forked from saltstack-formulas/keepalived-formula
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pillar.example
185 lines (183 loc) · 5.95 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
#
# Example pillar configuration
#
# Boolean entries must be placed stored as strings, otherwise it will show
# up as 1 or 0 in the config file.
#
# Anything that needs to be in quotes in the configuration file needs to
# be escaped in the yaml file. Otherwise the quotes will not appear in
# the config file.
#
# When order is important, put the entries into a yaml array or list. This
# could be used to place vrrp_script before vrrp_instance entries.
# The following would generate the example file in RedHat based systems.
keepalived:
config:
global_defs:
notification_email:
notification_email_from: [email protected]
smtp_server: 192.168.200.1
smtp_connect_timeout: 30
router_id: LVS_DEVEL
vrrp_sync_group:
EXAMPLE_GROUP:
group:
- VI_IPV4
- VI_IPV6
vrrp_instance:
VI_1:
state: MASTER
interface: eth0
virtual_router_id: 51
priority: 100
advert_int: 1
# switch type parameters must be defined as boolean: true / false
# 1 / 0 values will be treated as numbers
# nopreempt: true
# dont_track_primary: true
authentication:
auth_type: PASS
auth_pass: 1111
virtual_ipaddress:
- 192.168.200.16
- 192.168.200.17
- 192.168.200.18
virtual_server:
# Virtual and real servers include the port as part of the ID.
192.168.200.100 443:
delay_loop: 6
lb_algo: rr
lb_kind: NAT
nat_mask: 255.255.255.0
persistence_timeout: 50
protocol: TCP
real_server:
192.168.201.100 443:
weight: 1
SSL_GET:
# Must be a list because of multiple URL entries.
- url:
path: /
digest: ff20ad2481f97b1754ef3e12ecd3a9cc
- url:
path: /mrtg/
digest: 9b3a0c85a887a256d6939da88aabd8cd
- connect_timeout: 3
- nb_get_retry: 3
- delay_before_retry: 3
10.10.10.2 1358:
delay_loop: 6
lb_algo: rr
lb_kind: NAT
persistence_timeout: 50
protocol: TCP
sorry_server: 192.168.200.200 1358
real_server:
192.168.200.2 1358:
weight: 1
HTTP_GET:
# Must be a list because of multiple URL entries.
- url:
path: /testurl/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- url:
path: /testurl2/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- url:
path: /testurl3/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- connect_timeout: 3
- nb_get_retry: 3
- delay_before_retry: 3
192.168.200.3 1358:
weight: 1
HTTP_GET:
- url:
path: /testurl/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334c
- url:
path: /testurl2/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334c
- connect_timeout: 3
- nb_get_retry: 3
- delay_before_retry: 3
10.10.10.3 1358:
delay_loop: 3
lb_algo: rr
lb_kind: NAT
nat_mask: 255.255.255.0
persistence_timeout: 50
protocol: TCP
real_server:
192.168.200.4 1358:
weight: 1
HTTP_GET:
- url:
path: /testurl/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- url:
path: /testurl2/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- url:
path: /testurl3/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- connect_timeout: 3
- nb_get_retry: 3
- delay_before_retry: 3
192.168.200.5 1358:
weight: 1
HTTP_GET:
- url:
path: /testurl/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- url:
path: /testurl2/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- url:
path: /testurl3/test.jsp
digest: 640205b7b0fc66c1ea91c463fac6334d
- connect_timeout: 3
- nb_get_retry: 3
- delay_before_retry: 3
vrrp_script:
check_apache:
script: '"killall -0 apache"'
interval: 2
weight: 10
# put helper scripts on the minon
# defaut directory where scripts will be saved if full path not specified
scripts_dir: /etc/keepalived
scripts:
# item name, will be used as file name if full path not specified
check_sshd.sh:
# present - create script
# absent - remove file
ensure: present
# user and group for script file, default is root:root
# note: it's required to use existing user and group
user: root
group: root
# file mode, default is 755
mode: '755'
# full path for script, optional
# if not defined "scripts_dir + '/' + script" will be used as file name
dst_file: /etc/keepalived/check_sshd.sh
# 'contents' have more priority than 'template_file',
# if 'contents' present, 'template_file' won't be used,
# but one of them is mandatory
contents: |
#!/usr/bin/env bash
pidof sshd
# source template for script
template_file: check_sshd.sh
# template engine to use for rendering, default is jinja
template_engine: jinja
# dict with arbitrary data that will be passed to template as 'data' variable
context:
foo: bar