ansible-roles/deploy_keepalived
ansible-roles/deploy_keepalived
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(install): add docker installation and configure steps

Browse Source
This commit is contained in:
Bertrand Lanson 2024-03-09 22:34:20 +01:00
parent 620157d126
commit 4818ebd688
15 changed files with 303 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
defaults/main.yml
View File

@ -1,4 +1,22 @@
--- ---
# defaults file for deploy_keepalived # defaults file for deploy_keepalived
deploy_keepalived_deploy_method: "host" deploy_keepalived_deploy_method: "host"
deploy_keepalived_version: "2.2.5" deploy_keepalived_version: "2.2.8"
deploy_keepalived_start_service: true
deploy_keepalived_env_variables: {}
deploy_keepalived_vrrp_instance_name: "{{ ansible_hostname }}"
deploy_keepalived_interface: "{{ ansible_default_ipv4.interface }}"
deploy_keepalived_state: "BACKUP"
deploy_keepalived_router_id: 50
deploy_keepalived_priority: 100
deploy_keepalived_advert_interval: 1
deploy_keepalived_unicast_source: "{{ ansible_default_ipv4.address }}"
deploy_keepalived_unicast_peers: []
deploy_keepalived_auth_passwd: "password"
deploy_keepalived_virtual_ips:
- 192.168.1.100/32
deploy_keepalived_notify_script: notify.sh
deploy_keepalived_custom_scripts_src:
deploy_keepalived_extra_container_volumes: []

20
files/notify.sh Normal file
View File

@ -0,0 +1,20 @@
#!/bin/bash
ENDSTATE=$3
NAME=$2
TYPE=$1
case $ENDSTATE in
"BACKUP")
exit 0
;;
"FAULT")
exit 0
;;
"MASTER")
exit 0
;;
*) echo "Unknown state ${ENDSTATE} for VRRP ${TYPE} ${NAME}"
exit 1
;;
esac

18
handlers/main.yml
View File

@ -1,2 +1,20 @@
--- ---
# handlers file for deploy_keepalived # handlers file for deploy_keepalived
- name: "Reload systemd file"
ansible.builtin.systemd:
daemon_reload: true
listen: "systemctl-daemon-reload"
- name: "Enable keepalived service"
ansible.builtin.service:
name: "{{ deploy_keepalived_service_name }}"
enabled: true
listen: "systemctl-enable-keepalived"
- name: "Start keepalived service"
ansible.builtin.service:
name: "{{ deploy_keepalived_service_name }}"
state: restarted
listen: "systemctl-restart-keepalived"
throttle: 1
when: deploy_keepalived_start_service

2
molecule/default_vagrant/group_vars/all.yml Normal file
View File

@ -0,0 +1,2 @@
---
deploy_keepalived_deploy_method: "docker"

10
molecule/default_vagrant/prepare.yml Normal file
View File

@ -0,0 +1,10 @@
---
- name: Prepare
hosts: all
become: true
tasks:
- name: "Include ednz_cloud.install_docker"
ansible.builtin.include_role:
name: ednz_cloud.install_docker
vars:
install_docker_python_packages: true

6
molecule/default_vagrant/requirements.yml Normal file
View File

@ -0,0 +1,6 @@
---
# requirements file for molecule
roles:
- name: ednz_cloud.manage_repositories
- name: ednz_cloud.manage_apt_packages
- name: ednz_cloud.install_docker

44
tasks/configure.yml Normal file
View File

@ -0,0 +1,44 @@
---
# task/configure file for deploy_keepalived
- name: "Configure for host installation"
when: deploy_keepalived_deploy_method == 'host'
block:
- name: "Create keepalived environment file"
ansible.builtin.template:
src: keepalived.j2
dest: "/etc/default/keepalived"
owner: "{{ deploy_keepalived_user }}"
group: "{{ deploy_keepalived_group }}"
mode: "0644"
- name: "Copy keepalived.conf template"
ansible.builtin.template:
src: keepalived.conf.j2
dest: "{{ deploy_keepalived_config_dir }}/keepalived.conf"
owner: "{{ deploy_keepalived_user }}"
group: "{{ deploy_keepalived_group }}"
mode: "0600"
notify:
- "systemctl-enable-keepalived"
- "systemctl-restart-keepalived"
- name: "Copy default notify script"
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ deploy_keepalived_scripts_dir }}/{{ (item | basename) }}"
owner: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}"
group: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}"
mode: "0700"
with_fileglob:
- "files/*"
- name: "Copy custom scripts"
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ deploy_keepalived_scripts_dir }}/{{ (item | basename) }}"
owner: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}"
group: "{{ deploy_keepalived_script_user if deploy_keepalived_deploy_method == 'host' else 'root' }}"
mode: "0700"
with_fileglob:
- "{{ deploy_keepalived_custom_scripts_src }}/*"
when: deploy_keepalived_custom_scripts_src

23
tasks/install_docker.yml Normal file
View File

@ -0,0 +1,23 @@
---
# task/install_docker file for deploy_keepalived
- name: "Update container volume list"
ansible.builtin.set_fact:
deploy_keepalived_container_volume_map: "{{ deploy_keepalived_container_volume_map + deploy_keepalived_extra_container_volumes }}"
- name: "Include ednz_cloud.docker_systemd_service"
ansible.builtin.include_role:
name: ednz_cloud.docker_systemd_service
vars:
docker_systemd_service_container_name: "keepalived"
docker_systemd_service_image: "{{ deploy_keepalived_docker_image }}:{{ deploy_keepalived_version }}"
docker_systemd_service_container_env: "{{ deploy_keepalived_env_variables }}"
docker_systemd_service_flags:
- network: host
- cap-add:
- NET_ADMIN
- NET_RAW
- NET_BROADCAST
- volume: "{{ deploy_keepalived_container_volume_map }}"
docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container"
docker_systemd_service_state: "{{ 'started' if deploy_keepalived_start_service else 'stopped'}}"
docker_systemd_service_restart: "{{ true if deploy_keepalived_start_service else false}}"

43
tasks/install_host.yml
View File

@ -42,6 +42,9 @@
when: _keepalived_old_release.stdout is defined when: _keepalived_old_release.stdout is defined
and (_keepalived_old_release.stdout | length > 0) and (_keepalived_old_release.stdout | length > 0)
- name: "Get service keepalived"
ansible.builtin.service_facts:
- name: "Install keepalived" - name: "Install keepalived"
when: deploy_keepalived_current_version is not defined when: deploy_keepalived_current_version is not defined
or deploy_keepalived_wanted_version not in deploy_keepalived_current_version or deploy_keepalived_wanted_version not in deploy_keepalived_current_version
@ -61,12 +64,30 @@
remote_src: true remote_src: true
register: result_of_unarchive register: result_of_unarchive
- name: "Run build_setup command for keepalived:{{ deploy_keepalived_version }}"
ansible.builtin.command:
argv:
- "./build_setup"
args:
chdir: "{{ deploy_keepalived_tmp_path }}"
register: result_of_build_setup
changed_when: result_of_build_setup.rc != 0
- name: "Run configure command for keepalived:{{ deploy_keepalived_version }}" - name: "Run configure command for keepalived:{{ deploy_keepalived_version }}"
ansible.builtin.command: ansible.builtin.command:
argv: argv:
- "./configure" - "./configure"
- "--disable-dependency-tracking"
- "--enable-bfd"
- "--enable-json"
- "--enable-nftables"
- "--enable-snmp"
- "--enable-snmp-rfc"
- "--enable-regex"
args: args:
chdir: "{{ deploy_keepalived_tmp_path }}" chdir: "{{ deploy_keepalived_tmp_path }}"
register: result_of_configure
changed_when: result_of_configure.rc != 0
- name: "Run make command for keepalived:{{ deploy_keepalived_version }}" - name: "Run make command for keepalived:{{ deploy_keepalived_version }}"
community.general.make: community.general.make:
@ -90,3 +111,25 @@
content: "{{ deploy_keepalived_wanted_version }}" content: "{{ deploy_keepalived_wanted_version }}"
dest: "{{ deploy_keepalived_config_dir }}/version" dest: "{{ deploy_keepalived_config_dir }}/version"
mode: "0600" mode: "0600"
- name: "Ensure keepalived is running"
ansible.builtin.service:
name: "{{ deploy_keepalived_service_name }}"
state: started
register: _haproxy_service_health
until: _haproxy_service_health.status.ActiveState == "active"
retries: 15
delay: 2
when:
ansible_facts.services[deploy_keepalived_service_name~'.service'] is defined
and ansible_facts.services[deploy_keepalived_service_name~'.service']['state'] == 'running'
- name: "Copy systemd service file for keepalived"
ansible.builtin.template:
src: "keepalived.service.j2"
dest: "/etc/systemd/system/keepalived.service"
owner: root
group: root
mode: "0644"
notify:
- "systemctl-daemon-reload"

8
tasks/main.yml
View File

@ -5,3 +5,11 @@
- name: "Import install_host.yml" - name: "Import install_host.yml"
ansible.builtin.include_tasks: install_host.yml ansible.builtin.include_tasks: install_host.yml
when: deploy_keepalived_deploy_method == 'host'
- name: "Import configure.yml"
ansible.builtin.include_tasks: configure.yml
- name: "Import install_docker.yml"
ansible.builtin.include_tasks: install_docker.yml
when: deploy_keepalived_deploy_method == 'docker'

18
tasks/prerequisites.yml
View File

@ -1,11 +1,25 @@
--- ---
# task/prerequisites file for deploy_keepalived # task/prerequisites file for deploy_keepalived
- name: "Install compilation dependencies" - name: "Prerequisites for host installation"
when: deploy_keepalived_deploy_method == 'host'
block:
- name: "Install compilation dependencies"
ansible.builtin.include_role: ansible.builtin.include_role:
name: ednz_cloud.manage_apt_packages name: ednz_cloud.manage_apt_packages
vars: vars:
manage_apt_packages_list: "{{ deploy_keepalived_required_packages }}" manage_apt_packages_list: "{{ deploy_keepalived_required_packages }}"
when: deploy_keepalived_deploy_method == 'host'
- name: "Create group {{ deploy_keepalived_script_group }}"
ansible.builtin.group:
name: "{{ deploy_keepalived_script_group }}"
state: present
- name: "Create user {{ deploy_keepalived_script_user }}"
ansible.builtin.user:
name: "{{ deploy_keepalived_script_user }}"
group: "{{ deploy_keepalived_script_group }}"
shell: /bin/false
state: present
- name: "Create directory {{ deploy_keepalived_config_dir }}" - name: "Create directory {{ deploy_keepalived_config_dir }}"
ansible.builtin.file: ansible.builtin.file:

38
templates/keepalived.conf.j2 Normal file
View File

@ -0,0 +1,38 @@
# {{ ansible_managed }}
global_defs {
script_user {{ deploy_keepalived_script_user }}
enable_script_security
}
vrrp_instance {{ deploy_keepalived_vrrp_instance_name }} {
interface {{ deploy_keepalived_interface }}
state {{ deploy_keepalived_state }}
virtual_router_id {{ deploy_keepalived_router_id }}
priority {{ deploy_keepalived_priority }}
advert_int {{ deploy_keepalived_advert_interval }}
nopreempt
{% if deploy_keepalived_unicast_peers %}
unicast_src_ip {{ deploy_keepalived_unicast_source }}
unicast_peer {
{% for peer in deploy_keepalived_unicast_peers %}
{{ peer }}
{% endfor %}
}
{% endif %}
authentication {
auth_type PASS
auth_pass {{ deploy_keepalived_auth_passwd }}
}
virtual_ipaddress {
{% for vip in deploy_keepalived_virtual_ips %}
{{ vip }}
{% endfor %}
}
notify {{ deploy_keepalived_scripts_dir }}/{{ deploy_keepalived_notify_script }}
}

4
templates/keepalived.j2 Normal file
View File

@ -0,0 +1,4 @@
# {{ ansible_managed }}
{% for item in deploy_keepalived_env_variables %}
{{ item }}="{{ deploy_keepalived_env_variables[item] }}"
{% endfor %}

14
templates/keepalived.service.j2 Normal file
View File

@ -0,0 +1,14 @@
[Unit]
Description=Keepalive Daemon (LVS and VRRP)
After=network-online.target
Wants=network-online.target
ConditionFileNotEmpty={{ deploy_keepalived_config_dir }}/keepalived.conf
[Service]
# Type=notify
EnvironmentFile=-/etc/default/{{ deploy_keepalived_service_name }}
ExecStart={{ deploy_keepalived_path }} -f {{ deploy_keepalived_config_dir }}/keepalived.conf --dont-fork $DAEMON_ARGS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

37
vars/main.yml
View File

@ -1,13 +1,19 @@
--- ---
# vars file for deploy_keepalived # vars file for deploy_keepalived
deploy_keepalived_config_dir: /etc/keepalived deploy_keepalived_config_dir: /etc/keepalived
deploy_keepalived_scripts_dir: /etc/keepalived/scripts deploy_keepalived_scripts_dir: /etc/keepalived/scripts.d
deploy_keepalived_path: /usr/local/bin/keepalived deploy_keepalived_path: /usr/local/sbin/keepalived
deploy_keepalived_github_api: https://api.github.com/repos/acassen/keepalived deploy_keepalived_github_api: https://api.github.com/repos/acassen/keepalived
deploy_keepalived_github_url: https://github.com/acassen/keepalived deploy_keepalived_github_url: https://github.com/acassen/keepalived
deploy_keepalived_tmp_path: "/tmp/keepalived-{{ deploy_keepalived_version}}" deploy_keepalived_tmp_path: "/tmp/keepalived-{{ deploy_keepalived_version}}"
deploy_keepalived_service_name: "keepalived{{ '_container' if deploy_keepalived_deploy_method == 'docker' }}"
deploy_keepalived_user: root deploy_keepalived_user: root
deploy_keepalived_group: root deploy_keepalived_group: root
deploy_keepalived_script_user: keepalived_script
deploy_keepalived_script_group: keepalived_script
deploy_keepalived_docker_image: ednxzu/keepalived
deploy_keepalived_container_volume_map:
- "{{ deploy_keepalived_config_dir }}:/etc/keepalived"
deploy_keepalived_required_packages: deploy_keepalived_required_packages:
- name: gcc - name: gcc
version: latest version: latest
@ -24,3 +30,30 @@ deploy_keepalived_required_packages:
- name: libsnmp-dev - name: libsnmp-dev
version: latest version: latest
state: present state: present
- name: autoconf
version: latest
state: present
- name: automake
version: latest
state: present
- name: iptables
version: latest
state: present
- name: libip6tc-dev
version: latest
state: present
- name: libip4tc-dev
version: latest
state: present
- name: libmnl-dev
version: latest
state: present
- name: libnftnl-dev
version: latest
state: present
- name: libpcre2-dev
version: latest
state: present
- name: make
version: latest
state: present