Add keepalived

Change-Id: Ib5cfe5a4dc3a16fbb82d650d077d0c6645643039

chef/cookbooks/keepalived/CHANGELOG.md

@@ -0,0 +1,31 @@
+keepalived Cookbook CHANGELOG
+=============================
+This file is used to list changes made in each version of the keepalived cookbook.
+
+
+v1.2.0 (2014-02-25)
+-------------------
+- [COOK-4299] Avoid setting attributes without precedence
+
+
+v1.1.0
+------
+### New Feature
+- **[COOK-3017](https://tickets.opscode.com/browse/COOK-3017)** - Add support for `vrrp_sync_groups`
+
+v1.0.4
+------
+### Improvement
+- [COOK-2919]: Status option not available
+
+v1.0.2
+------
+- [COOK-1965] - fixes template subscribes and readme typos
+
+v1.0.0
+------
+- [COOK-1656] - Make keepalived configurable. Add some tests.
+
+v0.7.1
+------
+- Current public release.

chef/cookbooks/keepalived/README.md

@@ -0,0 +1,174 @@
+keepalived Cookbook
+===================
+Installs keepalived and generates the configuration file.
+
+
+Usage
+-----
+### Configuration settings
+
+* `node[:keepalived][:shared_address] = true`  # If keepalived is using a shared address
+
+### Global settings
+
+* `node['keepalived']['global']['notification_emails'] = 'admin@example.com'`             # notification emails
+* `node['keepalived']['global']['notification_email_from'] = "keepalived@#{node.domain}"` # from address
+* `node['keepalived']['global']['smtp_server'] = '127.0.0.1'`                             # smtp server address
+* `node['keepalived']['global']['smtp_connect_timeout'] = 30`                             # smtp connection timeout
+* `node['keepalived']['global']['router_id'] = 'DEFAULT_ROUT_ID'`                         # router ID
+* `node['keepalived']['global']['router_ids'] = {}`                                       # mapped router ID (see example below)
+
+The `router_ids` allow for defining different IDs based on node name within a single role. This allows for a role structured like so:
+
+```ruby
+override_attributes(
+  :keepalived => {
+    :global => {
+      :router_ids => {
+        'node1' => 'MASTER_NODE',
+        'node2' => 'BACKUP_NODE'
+      }
+    }
+  }
+)
+```
+### Check Scripts
+
+* `node[:keepalived][:check_scripts] = {}`    # define available check scripts
+
+Multiple check scripts can be defined. The key will provide the name of the check script within the configuration file. The value should be a hash with the keys: `script`, `interval` and `weight` defined. For example, a simple HAProxy check script:
+
+```ruby
+node[:keepalived][:check_scripts][:chk_haproxy] = {
+  :script => 'killall -0 haproxy',
+  :interval => 2,
+  :weight => 2
+}
+```
+
+### Instance defaults
+
+These are fallback values instance blocks can default to if non have been explicitly defined:
+
+* `node[:keepalived][:instance_defaults][:state] = 'MASTER'`                            # default state
+* `node[:keepalived][:instance_defaults][:priority] = 100`                              # default priority
+* `node[:keepalived][:instance_defaults][:virtual_router_id] = 'DEFAULT_VIRT_ROUT_ID'`  # default virtual router ID
+
+
+Instances
+---------
+* `node[:keepalived][:instances] = {}`
+
+Multiple instances can be defined. The key will be used to define the instance name. The value will be a hash used to describe the instance. Attributes used within the instance hash:
+
+* `:ip_addresses => '127.0.0.1'`  # IP address(es) used by this instance
+* `:interface => 'eth0'`          # Network interface used
+* `:states => {}`                 # Node name mapped states
+* `:virtual_router_ids => {}`     # Node name mapped virtual router IDs
+* `:priorities => {}`             # Node name mapped priorities
+* `:track_script => 'check_name'` # Name of check script in use for instance
+* `:nopreempt => false`           # Do not preempt
+* `:advert_int => 1`              # Set advert_int
+* `:auth_type => nil`             # Enable authentication (:pass or :ah)
+* `:auth_pass => 'secret'`        # Password used for authentication
+* `:unicast_peer => {}`           # IP address(es) for unicast (only for 1.2.8 and greater)
+
+### Vrrp Sync Groups
+
+Sync groups can be created using a hash with the group name as the key. Individual sync group hashes accept arrays of instances and options for each group as shown below:
+
+```ruby
+node[:keepalived][:sync_groups] = {
+  :vg_1 => {
+    :instances => [
+      'vi_1'
+    ],
+    :options => [
+      'global_tracking'
+    ]
+  }
+}
+```
+
+### Full role based example
+
+```ruby
+override_attributes(
+  :keepalived => {
+    :shared_address => true,
+    :check_scripts => {
+      :chk_haproxy => {
+        :script => 'killall -0 haproxy',
+        :interval => 2,
+        :weight => 2
+      }
+    },
+    :instances => {
+      :vi_1 => {
+        :ip_addresses => '192.168.0.2',
+        :interface => 'eth0',
+        :state => 'MASTER',
+        :states => {
+          'master.domain' => :master,
+          'backup.domain' => :backup
+        },
+        :virtual_router_ids => {
+          'master.domain' => 'SERVICE_MASTER',
+          'backup.domain' => 'SERVICE_BACKUP'
+        },
+        :priorities => {
+          'master.domain' => 101,
+          'backup.domain' => 100
+        },
+        :track_script => 'chk_haproxy',
+        :nopreempt => false,
+        :advert_int => 1,
+        :auth_type => :pass,
+        :auth_pass => 'secret'
+      }
+    }
+  }
+)
+```
+
+### Recipe based example:
+
+```ruby
+include_recipe 'keepalived'
+
+node[:keepalived][:check_scripts][:chk_init] = {
+  :script => 'killall -0 init',
+  :interval => 2,
+  :weight => 2
+}
+node[:keepalived][:instances][:vi_1] = {
+  :ip_addresses => '10.0.2.254',
+  :interface => 'eth0',
+  :track_script => 'chk_init',
+  :nopreempt => false,
+  :advert_int => 1,
+  :auth_type => nil, # :pass or :ah
+  :auth_pass => 'secret'
+}
+```
+
+
+License & Authors
+-----------------
+- Author:: Joshua Timberman (<joshua@opscode.com>)
+
+```text
+Copyright:: 2009, Opscode, Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+```

chef/cookbooks/keepalived/attributes/default.rb

@@ -0,0 +1,38 @@
+default['keepalived']['shared_address'] = false
+default['keepalived']['global']['notification_emails'] = 'admin@example.com'
+default['keepalived']['global']['notification_email_from'] = "keepalived@#{node['domain'] || 'example.com'}"
+default['keepalived']['global']['smtp_server'] = '127.0.0.1'
+default['keepalived']['global']['smtp_connect_timeout'] = 30
+default['keepalived']['global']['router_id'] = 'DEFAULT_ROUT_ID'
+default['keepalived']['global']['router_ids'] = {
+                        "centos-10-145-88-152" => "lsb01",
+                        "centos-10-145-88-153" => "lsb02"
+                  }   # node name based mapping
+default['keepalived']['check_scripts'] = {
+                    "haproxy" => {
+                      "script" => "killall -0 haproxy",
+                      "interval" => "2",
+                      "weight" => "2"
+                    }
+                  }
+default['keepalived']['instance_defaults']['state'] = 'MASTER'
+default['keepalived']['instance_defaults']['priority'] = 100
+default['keepalived']['instance_defaults']['virtual_router_id'] = 10
+default['keepalived']['instances'] = {
+                    "openstack" => {
+                      "virtual_router_id" => "50",
+                      "advert_int" => "1",
+                      "priorities" => {
+                        "centos-10-145-88-152" => "110",
+                        "centos-10-145-88-153" => "101"
+                      },
+                      "states" => {
+                        "centos-10-145-88-152" => "BACKUP",
+                        "centos-10-145-88-153" => "MASTER"
+                      },
+                      "interface" => "eth0",
+                      "ip_addresses" => ["192.168.220.40 dev eth0"],
+                      "track_script" => "haproxy"
+                    }
+                  }
+default['keepalived']['sync_groups'] = nil

chef/cookbooks/keepalived/metadata.rb

@@ -0,0 +1,10 @@
+name              "keepalived"
+maintainer        "Opscode, Inc."
+maintainer_email  "cookbooks@opscode.com"
+license           "Apache 2.0"
+description       "Installs and configures keepalived"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version           "1.2.0"
+supports          "ubuntu"
+
+recipe "keepalived", "Installs and configures keepalived"

chef/cookbooks/keepalived/recipes/default.rb

@@ -0,0 +1,45 @@
+#
+# Cookbook Name:: keepalived
+# Recipe:: default
+#
+# Copyright 2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package "keepalived"
+
+if node['keepalived']['shared_address']
+  file '/etc/sysctl.d/60-ip-nonlocal-bind.conf' do
+    mode 0644
+    content "net.ipv4.ip_nonlocal_bind=1\n"
+  end
+
+  service 'procps' do
+    action :start
+  end
+end
+
+template "keepalived.conf" do
+  path "/etc/keepalived/keepalived.conf"
+  source "keepalived.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+service "keepalived" do
+  supports :restart => true
+  action [:enable, :start]
+  subscribes :restart, "template[keepalived.conf]"
+end

chef/cookbooks/keepalived/templates/default/keepalived.conf.erb

@@ -0,0 +1,79 @@
+! Configuration File for keepalived
+! Generated by Chef.
+global_defs {
+  notification_email {
+    <% Array(node['keepalived']['global']['notification_emails']).each do |email| %>
+    <%= email %>
+    <% end %>
+  }
+  notification_email_from <%= node['keepalived']['global']['notification_email_from'] %>
+  smtp_server <%= node['keepalived']['global']['smtp_server'] %>
+  smtp_connect_timeout <%= node['keepalived']['global']['smtp_connect_timeout'] %>
+  router_id <%= node['keepalived']['global']['router_ids'][node.name] || node['keepalived']['global']['router_id'] %>
+}
+
+<% unless node['keepalived']['sync_groups'].nil? -%>
+  <% node['keepalived']['sync_groups'].each do |group, values| -%>
+vrrp_sync_group <%= group.upcase %> {
+  group {
+    <% values['instances'].each do |instance| -%>
+    <%= instance.upcase %>
+    <% end -%>
+  }
+    <% values['options'].each do |option| -%>
+  <%= option %>
+    <% end -%>
+}
+  <% end -%>
+<% end -%>
+
+<% node['keepalived']['check_scripts'].each_pair do |name, script| %>
+vrrp_script <%= name %> {
+  script "<%= script['script'] %>"
+  interval <%= script['interval'] %>
+  weight <%= script['weight'] %>
+}
+<% end %>
+
+<% node['keepalived']['instances'].each_pair do |name, instance| -%>
+<%
+  states = instance['states'] || {}
+  priorities = instance['priorities'] || {}
+  virtual_router_ids = instance['virtual_router_ids'] || {}
+-%>
+vrrp_instance <%= name.upcase %> {
+  interface <%= instance['interface'] %>
+  virtual_router_id <%= virtual_router_ids[node.name] || node['keepalived']['instance_defaults']['virtual_router_id'] %>
+  <% if instance['nopreempt'] -%>
+  nopreempt
+  <% end -%>
+  state <%= states[node.name] || node['keepalived']['instance_defaults']['state'] %>
+  priority <%= priorities[node.name] || node['keepalived']['instance_defaults']['priority'] %>
+  <% if instance['advert_int'] -%>
+  advert_int <%= instance['advert_int'] %>
+  <% end -%>
+  <% if instance['unicast_peer'] && !instance['unicast_peer'].empty? -%>
+  unicast_peer {
+    <% Array(instance['unicast_peer']).each do |address| %>
+    <%= address %>
+    <% end %>
+  }
+  <% end -%>
+  <% if instance['auth_type'] -%>
+  authentication {
+    auth_type <%= instance['auth_type'].to_s.upcase %>
+    auth_pass <%= instance['auth_pass'] %>
+  }
+  <% end -%>
+  virtual_ipaddress {
+    <% Array(instance['ip_addresses']).each do |address| %>
+    <%= address %>
+    <% end %>
+  }
+  <% if instance['track_script'] %>
+  track_script {
+    <%= instance['track_script'] %>
+  }
+  <% end %>
+}
+<% end -%>

chef/databags/openstack/openstack.json

@@ -108,6 +108,23 @@
         "os-controller": ["dashboard_http","dashboard_https","keystone_admin", "keystone_public_internal","nova_ec2_api","nova_compute_api","cinder_api","neutron_api"],
         "os-image": ["glance_api","glance_registry_cluster"]
       }
+    },
+    "keepalived": {
+      "router_ids": {
+        "node1.name_in_chef_server": "lsb01",
+        "node2.name_in_chef_server": "lsb02"
+      },
+      "instance_name": {
+        "vip": "10.145.88.231",
+        "priorities": {
+          "node1.name_in_chef_server": 110,
+          "node2.name_in_chef_server": 101
+        },
+        "states": {
+          "centos-10-145-88-152": "BACKUP",
+          "centos-10-145-88-153": "MASTER"
+        }
+      }
     }
   },
   "dashboard_roles" : [ "os-controller", "os-dashboard" ],