[keepalived] Rafraichissement de la conf

2021-01-17 20:13:30 +01:00 · 2021-01-17 20:13:30 +01:00 · 28fa6e0a94
parent 223ff3e300
commit 28fa6e0a94
5 changed files with 51 additions and 27 deletions
--- a/group_vars/keepalived.yml
+++ b/group_vars/keepalived.yml
@ -5,26 +5,33 @@ glob_keepalived:
  mail_destination: root@crans.org
  smtp_server: smtp.adm.crans.org
  pool:
-    dhcp:
+    all:
      password: "plopisverysecure"
      id: 60
      ipv6: yes
      notify: /usr/scripts/notify-dhcp
      zones:
+        - vlan: zayo
+          ipv4: 158.255.113.73/31
+          brd: false
+          ipv6: 2001:1b48:2:103::bb:2/126
+        - vlan: srv
+          ipv4: 185.230.79.62/26
+          ipv6: 2a0c:700:2::ff:fe00:9902/64
+        - vlan: srv_nat
+          ipv4: 172.16.3.99/24
+          ipv6: 2a0c:700:3::ff:fe00:9903/64
+        - vlan: accueil
+          ipv4: 172.16.14.99/24
+        - vlan: infra
+          ipv4: 172.16.32.99/22
+          ipv6: fd00::11:0:ff:fe00:9911/64
        - vlan: adh
          ipv4: 185.230.78.99/24
-          brd: true
          ipv6: 2a0c:700:12::ff:fe00:9912/48
        - vlan: adh_nat
          ipv4: 100.64.0.99/16
-          brd: true
          ipv6: 2a0c:700:13::ff:fe00:9913/48
-    radius:
-      password: 'plopisverysecure'
-      id: 61
-      ipv6: yes
-      zones:
-        - vlan: infra
-          ipv4: 172.16.32.99/22
-          brd: true
-          ipv6: fd00::11:0:ff:fe00:9911/64
+        - vlan: federez
+          ipv4: 100.65.0.99/16
+          ipv6: 2a0c:700:254::ff:fe00:99fe/64
--- a/host_vars/routeur-daniel.adm.crans.org.yml
+++ b/host_vars/routeur-daniel.adm.crans.org.yml
@ -6,17 +6,15 @@ interfaces:
  infra: ens21
  adh: ens22
  adh_nat: ens23
+  zayo: enp1s3
+  federez: enp1s4

 firewall:
  version: HEAD

 loc_keepalived:
  instances:
-    - name: dhcp
-      tag: VI_DHCP
-      state: BACKUP
-      priority: 100
-    - name: radius
-      tag: VI_RAD
+    - name: all
+      tag: VI_ALL
      state: BACKUP
      priority: 100
--- a/host_vars/routeur-jack.adm.crans.org.yml
+++ b/host_vars/routeur-jack.adm.crans.org.yml
@ -0,0 +1,21 @@
+---
+interfaces:
+  adm: ens18
+  srv: ens19
+  srv_nat: ens20
+  infra: ens21
+  adh: ens22
+  adh_nat: ens23
+  zayo: enp1s3
+  federez: enp1s4
+  accueil: ens1
+
+firewall:
+  version: HEAD
+
+loc_keepalived:
+  instances:
+    - name: all
+      tag: VI_ALL
+      state: BACKUP
+      priority: 50
--- a/host_vars/routeur-sam.adm.crans.org.yml
+++ b/host_vars/routeur-sam.adm.crans.org.yml
@ -1,24 +1,22 @@
 ---
 interfaces:
-  adm: ens18
  srv: ens19
  srv_nat: ens20
+  adm: ens18
  infra: ens21
  adh: ens22
  adh_nat: ens23
-  srv_old: ens1
+  zayo: enp1s3
+  federez: enp1s4
+  accueil: ens1

 firewall:
  version: HEAD

 loc_keepalived:
  instances:
-    - name: dhcp
-      tag: VI_DHCP
-      state: MASTER
-      priority: 150
-    - name: radius
-      tag: VI_RAD
+    - name: all
+      tag: VI_ALL
      state: MASTER
      priority: 150

--- a/roles/keepalived/templates/keepalived/keepalived.conf.j2
+++ b/roles/keepalived/templates/keepalived/keepalived.conf.j2
@ -26,7 +26,7 @@ vrrp_instance {{ instance.tag }}4 {

  virtual_ipaddress {
 {% for zone in keepalived.pool[instance.name].zones %}
-{% if zone.brd  %}
+{% if zone.brd is undefined or zone.brd  %}
      {{ zone.ipv4 }} brd {{ zone.ipv4 | ipaddr('broadcast') }} dev {{ interfaces[zone.vlan] }} scope global
 {% else %}
      {{ zone.ipv4 }} dev {{ interfaces[zone.vlan] }} scope global