Add ns02.home.foo.sh host

group_vars/ns.yml

@@ -0,0 +1,19 @@
+---
+firewall_in:
+  - {proto: tcp, port: 22, from: [172.20.20.0/22]}
+  - {proto: tcp, port: 53}
+  - {proto: udp, port: 53}
+#  - {proto: tcp, port: 853}
+
+ifstated_config: ifstated-ns.conf
+network_carp_interfaces:
+  - device: vio1
+    vhid: 157
+    ipaddr: 37.16.96.157
+    netmask: 255.255.255.240
+    pass: "{{ carp157_pass }}"
+
+nsd_server: ns1.foo.sh
+nsd_zones:
+  - foo.sh
+  - 144/28.96.16.37.in-addr.arpa

host_vars/ns02.home.foo.sh.yml

@@ -0,0 +1,11 @@
+---
+vmhost: vmhost02.home.foo.sh
+network_interfaces:
+  - device: vio0
+    vlan: 20
+    mac: 52:54:00:ac:dc:30
+  - device: vio1
+    vlan: 102
+    proto: none
+
+nsd_master: true

hosts

@@ -20,6 +20,9 @@ ldap02.home.foo.sh
 [log]
 log01.home.foo.sh
 
+[ns]
+ns02.home.foo.sh
+
 [proxy]
 proxy01.home.foo.sh
 proxy02.home.foo.sh
@@ -40,4 +43,5 @@ collab
 [openbsd:children]
 gw
 log
+ns
 proxy

playbooks/ns.yml

@@ -0,0 +1,15 @@
+---
+- import_playbook: "include/vm-create.yml myhosts=ns"
+
+- name: configure instance
+  hosts: ns
+  user: root
+  gather_facts: true
+
+  vars_files:
+    - "{{ ansible_private }}/vars.yml"
+
+  roles:
+    - base
+    - ifstated
+    - nsd

roles/ifstated/files/ifstated-ns.conf

@@ -0,0 +1,32 @@
+
+init-state auto
+
+if_carp_up="carp157.link.up"
+if_carp_down="carp157.link.down"
+
+state auto {
+    if $if_carp_up {
+        set-state master
+    }
+    if $if_carp_down {
+        set-state backup
+    }
+}
+
+state master {
+    init {
+        run "route delete default && route add default 37.16.96.145"
+    }
+    if $if_carp_down {
+        set-state backup
+    }
+}
+
+state backup {
+    init {
+        run "route delete default && route add default 172.20.20.1"
+    }
+    if $if_carp_up {
+        set-state master
+    }
+}