diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index ded40fd..09404d2 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -1,40 +1,44 @@ ---- -name: Docker +name: keepalived on: push: - branches: master - paths: - - 'docker/**' env: - IMAGE_NAME: swarm-keepalived - -defaults: - run: - working-directory: docker + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} jobs: - test: - runs-on: [ ubuntu-latest ] - steps: - - uses: actions/checkout@v3 - - name: Build Test - run: docker build -f Dockerfile . + build: + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write - push: - needs: [ test ] - name: Publish to Docker Hub - runs-on: [ ubuntu-latest ] steps: - - uses: actions/checkout@v3 - - name: Build image - run: | - docker build -f Dockerfile -t ${{ secrets.DOCKERHUB_USER }}/${IMAGE_NAME}:${GITHUB_SHA::5} . - docker tag ${{ secrets.DOCKERHUB_USER }}/${IMAGE_NAME}:${GITHUB_SHA::5} ${{ secrets.DOCKERHUB_USER }}/${IMAGE_NAME}:latest - - name: Login to Docker Hub - run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u ${{ secrets.DOCKERHUB_USER }} --password-stdin - - name: Push Image to Docker Hub - run: | - docker push ${{ secrets.DOCKERHUB_USER }}/${IMAGE_NAME}:${GITHUB_SHA::5} - docker push ${{ secrets.DOCKERHUB_USER }}/${IMAGE_NAME}:latest + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: docker + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/README.md b/README.md index 9fc571d..96ee5af 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,11 @@ [![Docker](https://github.com/RootShell-coder/swarm-keepalived/actions/workflows/docker-publish.yml/badge.svg)](https://github.com/RootShell-coder/swarm-keepalived/actions/workflows/docker-publish.yml) -[Keepalived for Linux - Version 2.2.8 - Release Notes - May 31, 2023](https://www.keepalived.org/software/keepalived-2.2.8.tar.gz) +Update VERSION 2.3.1 -## keepalived v 2.2.8 configure flags +[Keepalived for Linux ](https://www.keepalived.org/download.html) + +## keepalived configure flags * disable-dynamic-linking * prefix=/usr @@ -41,7 +43,7 @@ docker run -d --restart=always \ -e KEEPALIVED_VIRTUAL_IPADDRESS="192.168.100.254, 192.168.10.254" \ -e KEEPALIVED_PRIORITY="200" \ -e KEEPALIVED_INTERFACE="eth0" \ - rootshellcoder/swarm-keepalived:latest + ghcr.io/rootshell-coder/swarm-keepalived:latest ``` docker master log (codespace) @@ -92,7 +94,7 @@ docker run -d --restart=always \ -e KEEPALIVED_VIRTUAL_IPADDRESS="192.168.100.254, 192.168.10.254" \ -e KEEPALIVED_PRIORITY="100" \ -e KEEPALIVED_INTERFACE="eth0" \ - rootshellcoder/swarm-keepalived:latest + ghcr.io/rootshell-coder/swarm-keepalived:latest ``` ### backup 1 @@ -109,7 +111,7 @@ docker run -d --restart=always \ -e KEEPALIVED_VIRTUAL_IPADDRESS="192.168.100.254" \ -e KEEPALIVED_PRIORITY="50" \ -e KEEPALIVED_INTERFACE="enp3s0" \ - rootshellcoder/swarm-keepalived:latest + ghcr.io/rootshell-coder/swarm-keepalived:latest ``` ## Variables diff --git a/docker/Dockerfile b/docker/Dockerfile index 75aa1b5..87b2134 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:latest AS build - +ENV VERSION=2.3.1 WORKDIR /tmp -ADD https://keepalived.org/software/keepalived-2.2.8.tar.gz . +ADD https://keepalived.org/software/keepalived-$VERSION.tar.gz . RUN set eux; \ addgroup -S keepalived_script; \ @@ -32,8 +32,8 @@ RUN set eux; \ pcre2-dev \ autoconf \ automake; \ - tar xvzf keepalived-2.2.8.tar.gz; \ - cd /tmp/keepalived-2.2.8/; \ + tar xvzf keepalived-$VERSION.tar.gz; \ + cd /tmp/keepalived-$VERSION/; \ ./autogen.sh; \ ./configure \ --disable-dynamic-linking \ @@ -58,7 +58,7 @@ RUN set eux; \ make install; \ strip /usr/sbin/keepalived; \ cd -; \ - rm -rf /tmp/keepalived-2.2.8; \ + rm -rf /tmp/keepalived-$VERSION; \ apk --no-cache del \ binutils \ file-dev \ @@ -104,3 +104,4 @@ USER keepalived VOLUME /etc/keepalived/ ENTRYPOINT ["entrypoint"] CMD ["sudo", "/usr/sbin/keepalived", "--dont-fork", "--log-console", "--use-file", "/etc/keepalived/keepalived.conf"] + diff --git a/docker/entrypoint b/docker/entrypoint index 1ec7cfe..3d8f8e2 100644 --- a/docker/entrypoint +++ b/docker/entrypoint @@ -17,6 +17,7 @@ sed -i "s!{{KEEPALIVED_INTERFACE}}!${KEEPALIVED_INTERFACE}!g" ${KEEPALIVED_CONF} sed -i "s!{{KEEPALIVED_VIRTUAL_ROUTER_ID}}!${KEEPALIVED_VIRTUAL_ROUTER_ID}!g" ${KEEPALIVED_CONF} sed -i "s!{{KEEPALIVED_PRIORITY}}!${KEEPALIVED_PRIORITY}!g" ${KEEPALIVED_CONF} sed -i "s!{{KEEPALIVED_UNICAST_SRC_IP}}!${KEEPALIVED_UNICAST_SRC_IP}!g" ${KEEPALIVED_CONF} +sed -i "s!{{DST_NETWORK}}!${DST_NETWORK}!g" ${KEEPALIVED_CONF} UNICAST_PEER=$(echo $KEEPALIVED_UNICAST_PEER | sed "s/\s//g" | sed "s/,/ /g") for up in ${UNICAST_PEER[@]}; do @@ -34,4 +35,10 @@ done sed -i "s!{{KEEPALIVED_AUTH_PASS}}!${KEEPALIVED_AUTH_PASS}!g" ${KEEPALIVED_CONF} +# VIRTUAL ROUTES (add default gateway) +if [[ -n "${DEFAULT_GATEWAY}" ]]; then + sed -i 's/^#VR//' ${KEEPALIVED_CONF} + sed -i "s!{{DEFAULT_GATEWAY}}!${DEFAULT_GATEWAY}!g" ${KEEPALIVED_CONF} +fi + exec "$@" diff --git a/docker/keepalived.conf b/docker/keepalived.conf index c1ca00e..2ab3f10 100644 --- a/docker/keepalived.conf +++ b/docker/keepalived.conf @@ -1,9 +1,9 @@ global_defs { default_interface {{KEEPALIVED_INTERFACE}} } + vrrp_instance VI_1 { interface {{KEEPALIVED_INTERFACE}} - state BACKUP virtual_router_id {{KEEPALIVED_VIRTUAL_ROUTER_ID}} priority {{KEEPALIVED_PRIORITY}} nopreempt @@ -12,10 +12,15 @@ vrrp_instance VI_1 { {{KEEPALIVED_UNICAST_PEER}} } virtual_ipaddress { - {{KEEPALIVED_VIRTUAL_IPADDRESS}} dev agge label agge:0 + {{KEEPALIVED_VIRTUAL_IPADDRESS}} dev {{KEEPALIVED_INTERFACE}} label {{KEEPALIVED_INTERFACE}}:0 } authentication { auth_type PASS auth_pass {{KEEPALIVED_AUTH_PASS}} } + +#VR virtual_routes { +#VR 0.0.0.0/0 via {{DEFAULT_GATEWAY}} dev {{KEEPALIVED_INTERFACE}} onlink +#VR } + } diff --git a/example/docker-compose.yml b/example/docker-compose.yml index 5ea651d..54385b9 100644 --- a/example/docker-compose.yml +++ b/example/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.9' services: master: - image: rootshellcoder/swarm-keepalived:latest + image: ghcr.io/rootshell-coder/swarm-keepalived:latest environment: KEEPALIVED_UNICAST_SRC_IP: "172.16.5.4" KEEPALIVED_UNICAST_PEER: "172.16.5.5, 172.16.5.6" diff --git a/example/docker-compose.yml_route_default.md b/example/docker-compose.yml_route_default.md new file mode 100644 index 0000000..cb426c8 --- /dev/null +++ b/example/docker-compose.yml_route_default.md @@ -0,0 +1,89 @@ +# Default route + +Default Gateway is a device on the network (usually a router) that serves as an output point for data packets addressed to other networks. It is used when a computer or other network device cannot find a more specific route for data transmission. In this case, the devices send data via the default gateway. + +Enable default gateway + +If you transfer the `DEFAULT_GATEWAY` variable to docker-compose.yml this will add a default route to the routing table + +```json +virtual_routes { + 0.0.0.0/0 via {{DEFAULT_GATEWAY}} dev {{KEEPALIVED_INTERFACE}} onlink +} +``` + +Interface enp3s0 + +```bash +ip a s enp3s0 +2: enp3s0: mtu 1500 qdisc fq_codel state UP group default qlen 1000 + link/ether 52:54:00:13:5a:a2 brd ff:ff:ff:ff:ff:ff + inet 192.168.10.2/24 brd 192.168.10.255 scope global enp3s0 + valid_lft forever preferred_lft forever + inet 108.177.16.24/27 scope global enp3s0:0 + valid_lft forever preferred_lft forever + inet6 fe80::5054:ff:fe13:5aa2/64 scope link + valid_lft forever preferred_lft forever +``` + +route + +```bash +routel +Dst Gateway Prefsrc Protocol Scope Dev Table +default 108.177.16.1 keepalived enp3s0 +108.177.16.0/27 108.177.16.24 kernel link enp3s0 +192.168.10.0/24 192.168.10.2 kernel link enp3s0 +108.177.16.24 108.177.16.24 kernel host enp3s0 local +108.177.16.31 108.177.16.24 kernel link enp3s0 local +127.0.0.0/8 127.0.0.1 kernel host lo local +127.0.0.1 127.0.0.1 kernel host lo local +127.255.255.255 127.0.0.1 kernel link lo local +192.168.10.2 192.168.10.2 kernel host enp3s0 local +192.168.10.255 192.168.10.2 kernel link enp3s0 local +``` + +docker-compose.yml + +```yml +--- +services: + master: + image: ghcr.io/rootshell-coder/swarm-keepalived:latest + environment: + DAFAULT_GATEWAY: "108.177.16.1" + KEEPALIVED_UNICAST_SRC_IP: "192.168.10.2" + KEEPALIVED_UNICAST_PEER: "192.168.10.3" + KEEPALIVED_VIRTUAL_IPADDRESS: "108.177.16.24/27" + KEEPALIVED_PRIORITY: "200" + KEEPALIVED_INTERFACE: "enp3s0" + network_mode: host + restart: always + cap_add: + - NET_ADMIN + - NET_BROADCAST + - NET_RAW +``` + + +```asci + .-~~~-. + .- ~ ~-( )_ _ + / ~ -. + | ', + \ .' + ~- ._ ,. ,.,.,.,., .-~ + | + ---------------- + | 108.177.16.1 | + ---------------- + master / gateway \ slave + enp3s0 / \ eth0 + ---------------------- ----------------------- + | vrrp 108.177.16.24 | | vrrp ---.---.---.--- | + | IP 192.168.10.2 | | IP 192.168.10.3 | + ---------------------- ------------------------ + docker | | docker + ----------unicast---------- + +``` diff --git a/example/keepalived-service.yml b/example/keepalived-service.yml index 61aeba0..29e0f5c 100644 --- a/example/keepalived-service.yml +++ b/example/keepalived-service.yml @@ -8,7 +8,7 @@ networks: services: master: - image: rootshellcoder/swarm-keepalived:latest + image: ghcr.io/rootshell-coder/swarm-keepalived:latest environment: KEEPALIVED_UNICAST_SRC_IP: "172.16.5.4" KEEPALIVED_UNICAST_PEER: "172.16.5.5, 172.16.5.6" @@ -27,7 +27,7 @@ services: - node.role == manager - node.labels.keepalived_master == true backup0: - image: rootshellcoder/swarm-keepalived:latest + image: ghcr.io/rootshell-coder/swarm-keepalived:latest environment: KEEPALIVED_UNICAST_SRC_IP: "172.16.5.5" KEEPALIVED_UNICAST_PEER: "172.16.5.4, 172.16.5.6" @@ -46,7 +46,7 @@ services: - node.role == manager - node.labels.keepalived_backup0 == true backup1: - image: rootshellcoder/swarm-keepalived:latest + image: ghcr.io/rootshell-coder/swarm-keepalived:latest environment: KEEPALIVED_UNICAST_SRC_IP: "172.16.5.6" KEEPALIVED_UNICAST_PEER: "172.16.5.4, 172.16.5.5"