nishiki/ansible-role-keepalived
1
0
Fork 0
Code Issues Pull requests Releases 2 Wiki Activity Actions

Compare commits

base: nishiki:v1.0.0
Branches Tags
nishiki:main
nishiki:v1.1.0
nishiki:v1.0.0
...
compare: nishiki:main
Branches Tags
nishiki:main
nishiki:v1.1.0
nishiki:v1.0.0

17 commits
v1.0.0 ... main

Author SHA1 Message Date
Adrien Waksberg
65abc6ca2c test: add forgejo workflow
All checks were successful
/ lint (push) Successful in 8s
Details
/ molecule (push) Successful in 56s
Details
2024-05-09 11:47:10 +02:00
Adrien Waksberg
9624b3d53e test: use personal docker registry 2024-05-07 09:05:17 +02:00
Adrien Waksberg
24a8f7b230 chore: fix syntax for ansible-lint 2024-03-13 21:30:47 +01:00
Adrien Waksberg
17e493406c feat: add debian 12 support 2024-03-13 21:30:47 +01:00
Adrien Waksberg
459b362b7a test: add gitlab-ci 2024-03-13 21:30:46 +01:00
Adrien Waksberg
c3c1765b11 fix: add trim for script in notify 2024-03-13 21:30:46 +01:00
Adrien Waksberg
81dc07a29c break: keepalived_vrrp_instances variable is now a hash 2024-03-13 21:30:46 +01:00
Adrien Waksberg
e2bee4e950 feat: add track files 2024-03-13 21:30:45 +01:00
Adrien Waksberg
8768d2fe2f break: keepalived_vrrp_scripts variable is now a hash 2024-03-13 21:30:44 +01:00
Adrien Waksberg
5c9ee49c89 fix: missing bracket for vrrp_sript in template 2024-03-13 21:30:44 +01:00
Adrien Waksberg
f0d84e9aa1 chore: add namespace in meta 2024-03-13 21:30:43 +01:00
Adrien Waksberg
42fa9de034 release: version 1.1.0 2021-08-18 18:43:43 +02:00
Adrien Waksberg
ae6455dd8f feat: add support debian 11 2021-08-18 18:42:28 +02:00
Adrien Waksberg
9190259504 chore: use FQCN for module name 2021-08-18 18:40:55 +02:00
Adrien Waksberg
4687db56b4 chore: update README 2020-03-28 23:15:22 +01:00
Adrien Waksberg
874f361363 test: replace kitchen to molecule 2020-03-28 22:32:57 +01:00
Adrien Waksberg
52c1ce8da7 test: use ansible 2.9 and debian10 2020-02-12 22:30:03 +01:00
19 changed files with 252 additions and 216 deletions
Show stats Expand all files Collapse all files

18
.forgejo/workflows/molecule.yml Normal file
View file

@ -0,0 +1,18 @@
---
on: [push]
jobs:
lint:
runs-on: docker
container:
image: code.waks.be/nishiki/molecule:docker
steps:
- uses: actions/checkout@v3
- run: ansible-lint .
- run: yamllint .
molecule:
runs-on: docker
container:
image: code.waks.be/nishiki/molecule:docker
steps:
- uses: actions/checkout@v3
- run: molecule test

1
.gitignore vendored
View file

@ -1 +1,2 @@
.kitchen/*
*.pyc

10
.gitlab-ci.yml Normal file
View file

@ -0,0 +1,10 @@
---
image: nishiki/molecule:docker
before_script:
- molecule --version
molecule:
stage: test
script:
- molecule test

27
.kitchen.yml
View file

@ -1,27 +0,0 @@
---
driver:
name: docker_cli
transport:
name: docker_cli
provisioner:
name: ansible_playbook
hosts: localhost
require_ansible_repo: false
require_ansible_omnibus: false
require_chef_for_busser: true
ansible_verbose: false
ansible_inventory: ./test/integration/inventory
platforms:
- name: debian-9
driver_config:
image: "nishiki/debian9:ansible-<%= ENV['ANSIBLE_VERSION'] ? ENV['ANSIBLE_VERSION'] : '2.7' %>"
command: /bin/systemd
volume:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
security_opt: seccomp=unconfined
suites:
- name: default

4
.yamllint
View file

@ -2,11 +2,11 @@
extends: default
ignore: |
.kitchen/*
.kitchen*
vendor/
.forgejo/
rules:
line-length:
max: 120
level: warning
truthy: false

32
CHANGELOG.md
View file

@ -5,6 +5,36 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
## [Unreleased]
## [1.0.0] 2019-04-12
### Added
- add track files
### Changed
- keepalived_vrrp_scripts variable is now a hash
- keepalived_vrrp_instances variable is now a hash
- test: test: use personal docker registry
### Fixed
- missing bracket for vrrp_sript in template
## v1.1.0 - 2021-08-18
### Added
- support debian 11
- support debian 10 and ansible 2.9
### Changed
- test: replace kitchen to molecule
- chore: use FQCN for module name
### Removed
- support debian 9
## v1.0.0 - 2019-04-12
- first version

8
Gemfile
View file

@ -1,8 +0,0 @@
source 'https://rubygems.org'
group :development do
gem 'kitchen-ansible'
gem 'kitchen-docker_cli'
gem 'rubocop', '0.50.0'
gem 'test-kitchen'
end

93
Gemfile.lock
View file

@ -1,93 +0,0 @@
GEM
remote: https://rubygems.org/
specs:
ast (2.4.0)
builder (3.2.3)
erubis (2.7.0)
ffi (1.10.0)
gssapi (1.2.0)
ffi (>= 1.0.1)
gyoku (1.3.1)
builder (>= 2.1.2)
httpclient (2.8.3)
kitchen-ansible (0.47.4)
mixlib-shellout (>= 2.3.2)
net-ssh (>= 3)
test-kitchen (>= 1.17.0)
kitchen-docker_cli (0.19.0)
test-kitchen (>= 1.3)
little-plugger (1.1.4)
logging (2.2.2)
little-plugger (~> 1.1)
multi_json (~> 1.10)
mixlib-install (3.11.11)
mixlib-shellout
mixlib-versioning
thor
mixlib-shellout (2.4.4)
mixlib-versioning (1.2.7)
multi_json (1.13.1)
net-scp (2.0.0)
net-ssh (>= 2.6.5, < 6.0.0)
net-ssh (5.2.0)
net-ssh-gateway (2.0.0)
net-ssh (>= 4.0.0)
nori (2.6.0)
parallel (1.17.0)
parser (2.6.2.1)
ast (~> 2.4.0)
powerpack (0.1.2)
rainbow (2.2.2)
rake
rake (12.3.2)
rubocop (0.50.0)
parallel (~> 1.10)
parser (>= 2.3.3.1, < 3.0)
powerpack (~> 0.1)
rainbow (>= 2.2.2, < 3.0)
ruby-progressbar (~> 1.7)
unicode-display_width (~> 1.0, >= 1.0.1)
ruby-progressbar (1.10.0)
rubyntlm (0.6.2)
rubyzip (1.2.2)
test-kitchen (2.0.1)
mixlib-install (~> 3.6)
mixlib-shellout (>= 1.2, < 3.0)
net-scp (>= 1.1, < 3.0)
net-ssh (>= 2.9, < 6.0)
net-ssh-gateway (>= 1.2, < 3.0)
thor (~> 0.19)
winrm (~> 2.0)
winrm-elevated (~> 1.0)
winrm-fs (~> 1.1)
thor (0.20.3)
unicode-display_width (1.5.0)
winrm (2.3.1)
builder (>= 2.1.2)
erubis (~> 2.7)
gssapi (~> 1.2)
gyoku (~> 1.0)
httpclient (~> 2.2, >= 2.2.0.2)
logging (>= 1.6.1, < 3.0)
nori (~> 2.0)
rubyntlm (~> 0.6.0, >= 0.6.1)
winrm-elevated (1.1.1)
winrm (~> 2.0)
winrm-fs (~> 1.0)
winrm-fs (1.3.2)
erubis (~> 2.7)
logging (>= 1.6.1, < 3.0)
rubyzip (~> 1.1)
winrm (~> 2.0)
PLATFORMS
ruby
DEPENDENCIES
kitchen-ansible
kitchen-docker_cli
rubocop (= 0.50.0)
test-kitchen
BUNDLED WITH
1.16.0

116
README.md
View file

@ -1,24 +1,49 @@
# Ansible role: Keepalived
[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-keepalived/releases)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-keepalived/src/branch/master/LICENSE)
[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-keepalived/releases)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-keepalived/src/branch/main/LICENSE)
[![Build](https://code.waks.be/nishiki/ansible-role-keepalived/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-keepalived/actions?workflow=molecule.yml)
Install and configure Keepalived
## Requirements
* Ansible >= 2.7
* Debian Stretch
- Ansible >= 2.9
- Debian
- Bullseye
- Bookworm
## Role variables
* `keepalived_mail_from` - from header for notification mail
* `keepalived_smtp_server` - the smtp server (default: `localhost`)
* `keepalived_notification_mails` - array with the mail to notify
* `keepalived_vrrp_instances` - array with the vrrp instances
| Name | Type | Required | Default | Comment |
| ----------------------------- | ----- | -------- | --------------------- | --------------------------------- |
| keepalived_mail_from | str | no | keepalived@test.local | from header for notification mail |
| keepalived_smtp_server | str | no | localhost | the smtp server |
| keepalived_notification_mails | array | no | | the mail addresses to notify |
| keepalived_vrrp_instances | hash | no | | the vrrp instances |
| keepalived_vrrp_scripts | hash | no | | the vrrp check scripts |
| keepalived_track_files | hash | no | | the track files |
### keepalived_vrrp_instances
| Name | Type | Required | Default | Comment |
| ------------------- | ----- | -------- | ------- | -------------------------------------------- |
| key | str | yes | | the instance name |
| state | str | yes | | Initial state, MASTER or BACKUP |
| interface | str | yes | | interface for inside_network, bound by vrrp |
| virtual_router_id | int | yes | | arbitrary unique number from 1 to 255 |
| priority | int | yes | | for electing MASTER, highest priority wins |
| smtp_alert | bool | yes | | send SMTP alerts |
| authentication | hash | no | | use an authentication `deprecated` |
| virtual_ipaddresses | array | yes | | addresses add on change to MASTER, to BACKUP |
| track_scripts | array | no | | add a tracking script to the interface |
| track_files | array | no | | add a tracking file to the interface |
| notify | hash | no | | notify scripts, alert as above |
Example:
```
- name: vip_ngninx
vip_ngninx:
state: master
interface: eth0
virtual_router_id: 5
@ -36,14 +61,41 @@ Install and configure Keepalived
```
* `keepalived_vrrp_scripts` - array with the vrrp scripts
### keepalived_vrrp_scripts
| Name | Type | Required | Default | Comment |
| -------- | ---- | -------- | ------- | ------------------------------------- |
| key | str | yes | | the script name |
| script | str | yes | | path of the script to execute |
| interval | int | no | 2 | seconds between script invocations |
| fall | int | no | 2 | number of successes for KO transition |
| rise | int | no | 2 | number of successes for OK transition |
| weight | int | no | 1 | weigth of script |
Example:
```
- name: check_nginx
check_nginx:
script: /usr/local/bin/check_nginx
fall: 3
interval: 10
rise: 5
interval: 10
```
### keepalived_track_file
| Name | Type | Required | Default | Comment |
| ------ | ---- | -------- | ------- | ------------------------- |
| key | str | yes | | the track file name |
| file | str | yes | | path of the file to track |
| weight | int | no | 1 | weigth of file |
Example:
```
master_file:
file: /tmp/master
weight: 3
```
## How to use
@ -52,29 +104,33 @@ Install and configure Keepalived
- hosts: server
roles:
- keepalived
vars:
keepalived_vrrp_scripts:
- name: check_file
script: test -e /path/file
interval: 5
keepalived_vrrp_instances:
- name: test
state: master
interface: eth0
virtual_router_id: 5
priority: 200
virtual_ipaddresses:
- 172.255.0.254/32 dev eth0
track_scripts:
- check_file
notify:
master: touch /tmp/keepalived
```
## Development
### Test syntax with yamllint
### Test with molecule and docker
* install `python` and `python-pip`
* install yamllint `pip install yamllint`
* run `yamllint .`
### Test syntax with ansible-lint
* install `python` and `python-pip`
* install yamllint `pip install ansible-lint`
* run `ansible-lint .`
### Tests with docker
* install [docker](https://docs.docker.com/engine/installation/)
* install ruby
* install bundler `gem install bundler`
* install dependencies `bundle install`
* run the tests `kitchen test`
- install [docker](https://docs.docker.com/engine/installation/)
- install `python3` and `python3-pip`
- install molecule and dependencies `pip3 install molecule 'molecule[docker]' docker ansible-lint testinfra yamllint`
- run `molecule test`
## License

5
defaults/main.yml
View file

@ -2,5 +2,6 @@
keepalived_mail_from: keepalived@test.local
keepalived_smtp_server: localhost
keepalived_notification_mails: []
keepalived_vrrp_instances: []
keepalived_vrrp_scripts: []
keepalived_vrrp_instances: {}
keepalived_vrrp_scripts: {}
keepalived_track_files: {}

6
handlers/main.yml
View file

@ -1,5 +1,5 @@
---
- name: restart keepalived
service:
- name: Restart keepalived
ansible.builtin.service:
name: keepalived
state: reloaded
state: restarted

6
meta/main.yml
View file

@ -1,16 +1,18 @@
---
galaxy_info:
role_name: keepalived
namespace: nishiki
author: Adrien Waksberg
company: Adrien Waksberg
description: Install and configure keepalived
license: Apache2
min_ansible_version: 2.7
min_ansible_version: "2.9"
platforms:
- name: Debian
versions:
- stretch
- bullseye
- bookworm
galaxy_tags:
- ipfailover

20
test/integration/default/default.yml → molecule/default/converge.yml
View file

@ -1,15 +1,21 @@
---
- hosts: localhost
connection: local
- name: Converge
hosts: all
roles:
- ansible-role-keepalived
vars:
keepalived_vrrp_scripts:
- name: hello
hello:
script: /bin/true
fall: 3
interval: 10
rise: 5
keepalived_track_files:
master:
file: /tmp/master
weight: 42
keepalived_vrrp_instances:
- name: test
test:
state: master
interface: eth0
virtual_router_id: 5
@ -24,5 +30,7 @@
notify:
master: /bin/true
roles:
- ansible-role-keepalived
pre_tasks:
- name: update apt cache
ansible.builtin.apt:
update_cache: true

28
molecule/default/molecule.yml Normal file
View file

@ -0,0 +1,28 @@
---
driver:
name: docker
platforms:
- name: debian12
image: code.waks.be/nishiki/molecule:debian12
privileged: true
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
cgroupns_mode: host
command: /bin/systemd
capabilities:
- SYS_ADMIN
- name: debian11
image: code.waks.be/nishiki/molecule:debian11
privileged: true
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
cgroupns_mode: host
command: /bin/systemd
capabilities:
- SYS_ADMIN
lint: |
set -e
yamllint .
ansible-lint .
verifier:
name: testinfra

21
molecule/default/tests/test_default.py Normal file
View file

@ -0,0 +1,21 @@
import testinfra.utils.ansible_runner
def test_packages(host):
package = host.package('keepalived')
assert package.is_installed
def test_config_file(host):
path = host.file('/etc/keepalived/keepalived.conf')
assert path.exists
assert path.is_file
assert path.user == 'root'
assert path.group == 'root'
assert path.mode == 0o600
assert path.contains('priority 200')
assert path.contains('interval 10')
assert path.contains('track_file master {')
def test_service(host):
service = host.service('keepalived')
assert service.is_running
assert service.is_enabled

19
tasks/main.yml
View file

@ -1,25 +1,26 @@
---
- name: install package
package:
name: keepalived
- name: Install package
ansible.builtin.package:
name:
- keepalived
retries: 2
register: result
until: result is succeeded
tags: keepalived
- name: copy configuration file
template:
- name: Copy configuration file
ansible.builtin.template:
src: keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
owner: root
group: root
mode: 0600
notify: restart keepalived
notify: Restart keepalived
tags: keepalived
- name: enable and start the service
service:
- name: Enable and start the service
ansible.builtin.service:
name: keepalived
state: started
enabled: yes
enabled: true
tags: keepalived

27
templates/keepalived.conf.j2
View file

@ -9,18 +9,26 @@ global_defs {
notification_email_from {{ keepalived_mail_from }}
smtp_server {{ keepalived_smtp_server }}
}
{% for vrrp_script in keepalived_vrrp_scripts %}
{% for vrrp_script_name, vrrp_script in keepalived_vrrp_scripts.items() %}
vrrp_script {{ vrrp_script.name }}
vrrp_script {{ vrrp_script_name }} {
script "{{ vrrp_script.script }}"
interval {{ vrrp_script.interval|default(2) }}
fall {{ vrrp_script.fall|default(2) }}
rise {{ vrrp_script.rise|default(2) }}
weight {{ vrrp_script.weight|default(1) }}
}
{% endfor %}
{% for vrrp_instance in keepalived_vrrp_instances %}
{% for track_file_name, track_file in keepalived_track_files.items() %}
vrrp_instance {{ vrrp_instance.name }} {
track_file {{ track_file_name }} {
file "{{ track_file.file }}"
weight {{ track_file.weight|default(1) }}
}
{% endfor %}
{% for vrrp_instance_name, vrrp_instance in keepalived_vrrp_instances.items() %}
vrrp_instance {{ vrrp_instance_name }} {
state {{ vrrp_instance.state|upper }}
interface {{ vrrp_instance.interface }}
virtual_router_id {{ vrrp_instance.virtual_router_id }}
@ -46,9 +54,16 @@ vrrp_instance {{ vrrp_instance.name }} {
{% endfor %}
}
{% endif %}
{% if 'track_files' in vrrp_instance %}
track_file {
{% for script in vrrp_instance.track_files %}
{{ script }}
{% endfor %}
}
{% endif %}
{% if 'notify' in vrrp_instance %}
{% for state, script in vrrp_instance.notify.iteritems() %}
notify_{{ state }} "{{ script }}"
{% for state, script in vrrp_instance.notify.items() %}
notify_{{ state }} "{{ script|trim }}"
{% endfor %}
{% endif %}
}

26
test/integration/default/serverspec/default_spec.rb
View file

@ -1,26 +0,0 @@
require 'serverspec'
set :backend, :exec
puts
puts '================================'
puts %x(ansible --version)
puts '================================'
describe package('keepalived') do
it { should be_installed }
end
describe file('/etc/keepalived/keepalived.conf') do
it { should be_file }
it { should be_mode 600 }
it { should be_owned_by 'root' }
it { should be_grouped_into 'root' }
it { should contain 'priority 200' }
it { should contain 'interval 10' }
end
describe service('keepalived') do
it { should be_enabled }
it { should be_running.under('systemd') }
end

1
test/integration/inventory
View file

@ -1 +0,0 @@
localhost