hetzner_failover
Ansible Role: Hetzner failover using a vSwitch and keepalived
An Ansible Role that was inspired by an article about hetzner failover by @dtone. It aims to deploy a highly available setup of 2 servers sharing a single IP by utilizing hetzner vSwitch and keepalived. The role should be used together with the nl2go vSwitch role for setting up the vSwitch. It needs an extra IP subnet with public IP adresses to be ordered for the configured vSwitch. The role does NOT utilize the failover IP service provided by hetzner.
Prerequisites
- Existing Hetzner Online GmbH Account.
- Configured Hetzner Robot Webservice Account.
Configuration
The following configuration fragments show the setup of a vSwitch named failover with the vlan id 4023 using private adresses from the 192.168.100.0/24 subnet and the IP 154.222.4.34 from the additional IP subnet 154.222.4.32/29 as failover IP. The additional subnet has to be ordered manually after the vSwitch is created by the vSwitch role.
vSwitch configuration
vSwitch configuration according to the vSwitch role:
hetzner_vswitch_instances:
- name: failover
vlan: 4023
ipv4_address: 192.168.200.0
ipv4_netmask: 255.255.255.0
keepalived configuration
hetzner_failover_keepalived_public_virtual_router_id: 42
hetzner_failover_keepalived_public_ipaddress: 154.222.4.34 # single IP from the additional IP subnet used as failover IP
hetzner_failover_keepalived_public_network_prefix: 29 # netmask prefix of the additional IP subnet
hetzner_failover_keepalived_public_default_gateway: 154.222.4.33 # gateway IP of the additional IP subnet
hetzner_failover_keepalived_vswich_id: 4023 # should match the vlan id configured in hetzner_vswitch_instances
hosts configuration
all:
hosts:
keepalived-test-1:
ansible_host: 123.124.125.1 # main IP of host 1
hetzner_vswitch_host:
- name: failover
ipv4_address: 192.168.200.1 # vSwitch IP of host 1
hetzner_failover_keepalived_state: MASTER
hetzner_failover_keepalived_vswitch_ip: 192.168.200.1 # IP of the host in the vSwitch VLAN has to be repeated here
hetzner_failover_keepalived_peer_ip: 192.168.200.2 # vSwitch IP of the host keepalived should peer with
keepalived-test-2:
ansible_host: 123.124.125.2 # main IP of host 2
hetzner_vswitch_host:
- name: failover
ipv4_address: 192.168.200.2 # vSwitch IP of host 2
hetzner_failover_keepalived_state: BACKUP
hetzner_failover_keepalived_vswitch_ip: 192.168.200.2 # IP of the host in the vSwitch VLAN has to be repeated here
hetzner_failover_keepalived_peer_ip: 192.168.200.1 # vSwitch IP of the host keepalived should peer with
Notify Script
Custom notify script may be utilized to perform additional actions after the failover.
hetzner_failover_keepalived_notify_script: /usr/local/bin/keepalived_notify.sh
To run custom notify script specify the script path within the hetzner_failover_keepalived_notify_script variable.
hetzner_failover_keepalived_notify_script_master:
- service foo reload
To perform additional actions on the instance switching to the master state without overriding the whole notify script use
hetzner_failover_keepalived_notify_script_master variable.
hetzner_failover_keepalived_notify_script_backup:
- service foo reload
To perform additional actions on the instance switching to the backup state without overriding the whole notify script use
hetzner_failover_keepalived_notify_script_backup variable.
Dependencies
Example Playbook
- hosts: all
roles:
- nl2go.hetzner_vswitch
- nl2go.hetzner_failover
Development
Use docker-molecule following the instructions to run Molecule or install Molecule locally (not recommended, version conflicts might appear).
Provide Hetzner Cloud token:
export HCLOUD_TOKEN=123abc456efg
Use following to run tests:
molecule test --all
Maintainers
License
See the LICENSE.md file for details.
Author Information
This role was created by in 2020 by Newsletter2Go GmbH.
Setup automatic IP failover using hetzner vSwitch and keepalived
ansible-galaxy install nl2go/ansible-role-hetzner-failover