change keepalived to a template and deploy as split tpl files

2026-01-30 12:12:47 -07:00 · 2026-01-30 12:12:47 -07:00 · b1cff6c560
commit b1cff6c560
parent 7364193204
6 changed files with 76 additions and 49 deletions
--- a/lxc1/keepalived/check_komodo.sh
+++ b/lxc1/keepalived/check_komodo.sh
@ -1,2 +0,0 @@
-#!/bin/sh
-curl -f http://localhost:9120/ > /dev/null 2>&1
--- a/lxc1/keepalived/check_services.sh
+++ b/lxc1/keepalived/check_services.sh
@ -0,0 +1,41 @@
+#!/bin/bash
+
+# Arguments passed from Keepalived: 
+# $1 = Primary Service Name (e.g., "gitea")
+# $2 = Dependency Name (e.g., "postgres") - Optional
+
+SERVICE_LIST="$1"
+DEPENDENCY="$2"
+
+# Function to check container status
+check_container() {
+    local container_name=$1
+    if [ -z "$container_name" ]; then return 0; fi
+
+    # Check if container is running
+    # We use --filter to ensure we only get a match for the exact name
+    STATUS=$(docker inspect -f '{{.State.Running}}' "$container_name" 2>/dev/null)
+
+    if [ "$STATUS" == "true" ]; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+# 1. Check Primary Service
+if ! check_container "$SERVICE_LIST"; then
+    echo "CRITICAL: Service $SERVICE_LIST is down."
+    exit 1
+fi
+
+# 2. Check Dependency (if provided)
+if [ -n "$DEPENDENCY" ]; then
+    if ! check_container "$DEPENDENCY"; then
+        echo "CRITICAL: Dependency $DEPENDENCY is down."
+        exit 1
+    fi
+fi
+
+# 3. Everything is healthy
+exit 0
--- a/lxc1/keepalived/keepalived.conf.tpl
+++ b/lxc1/keepalived/keepalived.conf.tpl
@ -1,39 +0,0 @@
-global_defs {
-    router_id 50
-    script_user root
-    enable_script_security
-}
-
-vrrp_script chk_traefik {
-    # CONTAINER PATH (Inside the mount)
-    script "/usr/bin/curl -f http://localhost:8080/"
-    interval 2
-    weight -5
-    fall 2
-    rise 1
-}
-
-vrrp_instance VI_1 {
-    state {{STATE}}
-    interface eth0
-    virtual_router_id 50
-    priority {{PRIORITY}}
-    advert_int 1
-    
-    unicast_peer {
-        {{PEER}}
-    }
-
-    authentication {
-        auth_type PASS
-        auth_pass {{PASSWORD}}
-    }
-
-    virtual_ipaddress {
-        {{VIP}}
-    }
-
-    track_script {
-        chk_traefik
-    }
-}
--- a/lxc1/keepalived/keepalived.yml
+++ b/lxc1/keepalived/keepalived.yml
@ -10,13 +10,6 @@ services:
      - NET_RAW
    
    volumes:
-      # 1. Mount the Check Script Folder
      - /docker/keepalived/checks:/checks
-      # 2. Mount the Config File (The Nuclear Option)
      - /docker/keepalived/config:/usr/local/etc/keepalived
-    
-    #environment:
-      # We still need this to tell the container where to look
-      #- KEEPALIVED_CONFIG=/config/keepalived.conf
-      # We can remove all the other KEEPALIVED_* variables now!
-      # (They are handled inside the file)
+      - /var/run/docker.sock:/var/run/docker.sock:ro
--- a/lxc1/keepalived/keepalived_header.tpl
+++ b/lxc1/keepalived/keepalived_header.tpl
@ -0,0 +1,5 @@
+global_defs {
+    router_id {{LXC_NUM}}{{SLOT_NUM}}
+    script_user root
+    enable_script_security
+}
--- a/lxc1/keepalived/keepalived_split.tpl
+++ b/lxc1/keepalived/keepalived_split.tpl
@ -0,0 +1,29 @@
+# --- SERVICE SLOT {{SLOT_NUM}} ---
+vrrp_script chk_svc_{{SLOT_NUM}} {
+    script "/checks/check_services.sh {{SVC_NAME}} {{SVC_DEP}}"
+    interval 2
+    weight -60
+}
+
+vrrp_instance VI_LXC{{LXC_NUM}}_S{{SLOT_NUM}} {
+    state {{STATE}}
+    interface eth0
+    virtual_router_id {{LXC_NUM}}{{SLOT_NUM}}
+    priority {{PRIORITY}}
+    unicast_peer { 
+        {{PEER}} 
+    }
+
+    authentication {
+        auth_type PASS
+        auth_pass {{AUTH_PASS}}
+    }
+
+    virtual_ipaddress { 
+        {{SVC_VIP}}/24 
+    }
+    
+    track_script { 
+        chk_svc_{{SLOT_NUM}} 
+    }
+}