From 6832e0aad10aa33ecfadee6656dfc93733293d5a Mon Sep 17 00:00:00 2001
From: Pavel Glushchak <pglushchak@virtuozzo.com>
Date: Mon, 18 Dec 2017 18:17:51 +0300
Subject: [PATCH] keepalived: ability to use unicast instead of multicast

In some data centers multicast traffic is prohibited. Additionally
VRRP id needs to be unique within broadcast domain when keepalived
operates in multicast mode, otherwise it fails to start.

However keepalived can be configured to use unicast traffic [1].
In unicast mode VRRP id doesn't make sense, but needs to be
the same among peers.

[1] http://manpages.ubuntu.com/manpages/zesty/man5/keepalived.conf.5.html

Change-Id: I692ecbb0aa750baf20c013b53b57f88b474b63cc
Signed-off-by: Pavel Glushchak <pglushchak@virtuozzo.com>
---
 ansible/roles/haproxy/defaults/main.yml           |  3 +++
 .../roles/haproxy/templates/keepalived.conf.j2    | 15 ++++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/ansible/roles/haproxy/defaults/main.yml b/ansible/roles/haproxy/defaults/main.yml
index ab75993a8e..c2e6e61400 100644
--- a/ansible/roles/haproxy/defaults/main.yml
+++ b/ansible/roles/haproxy/defaults/main.yml
@@ -44,3 +44,6 @@ haproxy_glance_api_server_timeout: "6h"
 
 syslog_server: "{{ api_interface_address }}"
 syslog_haproxy_facility: "local1"
+
+# Traffic mode. Valid options are [ multicast, unicast ]
+keepalived_traffic_mode: "multicast"
diff --git a/ansible/roles/haproxy/templates/keepalived.conf.j2 b/ansible/roles/haproxy/templates/keepalived.conf.j2
index 8307a2f503..0fd81bf8e1 100644
--- a/ansible/roles/haproxy/templates/keepalived.conf.j2
+++ b/ansible/roles/haproxy/templates/keepalived.conf.j2
@@ -12,8 +12,21 @@ vrrp_instance kolla_internal_vip_{{ keepalived_virtual_router_id }} {
     virtual_router_id {{ keepalived_virtual_router_id }}
     priority {{ groups['haproxy'].index(inventory_hostname) + 1 }}
     advert_int 1
+{% if keepalived_traffic_mode == 'unicast' %}
+    unicast_src_ip {{ api_interface_address }}
+{% if groups['haproxy'] | length > 1 %}
+    unicast_peer {
+{% for host in groups['haproxy'] %}
+{% set ip_addr = hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] %}
+{% if ip_addr != api_interface_address %}
+        {{ ip_addr }}
+{% endif %}
+{% endfor %}
+    }
+{% endif %}
+{% endif %}
     virtual_ipaddress {
-        {{ kolla_internal_vip_address }} dev {{  api_interface }}
+        {{ kolla_internal_vip_address }} dev {{ api_interface }}
 {% if haproxy_enable_external_vip | bool %}
         {{ kolla_external_vip_address }} dev {{ kolla_external_vip_interface }}
 {% endif %}