diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-03-16 22:28:33 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-03-16 22:28:33 -0700 |
| commit | 053abdc560ad31e482fd631b2b7f8ccd4bd3b3f1 (patch) | |
| tree | c7b3119319e3fc36cbf78dc43b6c8debb572f50f /playbooks/roles/keepalived | |
| parent | 654694f9276cd9c30a7f2690f9336cf63a0172ef (diff) | |
| download | infra-053abdc560ad31e482fd631b2b7f8ccd4bd3b3f1.tar.gz infra-053abdc560ad31e482fd631b2b7f8ccd4bd3b3f1.zip | |
keepalived
Diffstat (limited to 'playbooks/roles/keepalived')
| -rw-r--r-- | playbooks/roles/keepalived/handlers/main.yml | 8 | ||||
| -rw-r--r-- | playbooks/roles/keepalived/tasks/main.yml | 21 | ||||
| -rw-r--r-- | playbooks/roles/keepalived/templates/healthcheck.sh.j2 | 12 | ||||
| -rw-r--r-- | playbooks/roles/keepalived/templates/keepalived.conf.j2 | 36 |
4 files changed, 77 insertions, 0 deletions
diff --git a/playbooks/roles/keepalived/handlers/main.yml b/playbooks/roles/keepalived/handlers/main.yml new file mode 100644 index 0000000..cab4124 --- /dev/null +++ b/playbooks/roles/keepalived/handlers/main.yml @@ -0,0 +1,8 @@ +--- + +- name: Restart Keepalived + ansible.builtin.service: + name: keepalived + state: restarted + enabled: true + diff --git a/playbooks/roles/keepalived/tasks/main.yml b/playbooks/roles/keepalived/tasks/main.yml new file mode 100644 index 0000000..f888621 --- /dev/null +++ b/playbooks/roles/keepalived/tasks/main.yml @@ -0,0 +1,21 @@ +--- + +- name: Install Keepalived + ansible.builtin.apt: + name: keepalived + state: present + +- name: Generate Keepalived Healthcheck Script Pinging Traefik + ansible.builtin.template: + src: healthcheck.sh.j2 + dest: "{{ keepalived_healthcheck_script }}" + mode: 'a+x' + +- name: Generate Keepalived Configuration + ansible.builtin.template: + src: keepalived.conf.j2 + dest: /etc/keepalived/keepalived.conf + owner: root + group: root + mode: '0644' + notify: Restart Keepalived diff --git a/playbooks/roles/keepalived/templates/healthcheck.sh.j2 b/playbooks/roles/keepalived/templates/healthcheck.sh.j2 new file mode 100644 index 0000000..0e6c18b --- /dev/null +++ b/playbooks/roles/keepalived/templates/healthcheck.sh.j2 @@ -0,0 +1,12 @@ +#!/bin/bash +set -e +PING_HOSTNAME="{{ traefik_host }}" +VIRTUAL_IP="{{ keepalived_virtual_ip }}" + +function do_ping() { + local endpoint_hostname="$1" + local vip="$2" + curl -s -o /dev/null -w "%{http_code}" --resolve "$endpoint_hostname:443:$vip" "https://$endpoint_hostname/ping" +} + +test "$(do_ping "$PING_HOSTNAME" "$VIRTUAL_IP")" = "200" diff --git a/playbooks/roles/keepalived/templates/keepalived.conf.j2 b/playbooks/roles/keepalived/templates/keepalived.conf.j2 new file mode 100644 index 0000000..cb9c449 --- /dev/null +++ b/playbooks/roles/keepalived/templates/keepalived.conf.j2 @@ -0,0 +1,36 @@ +global_defs { + script_user nobody + enable_script_security +} + +vrrp_script chk_avail { + script "{{ keepalived_healthcheck_script }}" + interval 1 + weight 10 + rise 6 + fall 1 +} + +vrrp_instance {{ inventory_hostname }} { + interface {{ keepalived_interface }} + + state BACKUP + virtual_router_id {{ keepalived_virtual_router_id }} + priority {{ keepalived_priority }} + advert_int 1 + + unicast_src_ip {{ ansible_host }} + unicast_peer { + {% for peer in groups['keepalived'] if hostvars[peer]['ansible_host'] != ansible_host %} + {{ hostvars[peer]['ansible_host'] }} + {% endfor %} + } + + virtual_ipaddress { + {{ keepalived_virtual_ip }} dev {{ keepalived_interface }} + } + + track_script { + chk_avail + } +} |