--- - name: Verify hosts: all gather_facts: true become: true tasks: - name: "Test: directory /etc/keepalived" block: - name: "Stat directory /etc/keepalived" ansible.builtin.stat: path: "/etc/keepalived" register: stat_etc_keepalived - name: "Stat file /etc/default/keepalived" ansible.builtin.stat: path: "/etc/default/keepalived" register: stat_etc_default_keepalived - name: "Stat file /etc/keepalived/keepalived.conf" ansible.builtin.stat: path: "/etc/keepalived/keepalived.conf" register: stat_etc_keepalived_keepalived_conf - name: "Slurp file /etc/keepalived/keepalived.conf" ansible.builtin.slurp: src: "/etc/keepalived/keepalived.conf" register: slurp_etc_keepalived_keepalived_conf - name: "Verify directory /etc/keepalived" vars: keepalived_expected_cfg_file: | # Ansible managed: Do NOT edit this file manually! global_defs { script_user keepalived_script enable_script_security } vrrp_instance instance { interface eth0 state BACKUP virtual_router_id 50 priority 100 advert_int 1 nopreempt unicast_src_ip {{ ansible_default_ipv4.address }} unicast_peer { 192.168.1.13 192.168.1.14 192.168.1.15 } authentication { auth_type PASS auth_pass password } virtual_ipaddress { 192.168.1.100/32 } notify /etc/keepalived/scripts.d/notify.sh } ansible.builtin.assert: that: - stat_etc_keepalived.stat.exists - stat_etc_keepalived.stat.isdir - stat_etc_keepalived.stat.pw_name == 'root' - stat_etc_keepalived.stat.gr_name == 'root' - stat_etc_keepalived.stat.mode == '0755' - stat_etc_default_keepalived.stat.exists - stat_etc_default_keepalived.stat.isreg - stat_etc_default_keepalived.stat.pw_name == 'root' - stat_etc_default_keepalived.stat.gr_name == 'root' - stat_etc_default_keepalived.stat.mode == '0600' - stat_etc_keepalived_keepalived_conf.stat.exists - stat_etc_keepalived_keepalived_conf.stat.isreg - stat_etc_keepalived_keepalived_conf.stat.pw_name == 'root' - stat_etc_keepalived_keepalived_conf.stat.gr_name == 'root' - stat_etc_keepalived_keepalived_conf.stat.mode == '0600' - (slurp_etc_keepalived_keepalived_conf.content|b64decode) == keepalived_expected_cfg_file - name: "Test: service keepalived" block: - name: "Get service keepalived" ansible.builtin.service_facts: - name: "Stat file /etc/systemd/system/keepalived_container.service" ansible.builtin.stat: path: "/etc/systemd/system/keepalived_container.service" register: stat_etc_systemd_system_keepalived_container_service - name: "Slurp file /etc/systemd/system/keepalived_container.service" ansible.builtin.slurp: src: "/etc/systemd/system/keepalived_container.service" register: slurp_etc_systemd_system_keepalived_container_service - name: "Verify service keepalived" vars: keepalived_expected_service_file: | # Ansible managed: Do NOT edit this file manually! [Unit] After=docker.service PartOf=docker.service Requires=docker.service [Service] EnvironmentFile=/etc/default/keepalived ExecStartPre=-/usr/bin/docker rm -f keepalived ExecStart=/usr/bin/docker run --name keepalived \ --rm \ --env-file /etc/default/keepalived \ --network "host" \ --cap-add "NET_ADMIN" \ --cap-add "NET_RAW" \ --cap-add "NET_BROADCAST" \ --volume "/etc/keepalived:/etc/keepalived" \ ednxzu/keepalived:2.2.7 ExecStop=/usr/bin/docker stop keepalived SyslogIdentifier=keepalived Restart=always RestartSec=10s [Install] WantedBy=docker.service ansible.builtin.assert: that: - stat_etc_systemd_system_keepalived_container_service.stat.exists - stat_etc_systemd_system_keepalived_container_service.stat.isreg - stat_etc_systemd_system_keepalived_container_service.stat.pw_name == 'root' - stat_etc_systemd_system_keepalived_container_service.stat.gr_name == 'root' - stat_etc_systemd_system_keepalived_container_service.stat.mode == '0644' - (slurp_etc_systemd_system_keepalived_container_service.content|b64decode) == keepalived_expected_service_file - ansible_facts.services['keepalived_container.service'] is defined - ansible_facts.services['keepalived_container.service']['source'] == 'systemd' - ansible_facts.services['keepalived_container.service']['state'] == 'running' - ansible_facts.services['keepalived_container.service']['status'] == 'enabled' - name: "Test: container keepalived" block: - name: "Command keepalived --version" community.docker.docker_container_exec: container: keepalived command: keepalived --version changed_when: false register: keepalived_version - name: "Verify container keepalived" ansible.builtin.assert: that: - keepalived_version.stderr | regex_search('^Keepalived v2\\.2\\.7') - name: "Test: interfaces" block: - name: "Debug" ansible.builtin.debug: msg: "{{ ansible_eth0 }}" - name: "Verify VIP interface" ansible.builtin.assert: that: - ansible_eth0.active - ansible_eth0.ipv4_secondaries[0].address == '192.168.1.100' - ansible_eth0.ipv4_secondaries[0].netmask == '255.255.255.255' - ansible_eth0.ipv4_secondaries[0].broadcast == '' - ansible_eth0.ipv4_secondaries[0].network == '192.168.1.100' - ansible_eth0.ipv4_secondaries[0].prefix == '32'