split keepalived config and refactoring

.ansible-lint

@@ -4,4 +4,3 @@
 # Instead of renaming my role and breaking the world, I will just ignore that lint test.
 skip_list:
   - '106' # Role name {} does not match ``^[a-z][a-z0-9_]+$`` pattern
-  - 'fqcn-builtins'

defaults/main.yml

@@ -72,3 +72,7 @@ keepalived_daemon_options_file_path: "{{ _keepalived_daemon_options_file_path }}
 #keepalived_daemon_default_options_overrides:
 #  - "DAEMON_ARGS='--snmp'"
 keepalived_daemon_default_options_overrides: []
+
+# Remove all keepalived configurations
+# Clears entire {{ keepalived_config_directory_path }}
+keepalived_flush_configuration: False

molecule/default/cleanup.yml

@@ -5,6 +5,6 @@
   tasks:
   - name: Create a network with custom IPAM config
     delegate_to: localhost
-    docker_network:
+    community.general.docker_network:
       name: keepalived-network
       state: absent

molecule/default/converge.yml

@@ -8,7 +8,7 @@
     - "100%"
   tasks:
   - name: Apt update and install rsync, ping, iproute
-    apt:
+    ansible.builtin.package:
       update_cache: yes
       name:
         - rsync
@@ -18,7 +18,7 @@
     when: ansible_os_family == "Debian"
 
   - name: Yum install iproute to fix undefined ansible_default_ipv4.address
-    yum:
+    ansible.builtin.package:
       name: iproute
       state: present
     when:
@@ -27,7 +27,7 @@
 
   - name: Add a container to a network, leaving existing containers connected
     delegate_to: localhost
-    docker_network:
+    community.general.docker_network:
       name: keepalived-network
       connected:
         - "{{ inventory_hostname }}"
@@ -38,16 +38,27 @@
       gather_subset: network
 
   - name: Show ansible_interfaces
-    debug:
+    ansible.builtin.debug:
       var: ansible_interfaces
 
   - name: Define vrrp nic
-    set_fact:
+    ansible.builtin.set_fact:
       vrrp_nic: "{{ ((ansible_interfaces | reject('equalto','lo')) | difference([ansible_default_ipv4.interface]))[0] | string }}"
 
   - name: Include keepalived vars
-    include_vars: "../../tests/keepalived_haproxy_combined_example.yml"
+    ansible.builtin.include_vars: "../../tests/keepalived_haproxy_combined_example.yml"
 
-  - name: "Include ansible-keepalived"
-    include_role:
-      name: "ansible-keepalived"
+  - name: Include ansible-keepalived
+    ansible.builtin.include_role:
+      name: ansible-keepalived
+
+  - name: half way done
+    ansible.builtin.debug:
+      msg: "--- --- --- --- UPDATE CONFIGURATION --- --- --- ---" 
+
+  - name: Include keepalived edit vars
+    ansible.builtin.include_vars: "../../tests/keepalived_haproxy_combined_edit_example.yml"
+
+  - name: Include ansible-keepalived
+    ansible.builtin.include_role:
+      name: ansible-keepalived

molecule/default/prepare.yml

@@ -4,7 +4,7 @@
   tasks:
   - name: Create a network with custom IPAM config
     delegate_to: localhost
-    docker_network:
+    community.general.docker_network:
       name: keepalived-network
       ipam_config:
         - subnet: 192.168.33.0/24

molecule/default/side_effect.yml

@@ -6,39 +6,39 @@
     vrrp_ip: 192.168.33.2
   tasks:
     - name: Define vrrp nic
-      set_fact:
+      ansible.builtin.set_fact:
         vrrp_nic: "{{ ((ansible_interfaces | reject('equalto','lo')) | difference([ansible_default_ipv4.interface]))[0] | string }}"
 
     - name: Disable current master node
-      command: ip link set dev {{ vrrp_nic }} down
+      ansible.builtin.command: ip link set dev {{ vrrp_nic }} down
       when: inventory_hostname == ansible_play_hosts[0]
 
     - name: Wait for topology change
-      wait_for:
+      ansible.builtin.wait_for:
         timeout: 8
       when: inventory_hostname == ansible_play_hosts[0]
 
     - name: Refresh facts for ip addresses on all nodes
-      setup:
+      ansible.builtin.setup:
         gather_subset: network
 
     - name: Compare all the hosts IPs with the vrrp_ip
-      set_fact:
+      ansible.builtin.set_fact:
         is_there_master_ip_somewhere: "{{ ansible_play_hosts_all | map('extract', hostvars, 'ansible_all_ipv4_addresses') | flatten | intersect([vrrp_ip]) }}"
       run_once: True
 
     - name: Fail if no one has the vrrp_ip
-      assert:
+      ansible.builtin.assert:
         that:
           is_there_master_ip_somewhere | length > 0
       run_once: True
 
     # Check master is back online is done on verify
     - name: Restore network connectivity on the initial master node
-      command: ip link set dev {{ vrrp_nic }} up
+      ansible.builtin.command: ip link set dev {{ vrrp_nic }} up
       when: inventory_hostname == ansible_play_hosts[0]
 
     - name: Wait for topology change
-      wait_for:
+      ansible.builtin.wait_for:
         timeout: 8
       when: inventory_hostname == ansible_play_hosts[0]

molecule/default/verify.yml

@@ -8,17 +8,23 @@
   gather_facts: yes
   tasks:
     - name: Define vrrp nic
-      set_fact:
+      ansible.builtin.set_fact:
         vrrp_nic: "{{ ((ansible_interfaces | reject('equalto','lo')) | difference([ansible_default_ipv4.interface]))[0] | string }}"
 
     - name: Show ansible facts
-      debug:
+      ansible.builtin.debug:
         var: ansible_facts
         verbosity: 3
 
+    - name: Get present instance configurations
+      ansible.builtin.command: "ls -la {{ keepalived_config_directory_path }}/instances/"
+      changed_when: false
+      register: dir_out
+
     - name: Ensure the first node is master
-      assert:
+      ansible.builtin.assert:
         that:
           - "'ipv4_secondaries' in ansible_{{ vrrp_nic }}"
           - "ansible_{{ vrrp_nic }}['ipv4_secondaries'][0]['address'] == '192.168.33.2'"
+          - dir_out.stdout_lines == 'int.conf'
       when: inventory_hostname == ansible_play_hosts[0]

tasks/create_configuration.yml

@@ -0,0 +1,93 @@
+---
+
+- name: Configure keepalived
+  ansible.builtin.template:
+    src: keepalived.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/{{ keepalived_config_base_file }}"
+    mode: "0640"
+  notify:
+    - reload keepalived
+
+- name: Configure keepalived script
+  ansible.builtin.template:
+    src: keepalived_script.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/scripts/{{ item.key }}.conf"
+    mode: "0640"
+  when:
+    - keepalived_scripts is defined
+    - item.value.state | d('present') == 'present'
+  loop: "{{ keepalived_scripts | dict2items }}"
+  notify:
+    - reload keepalived
+
+- name: Configure keepalived track files
+  ansible.builtin.template:
+    src: keepalived_track_files.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/track_files/{{ item.key }}.conf"
+    mode: "0640"
+  when:
+    - keepalived_track_files is defined
+    - item.value.state | d('present') == 'present'
+  loop: "{{ keepalived_track_files | dict2items }}"
+  notify:
+    - reload keepalived
+
+- name: Configure keepalived sync_groups
+  ansible.builtin.template:
+    src: keepalived_sync_groups.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/sync_groups/{{ item.key }}.conf"
+    mode: "0640"
+  when:
+    - keepalived_sync_groups is defined
+    - item.value.state | d('present') == 'present'
+  loop: "{{ keepalived_sync_groups | dict2items }}"
+  notify:
+    - reload keepalived
+
+- name: Configure keepalived instances
+  ansible.builtin.template:
+    src: keepalived_instances.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/instances/{{ item.key }}.conf"
+    mode: "0640"
+  when:
+    - keepalived_instances is defined
+    - item.value.state | d('present') in ['present', 'MASTER', 'BACKUP']
+  loop: "{{ keepalived_instances | dict2items }}"
+  notify:
+    - reload keepalived
+
+- name: Configure keepalived service groups
+  ansible.builtin.template:
+    src: keepalived_virtual_server_groups.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/groups/{{ item.name }}.conf"
+    mode: "0640"
+  when:
+    - keepalived_virtual_server_groups is defined
+    - item.name.state | d('present') == 'present'
+  loop: "{{ keepalived_virtual_server_groups }}"
+  notify:
+    - reload keepalived
+
+- name: Configure keepalived single services
+  ansible.builtin.template:
+    src: keepalived_single_services.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/services/single_{{ item.ip | replace('.', '_') }}.conf"
+    mode: "0640"
+  when:
+    - keepalived_virtual_servers is defined
+    - item.ip.state | d('present') == 'present'
+  loop: "{{ keepalived_virtual_servers }}"
+  notify:
+    - reload keepalived
+
+- name: Configure keepalived group services
+  ansible.builtin.template:
+    src: keepalived_group_services.conf.j2
+    dest: "{{ keepalived_config_directory_path }}/services/group_{{ item.name }}.conf"
+    mode: "0640"
+  when:
+    - keepalived_virtual_server_groups is defined
+    - item.name.state | d('present') == 'present'
+  loop: "{{ keepalived_virtual_server_groups }}"
+  notify:
+    - reload keepalived

tasks/drop_files.yml

@@ -0,0 +1,111 @@
+---
+
+- name: Dropping the tracking scripts
+  ansible.builtin.copy:
+    src: "{{ item.value.src_check_script }}"
+    dest: "{{ item.value.dest_check_script | default(item.value.check_script) }}"
+    mode: "0755"
+  loop: "{{ keepalived_scripts | dict2items | default('{}') }}"
+  when: item.value.src_check_script is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the general notification scripts
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_script }}"
+    dest: "{{ item.value.notify_script }}"
+    mode: "0755"
+  loop: "{{ keepalived_sync_groups | dict2items }}"
+  when: item.value.src_notify_script is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for switching to master
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_master }}"
+    dest: "{{ item.value.notify_master }}"
+    mode: "0755"
+  loop: "{{ keepalived_sync_groups | dict2items }}"
+  when: item.value.src_notify_master is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for switching to backup
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_backup }}"
+    dest: "{{ item.value.notify_backup }}"
+    mode: "0755"
+  loop: "{{ keepalived_sync_groups | dict2items }}"
+  when: item.value.src_notify_backup is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for failures
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_fault }}"
+    dest: "{{ item.value.notify_fault }}"
+    mode: "0755"
+  loop: "{{ keepalived_sync_groups | dict2items }}"
+  when: item.value.src_notify_fault is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the general notification scripts (instances)
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_script }}"
+    dest: "{{ item.value.notify_script }}"
+    mode: "0755"
+  loop: "{{ keepalived_instances | dict2items }}"
+  when: item.value.src_notify_script is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for switching to master (instances)
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_master }}"
+    dest: "{{ item.value.notify_master }}"
+    mode: "0755"
+  loop: "{{ keepalived_instances | dict2items }}"
+  when: item.value.src_notify_master is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for lower priority master case (instances)
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_master_rx_lower_pri }}"
+    dest: "{{ item.value.notify_master_rx_lower_pri }}"
+    mode: "0755"
+  loop: "{{ keepalived_instances | dict2items }}"
+  when: item.value.src_notify_master_rx_lower_pri is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for switching to backup (instances)
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_backup }}"
+    dest: "{{ item.value.notify_backup }}"
+    mode: "0755"
+  loop: "{{ keepalived_instances | dict2items }}"
+  when: item.value.src_notify_backup is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for stopping vrrp (instances)
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_stop }}"
+    dest: "{{ item.value.notify_stop }}"
+    mode: "0755"
+  loop: "{{ keepalived_instances | dict2items }}"
+  when: item.value.src_notify_stop is defined
+  notify:
+    - reload keepalived
+
+- name: Dropping the notification scripts for failures (instances)
+  ansible.builtin.copy:
+    src: "{{ item.value.src_notify_fault }}"
+    dest: "{{ item.value.notify_fault }}"
+    mode: "0755"
+  loop: "{{ keepalived_instances | dict2items }}"
+  when: item.value.src_notify_fault is defined
+  notify:
+    - reload keepalived

tasks/keepalived_selinux.yml

@@ -14,22 +14,23 @@
 # limitations under the License.
 
 - name: Get list of SELinux modules loaded
-  command: semodule -l
+  ansible.builtin.command: semodule -l
   changed_when: False
   register: selinux_modules
   check_mode: no
 
 - name: Ensure SELinux packages are installed
-  yum:
+  ansible.builtin.package:
     name: "{{ keepalived_selinux_packages }}"
     state: present
   when:
     - '"keepalived_ping" not in selinux_modules.stdout'
 
-- include_tasks:
+- name: Compile SELinux
+  ansible.builtin.include_tasks:
     file: keepalived_selinux_compile.yml
   when:
     - selinux_policy_name not in selinux_modules.stdout
-  with_items: "{{ keepalived_selinux_compile_rules }}"
+  loop: "{{ keepalived_selinux_compile_rules }}"
   loop_control:
     loop_var: selinux_policy_name