Migrate to Hetzner cloud

roles/keepalived-hcloud/files/check_nginx.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+curl 127.0.0.1/healthz -fsS

roles/keepalived-hcloud/files/hcloud_failover.py

@@ -0,0 +1,60 @@
+#!/usr/bin/env python3
+# (c) 2018 Maximilian Siegl
+
+import sys
+import json
+import os
+import requests
+from multiprocessing import Process
+
+CONFIG_PATH = os.path.join(os.path.abspath(
+    os.path.dirname(__file__)), "config.json")
+
+
+def del_ip(ip_bin_path, floating_ip, interface):
+    os.system(ip_bin_path + " addr del " + floating_ip + " dev " + interface)
+
+
+def add_ip(ip_bin_path, floating_ip, interface):
+    os.system(ip_bin_path + " addr add " + floating_ip + " dev " + interface)
+
+
+def change_request(endstate, url, header, payload, ip_bin_path, floating_ip, interface):
+    if endstate == "BACKUP":
+        del_ip(ip_bin_path, floating_ip, interface)
+    elif endstate == "FAULT":
+        del_ip(ip_bin_path, floating_ip, interface)
+    elif endstate == "MASTER":
+        add_ip(ip_bin_path, floating_ip, interface)
+        print("Post request to: " + url)
+        print("Header: " + str(header))
+        print("Data: " + str(payload))
+        r = requests.post(url, data=payload, headers=header)
+        print("Response:")
+        print(r.status_code, r.reason)
+        print(r.text)
+    else:
+        print("Error: Endstate not defined!")
+
+
+def main(arg_type, arg_name, arg_endstate):
+    with open(CONFIG_PATH, "r") as config_file:
+        config = json.load(config_file)
+
+    header = {
+        "Content-Type": "application/json",
+        "Authorization": "Bearer " + config["api-token"]
+    }
+
+    payload = '''{"server": ''' + str(config["server-id"]) + "}"
+
+    print("Perform action for transition to " + arg_endstate + " state")
+
+    for ips in config["ips"]:
+        url = config["url"].format(ips["floating-ip-id"])
+        Process(target=change_request, args=(arg_endstate, url, header, payload,
+                                             config["ip_bin_path"], ips["floating-ip"], config["interface"])).start()
+
+
+if __name__ == "__main__":
+    main(arg_type=sys.argv[1], arg_name=sys.argv[2], arg_endstate=sys.argv[3])

roles/keepalived-hcloud/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: restart keepalived
+  systemd:
+    name: keepalived
+    state: restarted

roles/keepalived-hcloud/tasks/main.yml

@@ -0,0 +1,34 @@
+- name: Install keepalived
+  package:
+    name: keepalived
+    state: present
+
+- name: Keepalived config
+  template:
+    src: keepalived.conf.j2
+    dest: /etc/keepalived/keepalived.conf
+  notify: restart keepalived
+
+- name: Copy nginx healtcheck script
+  copy:
+    src: check_nginx.sh
+    dest: /etc/keepalived/check_nginx.sh
+    mode: 0700
+
+- name: Copy hcloud failover script
+  copy:
+    src: hcloud_failover.py
+    dest: /etc/keepalived/hcloud_failover.py
+    mode: 0700
+
+- name: Copy hcloud failover script config
+  template:
+    src: config.json.j2
+    dest: /etc/keepalived/config.json
+    mode: 0700
+
+- name: Start and enable keepalived
+  systemd:
+    name: keepalived
+    enabled: yes
+    state: started

roles/keepalived-hcloud/templates/config.json.j2

@@ -0,0 +1,13 @@
+{
+    "url": "https://api.hetzner.cloud/v1/floating_ips/{}/actions/assign",
+    "api-token": "{{ hcloud_token_vip }}",
+    "ips": [
+        {
+            "floating-ip-id": "{{ floating_ip_id }}",
+            "floating-ip": "{{ floating_ip }}"
+        }
+    ],
+    "server-id": {{ hostvars[inventory_hostname]['id'] }},
+    "interface": "eth0",
+    "ip_bin_path": "/bin/ip"
+}

roles/keepalived-hcloud/templates/keepalived.conf.j2

@@ -0,0 +1,41 @@
+vrrp_script check_nginx {
+    script /etc/keepalived/check_nginx.sh
+    interval 3
+    fall 5
+    rise 1
+}
+
+vrrp_instance VI_1 {
+{% if inventory_hostname == groups['kube-node'][0] %}
+	state MASTER
+{% else %}
+    state BACKUP
+{% endif %}
+    priority 100
+    interface eth0
+    virtual_router_id 50
+
+    unicast_src_ip {{ hostvars[inventory_hostname]['ipv4'] }}
+    unicast_peer {
+{% for host in (groups['kube-node']) %}
+{% if host != inventory_hostname %}
+		{{ hostvars[host]['ipv4'] }}
+{% endif %}
+{% endfor %}
+    }
+
+    authentication {
+        auth_type PASS
+        auth_pass "{{ keepalived_shared_secret }}"
+    }
+
+    virtual_ipaddress {
+        {{ floating_ip }}
+    }
+
+    track_script {
+        chk_haproxy
+    }
+
+    notify /etc/keepalived/hcloud_failover.py
+}