Tyler/Ansible-HAProxy-Failover
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: Tyler:288a8c59efd71b1b31993c60b9fc5d9678bbacd5
Branches Tags
Tyler:master
..
compare: Tyler:1d325903d5e3a0e3e5db532e179531c501c69eb0
Branches Tags
Tyler:master

No commits in common. "288a8c59efd71b1b31993c60b9fc5d9678bbacd5" and "1d325903d5e3a0e3e5db532e179531c501c69eb0" have entirely different histories.
288a8c59ef ... 1d325903d5

2 changed files with 14 additions and 15 deletions
Show stats Expand all files Collapse all files

1
haproxy.yml
View file

@ -2,6 +2,5 @@
# file: haproxy.yml
- hosts: haproxy
become: true
roles:
- haproxy

28
roles/haproxy/tasks/main.yml
View file

@ -7,6 +7,7 @@
- policycoreutils-python-utils
- NetworkManager
state: latest
become: yes
- name: Install packages
package:
@ -15,6 +16,7 @@
- haproxy
- firewalld
state: latest
become: yes
- name: Add VLAN
nmcli:
@ -25,6 +27,7 @@
autoconnect: yes
type: vlan
state: present
become: yes
when: (haproxy_keepalived_adapter_vlan is defined) and (haproxy_keepalived_ip is defined)
- name: Enable firewall rule for vrrp
@ -34,6 +37,7 @@
state: enabled
immediate: yes
notify: reload firewalld
become: yes
- name: Allow binding non-local IP
sysctl:
@ -41,6 +45,7 @@
value: "1"
reload: true
state: present
become: yes
- name: Allow binding ip forward
sysctl:
@ -48,18 +53,21 @@
value: "1"
reload: true
state: present
become: yes
- name: Update keepalived configuration
template:
src: keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
notify: reload keepalived
become: yes
- name: Enable keepalived
service:
name: keepalived
state: started
enabled: yes
become: yes
- name: Limit SSH to only ansible_host
lineinfile:
@ -68,6 +76,7 @@
line: "ListenAddress {{ ansible_host }}"
notify:
- Restart SSH
become: yes
- name: Flush handlers
meta: flush_handlers
@ -77,20 +86,7 @@
name: haproxy_connect_any
state: yes
persistent: yes
- name: Ensure maps directory exists
file:
path: "/etc/haproxy/maps"
state: directory
- name: Deploy map files
copy:
src: "{{ item }}"
dest: /etc/haproxy/maps
mode: 0644
with_fileglob:
- "maps/*"
notify: reload haproxy
become: yes
- name: Update HAProxy configuration
template:
@ -99,12 +95,14 @@
mode: 0644
validate: haproxy -f %s -c -q
notify: reload haproxy
become: yes
- name: Ensure HAProxy is started and enabled on boot.
service:
name: haproxy
state: started
enabled: yes
become: yes
- name: Enable firewall ports for haproxy
firewalld:
@ -114,9 +112,11 @@
state: enabled
loop: "{{ haproxy_listen_ports }}"
notify: reload firewalld
become: yes
- name: Enable firewalld
service:
name: firewalld
state: started
enabled: yes
become: yes