blob: 6585fc60b4b28221573d4a5bc21f76a343d53fd0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
# Autogenerated by VyOS
# Do not edit this file, all your changes will be lost
# on next commit or reboot
global_defs {
dynamic_interfaces
script_user root
notify_fifo /run/keepalived/keepalived_notify_fifo
notify_fifo_script /usr/libexec/vyos/system/keepalived-fifo.py
}
{% if group is defined and group is not none %}
{% for name, group_config in group.items() if group_config.disable is not defined %}
{% if group_config.health_check is defined and group_config.health_check.script is defined and group_config.health_check.script is not none %}
vrrp_script healthcheck_{{ name }} {
script "{{ group_config.health_check.script }}"
interval {{ group_config.health_check.interval }}
fall {{ group_config.health_check.failure_count }}
rise 1
}
{% endif %}
vrrp_instance {{ name }} {
{% if group_config.description is defined and group_config.description is not none %}
# {{ group_config.description }}
{% endif %}
state BACKUP
interface {{ group_config.interface }}
virtual_router_id {{ group_config.vrid }}
priority {{ group_config.priority }}
advert_int {{ group_config.advertise_interval }}
{% if group_config.no_preempt is not defined and group_config.preempt_delay is defined and group_config.preempt_delay is not none %}
preempt_delay {{ group_config.preempt_delay }}
{% elif group_config.no_preempt is defined %}
nopreempt
{% endif %}
{% if group_config.peer_address is defined and group_config.peer_address is not none %}
unicast_peer { {{ group_config.peer_address }} }
{% endif %}
{% if group_config.hello_source_address is defined and group_config.hello_source_address is not none %}
{% if group_config.peer_address is defined and group_config.peer_address is not none %}
unicast_src_ip {{ group_config.hello_source_address }}
{% else %}
mcast_src_ip {{ group_config.hello_source_address }}
{% endif %}
{% endif %}
{% if group_config.rfc3768_compatibility is defined and group_config.peer_address is defined %}
use_vmac {{ group_config.interface }}v{{ group_config.vrid }}
vmac_xmit_base
{% elif group_config.rfc3768_compatibility is defined %}
use_vmac {{ group_config.interface }}v{{ group_config.vrid }}
{% endif %}
{% if group_config.authentication is defined and group_config.authentication is not none %}
authentication {
auth_pass "{{ group_config.authentication.password }}"
{% if group_config.authentication.type == 'plaintext-password' %}
auth_type PASS
{% else %}
auth_type {{ group_config.authentication.type | upper }}
{% endif %}
}
{% endif %}
{% if group_config.address is defined and group_config.address is not none %}
virtual_ipaddress {
{% for addr in group_config.address %}
{{ addr }}
{% endfor %}
}
{% endif %}
{% if group_config.excluded_address is defined and group_config.excluded_address is not none %}
virtual_ipaddress_excluded {
{% for addr in group_config.excluded_address %}
{{ addr }}
{% endfor %}
}
{% endif %}
{% if group_config.health_check is defined and group_config.health_check.script is defined and group_config.health_check.script is not none %}
track_script {
healthcheck_{{ name }}
}
{% endif %}
}
{% endfor %}
{% endif %}
{% if sync_group is defined and sync_group is not none %}
{% for name, sync_group_config in sync_group.items() if sync_group_config.disable is not defined %}
vrrp_sync_group {{ name }} {
group {
{% if sync_group_config.member is defined and sync_group_config.member is not none %}
{% for member in sync_group_config.member %}
{{ member }}
{% endfor %}
{% endif %}
}
{# Health-check scripts should be in section sync-group if member is part of the sync-group T4081 #}
{% for name, group_config in group.items() if group_config.disable is not defined %}
{% if group_config.health_check is defined and group_config.health_check.script is defined and group_config.health_check.script is not none and name in sync_group_config.member %}
track_script {
healthcheck_{{ name }}
}
{% endif %}
{% endfor %}
{% if conntrack_sync_group is defined and conntrack_sync_group == name %}
{% set vyos_helper = "/usr/libexec/vyos/vyos-vrrp-conntracksync.sh" %}
notify_master "{{ vyos_helper }} master {{ name }}"
notify_backup "{{ vyos_helper }} backup {{ name }}"
notify_fault "{{ vyos_helper }} fault {{ name }}"
{% endif %}
}
{% endfor %}
{% endif %}
|