153831dbbe
At the moment, the keepalived ping tests are something that is configured by default which is ideal because it's hardcoded with a public IP address that might result in a failing deployment if the environment does not for some reason reach it. We should leave the option to be there however not have all default deployments hitting this IP as it can introduce behaviour where if that IP fails, every single OpenStack Ansible deployment would fail afterwards. Closes-Bug: #1672453 Change-Id: I5aec4664e67fb2b3e1c0a2fc9782a4ccaa78a39a
71 lines
3.2 KiB
YAML
71 lines
3.2 KiB
YAML
---
|
|
# Copyright 2015, Jean-Philippe Evrard <jean-philippe@evrard.me>
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
keepalived_ping_count: 1
|
|
keepalived_ping_interval: 10
|
|
keepalived_ubuntu_src: "native"
|
|
|
|
keepalived_sync_groups:
|
|
haproxy:
|
|
instances:
|
|
- external
|
|
- internal
|
|
notify_script: /etc/keepalived/haproxy_notify.sh
|
|
##if a src_*_script is defined, it will be uploaded from src_*_script
|
|
##on the deploy host to the *_script location. Make sure *_script is
|
|
##a location in that case.
|
|
src_notify_script: "{{ playbook_dir }}/../scripts/keepalived_haproxy_notifications.sh"
|
|
|
|
keepalived_global_defs:
|
|
- "enable_script_security"
|
|
|
|
keepalived_scripts:
|
|
haproxy_check_script:
|
|
check_script: "/bin/kill -0 `cat /var/run/haproxy.pid`"
|
|
pingable_check_script:
|
|
check_script: "/bin/ping -c {{ keepalived_ping_count }} {{ keepalived_ping_address }} 1>&2"
|
|
interval: "{{ keepalived_ping_interval }}"
|
|
fall: 2
|
|
rise: 4
|
|
|
|
# If you have more than 5 keepalived nodes, you should build your own script
|
|
# (handling master and backups servers), and replace in keepalived_instances:
|
|
# priority: "{{ (groups['haproxy']|length-groups['haproxy'].index(inventory_hostname)*50 }}"
|
|
# by
|
|
# priority: "{{ (groups['haproxy'].index(inventory_hostname) == 0) | ternary('100','50') }}"
|
|
keepalived_instances:
|
|
external:
|
|
interface: "{{ haproxy_keepalived_external_interface | default(management_bridge) }}"
|
|
state: "{{ (groups['haproxy'].index(inventory_hostname) == 0) | ternary('MASTER', 'BACKUP') }}"
|
|
virtual_router_id: "{{ haproxy_keepalived_external_virtual_router_id | default ('10') }}"
|
|
priority: "{{ (groups['haproxy']|length-groups['haproxy'].index(inventory_hostname))*50 }}"
|
|
authentication_password: "{{ haproxy_keepalived_authentication_password }}"
|
|
vips:
|
|
- "{{ haproxy_keepalived_external_vip_cidr | default('169.254.1.1/24') }} dev {{ haproxy_keepalived_external_interface | default(management_bridge) }}"
|
|
track_scripts:
|
|
- haproxy_check_script
|
|
- pingable_check_script
|
|
internal:
|
|
interface: "{{ haproxy_keepalived_internal_interface | default(management_bridge) }}"
|
|
state: "{{ (groups['haproxy'].index(inventory_hostname) == 0) | ternary('MASTER', 'BACKUP') }}"
|
|
virtual_router_id: "{{ haproxy_keepalived_internal_virtual_router_id | default ('11') }}"
|
|
priority: "{{ (groups['haproxy']|length-groups['haproxy'].index(inventory_hostname))*50 }}"
|
|
authentication_password: "{{ haproxy_keepalived_authentication_password }}"
|
|
track_scripts:
|
|
- haproxy_check_script
|
|
- pingable_check_script
|
|
vips:
|
|
- "{{ haproxy_keepalived_internal_vip_cidr | default('169.254.2.1/24') }} dev {{ haproxy_keepalived_internal_interface | default(management_bridge) }}"
|