emilienm.routed_lb

Panoramica Versioni Approfondimenti

Ansible Role Routed Load Balancer

ansible-lint

This role sets up a powerful Load Balancer that can manage routed Virtual IPs (VIPs) using BGP with FRR and distributes traffic using HAproxy.

Overview

Imagine you have a web service that is accessible through one or more VIPs (though having VIPs is optional). You want these VIPs to be routed in your network using the BGP protocol.

What This Role Does:

  • If you include BGP neighbors in the configuration, it will install FRR and connect to those BGP neighbors. If VIPs are already created on the node, they will be part of your network routing.
  • It will set up HAproxy to balance and check the health of your service.
  • If VIPs are specified in the config, they will only be created if there is at least one healthy backend service. If FRR is running, they will also be routed via BGP.
  • If no healthy backend is found, the VIPs will be removed and will not be routed via BGP.
  • If strict_vips is set to true in the load balancer's configuration, all services using that VIP must be healthy, or the VIP will not be created. The default setting is false.

If you are using multiple Load Balancers, your web traffic will be:

  • Routed using BGP if FRR is installed
  • Load-balanced for high availability at the VIP level through BGP if FRR is installed
  • Load-balanced across healthy backends thanks to HAproxy

Requirements

Currently, this role is tested on CentOS 9 Stream.

Installation

Run the following commands:

ansible-galaxy install emilienm.routed_lb
ansible-galaxy collection install ansible.posix ansible.utils

Role Variables

You only need to set the configs variable as a dictionary:

configs:
  lb1:
    haproxy_stats: true # Enable HAproxy stats at http://lb-ip:8404/stats
    bgp_asn: <BGP ASN>
    bgp_neighbors: # Optional; if not set, FRR will not be installed
      - ip: <BGP Router IP>
        password: <BGP password>
    strict_vips: true
    services:
      - name: <Service name (e.g. api)>
        vips:
          - <VIPs for accessing this service>
        min_backends: <Minimum number of healthy backends required for VIPs>
        healthcheck: <Command to check HAproxy backend health>
        balance: <Load balancing algorithm>
        frontend_port: <HAproxy port for service>
        haproxy_monitor_port: <HAproxy monitoring port for service>
        backend_opts: <HAproxy options for each backend>
        backend_port: <HAproxy port for backends>
        backend_hosts:
          - name: <Backend hostname>
            ip: <Backend IP>

For a complete example, check tests/vars.yml.

Dependencies

  • ansible.posix

Example Playbook

Create a file called playbook.yml:

---
- hosts: lb1
  vars:
    config: lb1
  tasks:
    - name: Include vars for testing
      ansible.builtin.include_vars: vars.yml
    - name: Run the role
      include_role:
        name: emilienm.routed_lb

Also, create a file named inventory for Ansible inventory:

all:
  hosts:
    lb1:
      ansible_host: 192.168.10.2 # IP address of your Load Balancer
      ansible_user: cloud-user
      ansible_become: true

To run your setup, execute:

ansible-playbook playbook.yml -i inventory

Your Load Balancers should now be set up and operational!

License

Apache-2.0

Informazioni sul progetto

Ansible role to deploy a Load-Balancer capable of managing VIPs routed with BGP

role bgp frr haproxy
Installa
ansible-galaxy install emilienm.routed_lb
GitHub repository
1 stelle
0 fork
0 problemi aperti
Licenza
Unknown
Download
553
Proprietario
Emilien Macchi
Software Engineer working on @kubernetes and @openstack at Red Hat.