0c:700:254::ff:fe00:99fe/64
+ ipv4: 185.230.78.199/24
+ ipv6: 2a0c:700:12::ff:fe01:9912/48
+
+glob_service_keepalived:
+ name: keepalived
+ install_dir: /var/local/services/keepalived
diff --git a/host_vars/routeur-daniel.adm.crans.org/keepalived.yml b/host_vars/routeur-daniel.adm.crans.org/keepalived.yml
new file mode 100644
index 0000000000000000000000000000000000000000..72646b654180d8b75e60b3e74c7bc7a154d72694
--- /dev/null
+++ b/host_vars/routeur-daniel.adm.crans.org/keepalived.yml
@@ -0,0 +1,16 @@
+---
+loc_keepalived:
+ instances:
+ - name: VI_ALL
+ state: MASTER
+ priority: 150
+
+loc_service_keepalived:
+ git:
+ remote: https://gitlab.adm.crans.org/nounous/keepalived.git
+ version: master
+ config:
+ services:
+ VI_ALL:
+ - isc-dhcp-server
+ - radvd
diff --git a/host_vars/routeur-jack.adm.crans.org/keepalived.yml b/host_vars/routeur-jack.adm.crans.org/keepalived.yml
new file mode 100644
index 0000000000000000000000000000000000000000..620354495f58c9ed6b44f5a5732d67adb342a826
--- /dev/null
+++ b/host_vars/routeur-jack.adm.crans.org/keepalived.yml
@@ -0,0 +1,16 @@
+---
+loc_keepalived:
+ instances:
+ - name: VI_ALL
+ state: BACKUP
+ priority: 100
+
+loc_service_keepalived:
+ git:
+ remote: https://gitlab.adm.crans.org/nounous/keepalived.git
+ version: master
+ config:
+ services:
+ VI_ALL:
+ - isc-dhcp-server
+ - radvd
diff --git a/plays/keepalived.yml b/plays/keepalived.yml
old mode 100644
new mode 100755
index 7b6a6634c62521a570d913b5c96eee13555dfb56..9c51f6d5deac59084ef1f883f881f5bfa571c61b
--- a/plays/keepalived.yml
+++ b/plays/keepalived.yml
@@ -2,6 +2,12 @@
---
- hosts: keepalived
vars:
- keepalived: "{{ glob_keepalived | combine(loc_keepalived) }}"
+ keepalived: "{{ glob_keepalived | default({}) | combine(loc_keepalived | default({})) }}"
roles:
- keepalived
+
+- hosts: keepalived
+ vars:
+ service: "{{ glob_service_keepalived | default({}) | combine(loc_service_keepalived | default({})) }}"
+ roles:
+ - service
diff --git a/plays/routeurs.yml b/plays/routeurs.yml
index 853ec82d8bb8ff19c62f2a934d5d4024158ee601..f9e42659ac250b2bf5e1d8f3e6a65b2b56689d32 100755
--- a/plays/routeurs.yml
+++ b/plays/routeurs.yml
@@ -6,3 +6,4 @@
- import_playbook: firewall.yml
- import_playbook: dns-recursive.yml
- import_playbook: prefix-delegation.yml
+- import_playbook: keepalived.yml
diff --git a/roles/isc-dhcp-server/handlers/main.yml b/roles/isc-dhcp-server/handlers/main.yml
index 51268e9886357a1fb0171911836070501a93e73b..1922dc71f65ddd58ad0824ab2b0382bfdd836d25 100644
--- a/roles/isc-dhcp-server/handlers/main.yml
+++ b/roles/isc-dhcp-server/handlers/main.yml
@@ -7,6 +7,5 @@
systemd:
name: isc-dhcp-server
state: restarted
- enabled: true
listen: 'restart isc-dhcp-server'
when: not ansible_check_mode and ansible_facts.services['isc-dhcp-server']['state'] == 'running'
diff --git a/roles/keepalived/tasks/main.yml b/roles/keepalived/tasks/main.yml
index 14fc00bd453629dbbf19b7fc8199a5bd93a2c92d..008656e12529d596a9d4ebfabf4bea81476c3269 100644
--- a/roles/keepalived/tasks/main.yml
+++ b/roles/keepalived/tasks/main.yml
@@ -14,15 +14,8 @@
mode: 0644
notify: Reload keepalived.service
-- name: Create scripts directory
- file:
- path: /usr/scripts
- state: directory
-
-- name: Deploy keepalived dhcp scripts
- template:
- src: bin/notify-dhcp
- dest: /usr/scripts/notify-dhcp
- mode: 0744
- when: not ansible_check_mode
- notify: Reload keepalived.service
+- name: Start and enable keepalived
+ service:
+ name: keepalived
+ state: started
+ enabled: yes
diff --git a/roles/keepalived/templates/bin/notify-dhcp b/roles/keepalived/templates/bin/notify-dhcp
deleted file mode 100755
index a62ad14c109b8e4ffcc3ec32073fd15c7abd0079..0000000000000000000000000000000000000000
--- a/roles/keepalived/templates/bin/notify-dhcp
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-
-TYPE=$1
-NAME=$2
-STATE=$3
-
-case $STATE in
- "MASTER")
- logger -s '[DHCP-NOTIFY] Entering state MASTER, starting isc-dhcp-server.service'
- systemctl start isc-dhcp-server.service
- exit 0;;
- "BACKUP")
- logger -s '[DHCP-NOTIFY] Entering state BACKUP, stopping isc-dhcp-server.service'
- systemctl stop isc-dhcp-server.service
- exit 0;;
- "FAULT")
- logger -s '[DHCP-NOTIFY] Entering state FAULT, stopping isc-dhcp-server.service'
- systemctl stop isc-dhcp-server.service
- exit 0;;
- *)
- logger -s '[DHCP-NOTIFY] Entering UNKNOWN state, doing nothing'
- exit 1;;
-esac
-
diff --git a/roles/keepalived/templates/keepalived/keepalived.conf.j2 b/roles/keepalived/templates/keepalived/keepalived.conf.j2
index 35c954c7e1cc59dc4f1207e37eaed841c91c3159..f8645e47c182583d5a7ac5eb272f7fe04b65b317 100644
--- a/roles/keepalived/templates/keepalived/keepalived.conf.j2
+++ b/roles/keepalived/templates/keepalived/keepalived.conf.j2
@@ -7,7 +7,7 @@ global_defs {
}
{% for instance in keepalived.instances %}
-vrrp_instance {{ instance.tag }}4 {
+vrrp_instance {{ instance.name }} {
state {{ instance.state }}
priority {{ instance.priority }}
smtp_alert
@@ -36,7 +36,7 @@ vrrp_instance {{ instance.tag }}4 {
}
{% if keepalived.pool[instance.name].ipv6 %}
-vrrp_instance {{ instance.tag }}6 {
+vrrp_instance {{ instance.name }}6 {
state {{ instance.state }}
priority {{ instance.priority }}
smtp_alert
diff --git a/roles/radvd/handlers/main.yml b/roles/radvd/handlers/main.yml
index 39552d747c80547d07e842482d3acd3f3850f2fc..3ca4d5677012471273d6c1f3ac7ca01a2b05693c 100644
--- a/roles/radvd/handlers/main.yml
+++ b/roles/radvd/handlers/main.yml
@@ -1,5 +1,10 @@
---
+- name: check radvd status
+ service_facts:
+ listen: Restart radvd service
+
- name: Restart radvd service
service:
name: radvd
state: restarted
+ when: not ansible_check_mode and ansible_facts.services['bird']['state'] == 'running'