From e6a6e327555ff7d36ccd8228ba6ad8895fabb5b8 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Wed, 1 Sep 2021 18:15:22 +0000 Subject: [PATCH] Add relay01 and relay02 hosts --- group_vars/relay.yml | 47 +++++++++++++++++++++++++++++++ host_vars/relay01.home.foo.sh.yml | 17 +++++++++++ host_vars/relay02.home.foo.sh.yml | 17 +++++++++++ hosts | 5 ++++ playbooks/relay.yml | 15 ++++++++++ 5 files changed, 101 insertions(+) create mode 100644 group_vars/relay.yml create mode 100644 host_vars/relay01.home.foo.sh.yml create mode 100644 host_vars/relay02.home.foo.sh.yml create mode 100644 playbooks/relay.yml diff --git a/group_vars/relay.yml b/group_vars/relay.yml new file mode 100644 index 0000000..ebc367f --- /dev/null +++ b/group_vars/relay.yml @@ -0,0 +1,47 @@ +--- +network_dns_servers: + - 172.20.20.10 + - 172.20.21.7 + - 172.20.21.8 +network_dns_search: + - foo.sh +network_default_gateway: 37.16.96.145 + +network_vip_interfaces: + - device: vio0 + vhid: 5 + ipaddr: 172.20.20.5 + netmask: 255.255.252.0 + pass: "{{ vip5_pass }}" + priority: "{{ vip150_priority }}" + - device: vio1 + vhid: 150 + ipaddr: 37.16.96.150 + netmask: 255.255.255.240 + pass: "{{ vip150_pass }}" + priority: "{{ vip150_priority }}" + - device: vio0 + vhid: 6 + ipaddr: 172.20.20.6 + netmask: 255.255.252.0 + pass: "{{ vip6_pass }}" + priority: "{{ vip151_priority }}" + - device: vio1 + vhid: 151 + ipaddr: 37.16.96.151 + netmask: 255.255.255.240 + pass: "{{ vip151_pass }}" + priority: "{{ vip151_priority }}" + - device: vio1 + vhid: 152 + ipaddr: 37.16.96.152 + netmask: 255.255.255.240 + pass: "{{ vip152_pass }}" + priority: "{{ vip152_priority }}" + +firewall_raw: + - pass quick proto carp +firewall_in: + - {proto: tcp, port: 22, from: [172.20.20.0/22]} + - {proto: tcp, port: 636} + - {proto: tcp, port: 6514} diff --git a/host_vars/relay01.home.foo.sh.yml b/host_vars/relay01.home.foo.sh.yml new file mode 100644 index 0000000..0b8489a --- /dev/null +++ b/host_vars/relay01.home.foo.sh.yml @@ -0,0 +1,17 @@ +--- +vmhost: vmhost01.home.foo.sh +network_interfaces: + - device: vio0 + vlan: 20 + mac: 52:54:00:ac:dc:53 + ipaddr: 172.20.21.83 + netmask: 255.255.252.0 + proto: static + - device: vio1 + vlan: 102 + proto: none + +# kludge advskew values for carps +vip150_priority: 120 +vip151_priority: 240 +vip152_priority: 120 diff --git a/host_vars/relay02.home.foo.sh.yml b/host_vars/relay02.home.foo.sh.yml new file mode 100644 index 0000000..e89b59d --- /dev/null +++ b/host_vars/relay02.home.foo.sh.yml @@ -0,0 +1,17 @@ +--- +vmhost: vmhost02.home.foo.sh +network_interfaces: + - device: vio0 + vlan: 20 + mac: 52:54:00:ac:dc:54 + ipaddr: 172.20.21.84 + netmask: 255.255.252.0 + proto: static + - device: vio1 + vlan: 102 + proto: none + +# kludge advskew values for carps +vip150_priority: 240 +vip151_priority: 120 +vip152_priority: 240 diff --git a/hosts b/hosts index cd39c86..55d1067 100644 --- a/hosts +++ b/hosts @@ -57,6 +57,10 @@ print01.home.foo.sh proxy01.home.foo.sh proxy02.home.foo.sh +[relay] +relay01.home.foo.sh +relay02.home.foo.sh + [shell] shell01.foo.sh shell02.foo.sh @@ -105,3 +109,4 @@ fsolgw log ns proxy +relay diff --git a/playbooks/relay.yml b/playbooks/relay.yml new file mode 100644 index 0000000..99af8ab --- /dev/null +++ b/playbooks/relay.yml @@ -0,0 +1,15 @@ +--- +- import_playbook: "include/deploy-kvm-guest.yml myhosts=relay" + +- name: configure instance + hosts: relay + user: root + gather_facts: true + + vars_files: + - "{{ ansible_private }}/vars.yml" + + roles: + - base + - ifstated + - relayd