Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

communishift: Add keepalived iptables rules, and fix interface name in config

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2019-05-11 20:35:20 +00:00
parent 504053f36f
commit f7debffa6c
2 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
inventory/group_vars/os-proxies
View file

@ -14,4 +14,10 @@ tcp_ports: [
22623, 22623,
# 9941 is closed generally, is for the inbound fedmsg and is covered in # 9941 is closed generally, is for the inbound fedmsg and is covered in
# custom_rules # custom_rules
] ]
custom_rules: [
# Needed for keepalived
'-A INPUT -d 224.0.0.0/8 -j ACCEPT',
'-A INPUT -p vrrp -j ACCEPT',
]

2
roles/keepalived/templates/keepalived.conf.j2
View file

@ -31,7 +31,7 @@ vrrp_instance VI_1 {
} }
{% if keepalived2_ipaddress %} {% if keepalived2_ipaddress %}
vrrp_instance VI_1 { vrrp_instance VI_2 {
# initial state # initial state
state MASTER state MASTER
interface {{ keepalived2_interface }} interface {{ keepalived2_interface }}