diff --git a/CHANGELOG.md b/CHANGELOG.md index 9b0e4f03..49437036 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,15 +23,16 @@ The **patch** part changes is incremented if multiple releases happen the same m * add-vm.sh: allow VM name max length > 20 * apache : fix goaway pattern for bad bots * apache : rename MaxRequestsPerChild to MaxConnectionsPerChild (new name) +* bind: Update role for Buster, Bullseye and Bookworm support * evocheck: upstream release 23.11.1 * evolinux-base: dump-server-state upstream release 23.11 * evolinux-base: use separate default config file for rsyslog +* kvmstats: use .capacity instead of .physical for disk size * log2mail: move custom config in separate file +* lxc: Init /etc git repository in lxc container * nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12 * proftpd: in SFTP vhost, enable SSH keys login, enable ed25549 host key for Debian >= 11 -* bind: Update role for Buster, Bullseye and Bookworm support -* kvmstats: use .capacity instead of .physical for disk size -* lxc: Init /etc git repository in lxc container +* vrrpd: variable to force update the switch script (default: false) ### Fixed diff --git a/vrrpd/defaults/main.yml b/vrrpd/defaults/main.yml index f5950a14..d5b5b3b4 100644 --- a/vrrpd/defaults/main.yml +++ b/vrrpd/defaults/main.yml @@ -1,4 +1,5 @@ --- +vrrp_force_update_switch_script: false vrrp_addresses: [] # - { diff --git a/vrrpd/files/vrrp_switch.sh b/vrrpd/files/vrrp_switch.sh new file mode 100644 index 00000000..8f260a8a --- /dev/null +++ b/vrrpd/files/vrrp_switch.sh @@ -0,0 +1,87 @@ +#!/bin/sh + +set -u +set -e + +# Input values +STATE=$1 +VRID=$2 +VIRTUAL_IP=$3 +INTERFACE_NAME=$4 +LABEL=$5 +PRIORITY=$6 +ADVERT_INT=$7 +PREEMPT=$8 +OTHER=${9:-} + +LOG_DIR=/var/log/vrrpd/ +[ ! -d "${LOG_DIR}" ] && mkdir -p "${LOG_DIR}" +LOG_FILE="${LOG_DIR}/state.${VRID}" + +STATE_DIR=/var/run/vrrpd/ +[ ! -d "${STATE_DIR}" ] && mkdir -p "${STATE_DIR}" +STATE_FILE="${STATE_DIR}/vrrp-${LABEL}" + +# Log state change to file +printf "%s %s %s %s %s %s %s %s : %s\n" \ + "${STATE}" \ + "${VIRTUAL_IP}" \ + "${INTERFACE_NAME}" \ + "${LABEL}" \ + "${PRIORITY}" \ + "${ADVERT_INT}" \ + "${PREEMPT}" \ + "${OTHER}" \ + "$(date)" \ + >> "${LOG_FILE}" + +# Replace information in state file +{ + echo "VRRP - ${LABEL}" + echo "Group ${VRID}" + echo "State is ${STATE}" + echo "Virtual IP address is ${VIRTUAL_IP}" +} > "${STATE_FILE}" + +# Choose virtual interface name (limited in size) +INTERFACE_PREFIX="vrrp_${VRID}_" +INTERFACE_PREFIX_LEN=${#INTERFACE_PREFIX} +INTERFACE_LEN=$(( ${#INTERFACE_PREFIX} + ${#INTERFACE_NAME} )) +INTERFACE_MAX_LEN=15 + +if [ ${INTERFACE_LEN} -gt ${INTERFACE_MAX_LEN} ]; then + INTERFACE_SUFFIX=$(echo "${INTERFACE_NAME}" | tail -c $(( INTERFACE_MAX_LEN + 1 - INTERFACE_PREFIX_LEN ))) +else + INTERFACE_SUFFIX="${INTERFACE_NAME}" +fi +VIRTUAL_INTERFACE_NAME="${INTERFACE_PREFIX}${INTERFACE_SUFFIX}" + +# Apply state +case "${STATE}" in + + "master" ) + # Choose a MAC address + MAC_SUFFIX=$(printf %02x "${VRID}") + MAC="00:00:5e:00:01:${MAC_SUFFIX})" + # Create macvlan interface + ip link add link "${INTERFACE_NAME}" address "${MAC}" "${VIRTUAL_INTERFACE_NAME}" type macvlan + # Add IP to interface + ip address add "${VIRTUAL_IP}" dev "${VIRTUAL_INTERFACE_NAME}" + # Enable interface + ip link set dev "${VIRTUAL_INTERFACE_NAME}" up + ;; + + "slave" ) + # Delete interface + ip link delete "${VIRTUAL_INTERFACE_NAME}" + ;; + + * ) + # Error on unknown value for state + echo "Unknown state '${STATE}'" >&2 + exit 1 + ;; + +esac + +exit 0 diff --git a/vrrpd/tasks/main.yml b/vrrpd/tasks/main.yml index 605fb0fd..86390a2f 100644 --- a/vrrpd/tasks/main.yml +++ b/vrrpd/tasks/main.yml @@ -14,6 +14,15 @@ tags: - vrrpd +- name: install custom switch script + ansible.builtin.copy: + src: vrrp_switch.sh + dest: /etc/vrrpd/vrrp_switch + mode: "0700" + owner: "root" + group: "root" + force: "{{ vrrp_force_update_switch_script | bool | ternary('yes','no') }}" + - name: Adjust sysctl config (except rp_filter) ansible.posix.sysctl: name: "{{ item.name }}"