summaryrefslogtreecommitdiff
path: root/data/templates/vrrp/keepalived.conf.tmpl
blob: 6b0f8e58e95242a07a1f6197bf8135bda61984fa (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# Autogenerated by VyOS
# Do not edit this file, all your changes will be lost
# on next commit or reboot

global_defs {
    dynamic_interfaces
    script_user root
    # Don't run scripts configured to be run as root if any part of the path
    # is writable by a non-root user.
    enable_script_security
    notify_fifo /run/keepalived/keepalived_notify_fifo
    notify_fifo_script /usr/libexec/vyos/system/keepalived-fifo.py
}

{% for group in groups %}
{%   if group.health_check_script is defined and group.health_check_script is not none %}
vrrp_script healthcheck_{{ group.name }} {
    script "{{ group.health_check_script }}"
    interval {{ group.health_check_interval }}
    fall {{ group.health_check_count }}
    rise 1
}
{%   endif %}

vrrp_instance {{ group.name }} {
    {{ '# ' ~ group.description if group.description is defined }}
    state BACKUP
    interface {{ group.interface }}
    virtual_router_id {{ group.vrid }}
    priority {{ group.priority }}
    advert_int {{ group.advertise_interval }}
{%   if group.preempt is defined and group.preempt is not none %}
    preempt_delay {{ group.preempt_delay }}
{%   else %}
    nopreempt
{%   endif %}
{%   if group.peer_address is defined and group.peer_address is not none %}
    unicast_peer { {{ group.peer_address }} }
{%   endif %}
{%   if group.hello_source is defined and group.hello_source is not none %}
{%     if group.peer_address is defined and group.peer_address is not none %}
    unicast_src_ip {{ group.hello_source }}
{%     else %}
    mcast_src_ip {{ group.hello_source }}
{%     endif %}
{%   endif %}
{%   if group.use_vmac is defined and group.peer_address is defined %}
    use_vmac {{ group.interface }}v{{ group.vrid }}
    vmac_xmit_base
{%   elif group.use_vmac is defined %}
    use_vmac {{ group.interface }}v{{ group.vrid }}
{%   endif %}
{%   if group.auth_password is defined and group.auth_password is not none %}
    authentication {
        auth_pass "{{ group.auth_password }}"
        auth_type {{ group.auth_type }}
    }
{%   endif %}
{%   if group.virtual_addresses is defined and group.virtual_addresses is not none %}
    virtual_ipaddress {
{%     for addr in group.virtual_addresses %}
        {{ addr }}
{%     endfor %}
    }
{%   endif %}
{%   if group.virtual_addresses_excluded is defined and group.virtual_addresses_excluded is not none %}
    virtual_ipaddress_excluded {
{%     for addr in group.virtual_addresses_excluded %}
        {{ addr }}
{%     endfor %}
    }
{%   endif %}
{%   if group.health_check_script is defined and group.health_check_script is not none %}
    track_script {
        healthcheck_{{ group.name }}
    }
{%   endif %}
}
{% endfor %}

{% if sync_groups is defined and sync_groups is not none %}
{%   for sync_group in sync_groups %}
vrrp_sync_group {{ sync_group.name }} {
    group {
{%     for member in sync_group.members %}
        {{ member }}
{%     endfor %}
    }
{%     if sync_group.conntrack_sync %}
            notify_master "/opt/vyatta/sbin/vyatta-vrrp-conntracksync.sh master {{ sync_group.name }}"
            notify_backup "/opt/vyatta/sbin/vyatta-vrrp-conntracksync.sh backup {{ sync_group.name }}"
            notify_fault "/opt/vyatta/sbin/vyatta-vrrp-conntracksync.sh fault {{ sync_group.name }}"
{%     endif %}
}
{%   endfor %}
{% endif %}