From 009d983f838c1c742eb676621439818bcac186de Mon Sep 17 00:00:00 2001 From: Pavel Loginov Date: Thu, 3 Feb 2022 10:10:06 +0300 Subject: [PATCH] v5.4.1.0 Changelog: https://roxy-wi.org/changelog.py#5_4_1 --- app/funct.py | 18 +++---- .../roles/keepalived/tasks/install.yml | 47 +++++++------------ .../keepalived/templates/add_vrrp.conf.j2 | 2 +- .../keepalived/templates/keepalived.conf.j2 | 2 +- app/scripts/install_keepalived.sh | 5 +- 5 files changed, 28 insertions(+), 46 deletions(-) diff --git a/app/funct.py b/app/funct.py index 8f9c4f0b..f03cbfc6 100644 --- a/app/funct.py +++ b/app/funct.py @@ -934,12 +934,14 @@ def upload_and_restart(server_ip, cfg, **kwargs): if kwargs.get("just_save") == 'save': action = 'save' - elif kwargs.get("just_save") == 'reload': - action = 'reload' elif kwargs.get("just_save") == 'test': action = 'test' + elif kwargs.get("just_save") == 'reload': + action = 'reload' + reload_or_restart_command = reload_command else: action = 'restart' + reload_or_restart_command = restart_command if kwargs.get('login'): login = kwargs.get('login') @@ -955,10 +957,8 @@ def upload_and_restart(server_ip, cfg, **kwargs): move_config = "sudo mv -f " + tmp_file + " " + config_path if action == "save": commands = [move_config] - elif action == "reload": - commands = [move_config + reload_command] else: - commands = [move_config + restart_command] + commands = [move_config + reload_or_restart_command] elif service == "nginx": if is_docker == '1': check_config = "sudo docker exec -it exec " + container_name + " nginx -t -q " @@ -969,10 +969,8 @@ def upload_and_restart(server_ip, cfg, **kwargs): commands = [check_config + " && sudo rm -f " + tmp_file] elif action == "save": commands = [check_and_move] - elif action == "reload": - commands = [ check_and_move + reload_command ] else: - commands = [check_and_move + restart_command] + commands = [check_and_move + reload_or_restart_command] if sql.return_firewall(server_ip): commands[0] += open_port_firewalld(cfg, server_ip=server_ip, service='nginx') else: @@ -986,10 +984,8 @@ def upload_and_restart(server_ip, cfg, **kwargs): commands = [check_config + " && sudo rm -f " + tmp_file] elif action == "save": commands = [check_config + move_config] - elif action == "reload": - commands = [check_config + move_config + reload_command ] else: - commands = [check_config + move_config + restart_command ] + commands = [check_config + move_config + reload_or_restart_command ] if sql.return_firewall(server_ip): commands[0] += open_port_firewalld(cfg, server_ip=server_ip) diff --git a/app/scripts/ansible/roles/keepalived/tasks/install.yml b/app/scripts/ansible/roles/keepalived/tasks/install.yml index a156773e..b723461a 100644 --- a/app/scripts/ansible/roles/keepalived/tasks/install.yml +++ b/app/scripts/ansible/roles/keepalived/tasks/install.yml @@ -2,46 +2,26 @@ - name: check if Keepalived is installed package_facts: manager: "auto" - - -- name: Keepalived has already installed - debug: - msg: "Keepalived has already installed" - when: "'keepalived' in ansible_facts.packages" -- name: Exiting - meta: end_play - when: "'keepalived' in ansible_facts.packages" - - + - name: install EPEL Repository yum: name: epel-release state: latest - when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') + when: + - ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS' + - ansible_facts['distribution_major_version'] == '7' ignore_errors: yes environment: http_proxy: "{{PROXY}}" https_proxy: "{{PROXY}}" - - -- name: install the latest version of Keepalived - yum: - name: - - keepalived - state: latest - when: (ansible_facts['os_family'] == "RedHat") or (ansible_facts['os_family'] == 'CentOS') - environment: - http_proxy: "{{PROXY}}" - https_proxy: "{{PROXY}}" - -- name: Install keepalived - apt: - name: - - keepalived + +- name: Install the latest version of Keepalived + package: + name: keepalived state: present - when: (ansible_facts['os_family'] == 'Debian') or (ansible_facts['os_family'] == 'Ubuntu') + when: "'keepalived' not in ansible_facts.packages" environment: http_proxy: "{{PROXY}}" https_proxy: "{{PROXY}}" @@ -76,6 +56,7 @@ command: getenforce register: sestatus changed_when: false + when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') - name: Disble SELINUX in config @@ -83,14 +64,18 @@ src: ../../haproxy/templates/selinux.j2 dest: /etc/selinux/config ignore_errors: yes - when: '"Enforcing" in sestatus.stdout' + when: + - sestatus.stdout is defined + - '"Enforcing" in sestatus.stdout' - name: Disble SELINUX in env shell: setenforce 0 2> /dev/null ignore_errors: yes debugger: never - when: '"Enforcing" in sestatus.stdout' + when: + - sestatus.stdout is defined + - '"Enforcing" in sestatus.stdout' - name: Enable and start service keepalived diff --git a/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 b/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 index bda0e4b7..79ed34b5 100644 --- a/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 +++ b/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 @@ -2,7 +2,7 @@ vrrp_instance VI_{{IP}} { state {{MASTER}} interface {{ETH}} virtual_router_id {{ range(2, 255) | random }} - priority 103 + priority {% if RETURN_TO_MASTER == 1 and MASTER == 'MASTER' %}152{% elif MASTER == 'MASTER' and RETURN_TO_MASTER == 0 %}102{% else %}101{%endif%} track_script { chk_haproxy diff --git a/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 b/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 index 78816ef9..3deca0eb 100644 --- a/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 +++ b/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 @@ -11,7 +11,7 @@ vrrp_instance VI_1 { state {{MASTER}} interface {{ETH}} virtual_router_id 1 - priority 102 + priority {% if RETURN_TO_MASTER == '1' and MASTER == 'MASTER' %}152{% elif MASTER == 'MASTER' and RETURN_TO_MASTER == '0' %}102{% else %}101{%endif%} #check if we are still running track_script { diff --git a/app/scripts/install_keepalived.sh b/app/scripts/install_keepalived.sh index e718f747..9f87596d 100644 --- a/app/scripts/install_keepalived.sh +++ b/app/scripts/install_keepalived.sh @@ -15,6 +15,7 @@ do KEY) KEY=${VALUE} ;; SYN_FLOOD) SYN_FLOOD=${VALUE} ;; RESTART) RESTART=${VALUE} ;; + RETURN_TO_MASTER) RETURN_TO_MASTER=${VALUE} ;; ADD_VRRP) ADD_VRRP=${VALUE} ;; SSH_PORT) SSH_PORT=${VALUE} ;; *) @@ -32,9 +33,9 @@ PWD=$PWD/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then - ansible-playbook $PWD/roles/keepalived.yml -e "ansible_user=$USER ansible_ssh_pass='$PASS' variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH IP=$IP RESTART=$RESTART ADD_VRRP=$ADD_VRRP SSH_PORT=$SSH_PORT" -i $PWD/$HOST + ansible-playbook $PWD/roles/keepalived.yml -e "ansible_user=$USER ansible_ssh_pass='$PASS' variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH IP=$IP RESTART=$RESTART RETURN_TO_MASTER=$RETURN_TO_MASTER ADD_VRRP=$ADD_VRRP SSH_PORT=$SSH_PORT" -i $PWD/$HOST else - ansible-playbook $PWD/roles/keepalived.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH IP=$IP RESTART=$RESTART ADD_VRRP=$ADD_VRRP SSH_PORT=$SSH_PORT" -i $PWD/$HOST + ansible-playbook $PWD/roles/keepalived.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH IP=$IP RESTART=$RESTART RETURN_TO_MASTER=$RETURN_TO_MASTER ADD_VRRP=$ADD_VRRP SSH_PORT=$SSH_PORT" -i $PWD/$HOST fi if [ $? -gt 0 ]