mirror of https://github.com/Aidaho12/haproxy-wi
116 lines
2.5 KiB
YAML
116 lines
2.5 KiB
YAML
---
|
|
- name: check if Keepalived is installed
|
|
package_facts:
|
|
manager: "auto"
|
|
|
|
|
|
- name: Keepalived has already installed
|
|
debug:
|
|
msg: "Keepalived has already installed"
|
|
when: "'keepalived' in ansible_facts.packages"
|
|
|
|
- name: Exiting
|
|
meta: end_play
|
|
when: "'keepalived' in ansible_facts.packages"
|
|
|
|
|
|
- name: install EPEL Repository
|
|
yum:
|
|
name: epel-release
|
|
state: latest
|
|
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and HAPVER|length > 0
|
|
ignore_errors: yes
|
|
environment:
|
|
http_proxy: "{{PROXY}}"
|
|
https_proxy: "{{PROXY}}"
|
|
|
|
|
|
- name: install the latest version of Keepalived
|
|
yum:
|
|
name:
|
|
- keepalived
|
|
state: latest
|
|
when: (ansible_facts['os_family'] == "RedHat") or (ansible_facts['os_family'] == 'CentOS')
|
|
environment:
|
|
http_proxy: "{{PROXY}}"
|
|
https_proxy: "{{PROXY}}"
|
|
|
|
|
|
- name: Install keepalived
|
|
apt:
|
|
name:
|
|
- keepalived
|
|
state: present
|
|
when: (ansible_facts['os_family'] == 'Debian') or (ansible_facts['os_family'] == 'Ubuntu')
|
|
environment:
|
|
http_proxy: "{{PROXY}}"
|
|
https_proxy: "{{PROXY}}"
|
|
|
|
|
|
- name: Ensure group "keepalived_script" exists
|
|
group:
|
|
name: keepalived_script
|
|
state: present
|
|
system: yes
|
|
|
|
|
|
- name: Add the user 'keepalived_script'
|
|
user:
|
|
name: keepalived_script
|
|
comment: User for keepalived_script
|
|
group: keepalived_script
|
|
shell: /sbin/nologin
|
|
create_home: no
|
|
system: yes
|
|
|
|
|
|
- name: Copy keepalived configuration in place.
|
|
template:
|
|
src: keepalived.conf.j2
|
|
dest: /etc/keepalived/keepalived.conf
|
|
mode: 0644
|
|
notify: restart keepalived
|
|
|
|
|
|
- name: test to see if selinux is running
|
|
command: getenforce
|
|
register: sestatus
|
|
changed_when: false
|
|
|
|
|
|
- name: Disble SELINUX in config
|
|
template:
|
|
src: ../../haproxy/templates/selinux.j2
|
|
dest: /etc/selinux/config
|
|
ignore_errors: yes
|
|
when: '"Enforcing" in sestatus.stdout'
|
|
|
|
|
|
- name: Disble SELINUX in env
|
|
shell: setenforce 0 2> /dev/null
|
|
ignore_errors: yes
|
|
debugger: never
|
|
when: '"Enforcing" in sestatus.stdout'
|
|
|
|
|
|
- name: Enable and start service keepalived
|
|
service:
|
|
name: keepalived
|
|
daemon_reload: yes
|
|
state: started
|
|
enabled: yes
|
|
ignore_errors: yes
|
|
|
|
|
|
- name: Enable net.ipv4.ip_forward
|
|
sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: '1'
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
|
|
- name: Add syn_flood tasks
|
|
include: ../../haproxy/tasks/syn_flood.yml
|
|
when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0) |