From 3480547d3566649831b4a327ce8e9155c5c5fa23 Mon Sep 17 00:00:00 2001 From: Salt Date: Thu, 11 Mar 2021 10:25:41 -0600 Subject: [PATCH] Install keepalived on pi k8s nodes --- inventory/group_vars/pis.yml | 7 +++++++ inventory/hosts.yml | 3 +++ playbooks/pik8s.yml | 8 +++++++ roles/keepalived/defaults/main.yml | 21 +++++++++++++++++++ roles/keepalived/handlers/main.yml | 5 +++++ roles/keepalived/tasks/main.yml | 11 ++++++++++ .../tasks/templates/keepalived.conf | 14 +++++++++++++ 7 files changed, 69 insertions(+) create mode 100644 roles/keepalived/defaults/main.yml create mode 100644 roles/keepalived/handlers/main.yml create mode 100644 roles/keepalived/tasks/main.yml create mode 100644 roles/keepalived/tasks/templates/keepalived.conf diff --git a/inventory/group_vars/pis.yml b/inventory/group_vars/pis.yml index b60e220..5f7443d 100644 --- a/inventory/group_vars/pis.yml +++ b/inventory/group_vars/pis.yml @@ -16,4 +16,11 @@ secret_netbox_local_db_pass: !vault | 33616365353663633434653463643964613231343335326234343331396137363439666138376332 3564356231336230630a336639656337353538633931623536303430363836386137646563613338 66326661313064306162363265303636333765383736336231346136383763613131 +secret_keepalived_pass: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 65353963616637303932643435643262333438666566333138373539393836636135656162323965 + 3036313035343835393439663065326536323464316566340a613966333731356631613536643332 + 64613934346234316564613564363863356663653063333432316434353633333138643561316638 + 6563386233656364310a626363663234623161363537323035663663383333353138386239623934 + 65613231666661633262633439393462316337393532623263363630353133373236 diff --git a/inventory/hosts.yml b/inventory/hosts.yml index d4c184a..ea5b38f 100644 --- a/inventory/hosts.yml +++ b/inventory/hosts.yml @@ -31,8 +31,11 @@ all: kubernetes_role: node hosts: pi-kub-node-1.desu.ltd: + keepalived_priority: 50 pi-kub-node-2.desu.ltd: + keepalived_priority: 49 pi-kub-node-3.desu.ltd: + keepalived_priority: 48 desktop: hosts: dsk-ryzen-0.desu.ltd: diff --git a/playbooks/pik8s.yml b/playbooks/pik8s.yml index fd66cca..33e47b3 100755 --- a/playbooks/pik8s.yml +++ b/playbooks/pik8s.yml @@ -23,3 +23,11 @@ - name: install openshift pip: name=openshift state=latest tags: [ k8s, packages, pip ] +- hosts: pik8s_nodes + gather_facts: no + roles: + - role: keepalived + vars: + keepalived_auth_pass: "{{ secret_keepalived_pass }}" + keepalived_vip: "192.168.102.200/16" + tags: [ k8s, keepalived ] diff --git a/roles/keepalived/defaults/main.yml b/roles/keepalived/defaults/main.yml new file mode 100644 index 0000000..0f4ce7a --- /dev/null +++ b/roles/keepalived/defaults/main.yml @@ -0,0 +1,21 @@ +# vim:ft=ansible: + +# Node priority. Should be assigned differently for each host +keepalived_priority: 50 +# Node state. Should be "MASTER" on the master and "BACKUP" on backup machines +keepalived_state: "BACKUP" + +# The interface to assign the VIP to +keepalived_interface: "eth0" +# The virtual router ID +keepailved_virtual_router_id: 51 +# The VIP to pass around. Include the subnet mask like so: +# 192.168.0.5/24 +keepalived_vip: "" +# Advertisement interval in seconds +keepalived_advert_int: 1 +# Name of the vrrp instance +keepalived_vrrp_instance_name: "VI_1" + +# Keepalived authentication password +#keepalived_auth_pass diff --git a/roles/keepalived/handlers/main.yml b/roles/keepalived/handlers/main.yml new file mode 100644 index 0000000..2f86637 --- /dev/null +++ b/roles/keepalived/handlers/main.yml @@ -0,0 +1,5 @@ +#!/usr/bin/env ansible-playbook +# vim:ft=ansible: +--- +- name: restart keepalived + systemd: name=keepalived state=restarted diff --git a/roles/keepalived/tasks/main.yml b/roles/keepalived/tasks/main.yml new file mode 100644 index 0000000..78de2b4 --- /dev/null +++ b/roles/keepalived/tasks/main.yml @@ -0,0 +1,11 @@ +#!/usr/bin/env ansible-playbook +# vim:ft=ansible: +--- +- name: install keepalived + apt: name=keepalived state=present + when: ansible_os_family == 'Debian' +- name: template out config + template: src=keepalived.conf dest=/etc/keepalived/keepalived.conf mode="0640" + notify: restart keepalived +- name: ensure keepalived is running + systemd: name=keepalived state=started enabled=yes diff --git a/roles/keepalived/tasks/templates/keepalived.conf b/roles/keepalived/tasks/templates/keepalived.conf new file mode 100644 index 0000000..0185937 --- /dev/null +++ b/roles/keepalived/tasks/templates/keepalived.conf @@ -0,0 +1,14 @@ +vrrp_instance {{ keepalived_vrrp_instance_name }} { + state {{ keepalived_state }} + interface {{ keepalived_interface }} + virtual_router_id {{ keepailved_virtual_router_id }} + priority {{ keepalived_priority }} + advert_int {{ keepalived_advert_int }} + authentication { + auth_type PASS + auth_pass {{ keepalived_auth_pass }} + } + virtual_ipaddress { + {{ keepalived_vip }} + } +}