- name: Setup HAProxy hosts: all become: yes become_method: sudo become_user: root tasks: - name: Install package package: name: haproxy state: present - name: Start HAProxy service: name: haproxy enabled: true state: started - name: Install keepalived package: name: keepalived state: present - name: Start keepalived service: name: keepalived enabled: true state: started - name: Create keepalived empty config copy: dest: /etc/keepalived/keepalived.conf content: "" - name: Check APIServer Script copy: dest: /etc/keepalived/check_apiserver.sh content: | #!/bin/sh errorExit() { echo "*** $*" 1>&2 exit 1 } curl --silent --max-time 2 --insecure https://localhost:{{ APISERVER_DEST_PORT }}/ -o /dev/null || errorExit "Error GET https://localhost:{{ APISERVER_DEST_PORT }}/" if ip addr | grep -q {{ APISERVER_VIP }}; then curl --silent --max-time 2 --insecure https://{{ APISERVER_VIP }}:{{ APISERVER_DEST_PORT }}/ -o /dev/null || errorExit "Error GET https://{{ APISERVER_VIP }}:{{ APISERVER_DEST_PORT }}/" fi - name: Config keepalived blockinfile: dest: /etc/keepalived/keepalived.conf block: | vrrp_script check_apiserver { script "/etc/keepalived/check_apiserver.sh" interval 3 weight -2 fall 10 rise 2 } vrrp_script chk_apiserver { script "/usr/bin/nc localhost 6443" interval 5 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 101 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { {{ APISERVER_VIP }} } track_script { check_apiserver } } vrrp_script chk_haproxy { process haproxy interval 2 } vrrp_instance VI_2 { state MASTER interface eth0 virtual_router_id 102 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 2222 } virtual_ipaddress { {{ ELB_VIP }} } track_script { chk_haproxy } } - name: restart keepalived service: name: keepalived state: restarted