[keepalived] routeur-daniel should burn in hell

2021-07-10 20:41:11 +02:00 · 2021-07-10 20:41:11 +02:00 · 24243c9acb
parent a7e9d992d1
commit 24243c9acb
4 changed files with 31 additions and 15 deletions
--- a/group_vars/keepalived.yml
+++ b/group_vars/keepalived.yml
@ -1,8 +1,9 @@
 ---
 glob_keepalived:
  mail_source: keepalived@crans.org
-  mail_destination: shirenn@crans.org
+  mail_destination: root@crans.org
  smtp_server: smtp.adm.crans.org
+  routeur_id: "{{ ansible_hostname }}"
  pool:
    VI_ALL:
      password: "{{ vault.keepalived.password }}"
@ -11,14 +12,18 @@ glob_keepalived:
      notify: /var/local/services/keepalived/keepalived.py
      zones:
        - vlan: srv
-          ipv4: 185.230.79.61/26
-          ipv6: 2a0c:700:2::ff:fe01:9902/64
+          ipv4: 185.230.79.62/26
+          ipv6: 2a0c:700:2::ff:fe00:9902/64
        - vlan: srv_nat
-          ipv4: 172.16.3.199/24
-          ipv6: 2a0c:700:3::ff:fe01:9903/64
+          ipv4: 172.16.3.99/24
+          ipv6: 2a0c:700:3::ff:fe00:9903/64
        - vlan: adh
-          ipv4: 185.230.78.199/24
-          ipv6: 2a0c:700:12::ff:fe01:9912/48
+          ipv4: 185.230.78.99/24
+          ipv6: 2a0c:700:12::ff:fe00:9912/48
+        - vlan: aurore
+          ipv4: 185.230.79.253/29
+          brd: no
+          ipv6: 2a0c:700:28::1/64

 glob_service_keepalived:
  name: keepalived
--- a/host_vars/routeur-daniel.adm.crans.org/keepalived.yml
+++ b/host_vars/routeur-daniel.adm.crans.org/keepalived.yml
@ -14,3 +14,4 @@ loc_service_keepalived:
      VI_ALL:
        - isc-dhcp-server
        - radvd
+        - bird
--- a/host_vars/routeur-sam.adm.crans.org/keepalived.yml
+++ b/host_vars/routeur-sam.adm.crans.org/keepalived.yml
@ -0,0 +1,17 @@
+---
+loc_keepalived:
+  instances:
+    - name: VI_ALL
+      state: MASTER
+      priority: 150
+
+loc_service_keepalived:
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/keepalived.git
+    version: master
+  config:
+    services:
+      VI_ALL:
+        - isc-dhcp-server
+        - radvd
+        - bird
--- a/roles/keepalived/templates/keepalived/keepalived.conf.j2
+++ b/roles/keepalived/templates/keepalived/keepalived.conf.j2
@ -4,6 +4,7 @@ global_defs {
  notification_email { {{ keepalived.mail_destination }} }
  notification_email_from {{ keepalived.mail_source }}
  smtp_server {{ keepalived.smtp_server }}
+  router_id {{ keepalived.routeur_id }}
 }

 {% for instance in keepalived.instances %}
@ -15,10 +16,6 @@ vrrp_instance {{ instance.name }} {
  interface {{ interfaces.adm }}
  virtual_router_id {{ keepalived.pool[instance.name].id }}
  advert_int 2
-  authentication {
-    auth_type PASS
-    auth_pass {{ keepalived.pool[instance.name].password }}
-  }

 {% if keepalived.pool[instance.name].notify is defined %}
  notify {{ keepalived.pool[instance.name].notify }}
@ -44,10 +41,6 @@ vrrp_instance {{ instance.name }}6 {
  interface {{ interfaces.adm }}
  virtual_router_id {{ keepalived.pool[instance.name].id }}
  advert_int 2
-  authentication {
-    auth_type PASS
-    auth_pass {{ keepalived.pool[instance.name].password }}
-  }

  virtual_ipaddress {
 {% for zone in keepalived.pool[instance.name].zones %}