From a5c523bb4c3cd643d6e23f363f57cc3d1adb4f83 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Fri, 14 Feb 2020 18:39:00 +0100 Subject: [PATCH] keepalived: put the state file under /run/keepalived and instruct systemd to create the directory. --- library/roles/keepalived/defaults/main.yml | 15 ++++++++++----- library/roles/keepalived/tasks/main.yml | 10 +++++++--- .../keepalived_check_service_status.sh.j2 | 2 +- .../keepalived/templates/keepalived_notify.sh.j2 | 2 +- .../templates/tmpfile_keepalived.conf.j2 | 1 + 5 files changed, 20 insertions(+), 10 deletions(-) create mode 100644 library/roles/keepalived/templates/tmpfile_keepalived.conf.j2 diff --git a/library/roles/keepalived/defaults/main.yml b/library/roles/keepalived/defaults/main.yml index e0a286d7..bdcd8aa4 100644 --- a/library/roles/keepalived/defaults/main.yml +++ b/library/roles/keepalived/defaults/main.yml @@ -21,6 +21,9 @@ keepalived_script1_name: keepalived_check_service_status # We set haproxy as the default because most of our keepalived use is haproxy related keepalived_service_to_check: 'haproxy' keepalived_script1_check: '/bin/pidof {{ keepalived_service_to_check }}' +keepalived_instance1_name: 'VRRP_1' +keepalived_interface1_name: '{{ ansible_default_ipv4.interface }}' +keepalived_initial_state: 'MASTER' keepalived_inst_priority: 100 keepalived_vrouter_id: 51 keepalived_non_local_bind: True @@ -28,6 +31,7 @@ keepalived_non_local_bind: True keepalived_enable_script_security: True keepalived_script_username: keepalived_script keepalived_script_user_home: '/var/lib/keepalived' +keepalived_runtime_dir: /run/keepalived keepalived_nagios_check: False keepalived_notify_script: /usr/local/bin/keepalived_notify @@ -43,15 +47,16 @@ keepalived_scripts: weight: 2 keepalived_instances: - - name: VI_1 - interface: eth0 - state: MASTER + - name: '{{ keepalived_instance1_name }}' + interface: '{{ keepalived_interface1_name }}' + state: '{{ keepalived_initial_state }}' vrouter_id: '{{ keepalived_vrouter_id }}' notify: '{{ keepalived_notify_script }}' priority: '{{ keepalived_inst_priority }}' + nopreempt: True v_addr: - '{{ keepalived_floating_ip1 }}' track_script: - '{{ keepalived_script1_name }}' - #track_interface: - # - eth0 + track_interface: + - '{{ keepalived_interface1_name }}' diff --git a/library/roles/keepalived/tasks/main.yml b/library/roles/keepalived/tasks/main.yml index da47b165..87e928bb 100644 --- a/library/roles/keepalived/tasks/main.yml +++ b/library/roles/keepalived/tasks/main.yml @@ -7,18 +7,22 @@ - name: Install the keepalived package apt: name={{ keepalived_pkgs }} state={{ keepalived_pkg_state }} cache_valid_time=1800 - - name: Install the user that the keepalived scripts will run under - user: name={{ keepalived_script_username }} home={{ keepalived_script_user_home }} createhome=no shell=/usr/sbin/nologin system=yes - tags: keepalived when: - keepalived_install | bool - ansible_distribution_file_variety == "Debian" - block: + - name: Install the user that the keepalived scripts will run under + user: name={{ keepalived_script_username }} home={{ keepalived_script_user_home }} createhome=no shell=/usr/sbin/nologin system=yes + - name: Create the keepalive script user directory file: dest={{ keepalived_script_user_home }} state=directory owner={{ keepalived_script_username }} group={{ keepalived_script_username }} mode=0750 + - name: Create the tmpfile entry for the keepalived runtime directory + template: src=tmpfile_keepalived.conf.j2 dest=/usr/lib/tmpfiles.d/keepalived.conf owner=root group=root mode=0644 + when: ansible_service_mgr == 'systemd' + - name: Install the keepalived configuration template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf owner=root group=root mode=0600 notify: restart keepalived diff --git a/library/roles/keepalived/templates/keepalived_check_service_status.sh.j2 b/library/roles/keepalived/templates/keepalived_check_service_status.sh.j2 index 1955f423..6ed36e5d 100644 --- a/library/roles/keepalived/templates/keepalived_check_service_status.sh.j2 +++ b/library/roles/keepalived/templates/keepalived_check_service_status.sh.j2 @@ -1,6 +1,6 @@ #!/bin/bash {% if ansible_distribution_file_variety == "Debian" and ansible_distribution_major_version == '18' %} -am_i_master=$( grep MASTER /var/lib/keepalived/keepalive.state ) +am_i_master=$( grep MASTER {{ keepalived_runtime_dir }}/keepalive.state ) keepalive_master=$? if [ $keepalive_master -eq 0 ] ; then diff --git a/library/roles/keepalived/templates/keepalived_notify.sh.j2 b/library/roles/keepalived/templates/keepalived_notify.sh.j2 index 6654c17f..531ad0db 100644 --- a/library/roles/keepalived/templates/keepalived_notify.sh.j2 +++ b/library/roles/keepalived/templates/keepalived_notify.sh.j2 @@ -13,7 +13,7 @@ RETVAL=0 {{ keepalived_notify_extra_params }} {% endif %} -echo "$TYPE $NAME is in $STATE state" > {{ keepalived_script_user_home }}/keepalive.state +echo "$TYPE $NAME is in $STATE state" > {{ keepalived_runtime_dir }}/keepalive.state exit $RETVAL diff --git a/library/roles/keepalived/templates/tmpfile_keepalived.conf.j2 b/library/roles/keepalived/templates/tmpfile_keepalived.conf.j2 new file mode 100644 index 00000000..c6666b18 --- /dev/null +++ b/library/roles/keepalived/templates/tmpfile_keepalived.conf.j2 @@ -0,0 +1 @@ +d {{ keepalived_runtime_dir }} 0775 {{ keepalived_script_username }} {{ keepalived_script_username }}