diff --git a/keepalived/README.md b/keepalived/README.md
new file mode 100644
index 0000000..dff4afa
--- /dev/null
+++ b/keepalived/README.md
@@ -0,0 +1,202 @@
+# Ansible Role: Keepalived
+
+安装Keepalived
+
+## 介绍
+Keepalived是一个用C编写的路由软件。该项目的主要目标是为Linux系统和基于Linux的基础架构提供简单而强大的负载平衡和高可用性设施。负载平衡框架依赖于众所周知且广泛使用的Linux虚拟服务器(IPVS)内核模块,提供Layer4负载均衡。 Keepalived实现了一组检查程序,以根据其健康状况动态地和自适应地维护和管理负载平衡的服务器池。另一方面,VRRP协议实现了高可用性。 VRRP是路由器故障转移的基础。此外,Keepalived为VRRP有限状态机实现了一组挂钩,提供低级和高速协议交互。为了提供最快的网络故障检测,Keepalived实现了BFD协议。 VRRP状态转换可以考虑BFD提示来驱动快速状态转换。 Keepalived框架可以单独使用,也可以一起使用,以提供灵活的基础架构。
+
+官方网站:
+官方文档地址:
+
+## 要求
+
+此角色仅在RHEL及其衍生产品上运行。
+
+## 测试环境
+
+ansible `2.7.10`
+os `Centos 7.4 X64`
+
+## 角色变量
+ keepalived_conf: "/etc/keepalived/keepalived.conf"
+
+ keepalived_vrrp_instance:
+ - name: V1_1
+ state: "MASTER"
+ interface: "eth0"
+ virtual_router_id: "26"
+ priority: "100"
+ auth_pass: "261232"
+ keepalived_vip: "192.168.77.140"
+ extra: |
+ ! vrrp_instance extra conf
+
+ keepalived_virtual_server:
+ # - virtual_server: "192.168.200.100 80"
+ # delay_loop: 6
+ # lb_algo: wrr
+ # lb_kind: NAT
+ # persistence_timeout: 50
+ # protocol: TCP
+ # real_server:
+ # - server: "192.168.201.100 80"
+ # weight: 1
+ # tcp_check:
+ # connect_timeout: 10
+ # nb_get_retry: 3
+ # delay_before_retry: 3
+ # connect_port: 80
+ # extra: |
+ # ! real_server extra conf
+ # extra: |
+ # ! virtual_server extra conf
+
+ keepalived_conf_extra: ""
+
+## 依赖
+
+epel
+
+## github地址
+https://github.com/kuailemy123/Ansible-roles/tree/master/keepalived
+
+## Example Playbook
+ 单主
+ - hosts: node1
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "MASTER"
+ vip: "192.168.77.140"
+ roles:
+ - { role: keepalived }
+
+ - hosts: node2
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "BACKUP"
+ vip: "192.168.77.140"
+ roles:
+ - { role: keepalived}
+
+ 单主单播
+ - hosts: node1
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "MASTER"
+ vip: "192.168.77.140"
+ unicast_peer: "192.168.77.131"
+ roles:
+ - { role: keepalived }
+
+ - hosts: node2
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "BACKUP"
+ vip: "192.168.77.140"
+ unicast_peer: "192.168.77.130"
+ roles:
+ - { role: keepalived}
+
+ 单主lvs
+ - hosts: node1
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "MASTER"
+ vip: "192.168.77.140"
+ - keepalived_virtual_server:
+ - virtual_server: "192.168.77.140 80"
+ delay_loop: 6
+ lb_algo: wrr
+ lb_kind: DR
+ persistence_timeout: 50
+ real_server:
+ - server: "192.168.77.132 80"
+ weight: 1
+ tcp_check:
+ connect_timeout: 10
+ nb_get_retry: 3
+ delay_before_retry: 3
+ connect_port: 80
+ - server: "192.168.77.133 80"
+ weight: 1
+ tcp_check:
+ connect_timeout: 10
+ nb_get_retry: 3
+ delay_before_retry: 3
+ connect_port: 80
+
+ roles:
+ - { role: keepalived }
+
+ - hosts: node2
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "BACKUP"
+ vip: "192.168.77.140"
+ - keepalived_virtual_server:
+ - virtual_server: "192.168.77.140 80"
+ delay_loop: 6
+ lb_algo: wrr
+ lb_kind: DR
+ persistence_timeout: 50
+ real_server:
+ - server: "192.168.77.132 80"
+ weight: 1
+ tcp_check:
+ connect_timeout: 10
+ nb_get_retry: 3
+ delay_before_retry: 3
+ connect_port: 80
+ - server: "192.168.77.133 80"
+ weight: 1
+ tcp_check:
+ connect_timeout: 10
+ nb_get_retry: 3
+ delay_before_retry: 3
+ connect_port: 80
+ roles:
+ - { role: keepalived}
+
+ 双主
+ - hosts: node1
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "MASTER"
+ vip: "192.168.77.140"
+ - name: V1_2
+ state: "BACKUP"
+ virtual_router_id: "141"
+ auth_pass: "v2hello"
+ vip: "192.168.77.141"
+ roles:
+ - { role: keepalived }
+
+ - hosts: node2
+ vars:
+ - keepalived_vrrp_instance:
+ - name: V1_1
+ state: "BACKUP"
+ vip: "192.168.77.140"
+ - name: V1_2
+ state: "MASTER"
+ auth_pass: "v2hello"
+ virtual_router_id: "141"
+ vip: "192.168.77.141"
+ roles:
+ - { role: keepalived}
+
+## 使用
+```
+systemctl start keepalived
+systemctl stop keepalived
+systemctl restart keepalived
+systemctl status keepalived
+```
+
diff --git a/keepalived/defaults/main.yml b/keepalived/defaults/main.yml
new file mode 100644
index 0000000..82a4fa6
--- /dev/null
+++ b/keepalived/defaults/main.yml
@@ -0,0 +1,37 @@
+---
+# author: lework
+
+keepalived_conf: "/etc/keepalived/keepalived.conf"
+
+keepalived_vrrp_instance:
+ - name: V1_1
+ state: "MASTER"
+ interface: "eth0"
+ virtual_router_id: "26"
+ priority: "100"
+ auth_pass: "261232"
+ keepalived_vip: "192.168.77.140"
+ extra: |
+ ! vrrp_instance extra conf
+
+keepalived_virtual_server:
+# - virtual_server: "192.168.200.100 80"
+# delay_loop: 6
+# lb_algo: wrr
+# lb_kind: NAT
+# persistence_timeout: 50
+# protocol: TCP
+# real_server:
+# - server: "192.168.201.100 80"
+# weight: 1
+# tcp_check:
+# connect_timeout: 10
+# nb_get_retry: 3
+# delay_before_retry: 3
+# connect_port: 80
+# extra: |
+# ! real_server extra conf
+# extra: |
+# ! virtual_server extra conf
+
+keepalived_conf_extra: ""
diff --git a/keepalived/handlers/main.yaml b/keepalived/handlers/main.yaml
new file mode 100644
index 0000000..920119a
--- /dev/null
+++ b/keepalived/handlers/main.yaml
@@ -0,0 +1,4 @@
+---
+
+- name: restart keepalived
+ systemd: name=keepalived state=restarted
diff --git a/keepalived/tasks/configure.yml b/keepalived/tasks/configure.yml
new file mode 100644
index 0000000..b08c574
--- /dev/null
+++ b/keepalived/tasks/configure.yml
@@ -0,0 +1,17 @@
+---
+# author: lework
+
+- name: configure | Copy Keepalived configuration in place.
+ template:
+ src: keepalived.conf.j2
+ dest: "{{ keepalived_conf }}"
+ backup: yes
+ notify:
+ - restart keepalived
+
+- name: configure | Ensure Keepalived is started and enabled on boot.
+ systemd:
+ name: keepalived
+ state: started
+ enabled: yes
+# service: "name=keepalived state=started enabled=yes"
diff --git a/keepalived/tasks/install.yml b/keepalived/tasks/install.yml
new file mode 100644
index 0000000..4ad20c2
--- /dev/null
+++ b/keepalived/tasks/install.yml
@@ -0,0 +1,10 @@
+---
+# author: lework
+
+- name: install | Ensure keepalived packages are installed.
+ yum:
+ name:
+ - 'keepalived'
+ - 'ipvsadm'
+ state: installed
+ when: ansible_os_family == 'RedHat'
diff --git a/keepalived/tasks/main.yml b/keepalived/tasks/main.yml
new file mode 100644
index 0000000..b599005
--- /dev/null
+++ b/keepalived/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+# author: lework
+
+- include: install.yml
+- include: configure.yml
\ No newline at end of file
diff --git a/keepalived/templates/keepalived.conf.j2 b/keepalived/templates/keepalived.conf.j2
new file mode 100644
index 0000000..169f0a7
--- /dev/null
+++ b/keepalived/templates/keepalived.conf.j2
@@ -0,0 +1,71 @@
+! Configuration File for keepalived
+
+global_defs {
+ notification_email {
+ root@localhost
+ }
+ notification_email_from keepalived@localhost
+ smtp_server 127.0.0.1
+ smtp_connect_timeout 30
+ router_id {{ keepalived_router_id | d("keepalived-node1") }}
+ vrrp_mcast_group4 {{ keepalived_vrrp_mcast_group4 | d("224.0.0.18") }}
+}
+
+{% for inst in keepalived_vrrp_instance %}
+vrrp_instance {{ inst.name | d('V1_1') }} {
+ state {{ inst.state | d('MASTER') }}
+ interface {{ inst.interface | d(ansible_default_ipv4.interface) }}
+ virtual_router_id {{ inst.virtual_router_id | d('26') }}
+ priority {% if inst.state == 'MASTER' %}{{ keepalived_priority | d('100') }}{% else %}{{ keepalived_priority | d('98') }}{% endif %}
+
+ advert_int 1
+ authentication {
+ auth_type PASS
+ auth_pass {{ inst.auth_pass | d('lework66') }}
+ }
+{% if inst.unicast_peer is defined %}
+ unicast_src_ip {{ ansible_default_ipv4.address }}
+ unicast_peer {
+ {{ inst.unicast_peer }}
+ }
+{% endif %}
+ virtual_ipaddress {
+ {{ inst.vip }}
+ }
+ {{ inst.extra | d('') }}
+}
+
+{% endfor %}
+{% if keepalived_virtual_server %}
+{% for vser in keepalived_virtual_server %}
+virtual_server {{ vser.virtual_server }} {
+ delay_loop {{ vser.delay_loop | d('6') }}
+ lb_algo {{ vser.lb_algo | d('wrr') }}
+ lb_kind {{ vser.lb_kind | d('NAT') }}
+ persistence_timeout {{ vser.persistence_timeout | d('50') }}
+ protocol {{ vser.protocol | d('TCP') }}
+
+{% for rser in vser.real_server %}
+ real_server {{ rser.server }} {
+ weight {{ rser.weight | d('1') }}
+{% if vser.protocol is undefined or vser.protocol == 'TCP'%}
+ TCP_CHECK {
+ connect_port {{ rser.tcp_check['connect_port'] | d('80') }}
+ connect_timeout {{ rser.tcp_check['connect_timeout'] | d('10') }}
+ nb_get_retry {{ rser.tcp_check['nb_get_retry'] | d('3') }}
+ delay_before_retry {{ rser.tcp_check['delay_before_retry'] | d('3') }}
+ }
+{% endif %}
+{% if rser.extra is defined %}
+ {{ rser.extra | d('') }}
+{% endif %}
+ }
+{% endfor %}
+{% if vser.extra is defined %}
+ {{ vser.extra | d('') }}
+{% endif %}
+}
+
+{% endfor %}
+{% endif %}
+{{ keepalived_conf_extra }}