ansible-roles/deploy_keepalived
ansible-roles/deploy_keepalived
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(tests): add custom tests afor docker and vagrant

Browse Source
This commit is contained in:
Bertrand Lanson 2024-03-10 19:42:38 +01:00
parent c4afa7a272
commit 1435d8ebc2
18 changed files with 752 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
files/.gitkeep
View File

72
molecule/default/verify.yml
View File

@ -51,6 +51,36 @@
register: slurp_etc_keepalived_keepalived_conf register: slurp_etc_keepalived_keepalived_conf
- name: "Verify directory /etc/keepalived" - name: "Verify directory /etc/keepalived"
vars:
keepalived_expected_cfg_file: |
# Ansible managed: Do NOT edit this file manually!
global_defs {
script_user keepalived_script
enable_script_security
}
vrrp_instance instance {
interface eth0
state BACKUP
virtual_router_id 50
priority 100
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass password
}
virtual_ipaddress {
192.168.1.100/32
}
notify /etc/keepalived/scripts.d/notify.sh
}
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_keepalived.stat.exists - stat_etc_keepalived.stat.exists
@ -68,9 +98,9 @@
- stat_etc_keepalived_keepalived_conf.stat.pw_name == 'root' - stat_etc_keepalived_keepalived_conf.stat.pw_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.gr_name == 'root' - stat_etc_keepalived_keepalived_conf.stat.gr_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.mode == '0600' - stat_etc_keepalived_keepalived_conf.stat.mode == '0600'
- slurp_etc_keepalived_keepalived_conf.content != '' - (slurp_etc_keepalived_keepalived_conf.content|b64decode) == keepalived_expected_cfg_file
- name: "Test: service haproxy" - name: "Test: service keepalived"
block: block:
- name: "Get service keepalived" - name: "Get service keepalived"
ansible.builtin.service_facts: ansible.builtin.service_facts:
@ -115,3 +145,41 @@
- ansible_facts.services['keepalived.service']['source'] == 'systemd' - ansible_facts.services['keepalived.service']['source'] == 'systemd'
- ansible_facts.services['keepalived.service']['state'] == 'running' - ansible_facts.services['keepalived.service']['state'] == 'running'
- ansible_facts.services['keepalived.service']['status'] == 'enabled' - ansible_facts.services['keepalived.service']['status'] == 'enabled'
- name: "Test: file /usr/local/sbin/keepalived"
block:
- name: "Stat file /usr/local/sbin/keepalived"
ansible.builtin.stat:
path: "/usr/local/sbin/keepalived"
register: stat_usr_local_sbin_keepalived
- name: "Command keepalived --version"
ansible.builtin.command: "keepalived --version"
changed_when: false
register: keepalived_version
- name: "Verify file /usr/local/sbin/keepalived"
ansible.builtin.assert:
that:
- keepalived_version.stderr | regex_search('^Keepalived v\\d+\\.\\d+\\.\\d')
- stat_usr_local_sbin_keepalived.stat.exists
- stat_usr_local_sbin_keepalived.stat.isreg
- stat_usr_local_sbin_keepalived.stat.pw_name == 'root'
- stat_usr_local_sbin_keepalived.stat.gr_name == 'root'
- stat_usr_local_sbin_keepalived.stat.mode == '0755'
- name: "Test: interfaces"
block:
- name: "Debug"
ansible.builtin.debug:
msg: "{{ ansible_eth0 }}"
- name: "Verify VIP interface"
ansible.builtin.assert:
that:
- ansible_eth0.active
- ansible_eth0.ipv4_secondaries[0].address == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].netmask == '255.255.255.255'
- ansible_eth0.ipv4_secondaries[0].broadcast == ''
- ansible_eth0.ipv4_secondaries[0].network == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].prefix == '32'

157
molecule/default_vagrant/verify.yml
View File

@ -4,3 +4,160 @@
gather_facts: true gather_facts: true
become: true become: true
tasks: tasks:
- name: "Test: directory /etc/keepalived"
block:
- name: "Stat directory /etc/keepalived"
ansible.builtin.stat:
path: "/etc/keepalived"
register: stat_etc_keepalived
- name: "Stat file /etc/default/keepalived"
ansible.builtin.stat:
path: "/etc/default/keepalived"
register: stat_etc_default_keepalived
- name: "Stat file /etc/keepalived/keepalived.conf"
ansible.builtin.stat:
path: "/etc/keepalived/keepalived.conf"
register: stat_etc_keepalived_keepalived_conf
- name: "Slurp file /etc/keepalived/keepalived.conf"
ansible.builtin.slurp:
src: "/etc/keepalived/keepalived.conf"
register: slurp_etc_keepalived_keepalived_conf
- name: "Verify directory /etc/keepalived"
vars:
keepalived_expected_cfg_file: |
# Ansible managed: Do NOT edit this file manually!
global_defs {
script_user keepalived_script
enable_script_security
}
vrrp_instance instance {
interface eth0
state BACKUP
virtual_router_id 50
priority 100
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass password
}
virtual_ipaddress {
192.168.1.100/32
}
notify /etc/keepalived/scripts.d/notify.sh
}
ansible.builtin.assert:
that:
- stat_etc_keepalived.stat.exists
- stat_etc_keepalived.stat.isdir
- stat_etc_keepalived.stat.pw_name == 'root'
- stat_etc_keepalived.stat.gr_name == 'root'
- stat_etc_keepalived.stat.mode == '0755'
- stat_etc_default_keepalived.stat.exists
- stat_etc_default_keepalived.stat.isreg
- stat_etc_default_keepalived.stat.pw_name == 'root'
- stat_etc_default_keepalived.stat.gr_name == 'root'
- stat_etc_default_keepalived.stat.mode == '0600'
- stat_etc_keepalived_keepalived_conf.stat.exists
- stat_etc_keepalived_keepalived_conf.stat.isreg
- stat_etc_keepalived_keepalived_conf.stat.pw_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.gr_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.mode == '0600'
- (slurp_etc_keepalived_keepalived_conf.content|b64decode) == keepalived_expected_cfg_file
- name: "Test: service keepalived"
block:
- name: "Get service keepalived"
ansible.builtin.service_facts:
- name: "Stat file /etc/systemd/system/keepalived_container.service"
ansible.builtin.stat:
path: "/etc/systemd/system/keepalived_container.service"
register: stat_etc_systemd_system_keepalived_container_service
- name: "Slurp file /etc/systemd/system/keepalived_container.service"
ansible.builtin.slurp:
src: "/etc/systemd/system/keepalived_container.service"
register: slurp_etc_systemd_system_keepalived_container_service
- name: "Verify service keepalived"
vars:
keepalived_expected_service_file: |
# Ansible managed: Do NOT edit this file manually!
[Unit]
After=docker.service
PartOf=docker.service
Requires=docker.service
[Service]
EnvironmentFile=/etc/default/keepalived
ExecStartPre=-/usr/bin/docker rm -f keepalived
ExecStart=/usr/bin/docker run --name keepalived \
--rm \
--env-file /etc/default/keepalived \
--network "host" \
--cap-add "NET_ADMIN" \
--cap-add "NET_RAW" \
--cap-add "NET_BROADCAST" \
--volume "/etc/keepalived:/etc/keepalived" \
ednxzu/keepalived:2.2.8
ExecStop=/usr/bin/docker stop keepalived
SyslogIdentifier=keepalived
Restart=always
RestartSec=10s
[Install]
WantedBy=docker.service
ansible.builtin.assert:
that:
- stat_etc_systemd_system_keepalived_container_service.stat.exists
- stat_etc_systemd_system_keepalived_container_service.stat.isreg
- stat_etc_systemd_system_keepalived_container_service.stat.pw_name == 'root'
- stat_etc_systemd_system_keepalived_container_service.stat.gr_name == 'root'
- stat_etc_systemd_system_keepalived_container_service.stat.mode == '0644'
- (slurp_etc_systemd_system_keepalived_container_service.content|b64decode) == keepalived_expected_service_file
- ansible_facts.services['keepalived_container.service'] is defined
- ansible_facts.services['keepalived_container.service']['source'] == 'systemd'
- ansible_facts.services['keepalived_container.service']['state'] == 'running'
- ansible_facts.services['keepalived_container.service']['status'] == 'enabled'
- name: "Test: container keepalived"
block:
- name: "Command keepalived --version"
community.docker.docker_container_exec:
container: keepalived
command: keepalived --version
changed_when: false
register: keepalived_version
- name: "Verify container keepalived"
ansible.builtin.assert:
that:
- keepalived_version.stderr | regex_search('^Keepalived v\\d+\\.\\d+\\.\\d')
- name: "Test: interfaces"
block:
- name: "Debug"
ansible.builtin.debug:
msg: "{{ ansible_eth0 }}"
- name: "Verify VIP interface"
ansible.builtin.assert:
that:
- ansible_eth0.active
- ansible_eth0.ipv4_secondaries[0].address == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].netmask == '255.255.255.255'
- ansible_eth0.ipv4_secondaries[0].broadcast == ''
- ansible_eth0.ipv4_secondaries[0].network == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].prefix == '32'

8
molecule/with_custom_conf/converge.yml Normal file
View File

@ -0,0 +1,8 @@
---
- name: Converge
hosts: all
become: true
tasks:
- name: "Include ednz_cloud.deploy_keepalived"
ansible.builtin.include_role:
name: "ednz_cloud.deploy_keepalived"

25
molecule/with_custom_conf/group_vars/all.yml Normal file
View File

@ -0,0 +1,25 @@
---
# defaults file for deploy_keepalived
deploy_keepalived_deploy_method: "host"
deploy_keepalived_version: "2.2.7"
deploy_keepalived_start_service: true
deploy_keepalived_env_variables: {}
deploy_keepalived_vrrp_instance_name: "{{ ansible_hostname }}"
deploy_keepalived_interface: "{{ ansible_default_ipv4.interface }}"
deploy_keepalived_state: "BACKUP"
deploy_keepalived_router_id: 50
deploy_keepalived_priority: 100
deploy_keepalived_advert_interval: 1
deploy_keepalived_unicast_source: "{{ ansible_default_ipv4.address }}"
deploy_keepalived_unicast_peers:
- "192.168.1.13"
- "192.168.1.14"
- "192.168.1.15"
deploy_keepalived_auth_passwd: "password"
deploy_keepalived_virtual_ips:
- 192.168.1.100/32
deploy_keepalived_notify_script: notify.sh
deploy_keepalived_custom_scripts_src:
deploy_keepalived_extra_container_volumes: []

37
molecule/with_custom_conf/molecule.yml Normal file
View File

@ -0,0 +1,37 @@
---
dependency:
name: galaxy
options:
requirements-file: ./requirements.yml
driver:
name: docker
platforms:
- name: instance
image: geerlingguy/docker-${MOLECULE_TEST_OS}-ansible
command: ""
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup
cgroupns_mode: host
privileged: true
pre_build_image: true
provisioner:
name: ansible
config_options:
defaults:
remote_tmp: /tmp/.ansible
verifier:
name: ansible
scenario:
name: with_custom_conf
test_sequence:
- dependency
- cleanup
- destroy
- syntax
- create
- prepare
- converge
- idempotence
- verify
- cleanup
- destroy

4
molecule/with_custom_conf/requirements.yml Normal file
View File

@ -0,0 +1,4 @@
---
# requirements file for molecule
roles:
- name: ednz_cloud.manage_apt_packages

191
molecule/with_custom_conf/verify.yml Normal file
View File

@ -0,0 +1,191 @@
---
- name: Verify
hosts: all
gather_facts: true
become: true
tasks:
- name: "Test: keepalived_script user and group"
block:
- name: "Getent user keepalived_script"
ansible.builtin.getent:
database: passwd
key: keepalived_script
register: keepalived_script_user
- name: "Getent group keepalived_script"
ansible.builtin.getent:
database: group
key: keepalived_script
register: keepalived_script_group
- name: "Verify keepalived_script user and group"
ansible.builtin.assert:
that:
- not keepalived_script_user.failed
- not keepalived_script_group.failed
- "'keepalived_script' in keepalived_script_user.ansible_facts.getent_passwd.keys()"
- "'/home/keepalived_script' in keepalived_script_user.ansible_facts.getent_passwd['keepalived_script']"
- "'/bin/false' in keepalived_script_user.ansible_facts.getent_passwd['keepalived_script']"
- "'keepalived_script' in keepalived_script_group.ansible_facts.getent_group.keys()"
- name: "Test: directory /etc/keepalived"
block:
- name: "Stat directory /etc/keepalived"
ansible.builtin.stat:
path: "/etc/keepalived"
register: stat_etc_keepalived
- name: "Stat file /etc/keepalived/keepalived.env"
ansible.builtin.stat:
path: "/etc/keepalived/keepalived.env"
register: stat_etc_keepalived_keepalived_env
- name: "Stat file /etc/keepalived/keepalived.conf"
ansible.builtin.stat:
path: "/etc/keepalived/keepalived.conf"
register: stat_etc_keepalived_keepalived_conf
- name: "Slurp file /etc/keepalived/keepalived.conf"
ansible.builtin.slurp:
src: "/etc/keepalived/keepalived.conf"
register: slurp_etc_keepalived_keepalived_conf
- name: "Verify directory /etc/keepalived"
vars:
keepalived_expected_cfg_file: |
# Ansible managed: Do NOT edit this file manually!
global_defs {
script_user keepalived_script
enable_script_security
}
vrrp_instance instance {
interface eth0
state BACKUP
virtual_router_id 50
priority 100
advert_int 1
nopreempt
unicast_src_ip {{ ansible_default_ipv4.address }}
unicast_peer {
192.168.1.13
192.168.1.14
192.168.1.15
}
authentication {
auth_type PASS
auth_pass password
}
virtual_ipaddress {
192.168.1.100/32
}
notify /etc/keepalived/scripts.d/notify.sh
}
ansible.builtin.assert:
that:
- stat_etc_keepalived.stat.exists
- stat_etc_keepalived.stat.isdir
- stat_etc_keepalived.stat.pw_name == 'root'
- stat_etc_keepalived.stat.gr_name == 'root'
- stat_etc_keepalived.stat.mode == '0755'
- stat_etc_keepalived_keepalived_env.stat.exists
- stat_etc_keepalived_keepalived_env.stat.isreg
- stat_etc_keepalived_keepalived_env.stat.pw_name == 'root'
- stat_etc_keepalived_keepalived_env.stat.gr_name == 'root'
- stat_etc_keepalived_keepalived_env.stat.mode == '0600'
- stat_etc_keepalived_keepalived_conf.stat.exists
- stat_etc_keepalived_keepalived_conf.stat.isreg
- stat_etc_keepalived_keepalived_conf.stat.pw_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.gr_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.mode == '0600'
- (slurp_etc_keepalived_keepalived_conf.content|b64decode) == keepalived_expected_cfg_file
- name: "Test: service keepalived"
block:
- name: "Get service keepalived"
ansible.builtin.service_facts:
- name: "Stat file /etc/systemd/system/keepalived.service"
ansible.builtin.stat:
path: "/etc/systemd/system/keepalived.service"
register: stat_etc_systemd_system_keepalived_service
- name: "Slurp file /etc/systemd/system/keepalived.service"
ansible.builtin.slurp:
src: "/etc/systemd/system/keepalived.service"
register: slurp_etc_systemd_system_keepalived_service
- name: "Verify service keepalived"
vars:
keepalived_expected_service_file: |
# Ansible managed: Do NOT edit this file manually!
[Unit]
Description=Keepalive Daemon (LVS and VRRP)
After=network-online.target
Wants=network-online.target
ConditionFileNotEmpty=/etc/keepalived/keepalived.conf
[Service]
# Type=notify
EnvironmentFile=-/etc/keepalived/keepalived.env
ExecStart=/usr/local/sbin/keepalived -f /etc/keepalived/keepalived.conf --dont-fork $DAEMON_ARGS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
ansible.builtin.assert:
that:
- stat_etc_systemd_system_keepalived_service.stat.exists
- stat_etc_systemd_system_keepalived_service.stat.isreg
- stat_etc_systemd_system_keepalived_service.stat.pw_name == 'root'
- stat_etc_systemd_system_keepalived_service.stat.gr_name == 'root'
- stat_etc_systemd_system_keepalived_service.stat.mode == '0644'
- (slurp_etc_systemd_system_keepalived_service.content|b64decode) == keepalived_expected_service_file
- ansible_facts.services['keepalived.service'] is defined
- ansible_facts.services['keepalived.service']['source'] == 'systemd'
- ansible_facts.services['keepalived.service']['state'] == 'running'
- ansible_facts.services['keepalived.service']['status'] == 'enabled'
- name: "Test: file /usr/local/sbin/keepalived"
block:
- name: "Stat file /usr/local/sbin/keepalived"
ansible.builtin.stat:
path: "/usr/local/sbin/keepalived"
register: stat_usr_local_sbin_keepalived
- name: "Command keepalived --version"
ansible.builtin.command: "keepalived --version"
changed_when: false
register: keepalived_version
- name: "Verify file /usr/local/sbin/keepalived"
ansible.builtin.assert:
that:
- keepalived_version.stderr | regex_search('^Keepalived v2\\.2\\.7')
- stat_usr_local_sbin_keepalived.stat.exists
- stat_usr_local_sbin_keepalived.stat.isreg
- stat_usr_local_sbin_keepalived.stat.pw_name == 'root'
- stat_usr_local_sbin_keepalived.stat.gr_name == 'root'
- stat_usr_local_sbin_keepalived.stat.mode == '0755'
- name: "Test: interfaces"
block:
- name: "Debug"
ansible.builtin.debug:
msg: "{{ ansible_eth0 }}"
- name: "Verify VIP interface"
ansible.builtin.assert:
that:
- ansible_eth0.active
- ansible_eth0.ipv4_secondaries[0].address == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].netmask == '255.255.255.255'
- ansible_eth0.ipv4_secondaries[0].broadcast == ''
- ansible_eth0.ipv4_secondaries[0].network == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].prefix == '32'

8
molecule/with_custom_conf_vagrant/converge.yml Normal file
View File

@ -0,0 +1,8 @@
---
- name: Converge
hosts: all
become: true
tasks:
- name: "Include ednz_cloud.deploy_keepalived"
ansible.builtin.include_role:
name: "ednz_cloud.deploy_keepalived"

24
molecule/with_custom_conf_vagrant/group_vars/all.yml Normal file
View File

@ -0,0 +1,24 @@
---
deploy_keepalived_deploy_method: "docker"
deploy_keepalived_version: "2.2.7"
deploy_keepalived_start_service: true
deploy_keepalived_env_variables: {}
deploy_keepalived_vrrp_instance_name: "{{ ansible_hostname }}"
deploy_keepalived_interface: "{{ ansible_default_ipv4.interface }}"
deploy_keepalived_state: "BACKUP"
deploy_keepalived_router_id: 50
deploy_keepalived_priority: 100
deploy_keepalived_advert_interval: 1
deploy_keepalived_unicast_source: "{{ ansible_default_ipv4.address }}"
deploy_keepalived_unicast_peers:
- "192.168.1.13"
- "192.168.1.14"
- "192.168.1.15"
deploy_keepalived_auth_passwd: "password"
deploy_keepalived_virtual_ips:
- 192.168.1.100/32
deploy_keepalived_notify_script: notify.sh
deploy_keepalived_custom_scripts_src:
deploy_keepalived_extra_container_volumes: []

35
molecule/with_custom_conf_vagrant/molecule.yml Normal file
View File

@ -0,0 +1,35 @@
---
dependency:
name: galaxy
options:
requirements-file: ./requirements.yml
driver:
name: vagrant
provider:
name: libvirt
platforms:
- name: instance
box: generic/${MOLECULE_TEST_OS}
cpus: 4
memory: 4096
provisioner:
name: ansible
config_options:
defaults:
remote_tmp: /tmp/.ansible
verifier:
name: ansible
scenario:
name: with_custom_conf_vagrant
test_sequence:
- dependency
- cleanup
- destroy
- syntax
- create
- prepare
- converge
- idempotence
- verify
- cleanup
- destroy

10
molecule/with_custom_conf_vagrant/prepare.yml Normal file
View File

@ -0,0 +1,10 @@
---
- name: Prepare
hosts: all
become: true
tasks:
- name: "Include ednz_cloud.install_docker"
ansible.builtin.include_role:
name: ednz_cloud.install_docker
vars:
install_docker_python_packages: true

6
molecule/with_custom_conf_vagrant/requirements.yml Normal file
View File

@ -0,0 +1,6 @@
---
# requirements file for molecule
roles:
- name: ednz_cloud.manage_repositories
- name: ednz_cloud.manage_apt_packages
- name: ednz_cloud.install_docker

169
molecule/with_custom_conf_vagrant/verify.yml Normal file
View File

@ -0,0 +1,169 @@
---
- name: Verify
hosts: all
gather_facts: true
become: true
tasks:
- name: "Test: directory /etc/keepalived"
block:
- name: "Stat directory /etc/keepalived"
ansible.builtin.stat:
path: "/etc/keepalived"
register: stat_etc_keepalived
- name: "Stat file /etc/default/keepalived"
ansible.builtin.stat:
path: "/etc/default/keepalived"
register: stat_etc_default_keepalived
- name: "Stat file /etc/keepalived/keepalived.conf"
ansible.builtin.stat:
path: "/etc/keepalived/keepalived.conf"
register: stat_etc_keepalived_keepalived_conf
- name: "Slurp file /etc/keepalived/keepalived.conf"
ansible.builtin.slurp:
src: "/etc/keepalived/keepalived.conf"
register: slurp_etc_keepalived_keepalived_conf
- name: "Verify directory /etc/keepalived"
vars:
keepalived_expected_cfg_file: |
# Ansible managed: Do NOT edit this file manually!
global_defs {
script_user keepalived_script
enable_script_security
}
vrrp_instance instance {
interface eth0
state BACKUP
virtual_router_id 50
priority 100
advert_int 1
nopreempt
unicast_src_ip {{ ansible_default_ipv4.address }}
unicast_peer {
192.168.1.13
192.168.1.14
192.168.1.15
}
authentication {
auth_type PASS
auth_pass password
}
virtual_ipaddress {
192.168.1.100/32
}
notify /etc/keepalived/scripts.d/notify.sh
}
ansible.builtin.assert:
that:
- stat_etc_keepalived.stat.exists
- stat_etc_keepalived.stat.isdir
- stat_etc_keepalived.stat.pw_name == 'root'
- stat_etc_keepalived.stat.gr_name == 'root'
- stat_etc_keepalived.stat.mode == '0755'
- stat_etc_default_keepalived.stat.exists
- stat_etc_default_keepalived.stat.isreg
- stat_etc_default_keepalived.stat.pw_name == 'root'
- stat_etc_default_keepalived.stat.gr_name == 'root'
- stat_etc_default_keepalived.stat.mode == '0600'
- stat_etc_keepalived_keepalived_conf.stat.exists
- stat_etc_keepalived_keepalived_conf.stat.isreg
- stat_etc_keepalived_keepalived_conf.stat.pw_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.gr_name == 'root'
- stat_etc_keepalived_keepalived_conf.stat.mode == '0600'
- (slurp_etc_keepalived_keepalived_conf.content|b64decode) == keepalived_expected_cfg_file
- name: "Test: service keepalived"
block:
- name: "Get service keepalived"
ansible.builtin.service_facts:
- name: "Stat file /etc/systemd/system/keepalived_container.service"
ansible.builtin.stat:
path: "/etc/systemd/system/keepalived_container.service"
register: stat_etc_systemd_system_keepalived_container_service
- name: "Slurp file /etc/systemd/system/keepalived_container.service"
ansible.builtin.slurp:
src: "/etc/systemd/system/keepalived_container.service"
register: slurp_etc_systemd_system_keepalived_container_service
- name: "Verify service keepalived"
vars:
keepalived_expected_service_file: |
# Ansible managed: Do NOT edit this file manually!
[Unit]
After=docker.service
PartOf=docker.service
Requires=docker.service
[Service]
EnvironmentFile=/etc/default/keepalived
ExecStartPre=-/usr/bin/docker rm -f keepalived
ExecStart=/usr/bin/docker run --name keepalived \
--rm \
--env-file /etc/default/keepalived \
--network "host" \
--cap-add "NET_ADMIN" \
--cap-add "NET_RAW" \
--cap-add "NET_BROADCAST" \
--volume "/etc/keepalived:/etc/keepalived" \
ednxzu/keepalived:2.2.7
ExecStop=/usr/bin/docker stop keepalived
SyslogIdentifier=keepalived
Restart=always
RestartSec=10s
[Install]
WantedBy=docker.service
ansible.builtin.assert:
that:
- stat_etc_systemd_system_keepalived_container_service.stat.exists
- stat_etc_systemd_system_keepalived_container_service.stat.isreg
- stat_etc_systemd_system_keepalived_container_service.stat.pw_name == 'root'
- stat_etc_systemd_system_keepalived_container_service.stat.gr_name == 'root'
- stat_etc_systemd_system_keepalived_container_service.stat.mode == '0644'
- (slurp_etc_systemd_system_keepalived_container_service.content|b64decode) == keepalived_expected_service_file
- ansible_facts.services['keepalived_container.service'] is defined
- ansible_facts.services['keepalived_container.service']['source'] == 'systemd'
- ansible_facts.services['keepalived_container.service']['state'] == 'running'
- ansible_facts.services['keepalived_container.service']['status'] == 'enabled'
- name: "Test: container keepalived"
block:
- name: "Command keepalived --version"
community.docker.docker_container_exec:
container: keepalived
command: keepalived --version
changed_when: false
register: keepalived_version
- name: "Verify container keepalived"
ansible.builtin.assert:
that:
- keepalived_version.stderr | regex_search('^Keepalived v2\\.2\\.7')
- name: "Test: interfaces"
block:
- name: "Debug"
ansible.builtin.debug:
msg: "{{ ansible_eth0 }}"
- name: "Verify VIP interface"
ansible.builtin.assert:
that:
- ansible_eth0.active
- ansible_eth0.ipv4_secondaries[0].address == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].netmask == '255.255.255.255'
- ansible_eth0.ipv4_secondaries[0].broadcast == ''
- ansible_eth0.ipv4_secondaries[0].network == '192.168.1.100'
- ansible_eth0.ipv4_secondaries[0].prefix == '32'

8
tasks/configure.yml
View File

@ -26,8 +26,8 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ deploy_keepalived_scripts_dir }}/{{ (item | basename) }}" dest: "{{ deploy_keepalived_scripts_dir }}/{{ (item | basename) }}"
owner: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}" owner: "{{ deploy_keepalived_script_user }}"
group: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}" group: "{{ deploy_keepalived_script_user }}"
mode: "0700" mode: "0700"
with_fileglob: with_fileglob:
- "files/*" - "files/*"
@ -36,8 +36,8 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ deploy_keepalived_scripts_dir }}/{{ (item | basename) }}" dest: "{{ deploy_keepalived_scripts_dir }}/{{ (item | basename) }}"
owner: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}" owner: "{{ deploy_keepalived_script_user }}"
group: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}" group: "{{ deploy_keepalived_script_user }}"
mode: "0700" mode: "0700"
with_fileglob: with_fileglob:
- "{{ deploy_keepalived_custom_scripts_src }}/*" - "{{ deploy_keepalived_custom_scripts_src }}/*"

0
templates/.gitkeep
View File

4
templates/keepalived.conf.j2
View File

@ -1,6 +1,6 @@
# {{ ansible_managed }} # {{ ansible_managed }}
global_defs { global_defs {
script_user {{ deploy_keepalived_script_user }} script_user keepalived_script
enable_script_security enable_script_security
} }
@ -35,4 +35,4 @@ vrrp_instance {{ deploy_keepalived_vrrp_instance_name }} {
} }
notify {{ deploy_keepalived_scripts_dir }}/{{ deploy_keepalived_notify_script }} notify {{ deploy_keepalived_scripts_dir }}/{{ deploy_keepalived_notify_script }}
} }

4
vars/main.yml
View File

@ -9,8 +9,8 @@ deploy_keepalived_tmp_path: "/tmp/keepalived-{{ deploy_keepalived_version}}"
deploy_keepalived_service_name: "keepalived{{ '_container' if deploy_keepalived_deploy_method == 'docker' }}" deploy_keepalived_service_name: "keepalived{{ '_container' if deploy_keepalived_deploy_method == 'docker' }}"
deploy_keepalived_user: root deploy_keepalived_user: root
deploy_keepalived_group: root deploy_keepalived_group: root
deploy_keepalived_script_user: keepalived_script deploy_keepalived_script_user: "{{ 'keepalived_script' if deploy_keepalived_deploy_method == 'host' else '100' }}"
deploy_keepalived_script_group: keepalived_script deploy_keepalived_script_group: "{{ 'keepalived_script' if deploy_keepalived_deploy_method == 'host' else '101' }}"
deploy_keepalived_docker_image: ednxzu/keepalived deploy_keepalived_docker_image: ednxzu/keepalived
deploy_keepalived_container_volume_map: deploy_keepalived_container_volume_map:
- "{{ deploy_keepalived_config_dir }}:/etc/keepalived" - "{{ deploy_keepalived_config_dir }}:/etc/keepalived"