homelab/haproxy.yml

- name: Setup HAProxy
  hosts: all
  become: yes
  become_method: sudo
  become_user: root
  tasks:
  - name: Install package
    package:
      name: haproxy
      state: present
  - name: Start HAProxy
    service:
      name: haproxy
      enabled: true
      state: started
  - name: Install keepalived
    package:
      name: keepalived
      state: present
  - name: Start keepalived
    service:
      name: keepalived
      enabled: true
      state: started
  - name: Create keepalived empty config
    copy:
      dest: /etc/keepalived/keepalived.conf
      content: ""
  - name: Check APIServer Script
    copy:
      dest: /etc/keepalived/check_apiserver.sh
      content: |
        #!/bin/sh
        errorExit() {
          echo "*** $*" 1>&2
          exit 1
        }
        curl --silent --max-time 2 --insecure https://localhost:{{ APISERVER_DEST_PORT }}/ -o /dev/null || errorExit "Error GET https://localhost:{{ APISERVER_DEST_PORT }}/"
        if ip addr | grep -q {{ APISERVER_VIP }}; then
          curl --silent --max-time 2 --insecure https://{{ APISERVER_VIP }}:{{ APISERVER_DEST_PORT }}/ -o /dev/null || errorExit "Error GET https://{{ APISERVER_VIP }}:{{ APISERVER_DEST_PORT }}/"
        fi
  - name: Config keepalived
    blockinfile:
      dest: /etc/keepalived/keepalived.conf
      block: |
        vrrp_script check_apiserver {
          script "/etc/keepalived/check_apiserver.sh"
          interval 3
          weight -2
          fall 10
          rise 2
        }
        vrrp_script chk_apiserver {
          script "/usr/bin/nc localhost 6443"
          interval 5
        }
        vrrp_instance VI_1 {
          state MASTER
          interface eth0
          virtual_router_id 101
          priority 100
          advert_int 1
          authentication {
            auth_type PASS
            auth_pass 1111
          }
          virtual_ipaddress {
            {{ APISERVER_VIP }}
          }
          track_script {
            check_apiserver
          }
        }
        vrrp_script chk_haproxy {
          process haproxy
          interval 2
        }
        vrrp_instance VI_2 {
          state MASTER
          interface eth0
          virtual_router_id 102
          priority 100
          advert_int 1
          authentication {
            auth_type PASS
            auth_pass 2222
          }
          virtual_ipaddress {
            {{ ELB_VIP }}
          }
          track_script {
            chk_haproxy
          }
        }
  - name: restart keepalived
    service:
      name: keepalived
      state: restarted
haproxy starter 9 months ago			`- name: Setup HAProxy`
			`hosts: all`
			`become: yes`
			`become_method: sudo`
			`become_user: root`
			`tasks:`
			`- name: Install package`
			`package:`
			`name: haproxy`
			`state: present`
			`- name: Start HAProxy`
			`service:`
			`name: haproxy`
			`enabled: true`
apend hosts 9 months ago			`state: started`
Update 'haproxy.yml' 9 months ago			`- name: Install keepalived`
			`package:`
			`name: keepalived`
			`state: present`
			`- name: Start keepalived`
			`service:`
			`name: keepalived`
			`enabled: true`
			`state: started`
Update 'haproxy.yml' 9 months ago			`- name: Create keepalived empty config`
			`copy:`
			`dest: /etc/keepalived/keepalived.conf`
			`content: ""`
Update 'haproxy.yml' 9 months ago			`- name: Check APIServer Script`
			`copy:`
			`dest: /etc/keepalived/check_apiserver.sh`
			`content: \|`
			`#!/bin/sh`
			`errorExit() {`
			`echo "*** $*" 1>&2`
			`exit 1`
			`}`
			`curl --silent --max-time 2 --insecure https://localhost:{{ APISERVER_DEST_PORT }}/ -o /dev/null \|\| errorExit "Error GET https://localhost:{{ APISERVER_DEST_PORT }}/"`
			`if ip addr \| grep -q {{ APISERVER_VIP }}; then`
			`curl --silent --max-time 2 --insecure https://{{ APISERVER_VIP }}:{{ APISERVER_DEST_PORT }}/ -o /dev/null \|\| errorExit "Error GET https://{{ APISERVER_VIP }}:{{ APISERVER_DEST_PORT }}/"`
			`fi`
Update 'haproxy.yml' 9 months ago			`- name: Config keepalived`
			`blockinfile:`
			`dest: /etc/keepalived/keepalived.conf`
			`block: \|`
Update 'haproxy.yml' 9 months ago			`vrrp_script check_apiserver {`
			`script "/etc/keepalived/check_apiserver.sh"`
			`interval 3`
			`weight -2`
			`fall 10`
			`rise 2`
			`}`
Update 'haproxy.yml' 9 months ago			`vrrp_script chk_apiserver {`
			`script "/usr/bin/nc localhost 6443"`
			`interval 5`
			`}`
Update 'haproxy.yml' 9 months ago			`vrrp_instance VI_1 {`
			`state MASTER`
			`interface eth0`
			`virtual_router_id 101`
			`priority 100`
			`advert_int 1`
			`authentication {`
			`auth_type PASS`
			`auth_pass 1111`
			`}`
			`virtual_ipaddress {`
Update 'haproxy.yml' 9 months ago			`{{ APISERVER_VIP }}`
Update 'haproxy.yml' 9 months ago			`}`
Update 'haproxy.yml' 9 months ago			`track_script {`
Update 'haproxy.yml' 9 months ago			`check_apiserver`
Update 'haproxy.yml' 9 months ago			`}`
Update 'haproxy.yml' 9 months ago			`}`
Update 'haproxy.yml' 9 months ago			`vrrp_script chk_haproxy {`
Update 'haproxy.yml' 9 months ago			`process haproxy`
Update 'haproxy.yml' 9 months ago			`interval 2`
			`}`
			`vrrp_instance VI_2 {`
			`state MASTER`
			`interface eth0`
Update 'haproxy.yml' 9 months ago			`virtual_router_id 102`
Update 'haproxy.yml' 9 months ago			`priority 100`
			`advert_int 1`
			`authentication {`
			`auth_type PASS`
			`auth_pass 2222`
			`}`
			`virtual_ipaddress {`
Update 'haproxy.yml' 9 months ago			`{{ ELB_VIP }}`
Update 'haproxy.yml' 9 months ago			`}`
			`track_script {`
			`chk_haproxy`
			`}`
			`}`
Update 'haproxy.yml' 9 months ago			`- name: restart keepalived`
			`service:`
			`name: keepalived`
			`state: restarted`
Update 'haproxy.yml' 9 months ago