From 80e8fe02ad05c1bea6a444b56dcd5fcd157082ea Mon Sep 17 00:00:00 2001 From: James Denton Date: Tue, 13 Sep 2022 14:39:31 -0500 Subject: [PATCH] Switch keepalived vrrp version from 2 to 3 This patch updates the keepalived vrrp_version from 2 to 3 and removes vrrp authentication. Change-Id: Ia1b906de69be7bf623460a88758deed3ce8e22c3 --- etc/openstack_deploy/user_secrets.yml | 1 - inventory/group_vars/haproxy/keepalived.yml | 3 +-- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/etc/openstack_deploy/user_secrets.yml b/etc/openstack_deploy/user_secrets.yml index 7366f5a353..c2b259b194 100644 --- a/etc/openstack_deploy/user_secrets.yml +++ b/etc/openstack_deploy/user_secrets.yml @@ -198,7 +198,6 @@ swift_oslomsg_notify_password: ## haproxy stats password haproxy_stats_password: -haproxy_keepalived_authentication_password: ## Magnum Options magnum_service_password: diff --git a/inventory/group_vars/haproxy/keepalived.yml b/inventory/group_vars/haproxy/keepalived.yml index 64876586b9..c5302bfba8 100644 --- a/inventory/group_vars/haproxy/keepalived.yml +++ b/inventory/group_vars/haproxy/keepalived.yml @@ -23,6 +23,7 @@ keepalived_internal_ping_address: "{{ keepalived_ping_address }}" keepalived_global_defs: - "enable_script_security" - script_user root + - vrrp_version 3 keepalived_scripts: haproxy_check_script: @@ -59,7 +60,6 @@ _keepalived_default_instances: state: "{{ (groups['haproxy'].index(inventory_hostname) == 0) | ternary('MASTER', 'BACKUP') }}" virtual_router_id: "{{ haproxy_keepalived_external_virtual_router_id | default ('10') }}" priority: "{{ (groups['haproxy']|length-groups['haproxy'].index(inventory_hostname))*50 }}" - authentication_password: "{{ haproxy_keepalived_authentication_password }}" vips: - "{{ haproxy_keepalived_external_vip_cidr | default('169.254.1.1/24') }} dev {{ haproxy_keepalived_external_interface | default(management_bridge) }}" track_scripts: "{{ keepalived_scripts | dict2items | json_query('[*].{name: key, instance: value.instance}') | rejectattr('instance', 'equalto', 'internal') | map(attribute='name') | list }}" @@ -68,7 +68,6 @@ _keepalived_default_instances: state: "{{ (groups['haproxy'].index(inventory_hostname) == 0) | ternary('MASTER', 'BACKUP') }}" virtual_router_id: "{{ haproxy_keepalived_internal_virtual_router_id | default ('11') }}" priority: "{{ (groups['haproxy']|length-groups['haproxy'].index(inventory_hostname))*50 }}" - authentication_password: "{{ haproxy_keepalived_authentication_password }}" vips: - "{{ haproxy_keepalived_internal_vip_cidr | default('169.254.2.1/24') }} dev {{ haproxy_keepalived_internal_interface | default(management_bridge) }}" track_scripts: "{{ keepalived_scripts | dict2items | json_query('[*].{name: key, instance: value.instance}') | rejectattr('instance', 'equalto', 'external') | map(attribute='name') | list }}"