From a0e614ee10937eb0930d1c5481293a6d2dc8d915 Mon Sep 17 00:00:00 2001
From: Michal Nasiadka <mnasiadka@gmail.com>
Date: Tue, 27 Jun 2023 09:42:31 +0200
Subject: [PATCH] loadbalancer: Add option to not define track script

We've seen issues in CI when keepalived haproxy check script returns
an error and keepalived is switching to backup and then again to primary
on a single node environment.

Closes-Bug: #2025219

Change-Id: Iba62e76b3cf83f3ade6df81288d2d77129ffc725
---
 ansible/roles/loadbalancer/defaults/main.yml             | 4 ++++
 ansible/roles/loadbalancer/tasks/config.yml              | 1 +
 .../loadbalancer/templates/keepalived/keepalived.conf.j2 | 4 ++++
 .../notes/keepalived_track_script-edfebb520f006647.yaml  | 9 +++++++++
 tests/templates/globals-default.j2                       | 4 ++++
 5 files changed, 22 insertions(+)
 create mode 100644 releasenotes/notes/keepalived_track_script-edfebb520f006647.yaml

diff --git a/ansible/roles/loadbalancer/defaults/main.yml b/ansible/roles/loadbalancer/defaults/main.yml
index 7a7a1f5746..188cd7d5e8 100644
--- a/ansible/roles/loadbalancer/defaults/main.yml
+++ b/ansible/roles/loadbalancer/defaults/main.yml
@@ -146,3 +146,7 @@ haproxy_host_ipv4_tcp_retries2: "KOLLA_UNSET"
 haproxy_socket_level_admin: "no"
 
 kolla_externally_managed_cert: False
+
+# Allow to disable keepalived tracking script (e.g. for single node environments
+# where this proves problematic in some cases)
+keepalived_track_script_enabled: True
diff --git a/ansible/roles/loadbalancer/tasks/config.yml b/ansible/roles/loadbalancer/tasks/config.yml
index 2425324208..964ba194e5 100644
--- a/ansible/roles/loadbalancer/tasks/config.yml
+++ b/ansible/roles/loadbalancer/tasks/config.yml
@@ -98,6 +98,7 @@
   become: true
   with_dict: "{{ loadbalancer_services }}"
   when:
+    - keepalived_track_script_enabled | bool
     - inventory_hostname in groups[service.group]
     - inventory_hostname in groups[item.value.group]
     - item.key != 'keepalived'
diff --git a/ansible/roles/loadbalancer/templates/keepalived/keepalived.conf.j2 b/ansible/roles/loadbalancer/templates/keepalived/keepalived.conf.j2
index e6e48370c1..6ef7d6a824 100644
--- a/ansible/roles/loadbalancer/templates/keepalived/keepalived.conf.j2
+++ b/ansible/roles/loadbalancer/templates/keepalived/keepalived.conf.j2
@@ -1,9 +1,11 @@
+{% if keepalived_track_script_enabled | bool %}
 vrrp_script check_alive {
     script "/check_alive.sh"
     interval 2
     fall 2
     rise 10
 }
+{% endif %}
 
 vrrp_instance kolla_internal_vip_{{ keepalived_virtual_router_id }} {
     state BACKUP
@@ -40,7 +42,9 @@ vrrp_instance kolla_internal_vip_{{ keepalived_virtual_router_id }} {
         auth_type PASS
         auth_pass {{ keepalived_password }}
     }
+{% if keepalived_track_script_enabled | bool %}
     track_script {
         check_alive
     }
+{% endif %}
 }
diff --git a/releasenotes/notes/keepalived_track_script-edfebb520f006647.yaml b/releasenotes/notes/keepalived_track_script-edfebb520f006647.yaml
new file mode 100644
index 0000000000..0fab882957
--- /dev/null
+++ b/releasenotes/notes/keepalived_track_script-edfebb520f006647.yaml
@@ -0,0 +1,9 @@
+---
+fixes:
+  - |
+    Fixes an issue where keepalived track script fails on single controller
+    environment and keepalived VIP goes into BACKUP state.
+    ``keepalived_track_script_enabled`` variable has been introduced (default:
+    true), which can be used to disable track scripts in keepalived
+    configuration.
+    `LP#2025219 <https://launchpad.net/bugs/2025219>`__
diff --git a/tests/templates/globals-default.j2 b/tests/templates/globals-default.j2
index 58456a4a9e..17a02be608 100644
--- a/tests/templates/globals-default.j2
+++ b/tests/templates/globals-default.j2
@@ -202,3 +202,7 @@ enable_opensearch: "yes"
 enable_keystone: "yes"
 enable_venus: "yes"
 {% endif %}
+
+{% if groups['all'] | length == 1 %}
+keepalived_track_script_enabled: "no"
+{% endif %}