Skip to content

Ansible role providing a HA setup using hetzner vSwitch and keepalived

License

Notifications You must be signed in to change notification settings

nl2go/ansible-role-hetzner-failover

Repository files navigation

Build Status Ansible Galaxy GitHub tag (latest by date) Ansible Galaxy Downloads

Ansible Role: Hetzner failover using a vSwitch and keepalived

An Ansible Role that was inspired by an article about hetzner failover by @dtone. It aims to deploy a highly available setup of 2 servers sharing a single IP by utilizing hetzner vSwitch and keepalived. The role should be used together with the nl2go vSwitch role for setting up the vSwitch. It needs an extra IP subnet with public IP adresses to be ordered for the configured vSwitch. The role does NOT utilize the failover IP service provided by hetzner.

Prerequisites

Configuration

The following configuration fragments show the setup of a vSwitch named failover with the vlan id 4023 using private adresses from the 192.168.100.0/24 subnet and the IP 154.222.4.34 from the additional IP subnet 154.222.4.32/29 as failover IP. The additional subnet has to be ordered manually after the vSwitch is created by the vSwitch role.

vSwitch configuration

vSwitch configuration according to the vSwitch role:

hetzner_vswitch_instances:
- name: failover
    vlan: 4023
    ipv4_address: 192.168.200.0
    ipv4_netmask: 255.255.255.0

keepalived configuration

hetzner_failover_keepalived_public_virtual_router_id: 42

hetzner_failover_keepalived_public_ipaddress: 154.222.4.34 # single IP from the additional IP subnet used as failover IP
hetzner_failover_keepalived_public_network_prefix: 29 # netmask prefix of the additional IP subnet
hetzner_failover_keepalived_public_default_gateway: 154.222.4.33 # gateway IP of the additional IP subnet

hetzner_failover_keepalived_vswich_id: 4023 # should match the vlan id configured in hetzner_vswitch_instances

hosts configuration

all:
  hosts:
    keepalived-test-1:
      ansible_host: 123.124.125.1 # main IP of host 1
      hetzner_vswitch_host:
        - name: failover
          ipv4_address: 192.168.200.1 # vSwitch IP of host 1
      hetzner_failover_keepalived_state: MASTER
      hetzner_failover_keepalived_vswitch_ip: 192.168.200.1 # IP of the host in the vSwitch VLAN has to be repeated here
      hetzner_failover_keepalived_peer_ip: 192.168.200.2 # vSwitch IP of the host keepalived should peer with
    keepalived-test-2:
      ansible_host: 123.124.125.2 # main IP of host 2
      hetzner_vswitch_host:
        - name: failover
          ipv4_address: 192.168.200.2 # vSwitch IP of host 2
      hetzner_failover_keepalived_state: BACKUP
      hetzner_failover_keepalived_vswitch_ip: 192.168.200.2 # IP of the host in the vSwitch VLAN has to be repeated here
      hetzner_failover_keepalived_peer_ip: 192.168.200.1 # vSwitch IP of the host keepalived should peer with

Notify Script

Custom notify script may be utilized to perform additional actions after the failover.

hetzner_failover_keepalived_notify_script: /usr/local/bin/keepalived_notify.sh

To run custom notify script specify the script path within the hetzner_failover_keepalived_notify_script variable.

hetzner_failover_keepalived_notify_script_master:
  - service foo reload

To perform additional actions on the instance switching to the master state without overriding the whole notify script use hetzner_failover_keepalived_notify_script_master variable.

hetzner_failover_keepalived_notify_script_backup:
  - service foo reload

To perform additional actions on the instance switching to the backup state without overriding the whole notify script use hetzner_failover_keepalived_notify_script_backup variable.

Dependencies

Example Playbook

- hosts: all
  roles:
    - nl2go.hetzner_vswitch
    - nl2go.hetzner_failover

Development

Use docker-molecule following the instructions to run Molecule or install Molecule locally (not recommended, version conflicts might appear).

Provide Hetzner Cloud token:

export HCLOUD_TOKEN=123abc456efg

Use following to run tests:

molecule test --all

Maintainers

License

See the LICENSE.md file for details.

Author Information

This role was created by in 2020 by Newsletter2Go GmbH.