From b3619d05f4cd21df7d48e897275c8cad450fd652 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Sun, 3 May 2020 10:03:12 +0200 Subject: [PATCH] Some changes in keepalived template --- re2o-api.yml | 17 +++++--------- roles/keepalived/tasks/main.yml | 3 +-- .../templates/keepalived/keepalived.conf.j2 | 22 +++++++++---------- 3 files changed, 17 insertions(+), 25 deletions(-) diff --git a/re2o-api.yml b/re2o-api.yml index da0938f9..2d04db0f 100755 --- a/re2o-api.yml +++ b/re2o-api.yml @@ -11,7 +11,6 @@ router: true router_password: "{{ vault_keepalived_router_password }}" router_primary: false - proxy: false if_serveurs: eth0.1 if_adm: eth0.2 if_bornes: eth0.3 @@ -55,11 +54,9 @@ - hosts: gulp.adm.crans.org vars: keepalived: - radius: false router: true router_password: "{{ vault_keepalived_router_password }}" router_primary: true - proxy: false if_serveurs: eno1.1 if_adm: eno1.2 if_bornes: eno1.3 @@ -93,15 +90,13 @@ - hosts: frontdaur.adm.crans.org vars: keepalived: - radius: false - router: false - proxy: true - proxy_primary: false - proxy_password: "{{ vault_keepalived_proxy_password }}" + proxy: + primary: false + password: "{{ vault_keepalived_proxy_password }}" + ipv4: 185.230.79.194 + ipv6: 2a0c:700:0:24:ba:ccff:feda:aa00 + broadcast: 185.230.79.255 if_adm: eth1 if_srv: eth0 - proxy_ipv4_srv: 185.230.79.194 - proxy_broadcast_srv: 185.230.79.255 - proxy_ipv6_srv: 2a0c:700:0:24:ba:ccff:feda:aa00 roles: - keepalived diff --git a/roles/keepalived/tasks/main.yml b/roles/keepalived/tasks/main.yml index e0678e1e..7efe258f 100644 --- a/roles/keepalived/tasks/main.yml +++ b/roles/keepalived/tasks/main.yml @@ -2,8 +2,7 @@ - name: Install keepalived apt: update_cache: true - name: - - keepalived + name: keepalived register: apt_result retries: 3 until: apt_result is succeeded diff --git a/roles/keepalived/templates/keepalived/keepalived.conf.j2 b/roles/keepalived/templates/keepalived/keepalived.conf.j2 index 9237116f..e488e71c 100644 --- a/roles/keepalived/templates/keepalived/keepalived.conf.j2 +++ b/roles/keepalived/templates/keepalived/keepalived.conf.j2 @@ -8,11 +8,11 @@ global_defs { smtp_server smtp.adm.crans.org } -{% if keepalived.proxy %} +{% if keepalived.proxy is defined %} vrrp_instance VI_DAUR4 { # We don't own the IP address, which allows manual triggering of IP change when machine comes UP # see man keepalived.conf. -{% if keepalived.proxy_primary %} +{% if keepalived.proxy.primary %} state MASTER priority 150 {% else %} @@ -25,20 +25,18 @@ vrrp_instance VI_DAUR4 { advert_int 2 authentication { auth_type PASS - auth_pass {{ keepalived.proxy_password }} + auth_pass {{ keepalived.proxy.password }} } virtual_ipaddress { - {{ keepalived.proxy_ipv4 }}/32 brd 138.231.143.255 dev eth0 scope global + {{ keepalived.proxy.ipv4 }}/32 brd {{ keepalived.proxy.broadcast }} dev {{ keepalived.if_srv }} scope global } } -{% endif %} -{% if keepalived.proxy %} vrrp_instance VI_DAUR6 { # We don't own the IP address, which allows manual triggering of IP change when machine comes UP # see man keepalived.conf. -{% if keepalived.proxy_primary %} +{% if keepalived.proxy.primary %} state MASTER priority 150 {% else %} @@ -51,16 +49,16 @@ vrrp_instance VI_DAUR6 { advert_int 2 authentication { auth_type PASS - auth_pass {{ keepalived.proxy_password }} + auth_pass {{ keepalived.proxy.password }} } virtual_ipaddress { - {{ keepalived.proxy_ipv6 }}/64 dev eth0 scope global + {{ keepalived.proxy.ipv6 }}/64 dev {{ keepalived.if_srv }} scope global } } {% endif %} -{% if keepalived.radius %} +{% if keepalived.radius is defined %} vrrp_instance VI_RAD4 { # We don't own the IP address, which allows manual triggering of IP change when machine comes UP # see man keepalived.conf. @@ -90,7 +88,7 @@ vrrp_instance VI_RAD4 { } {% endif %} -{% if keepalived.radius %} +{% if keepalived.radius is defined %} vrrp_instance VI_RAD6 { # We don't own the IP address, which allows manual triggering of IP change when machine comes UP # see man keepalived.conf. @@ -120,7 +118,7 @@ vrrp_instance VI_RAD6 { } {% endif %} -{% if keepalived.router %} +{% if keepalived.router is defined %} vrrp_instance VI_ROUT { # We don't own the IP address, which allows manual triggering of IP change when machine comes UP # see man keepalived.conf.