mglantz.eda-ha

This is a role that ensures high availability for an Event Driven Ansible (EDA) server. You need to set up two or more separate EDA servers and place a load balancer in front of them. The load balancer should manage traffic between your EDA servers in an active-passive manner, meaning that Server B will only handle traffic if Server A fails, and so on.

The rulebooks that run on the EDA server trigger playbooks available as job templates in your AAP Controllers. When you create the playbooks that perform certain actions, you include this role as demonstrated in the example. You also use the provided eda_activation boolean to determine task execution in the playbooks. If this boolean is true, it indicates that the EDA server is active; if false, it is passive and no tasks should run. Therefore, actions are only executed when an EDA server is "activated," which refers to the one currently handling traffic.

Failover between active and passive servers happens quickly—around one second—once the load balancer detects an issue. The only difference between EDA Server A and B, as well as their corresponding AAP Controllers, is that tasks are only executed when triggered from the active EDA server. There are no configuration differences on the EDA server side.

After you review the documentation below and look at the role's tasks/main.yml, the following image will make more sense.

See architectural overview on GitHub if broken

To install the role, use:

ansible-galaxy role install mglantz.eda-ha

To utilize this role in your playbooks, create a requirements.yml file in your roles directory. It should contain:

---
- name: mglantz.eda-ha

You can see an example of this here: https://github.com/mglantz/event-driven-ansible-demo/

Requirements

Two or more instances of Red Hat Ansible Automation Platform 2.4 with an EDA controller, or potentially https://github.com/ansible/eda-server (the upstream eda-server hasn’t been tested).
A load balancer, configured for active-passive load balancing for the installed EDA servers.
Create the file: /var/lib/ansible-automation-platform/eda/ui/static/media/detect.json on each EDA server with the following content:

{
   "install_id": "unique_id_that_you_make_up_fqdn_perhaps"
}

The role determines which EDA server is active and which are passive by comparing the install_id found when connecting directly to an EDA server and through the load balancer.

Modified action-taking playbooks, as described in the Example Playbook section below, that use this role.

Role Variables

# Domain name of the load balancer in front of EDA servers.
load_balancer_fqdn: <string|fqdn of load balancer> 

# Domain name of the EDA server. If using AAP, set this in the job_template.
eda_fqdn: <string|fqdn of eda server>

# Whether to validate the HTTPS certificate. Set to true if all EDA servers need valid certs, including the load balancer connection.
validate_eda_tls_cert: <bool|true/false>

Dependencies

Ansible version 2.9 or 2.14.

Example Playbook

Here’s an example of how to use the role. In the action-taking playbooks triggered by EDA events, modify them as follows:

---
# This play should be at the top of your playbooks.
# It’s advisable to set the eda_fqdn variable at the job_template level.
- name: Detect the active EDA server and set eda_activation
  hosts: localhost
  roles:
    - { role: mglantz.eda-ha, load_balancer_fqdn: "loadbalancer.sudo.net", eda_fqdn: "eda.sudo.net" }

- name: Site is up
  hosts: all
  vars:
# The below variable must be included in the play that executes your actual actions
    eda_activation: "{{ hostvars['localhost']['eda_activation'] }}"
  gather_facts: false
  tasks:
    - debug:
        msg: "All is up and well"
# Include the following 'when' statement in tasks you want to control
      when: eda_activation

# Or similarly for a block
    - block:
      - name: Do something else
        ansible.builtin.debug:
          msg: "Imaginary something else"
      - name: Also do this
        ansible.builtin.debug:
          msg: "Also this thing (imaginary)"
      when: eda_activation