keepalived.yaml

---
- name: run roles
  hosts: keepalived
  pre_tasks:
    - name: minimum ansible version
      vars:
        minver: "2.12.0"
      assert:
        that: "ansible_version.full is version_compare('{{ minver }}', '>=')"
        msg: "You must update Ansible to at least {{ minver }} to use this playbook."
    
    - name: print out extra_vars
      debug:
        msg:
          - "ansible_distribution: {{ ansible_distribution }}"
          - "ansible_distribution_release: {{ ansible_distribution_release }}"
          - "ansible_distribution_major_version: {{ ansible_distribution_major_version }}"
  
  tasks:
    - name: install keepalived
      package:
        name:
          - keepalived
          - nmap
    
    - name: lookup secrets directly
      set_fact:
        FAST_IP: "{{ lookup('hashivault', inventory_hostname, mount_point='/kv/machine', version=2)['network']['br-fast']['ipv4'] | ipaddr('address') }}"
    
    - name: generate random password for keepalived
      set_fact:
        KEEPALIVED_PASSWORD: "{{ lookup('ansible.builtin.password', '/dev/null', chars=['ascii_lowercase', 'ascii_uppercase', 'ascii_digits'], length=8) }}"
      run_once: true
      delegate_to: localhost

    - name: copy keepalived.conf
      template:
        src: keepalived.conf
        dest: /etc/keepalived/keepalived.conf
    
    - name: add routing table 'fast'
      lineinfile:
        path: /etc/iproute2/rt_tables
        line: '200 fast'
        create: yes
        state: present
        insertafter: EOF

    - name: copy 17-add-routes.sh
      template:
        src: 17-add-routes.sh
        dest: /etc/NetworkManager/dispatcher.d/17-add-routes.sh
        mode: '0744'

    - name: copy keepalived_notify.sh
      template:
        src: keepalived_notify.sh
        dest: /usr/libexec/keepalived/keepalived_notify.sh
        mode: '0755'
        
    - name: copy keepalived_healthcheck.sh
      template:
        src: keepalived_healthcheck.sh
        dest: /usr/libexec/keepalived/keepalived_healthcheck.sh
        mode: '0755'

    - name: copy keepalived_is_owner.sh
      template:
        src: keepalived_is_owner.sh
        dest: /usr/libexec/keepalived/keepalived_is_owner.sh
        mode: '0755'

    - name: restart keepalived
      systemd:
        name: keepalived
        state: restarted
    
    - debug:
        msg:
          - pssh -p 1 -i -H 'pm1 pm2 pm3' -l metal 'ip -brief a s dev br-mgmt; ip -brief a s dev br-fast'
          - pssh -p 1 -i -H 'pm1 pm2 pm3' -l metal ip r show table fast
      run_once: true
      delegate_to: localhost

  become: yes
  become_user: root