Failover VMs

base.yml

@@ -1,12 +1,12 @@
 ---
 # Put a common configuration on all servers
-- hosts: all
+- hosts: all,!unifi
   roles:
     - baseconfig
     - basesecurity
 
 # Plug LDAP on all servers
-- hosts: all
+- hosts: all,!unifi
   roles:
     - ldap-client
 

hosts

@@ -32,12 +32,18 @@ marki.adm.auro.re
 
 [fleming_vm]
 ldap-replica-fleming.adm.auro.re
+ldap-replica-fleming-fo.adm.auro.re
 dhcp-fleming.adm.auro.re
+dhcp-fleming-fo.adm.auro.re
 dns-fleming.adm.auro.re
+dns-fleming-fo.adm.auro.re
 prometheus-fleming.adm.auro.re
+prometheus-fleming-fo.adm.auro.re
 radius-fleming.adm.auro.re
+radius-fleming-fo.adm.auro.re
 unifi-fleming.adm.auro.re
 routeur-fleming.adm.auro.re
+routeur-fleming-fo.adm.auro.re
 
 [fleming_unifi]
 fa-0-1.borne.auro.re
@@ -145,12 +151,18 @@ titan.adm.auro.re
 
 [pacaterie_vm]
 ldap-replica-pacaterie.adm.auro.re
+ldap-replica-pacaterie-fo.adm.auro.re
 dhcp-pacaterie.adm.auro.re
+dhcp-pacaterie-fo.adm.auro.re
 dns-pacaterie.adm.auro.re
+dns-pacaterie-fo.adm.auro.re
 prometheus-pacaterie.adm.auro.re
+prometheus-pacaterie-fo.adm.auro.re
 radius-pacaterie.adm.auro.re
+radius-pacaterie-fo.adm.auro.re
 unifi-pacaterie.adm.auro.re
 routeur-pacaterie.adm.auro.re
+routeur-pacaterie-fo.adm.auro.re
 
 [pacaterie_unifi]
 pc-1-1.borne.auro.re
@@ -189,12 +201,18 @@ chapalux.adm.auro.re
 
 [edc_vm]
 ldap-replica-edc.adm.auro.re
+ldap-replica-edc-fo.adm.auro.re
 dhcp-edc.adm.auro.re
+dhcp-edc-fo.adm.auro.re
 dns-edc.adm.auro.re
+dns-edc-fo.adm.auro.re
 prometheus-edc.adm.auro.re
+prometheus-edc-fo.adm.auro.re
 radius-edc.adm.auro.re
+radius-edc-fo.adm.auro.re
 unifi-edc.adm.auro.re
 routeur-edc.adm.auro.re
+routeur-edc-fo.adm.auro.re
 
 [edc_unifi]
 ep-0-1.borne.auro.re
@@ -204,12 +222,18 @@ perceval.adm.auro.re
 
 [georgesand_vm]
 ldap-replica-georgesand.adm.auro.re
+ldap-replica-georgesand-fo.adm.auro.re
 dhcp-georgesand.adm.auro.re
+dhcp-georgesand-fo.adm.auro.re
 dns-georgesand.adm.auro.re
+dns-georgesand-fo.adm.auro.re
 prometheus-georgesand.adm.auro.re
+prometheus-georgesand-fo.adm.auro.re
 radius-georgesand.adm.auro.re
+radius-georgesand-fo.adm.auro.re
 unifi-georgesand.adm.auro.re
 routeur-georgesand.adm.auro.re
+routeur-georgesand-fo.adm.auro.re
 
 [georgesand_unifi]
 ga-0-1.borne.auro.re

monitoring.yml

@@ -1,6 +1,8 @@
 ---
-- hosts: prometheus-fleming.adm.auro.re
+- hosts: prometheus-fleming.adm.auro.re,prometheus-fleming-fo.adm.auro.re
   vars:
+    prometheus_alertmanager: docker-ovh.adm.auro.re:9093
+
     # Prometheus targets.json
     prometheus_targets:
       - targets: |
@@ -9,10 +11,11 @@
       - targets: "{{ groups['fleming_unifi'] | list | sort }}"
   roles:
     - prometheus
-    - prometheus-alertmanager
 
-- hosts: prometheus-pacaterie.adm.auro.re
+- hosts: prometheus-pacaterie.adm.auro.re,prometheus-pacaterie-fo.adm.auro.re
   vars:
+    prometheus_alertmanager: docker-ovh.adm.auro.re:9093
+
     # Prometheus targets.json
     prometheus_targets:
       - targets: |
@@ -21,10 +24,11 @@
       - targets: "{{ groups['pacaterie_unifi'] | list | sort }}"
   roles:
     - prometheus
-    - prometheus-alertmanager
 
-- hosts: prometheus-edc.adm.auro.re
+- hosts: prometheus-edc.adm.auro.re,prometheus-edc-fo.adm.auro.re
   vars:
+    prometheus_alertmanager: docker-ovh.adm.auro.re:9093
+
     # Prometheus targets.json
     prometheus_targets:
       - targets: |
@@ -33,10 +37,11 @@
       - targets: "{{ groups['edc_unifi'] | list | sort }}"
   roles:
     - prometheus
-    - prometheus-alertmanager
 
-- hosts: prometheus-georgesand.adm.auro.re
+- hosts: prometheus-georgesand.adm.auro.re,prometheus-georgesand-fo.adm.auro.re
   vars:
+    prometheus_alertmanager: docker-ovh.adm.auro.re:9093
+
     # Prometheus targets.json
     prometheus_targets:
       - targets: |
@@ -45,7 +50,6 @@
       - targets: "{{ groups['georgesand_unifi'] | list | sort }}"
   roles:
     - prometheus
-    - prometheus-alertmanager
 
 # Monitor all hosts
 - hosts: all,!unifi,!ovh

proxmox.yml

@@ -69,6 +69,43 @@
           disksize: 16  # G
           installiso: debian-10.0.0-amd64-netinst.iso
 
+        - name: ldap-replica-fleming-fo
+          virtu: marki
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: dhcp-fleming-fo
+          virtu: marki
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: dns-fleming-fo
+          virtu: marki
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: prometheus-fleming-fo
+          virtu: marki
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: radius-fleming-fo
+          virtu: marki
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: routeur-fleming-fo
+          virtu: marki
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+
         # Réseau Pacaterie
         - name: ldap-replica-pacaterie
           virtu: mordred
@@ -113,6 +150,43 @@
           disksize: 16  # G
           installiso: debian-10.0.0-amd64-netinst.iso
 
+        - name: ldap-replica-pacaterie-fo
+          virtu: titan
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: dhcp-pacaterie-fo
+          virtu: titan
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: dns-pacaterie-fo
+          virtu: titan
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: prometheus-pacaterie-fo
+          virtu: titan
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: radius-pacaterie-fo
+          virtu: titan
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+        - name: routeur-pacaterie-fo
+          virtu: titan
+          cores: 2  # 2 mimimum, 10 maximum
+          memory: 1024  # M
+          disksize: 16  # G
+          installiso: debian-10.0.0-amd64-netinst.iso
+
         # Réseau EDC
         - name: ldap-replica-edc
           virtu: chapalux

roles/prometheus-alertmanager/handlers/main.yml

@@ -1,5 +0,0 @@
----
-- name: Restart Prometheus Alertmanager
-  service:
-    name: prometheus-alertmanager
-    state: restarted

roles/prometheus-alertmanager/tasks/main.yml

@@ -1,14 +0,0 @@
----
-- name: Install Prometheus Alertmanager
-  apt:
-    update_cache: true
-    name: prometheus-alertmanager
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-
-- name: Configure Prometheus Alertmanager
-  template:
-    src: prometheus/alertmanager.yml.j2
-    dest: /etc/prometheus/alertmanager.yml
-  notify: Restart Prometheus Alertmanager

roles/prometheus-alertmanager/templates/prometheus/alertmanager.yml.j2

@@ -1,62 +0,0 @@
-# {{ ansible_managed }}
-# See https://prometheus.io/docs/alerting/configuration/ for documentation.
-
-global:
-  # The smarthost and SMTP sender used for mail notifications.
-  smtp_smarthost: 'localhost:25'
-  smtp_from: 'alertmanager@example.org'
-  #smtp_auth_username: 'alertmanager'
-  #smtp_auth_password: 'password'
-  # The auth token for Hipchat.
-  hipchat_auth_token: '1234556789'
-  # Alternative host for Hipchat.
-  hipchat_api_url: 'https://hipchat.foobar.org/'
-
-# The directory from which notification templates are read.
-templates: 
-- '/etc/prometheus/alertmanager_templates/*.tmpl'
-
-# The root route on which each incoming alert enters.
-route:
-  # The labels by which incoming alerts are grouped together. For example,
-  # multiple alerts coming in for cluster=A and alertname=LatencyHigh would
-  # be batched into a single group.
-  group_by: ['instance']  # group per instance
-
-  # When a new group of alerts is created by an incoming alert, wait at
-  # least 'group_wait' to send the initial notification.
-  # This way ensures that you get multiple alerts for the same group that start
-  # firing shortly after another are batched together on the first 
-  # notification.
-  group_wait: 30s
-
-  # When the first notification was sent, wait 'group_interval' to send a batch
-  # of new alerts that started firing for that group.
-  group_interval: 5m
-
-  # If an alert has successfully been sent, wait 'repeat_interval' to
-  # resend them.
-  repeat_interval: 12h 
-
-  # A default receiver
-  receiver: webhook
-
-
-# Inhibition rules allow to mute a set of alerts given that another alert is
-# firing.
-# We use this to mute any warning-level notifications if the same alert is 
-# already critical.
-inhibit_rules:
-- source_match:
-    severity: 'critical'
-  target_match:
-    severity: 'warning'
-  # Apply inhibition if the alertname is the same.
-  equal: ['alertname', 'cluster', 'service']
-
-
-receivers:
-- name: 'webhook'
-  webhook_configs:
-  - url: 'http://URL A METTRE ICI VERS WEBHOOK DISCORD TODO/'
-    send_resolved: true

roles/prometheus/templates/prometheus/prometheus.yml.j2

@@ -15,7 +15,7 @@ global:
 alerting:
   alertmanagers:
   - static_configs:
-    - targets: ['localhost:9093']
+    - targets: ['{{ prometheus_alertmanager }}']
 
 # Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
 rule_files: