diff --git a/README.md b/README.md deleted file mode 100644 index 2947077..0000000 --- a/README.md +++ /dev/null @@ -1 +0,0 @@ -# keepalived-formula diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..3128ebe --- /dev/null +++ b/README.rst @@ -0,0 +1,41 @@ +======= +keepalived +======= + +Install, configure and run ``keepalived``. + +.. note:: + + See the full `Salt Formulas installation and usage instructions + `_. + +Available states +================ + +.. contents:: + :local: + +or the jinja template and the pillar for a salt approach. + +``keepalived`` +----------- + +Install, configure and run ``keepalived`` service. + +``keepalived.install`` +------------------- + +Install ``keepalived`` from packages. + +``keepalived.config`` +------------------ + +Slowly adding configuration options per the documents, not everything is available + +To Do: + - LVS configuration section + +``keepalived.service`` +------------------- + +Make sure ``keepalived`` service is running. diff --git a/keepalived/config.sls b/keepalived/config.sls new file mode 100644 index 0000000..a05ba83 --- /dev/null +++ b/keepalived/config.sls @@ -0,0 +1,8 @@ +keepalived.config: + file.managed: + - name: {{ salt['pillar.get']('keepalived:config_file_path', '/etc/keepalived/keepalived.conf') }} + - source: salt://keepalived/templates/keepalived.jinja + - template: jinja + - user: root + - group: root + - mode: 644 diff --git a/keepalived/init.sls b/keepalived/init.sls new file mode 100644 index 0000000..8a4c867 --- /dev/null +++ b/keepalived/init.sls @@ -0,0 +1,8 @@ +# keepalived +# +# Meta-state to fully setup keepalived on debian. (or any other distro that has keepalived in their repo) + +include: + - keepalived.install + - keepalived.service + - keepalived.config diff --git a/keepalived/install.sls b/keepalived/install.sls new file mode 100644 index 0000000..39ef313 --- /dev/null +++ b/keepalived/install.sls @@ -0,0 +1,3 @@ +keepalived.install: + pkg.installed: + - name: keepalived diff --git a/keepalived/service.sls b/keepalived/service.sls new file mode 100644 index 0000000..be5b1bb --- /dev/null +++ b/keepalived/service.sls @@ -0,0 +1,9 @@ +keepalived.service: + service.running: + - name: keepalived + - enable: True + - reload: True + - require: + - pkg: keepalived + - watch: + - file: keepalived.config diff --git a/keepalived/templates/keepalived.jinja b/keepalived/templates/keepalived.jinja new file mode 100644 index 0000000..8e518a5 --- /dev/null +++ b/keepalived/templates/keepalived.jinja @@ -0,0 +1,232 @@ +# keepalived configuration +# +# **** DO NOT EDIT THIS FILE **** +# +# This file is managed by Salt. +# Any changes will be overwritten. + + +#--------------------------------------------------------------------- +# Global settings +#--------------------------------------------------------------------- +global_defs { + notification_email { +{%- if 'notification_emails' in salt['pillar.get']('keepalived:global_defs') %} + {%- for email in salt['pillar.get']('keepalived:global_defs:notification_emails', {}).iteritems() %} + {{ email }} + {%- endfor %} +{%- endif %} + } + notificaiton_email_from {{ salt['pillar.get']('keepalived:defaults:notification_email_from', 'keepalived@'~salt['grains.get']('fqdn') ) }} + smtp_server {{ salt['pillar.get']('keepalived:defaults:smtp_server', 'localhost') }} +{%- if 'smtp_timeout' in salt['pillar.get']('keepalived:global_defs') %} + smtp_timeout {{ salt['pillar.get']('keepalived:defaults:smtp_timeout') }} +{%- endif %} + +#--------------------------------------------------------------------- +# static network configuration +#--------------------------------------------------------------------- +# static ipaddresses +{%- if 'static_ipaddresses' in salt['pillar.get']('keepalived') %} +static_ipaddress { + {%- for address in salt['pillar.get']('keepalived:static_ipaddresses', {}).iteritems() %} + {{ address }} + {%- endfor %} +} +{%- endif %} + +# static routes +{%- if 'static_routes' in salt['pillar.get']('keepalived') %} +static_route { + {%- for route in salt['pillar.get']('keepalived:static_routes', {}).iteritems() %} + {{ route}} + {%- endfor %} +} +{%- endif %} + +#--------------------------------------------------------------------- +# vrrp configuration +#--------------------------------------------------------------------- + +# vrrp scripts +{%- for script in salt['pillar.get']('keepalived:vrrp_scripts', {}).iteritems() %} +vrrp_script {{ script[1].get('name', script[0]) }} { + script "{{ script[1].get('script') }}" + interval {{ script[1].get('interval', '1') }} + weight {{ script[1].get('weight', '2') }} + {%- if 'fall' in script[1] %} + fall {{ script[1].get('fall') }} + {%- endif %} + {%- if 'rise' in script[1] %} + rise {{ script[1].get('rise') }} + {%- endif %} +} +{%- endfor %} + +# vrrp sync groups +{%- if 'vrrp_sync_groups' in salt['pillar.get']('keepalived') %} + {%- for syncgroup in salt['pillar.get']('keepalived:vrrp_sync_groups', {}).iteritems() %} +vrrp_sync_group {{ syncgroup[1].get('name', syncgroup[0]) }} { + group { + {%- for member in syncgroup[1].members %} + {{ member }} + {%- endfor%} + } + {%- if 'notify_master' in syncgroup[1] %} + notify_master {{ syncgroup[1].get('notify_master') }} + {%- endif %} + {%- if 'notify_backup' in syncgroup[1] %} + notify_backup {{ syncgroup[1].get('notify_backup') }} + {%- endif %} + {%- if 'notify_fault' in syncgroup[1] %} + notify_master {{ syncgroup[1].get('notify_fault') }} + {%- endif %} + {%- if 'notify' in syncgroup[1] %} + notify {{ syncgroup[1].get('notify') }} + {%- endif %} + {%- if 'smtp_alert' in syncgroup[1] %} + {%- if True == syncgroup[1].get('smtp_alert') %} + smtp_alert + {%- endif %} + {%- endif %} +} + {%- endfor %} +{%- endif %} + +# vrrp instance +{%- for instance in salt['pillar.get']('keepalived:vrrp_instances', {}).iteritems() %} +vrrp_instance {{ instance[1].get('name', instance[0]) }} { + {%- if 'use_vmac' in instance[1] %} + {%- if True == instance[1].get('use_vmac') %} + use_vmac + {%- endif %} + {%- endif %} + {%- if 'vmac_xmit_base' in instance[1] %} + {%- if True == instance[1].get('vmac_xmit_base') %} + vmac_xmit_base + {%- endif %} + {%- endif %} + {%- if 'native_ipv6' in instance[1] %} + {%- if True == instance[1].get('native_ipv6') %} + native_ipv6 + {%- endif %} + {%- endif %} + state {{ instance[1].get('state', 'BACKUP') }} + {%- if 'interface' in instance[1] %} + interface {{ instance[1].get('interface') }} + {%- endif %} + {%- if 'track_interfaces' in instance[1] %} + track_interface { + {%- for track_interface in instance[1].track_interfaces %} + {{ track_interface }} + {%- endfor%} + } + {%- endif %} + {%- if 'track_scripts' in instance[1] %} + track_script { + {%- for track_script in instance[1].track_scripts %} + {{ track_script }} + {%- endfor%} + } + {%- endif %} + {%- if 'dont_tack_primary' in instance[1] and instance[1].get('dont_track_primary') %} + dont_track_primary + {%- endif %} + {%- if 'mcast_src_ip' in instance[1] %} + mcast_src_ip {{ instance[1].get('mcast_src_ip') }} + {%- endif %} + {%- if 'unicast_src_ip' in instance[1] %} + unicast_src_ip {{ instance[1].get('unicast_src_ip') }} + {%- endif %} + {%- if 'unicast_peers' in instance[1] %} + unicast_peer { + {%- for unicast_peer in instance[1].unicast_peers %} + {{ unicast_peer }} + {%- endfor%} + } + {%- endif %} + {%- if 'lvs_sync_daemon_interface' in instance[1] %} + lvs_sync_daemon_interface {{ instance[1].get('lvs_sync_daemon_interface') }} + {%- endif %} + {%- if 'garp_master_delay' in instance[1] %} + garp_master_delay {{ instance[1].get('garp_master_delay') }} + {%- endif %} + {%- if 'garp_master_repeat' in instance[1] %} + garp_master_repeat {{ instance[1].get('garp_master_repeat') }} + {%- endif %} + {%- if 'garp_master_refresh' in instance[1] %} + garp_master_refresh {{ instance[1].get('garp_master_refresh') }} + {%- endif %} + {%- if 'garp_master_refresh_repeat' in instance[1] %} + garp_master_refresh_repeat {{ instance[1].get('garp_master_refresh_repeat') }} + {%- endif %} + {%- if 'virtual_router_id' in instance[1] %} + virtual_router_id {{ instance[1].get('virtual_router_id') }} + {%- endif %} + {%- if 'priority' in instance[1] %} + priority {{ instance[1].get('priority') }} + {%- endif %} + {%- if 'advert_int' in instance[1] %} + advert_int {{ instance[1].get('advert_int') }} + {%- endif %} + authentication { + auth_type {{ instance[1].get('authentication').get('auth_type') }} + auth_pass {{ instance[1].get('authentication').get('auth_pass') }} + } + {%- if 'virtual_ipaddresses' in instance[1] %} + virtual_ipaddress { + {%- for virtual_ipaddress in instance[1].virtual_ipaddresses %} + {{ virtual_ipaddress }} + {%- endfor%} + } + {%- endif %} + {%- if 'virtual_ipaddresses_excluded' in instance[1] %} + virtual_ipaddress_excluded { + {%- for virtual_ipaddress_excluded in instance[1].virtual_ipaddresses_excluded %} + {{ virtual_ipaddress_excluded }} + {%- endfor%} + } + {%- endif %} + {%- if 'virtual_routes' in instance[1] %} + virtual_route { + {%- for virtual_route in instance[1].virtual_routes %} + {{ virtual_route }} + {%- endfor%} + {%- if 'blackhole_addresses' in instance[1] %} + {%- for blackhole_address in instance[1].blackhole_addresses %} + blackhole {{ blackhole_address }} + {%- endfor%} + {%- endif %} + } + {%- endif %} + {%- if 'nopreempt' in instance[1] and instance[1].get('nopreempt') %} + nopreempt + {%- endif %} + {%- if 'notify_master' in instance[1] %} + notify_master {{ instance[1].get('notify_master') }} + {%- endif %} + {%- if 'notify_backup' in instance[1] %} + notify_backup {{ instance[1].get('notify_backup') }} + {%- endif %} + {%- if 'notify_fault' in instance[1] %} + notify_fault {{ instance[1].get('notify_fault') }} + {%- endif %} + {%- if 'notify_stop' in instance[1] %} + notify_stop {{ instance[1].get('notify_stop') }} + {%- endif %} + {%- if 'notify' in instance[1] %} + notify {{ instance[1].get('notify') }} + {%- endif %} + {%- if 'smtp_alert' in instance[1] %} + {%- if True == instance[1].get('smtp_alert') %} + smtp_alert + {%- endif %} + {%- endif %} +} +{%- endfor %} + +#--------------------------------------------------------------------- +# lvs configuration +#--------------------------------------------------------------------- +#this section has not been completed + diff --git a/pillar.example b/pillar.example new file mode 100644 index 0000000..1961f0d --- /dev/null +++ b/pillar.example @@ -0,0 +1,41 @@ +# +# Example pillar configuration +# + +keepalived: + global_defs: + notificaiton_emails: + - alerts@example.com + smtp_server: 'mymail.example.com' + smtp_connect_timeout: 30 + + vrrp_scripts: + chk_haproxy: + script: "killall -0 haproxy" + interval: 2 + + vrrp_instances: + testhaproxy: + interface: eth0 + priority: 10 + virtual_router_id: 01 + smtp_alert: True + authentication: + auth_type: PASS + auth_pass: topsecret + virtual_ipaddresses: + - "10.20.30.40" + - "10.20.30.41" + - "10.20.30.42" + track_scripts: + - chk_haproxy + +# +# Example Addition Pillar for Master +# + +keepalived: + vrrp_instances: + testhaproxy: + state: MASTER + priority: 101