From 37ea941a8dc4170fea33112a950f84dd4144f9b0 Mon Sep 17 00:00:00 2001
From: shirenn <shirenn@crans.org>
Date: Fri, 18 Jun 2021 20:04:30 +0200
Subject: [PATCH] [keepalived] https://www.youtube.com/watch?v=fNFzfwLM72c
please dont die
---
group_vars/keepalived.yml | 38 +++++++------------
.../keepalived.yml | 16 ++++++++
.../routeur-jack.adm.crans.org/keepalived.yml | 16 ++++++++
plays/keepalived.yml | 8 +++-
plays/routeurs.yml | 1 +
roles/isc-dhcp-server/handlers/main.yml | 1 -
roles/keepalived/tasks/main.yml | 17 +++------
roles/keepalived/templates/bin/notify-dhcp | 24 ------------
.../templates/keepalived/keepalived.conf.j2 | 4 +-
roles/radvd/handlers/main.yml | 5 +++
10 files changed, 65 insertions(+), 65 deletions(-)
create mode 100644 host_vars/routeur-daniel.adm.crans.org/keepalived.yml
create mode 100644 host_vars/routeur-jack.adm.crans.org/keepalived.yml
mode change 100644 => 100755 plays/keepalived.yml
delete mode 100755 roles/keepalived/templates/bin/notify-dhcp
diff --git a/group_vars/keepalived.yml b/group_vars/keepalived.yml
index 47059bf1..39f72b8c 100644
--- a/group_vars/keepalived.yml
+++ b/group_vars/keepalived.yml
@@ -1,37 +1,25 @@
---
-
glob_keepalived:
mail_source: keepalived@crans.org
- mail_destination: root@crans.org
+ mail_destination: shirenn@crans.org
smtp_server: smtp.adm.crans.org
pool:
- all:
+ VI_ALL:
password: "{{ vault.keepalived.password }}"
id: 60
ipv6: yes
- notify: /usr/scripts/notify-dhcp
+ notify: /var/local/services/keepalived/keepalived.py
zones:
- - vlan: zayo
- ipv4: 158.255.113.73/31
- brd: false
- ipv6: 2001:1b48:2:103::bb:2/126
- vlan: srv
- ipv4: 185.230.79.62/26
- ipv6: 2a0c:700:2::ff:fe00:9902/64
+ ipv4: 185.230.79.61/26
+ ipv6: 2a0c:700:2::ff:fe01:9902/64
- vlan: srv_nat
- ipv4: 172.16.3.99/24
- ipv6: 2a0c:700:3::ff:fe00:9903/64
- - vlan: accueil
- ipv4: 172.16.14.99/24
- - vlan: infra
- ipv4: 172.16.32.99/22
- ipv6: fd00::11:0:ff:fe00:9911/64
+ ipv4: 172.16.3.199/24
+ ipv6: 2a0c:700:3::ff:fe01:9903/64
- vlan: adh
- ipv4: 185.230.78.99/24
- ipv6: 2a0c:700:12::ff:fe00:9912/48
- - vlan: adh_nat
- ipv4: 100.64.0.99/16
- ipv6: 2a0c:700:13::ff:fe00:9913/48
- - vlan: federez
- ipv4: 100.65.0.99/16
- ipv6: 2a0c:700:254::ff:fe00:99fe/64
+ ipv4: 185.230.78.199/24
+ ipv6: 2a0c:700:12::ff:fe01:9912/48
+
+glob_service_keepalived:
+ name: keepalived
+ install_dir: /var/local/services/keepalived
diff --git a/host_vars/routeur-daniel.adm.crans.org/keepalived.yml b/host_vars/routeur-daniel.adm.crans.org/keepalived.yml
new file mode 100644
index 00000000..72646b65
--- /dev/null
+++ b/host_vars/routeur-daniel.adm.crans.org/keepalived.yml
@@ -0,0 +1,16 @@
+---
+loc_keepalived:
+ instances:
+ - name: VI_ALL
+ state: MASTER
+ priority: 150
+
+loc_service_keepalived:
+ git:
+ remote: https://gitlab.adm.crans.org/nounous/keepalived.git
+ version: master
+ config:
+ services:
+ VI_ALL:
+ - isc-dhcp-server
+ - radvd
diff --git a/host_vars/routeur-jack.adm.crans.org/keepalived.yml b/host_vars/routeur-jack.adm.crans.org/keepalived.yml
new file mode 100644
index 00000000..62035449
--- /dev/null
+++ b/host_vars/routeur-jack.adm.crans.org/keepalived.yml
@@ -0,0 +1,16 @@
+---
+loc_keepalived:
+ instances:
+ - name: VI_ALL
+ state: BACKUP
+ priority: 100
+
+loc_service_keepalived:
+ git:
+ remote: https://gitlab.adm.crans.org/nounous/keepalived.git
+ version: master
+ config:
+ services:
+ VI_ALL:
+ - isc-dhcp-server
+ - radvd
diff --git a/plays/keepalived.yml b/plays/keepalived.yml
old mode 100644
new mode 100755
index 7b6a6634..9c51f6d5
--- a/plays/keepalived.yml
+++ b/plays/keepalived.yml
@@ -2,6 +2,12 @@
---
- hosts: keepalived
vars:
- keepalived: "{{ glob_keepalived | combine(loc_keepalived) }}"
+ keepalived: "{{ glob_keepalived | default({}) | combine(loc_keepalived | default({})) }}"
roles:
- keepalived
+
+- hosts: keepalived
+ vars:
+ service: "{{ glob_service_keepalived | default({}) | combine(loc_service_keepalived | default({})) }}"
+ roles:
+ - service
diff --git a/plays/routeurs.yml b/plays/routeurs.yml
index 853ec82d..f9e42659 100755
--- a/plays/routeurs.yml
+++ b/plays/routeurs.yml
@@ -6,3 +6,4 @@
- import_playbook: firewall.yml
- import_playbook: dns-recursive.yml
- import_playbook: prefix-delegation.yml
+- import_playbook: keepalived.yml
diff --git a/roles/isc-dhcp-server/handlers/main.yml b/roles/isc-dhcp-server/handlers/main.yml
index 51268e98..1922dc71 100644
--- a/roles/isc-dhcp-server/handlers/main.yml
+++ b/roles/isc-dhcp-server/handlers/main.yml
@@ -7,6 +7,5 @@
systemd:
name: isc-dhcp-server
state: restarted
- enabled: true
listen: 'restart isc-dhcp-server'
when: not ansible_check_mode and ansible_facts.services['isc-dhcp-server']['state'] == 'running'
diff --git a/roles/keepalived/tasks/main.yml b/roles/keepalived/tasks/main.yml
index 14fc00bd..008656e1 100644
--- a/roles/keepalived/tasks/main.yml
+++ b/roles/keepalived/tasks/main.yml
@@ -14,15 +14,8 @@
mode: 0644
notify: Reload keepalived.service
-- name: Create scripts directory
- file:
- path: /usr/scripts
- state: directory
-
-- name: Deploy keepalived dhcp scripts
- template:
- src: bin/notify-dhcp
- dest: /usr/scripts/notify-dhcp
- mode: 0744
- when: not ansible_check_mode
- notify: Reload keepalived.service
+- name: Start and enable keepalived
+ service:
+ name: keepalived
+ state: started
+ enabled: yes
diff --git a/roles/keepalived/templates/bin/notify-dhcp b/roles/keepalived/templates/bin/notify-dhcp
deleted file mode 100755
index a62ad14c..00000000
--- a/roles/keepalived/templates/bin/notify-dhcp
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-
-TYPE=$1
-NAME=$2
-STATE=$3
-
-case $STATE in
- "MASTER")
- logger -s '[DHCP-NOTIFY] Entering state MASTER, starting isc-dhcp-server.service'
- systemctl start isc-dhcp-server.service
- exit 0;;
- "BACKUP")
- logger -s '[DHCP-NOTIFY] Entering state BACKUP, stopping isc-dhcp-server.service'
- systemctl stop isc-dhcp-server.service
- exit 0;;
- "FAULT")
- logger -s '[DHCP-NOTIFY] Entering state FAULT, stopping isc-dhcp-server.service'
- systemctl stop isc-dhcp-server.service
- exit 0;;
- *)
- logger -s '[DHCP-NOTIFY] Entering UNKNOWN state, doing nothing'
- exit 1;;
-esac
-
diff --git a/roles/keepalived/templates/keepalived/keepalived.conf.j2 b/roles/keepalived/templates/keepalived/keepalived.conf.j2
index 35c954c7..f8645e47 100644
--- a/roles/keepalived/templates/keepalived/keepalived.conf.j2
+++ b/roles/keepalived/templates/keepalived/keepalived.conf.j2
@@ -7,7 +7,7 @@ global_defs {
}
{% for instance in keepalived.instances %}
-vrrp_instance {{ instance.tag }}4 {
+vrrp_instance {{ instance.name }} {
state {{ instance.state }}
priority {{ instance.priority }}
smtp_alert
@@ -36,7 +36,7 @@ vrrp_instance {{ instance.tag }}4 {
}
{% if keepalived.pool[instance.name].ipv6 %}
-vrrp_instance {{ instance.tag }}6 {
+vrrp_instance {{ instance.name }}6 {
state {{ instance.state }}
priority {{ instance.priority }}
smtp_alert
diff --git a/roles/radvd/handlers/main.yml b/roles/radvd/handlers/main.yml
index 39552d74..3ca4d567 100644
--- a/roles/radvd/handlers/main.yml
+++ b/roles/radvd/handlers/main.yml
@@ -1,5 +1,10 @@
---
+- name: check radvd status
+ service_facts:
+ listen: Restart radvd service
+
- name: Restart radvd service
service:
name: radvd
state: restarted
+ when: not ansible_check_mode and ansible_facts.services['bird']['state'] == 'running'
--
GitLab