#!/usr/bin/env bash # Phase 3: Set up Keepalived set -euo pipefail # Load IP configuration SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" if [ -f "$PROJECT_ROOT/.env" ]; then set +euo pipefail source "$PROJECT_ROOT/.env" 2>/dev/null || true set -euo pipefail fi PRIMARY_HOST="${PRIMARY_HOST:-192.168.11.11}" SECONDARY_HOST="${SECONDARY_HOST:-192.168.11.12}" KEEPALIVED_AUTH_PASS="${KEEPALIVED_AUTH_PASS:-npmplus_ha_$(date +%s)}" # Colors GREEN='\033[0;32m' BLUE='\033[0;34m' YELLOW='\033[1;33m' NC='\033[0m' log_info() { echo -e "${BLUE}[INFO]${NC} $1"; } log_success() { echo -e "${GREEN}[✓]${NC} $1"; } log_warn() { echo -e "${YELLOW}[⚠]${NC} $1"; } log_info "Setting up Keepalived..." # Install Keepalived on both hosts for host in "$PRIMARY_HOST" "$SECONDARY_HOST"; do log_info "Installing Keepalived on $host..." if ssh -o StrictHostKeyChecking=no root@"$host" "command -v keepalived >/dev/null 2>&1"; then log_info "Keepalived already installed on $host" else ssh -o StrictHostKeyChecking=no root@"$host" "apt update && apt install -y keepalived" || { log_warn "Failed to install Keepalived on $host" continue } log_success "Keepalived installed on $host" fi done # Deploy scripts and configs log_info "Deploying Keepalived configuration..." KEEPALIVED_DIR="$SCRIPT_DIR/keepalived" if [ ! -f "$KEEPALIVED_DIR/check-npmplus-health.sh" ]; then log_warn "check-npmplus-health.sh not found, deploying configs only" fi { # Deploy health check and notify scripts for host in "$PRIMARY_HOST" "$SECONDARY_HOST"; do [ -f "$KEEPALIVED_DIR/check-npmplus-health.sh" ] && \ scp -o StrictHostKeyChecking=no \ "$KEEPALIVED_DIR/check-npmplus-health.sh" \ root@"$host:/usr/local/bin/check-npmplus-health.sh" 2>/dev/null || true scp -o StrictHostKeyChecking=no \ "$KEEPALIVED_DIR/keepalived-notify.sh" \ root@"$host:/usr/local/bin/keepalived-notify.sh" 2>/dev/null || true ssh -o StrictHostKeyChecking=no root@"$host" \ "chmod +x /usr/local/bin/check-npmplus-health.sh /usr/local/bin/keepalived-notify.sh" 2>/dev/null || true done # Deploy configs with auth password scp -o StrictHostKeyChecking=no \ "$SCRIPT_DIR/keepalived/keepalived-primary.conf" \ root@"$PRIMARY_HOST:/tmp/keepalived.conf" 2>/dev/null || true scp -o StrictHostKeyChecking=no \ "$SCRIPT_DIR/keepalived/keepalived-secondary.conf" \ root@"$SECONDARY_HOST:/tmp/keepalived.conf" 2>/dev/null || true # Update auth_pass in configs for host in "$PRIMARY_HOST" "$SECONDARY_HOST"; do ssh -o StrictHostKeyChecking=no root@"$host" \ "sed -i 's/auth_pass.*/auth_pass $KEEPALIVED_AUTH_PASS/' /tmp/keepalived.conf && \ mv /tmp/keepalived.conf /etc/keepalived/keepalived.conf" 2>/dev/null || true done } # Start and enable Keepalived for host in "$PRIMARY_HOST" "$SECONDARY_HOST"; do log_info "Starting Keepalived on $host..." ssh -o StrictHostKeyChecking=no root@"$host" \ "systemctl enable keepalived && systemctl restart keepalived" 2>/dev/null || { log_warn "Failed to start Keepalived on $host" } done sleep 5 # Verify Keepalived is running for host in "$PRIMARY_HOST" "$SECONDARY_HOST"; do if ssh -o StrictHostKeyChecking=no root@"$host" "systemctl is-active keepalived" 2>/dev/null | grep -q "active"; then log_success "Keepalived running on $host" else log_warn "Keepalived not active on $host" fi done # Check VIP ownership VIP="${VIP:-${IP_NPMPLUS_ETH0:-192.168.11.166}}" if ssh -o StrictHostKeyChecking=no root@"$PRIMARY_HOST" "ip addr show vmbr0 2>/dev/null | grep -q $VIP"; then log_success "VIP $VIP is on primary host (expected)" elif ssh -o StrictHostKeyChecking=no root@"$SECONDARY_HOST" "ip addr show vmbr0 2>/dev/null | grep -q $VIP"; then log_warn "VIP $VIP is on secondary host (unexpected, but OK)" else log_warn "VIP $VIP not found on either host" fi log_success "Phase 3 complete: Keepalived configured" log_warn "Note: Verify Keepalived auth_pass matches on both hosts"