Merge branch 'release-1.4.2' into stable

v1.3.5-1

CHANGELOG.md

@@ -1,68 +1,171 @@
 # Changelog
+This file only reflects the changes that are made in this project.
+Please refer to the upstream [keepalived changelog](https://github.com/acassen/keepalived/blob/master/ChangeLog) for the list of changes in keepalived.
 
-## 1.3.5
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
-  - Keepalived version 1.3.5
+and this project follows keepalived versioning.
 
-## 1.3.4
+## [1.4.2] - 2018-03-03
-  - Keepalived version 1.3.4
+### Changed
+  - Upgrade keepalived version to 1.4.2
 
-## 1.3.2
+## [1.4.1] - 2018-01-29
-  - Keepalived version 1.3.2
+### Changed
+  - Upgrade keepalived version to 1.4.1
 
-## 1.3.1
+## [1.4.0] - 2018-01-11
-  - Keepalived version 1.3.1
+### Changed
+  - Upgrade keepalived version to 1.4.0
 
-## 1.3.0
+## [1.3.9] - 2017-10-22
-  - Keepalived version 1.3.0
+### Changed
-  - Upgrade baseimage: light-baseimage:0.2.6
+  - Upgrade keepalived version to 1.3.9
 
-## 1.2.24
+## [1.3.8] - 2017-10-16
-  - Keepalived version 1.2.24
+### Changed
-  - We now use the keepalived version number as docker image tag
+  - Upgrade keepalived version to 1.3.8
 
-## 0.2.3
+## [1.3.6-1] - 2017-10-16
-  - Upgrade baseimage: light-baseimage:0.2.5
+### Changed
+  - Upgrade baseimage to alpine-light-baseimage:0.1.5
 
-## 0.2.2
+## [1.3.6] - 2017-08-15
-  - Upgrade baseimage: light-baseimage:0.2.4
+### Changed
-  - Keepalived version 1.2.23
+  - Upgrade keepalived version to 1.3.6
 
-## 0.2.1
+### Removed
-  - Upgrade baseimage: light-baseimage:0.2.2
+  - keepalived_script script user, scripts are now run with root user
 
-## 0.2.0
+## [1.3.5-1] - 2017-07-19
-  - Upgrade baseimage: light-baseimage:0.2.1
+### Added
+  - Add keepalived_script script user
+
+### Changed
+  - Use linux alpine as baseimage
+
+### Fixed
+  - startup.sh and finish.sh ip address removal
+
+## [1.3.5] - 2017-03-21
+### Changed
+  - Upgrade keepalived version to 1.3.5
+
+## [1.3.4] - 2017-02-19
+### Changed
+  - Upgrade keepalived version to 1.3.4
+
+## [1.3.3] - 2017-02-15
+### Changed
+  - Upgrade keepalived version to 1.3.3
+
+## [1.3.2] - 2016-11-29
+### Changed
+  - Upgrade keepalived version to 1.3.2
+
+## [1.3.1] - 2016-11-22
+### Changed
+  - Upgrade keepalived version to 1.3.1
+
+## [1.3.0] - 2016-11-21
+### Changed
+  - Upgrade keepalived version to 1.3.0
+  - Upgrade baseimage to light-baseimage:0.2.6
+
+## [1.2.24] - 2016-09-13
+### Changed
+  - Upgrade keepalived version to 1.2.24
+
+## Versions before following the keepalived versioning
+
+## [0.2.3] - 2016-09-03
+### Changed
+  - Upgrade baseimage to light-baseimage:0.2.5
+
+## [0.2.2] - 2016-07-26
+### Changed
+  - Upgrade baseimage to light-baseimage:0.2.4
+  - Upgrade keepalived version to 1.2.23
+
+## [0.2.1] - 2016-02-20
+### Changed
+  - Upgrade baseimage to light-baseimage:0.2.2
+
+## [0.2.0] - 2016-01-27
+### Added
   - Makefile with build no cache
 
-## 0.1.9
+### Changed
-  - Upgrade baseimage: light-baseimage:0.1.5
+  - Upgrade baseimage to light-baseimage:0.2.1
 
-## 0.1.8
+## [0.1.9] - 2015-11-20
-  - Upgrade baseimage: light-baseimage:0.1.4
+### Changed
+  - Upgrade baseimage to light-baseimage:0.1.5
 
-## 0.1.7
+## [0.1.8] - 2015-11-19
-  - Upgrade baseimage: light-baseimage:0.1.2
+### Changed
+  - Upgrade baseimage to light-baseimage:0.1.4
 
-## 0.1.6
+## [0.1.7] - 2015-10-26
+### Changed
+  - Upgrade baseimage to light-baseimage:0.1.2
+
+## [0.1.6] - 2015-08-21
+### Added
   - Better way to add custom config
+
+### Changed
   - Improve documentation
 
-## 0.1.5
+## [0.1.5] - 2015-08-19
-  - Upgrade baseimage: light-baseimage:0.1.1
+### Changed
+  - Upgrade baseimage to light-baseimage:0.1.1
 
-## 0.1.4
+## [0.1.4] - 2015-07-23
+### Changed
   - Use light-baseimage
 
-## 0.1.3
+## [0.1.3] - 2015-07-09
+### Fixed
   - Fix libnl dependency
 
-## 0.1.2
+## [0.1.2] - 2015-07-09
-  - Keepalived version 1.2.19
+### Changed
-  - Update default config :
+  - Upgrade keepalived version to 1.2.19
-    - Set start state to BACKUP
+  - Upgrade default config :
+  - Set start state to BACKUP
 
-## 0.1.1
+## [0.1.1] - 2015-06-21
-  - Add notify script
+### Added
+  - Notify script
 
-## 0.1.0
+## 0.1.0 - 2015-06-16
-  - Initial release
+Initial release
+
+[1.4.2]: https://github.com/osixia/docker-keepalived/compare/v1.4.1...v1.4.2
+[1.4.1]: https://github.com/osixia/docker-keepalived/compare/v1.4.0...v1.4.1
+[1.4.0]: https://github.com/osixia/docker-keepalived/compare/v1.3.9...v1.4.0
+[1.3.9]: https://github.com/osixia/docker-keepalived/compare/v1.3.8...v1.3.9
+[1.3.8]: https://github.com/osixia/docker-keepalived/compare/v1.3.6-1...v1.3.8
+[1.3.6-1]: https://github.com/osixia/docker-keepalived/compare/v1.3.6...v1.3.6-1
+[1.3.6]: https://github.com/osixia/docker-keepalived/compare/v1.3.5-1...v1.3.6
+[1.3.5-1]: https://github.com/osixia/docker-keepalived/compare/v1.3.5...v1.3.5-1
+[1.3.5]: https://github.com/osixia/docker-keepalived/compare/v1.3.4...v1.3.5
+[1.3.4]: https://github.com/osixia/docker-keepalived/compare/v1.3.3...v1.3.4
+[1.3.3]: https://github.com/osixia/docker-keepalived/compare/v1.3.2...v1.3.3
+[1.3.2]: https://github.com/osixia/docker-keepalived/compare/v1.3.1...v1.3.2
+[1.3.1]: https://github.com/osixia/docker-keepalived/compare/v1.3.0...v1.3.1
+[1.3.0]: https://github.com/osixia/docker-keepalived/compare/v1.2.24...v1.3.0
+[1.2.24]: https://github.com/osixia/docker-keepalived/compare/v0.2.3...v1.2.24
+[0.2.3]: https://github.com/osixia/docker-keepalived/compare/v0.2.2...v0.2.3
+[0.2.2]: https://github.com/osixia/docker-keepalived/compare/v0.2.1...v0.2.2
+[0.2.1]: https://github.com/osixia/docker-keepalived/compare/v0.2.0...v0.2.1
+[0.2.0]: https://github.com/osixia/docker-keepalived/compare/v0.1.9...v0.2.0
+[0.1.9]: https://github.com/osixia/docker-keepalived/compare/v0.1.8...v0.1.9
+[0.1.8]: https://github.com/osixia/docker-keepalived/compare/v0.1.7...v0.1.8
+[0.1.7]: https://github.com/osixia/docker-keepalived/compare/v0.1.6...v0.1.7
+[0.1.6]: https://github.com/osixia/docker-keepalived/compare/v0.1.5...v0.1.6
+[0.1.5]: https://github.com/osixia/docker-keepalived/compare/v0.1.4...v0.1.5
+[0.1.4]: https://github.com/osixia/docker-keepalived/compare/v0.1.3...v0.1.4
+[0.1.3]: https://github.com/osixia/docker-keepalived/compare/v0.1.2...v0.1.3
+[0.1.2]: https://github.com/osixia/docker-keepalived/compare/v0.1.1...v0.1.2
+[0.1.1]: https://github.com/osixia/docker-keepalived/compare/v0.1.0...v0.1.1

Makefile

@@ -1,9 +1,7 @@
 NAME = osixia/keepalived
-VERSION = 1.3.5
+VERSION = 1.4.2
 
-.PHONY: all build build-nocache test tag_latest release
+.PHONY: build build-nocache test tag-latest push push-latest release git-tag-version
-
-all: build
 
 build:
 	docker build -t $(NAME):$(VERSION) --rm image
@@ -14,10 +12,17 @@ build-nocache:
 test:
 	env NAME=$(NAME) VERSION=$(VERSION) bats test/test.bats
 
-tag_latest:
+tag-latest:
 	docker tag $(NAME):$(VERSION) $(NAME):latest
 
-release: build test tag_latest
+push:
-	@if ! docker images $(NAME) | awk '{ print $$2 }' | grep -q -F $(VERSION); then echo "$(NAME) version $(VERSION) is not yet built. Please run 'make build'"; false; fi
+	docker push $(NAME):$(VERSION)
-	docker push $(NAME)
+
-	@echo "*** Don't forget to run 'twgit release/hotfix finish' :)"
+push-latest:
+	docker push $(NAME):latest
+
+release: build test tag-latest push push-latest
+
+git-tag-version: release
+	git tag -a v$(VERSION) -m "v$(VERSION)"
+	git push origin v$(VERSION)

README.md

@@ -6,9 +6,7 @@
 
 [hub]: https://hub.docker.com/r/osixia/keepalived/
 
-Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/keepalived/) 
+Latest release: 1.4.2 - Keepalived 1.4.2 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/keepalived/) 
-
-## /!\ Due to segmentation fault in keepalived 1.3.5 the image have been removed please use v1.3.4
 
 **A docker image to run Keepalived.**
 > [keepalived.org](http://keepalived.org/)
@@ -24,17 +22,18 @@ Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker H
 		- [Link environment file](#link-environment-file)
 		- [Make your own image or extend this image](#make-your-own-image-or-extend-this-image)
 - [Advanced User Guide](#advanced-user-guide)
-	- [Extend osixia/keepalived:1.3.5 image](#extend-osixiakeepalived135-image)
+	- [Extend osixia/keepalived:1.4.2 image](#extend-osixiakeepalived142-image)
 	- [Make your own keepalived image](#make-your-own-keepalived-image)
 	- [Tests](#tests)
 	- [Under the hood: osixia/light-baseimage](#under-the-hood-osixialight-baseimage)
+- [Security](#security)
 - [Changelog](#changelog)
 
 ## Quick start
 
 This image require the kernel module ip_vs loaded on the host (`modprobe ip_vs`) and need to be run with : --cap-add=NET_ADMIN --net=host
 
-    docker run --cap-add=NET_ADMIN --net=host -d osixia/keepalived:1.3.5
+    docker run --cap-add=NET_ADMIN --net=host -d osixia/keepalived:1.4.2
 
 ## Beginner Guide
 
@@ -44,7 +43,7 @@ but setting your own keepalived.conf is possible. 2 options:
 
 - Link your config file at run time to `/container/service/keepalived/assets/keepalived.conf` :
 
-      docker run --volume /data/my-keepalived.conf:/container/service/keepalived/assets/keepalived.conf --detach osixia/keepalived:1.3.5
+      docker run --volume /data/my-keepalived.conf:/container/service/keepalived/assets/keepalived.conf --detach osixia/keepalived:1.4.2
 
 - Add your config file by extending or cloning this image, please refer to the [Advanced User Guide](#advanced-user-guide)
 
@@ -54,7 +53,7 @@ You may have some problems with mounted files on some systems. The startup scrip
 
 To fix that run the container with `--copy-service` argument :
 
-		docker run [your options] osixia/keepalived:1.3.5 --copy-service
+		docker run [your options] osixia/keepalived:1.4.2 --copy-service
 
 ### Debug
 
@@ -63,11 +62,11 @@ Available levels are: `none`, `error`, `warning`, `info`, `debug` and `trace`.
 
 Example command to run the container in `debug` mode:
 
-	docker run --detach osixia/keepalived:1.3.5 --loglevel debug
+	docker run --detach osixia/keepalived:1.4.2 --loglevel debug
 
 See all command line options:
 
-	docker run osixia/keepalived:1.3.5 --help
+	docker run osixia/keepalived:1.4.2 --help
 
 
 ## Environment Variables
@@ -87,7 +86,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab
 
   If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python:
 
-      docker run --env KEEPALIVED_UNICAST_PEERS="#PYTHON2BASH:['192.168.1.10', '192.168.1.11']" --detach osixia/keepalived:1.3.5
+      docker run --env KEEPALIVED_UNICAST_PEERS="#PYTHON2BASH:['192.168.1.10', '192.168.1.11']" --detach osixia/keepalived:1.4.2
 
   To convert yaml to python online : http://yaml-online-parser.appspot.com/
 
@@ -109,7 +108,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab
 Environment variables can be set by adding the --env argument in the command line, for example:
 
     docker run --env KEEPALIVED_INTERFACE="eno1" --env KEEPALIVED_PASSWORD="password!" \
-    --env KEEPALIVED_PRIORITY="100" --detach osixia/keepalived:1.3.5
+    --env KEEPALIVED_PRIORITY="100" --detach osixia/keepalived:1.4.2
 
 
 #### Link environment file
@@ -117,7 +116,7 @@ Environment variables can be set by adding the --env argument in the command lin
 For example if your environment file is in :  /data/environment/my-env.yaml
 
 	docker run --volume /data/environment/my-env.yaml:/container/environment/01-custom/env.yaml \
-	--detach osixia/keepalived:1.3.5
+	--detach osixia/keepalived:1.4.2
 
 Take care to link your environment file to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not  directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE).
 
@@ -127,13 +126,13 @@ This is the best solution if you have a private registry. Please refer to the [A
 
 ## Advanced User Guide
 
-### Extend osixia/keepalived:1.3.5 image
+### Extend osixia/keepalived:1.4.2 image
 
 If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image.
 
 Dockerfile example:
 
-    FROM osixia/keepalived:1.3.5
+    FROM osixia/keepalived:1.4.2
     MAINTAINER Your Name <your@name.com>
 
     ADD keepalived.conf /container/service/keepalived/assets/keepalived.conf
@@ -184,6 +183,11 @@ Install Bats, and in this project directory run :
 This image is based on osixia/light-baseimage.
 More info: https://github.com/osixia/docker-light-baseimage
 
+## Security
+If you discover a security vulnerability within this docker image, please send an email to the Osixia! team at security@osixia.net. For minor vulnerabilities feel free to add an issue here on github.
+
+Please include as many details as possible.
+
 ## Changelog
 
 Please refer to: [CHANGELOG.md](CHANGELOG.md)

image/Dockerfile

@@ -1,25 +1,27 @@
 # Use osixia/light-baseimage
 # sources: https://github.com/osixia/docker-light-baseimage
-FROM osixia/light-baseimage:0.2.6
+FROM osixia/alpine-light-baseimage:0.1.5
 MAINTAINER Bertrand Gouny <bertrand.gouny@osixia.net>
 
 # Keepalived version
-ENV KEEPALIVED_VERSION 1.3.5
+ARG KEEPALIVED_VERSION=1.4.2
 
 # Download, build and install Keepalived
-RUN apt-get -y update \
+RUN apk --no-cache add \
-    && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        curl \
        gcc \
+       ipset \
+       ipset-dev \
+       iptables \
        iptables-dev \
-       libipset-dev \
+       libnfnetlink \
-       libnl-3-dev \
-       libnl-genl-3-dev \
-       libnl-route-3-dev \
        libnfnetlink-dev \
-       libssl-dev \
+       libnl3 \
+       libnl3-dev \
        make \
-       pkg-config \
+       musl-dev \
+       openssl \
+       openssl-dev \
     && curl -o keepalived.tar.gz -SL http://keepalived.org/software/keepalived-${KEEPALIVED_VERSION}.tar.gz \
     && mkdir -p /container/keepalived-sources \
     && tar -xzf keepalived.tar.gz --strip 1 -C /container/keepalived-sources \
@@ -27,11 +29,19 @@ RUN apt-get -y update \
     && ./configure --disable-dynamic-linking \
     && make && make install \
     && cd - && mkdir -p /etc/keepalived \
-    && apt-get remove -y --purge --auto-remove curl make gcc pkg-config \
     && rm -f keepalived.tar.gz \
     && rm -rf /container/keepalived-sources \
-    && apt-get clean \
+    && apk --no-cache del \
-    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+        curl \
+        gcc \
+        ipset-dev \
+        iptables-dev \
+        libnfnetlink-dev \
+        libnl3-dev \
+        make \
+        musl-dev \
+        openssl-dev
+
 
 # Add service directory to /container/service
 ADD service /container/service

image/environment/default.startup.yaml

@@ -1,16 +0,0 @@
-KEEPALIVED_INTERFACE: eth0
-KEEPALIVED_PASSWORD: d0cker
-
-# For electing MASTER, highest priority wins.
-# to be MASTER, make 50 more than other machines
-KEEPALIVED_PRIORITY: 150
-
-KEEPALIVED_UNICAST_PEERS:
-  - 192.168.1.10
-  - 192.168.1.11
-
-KEEPALIVED_VIRTUAL_IPS:
-  - 192.168.1.231
-  - 192.168.1.232
-
-KEEPALIVED_NOTIFY: /container/service/keepalived/assets/notify.sh

image/environment/default.yaml

@@ -1 +1,18 @@
 KEEPALIVED_COMMAND_LINE_ARGUMENTS: --log-detail --dump-conf
+
+KEEPALIVED_INTERFACE: eth0
+KEEPALIVED_PASSWORD: d0cker
+
+# For electing MASTER, highest priority wins.
+# to be MASTER, make 50 more than other machines
+KEEPALIVED_PRIORITY: 150
+
+KEEPALIVED_UNICAST_PEERS:
+  - 192.168.1.10
+  - 192.168.1.11
+
+KEEPALIVED_VIRTUAL_IPS:
+  - 192.168.1.231
+  - 192.168.1.232
+
+KEEPALIVED_NOTIFY: /container/service/keepalived/assets/notify.sh

image/service/keepalived/assets/keepalived.conf

@@ -1,27 +1,31 @@
+global_defs {
+  default_interface {{ KEEPALIVED_INTERFACE }}
+}
+
 vrrp_instance VI_1 {
-  interface {{ keepalived_interface }}
+  interface {{ KEEPALIVED_INTERFACE }}
 
   track_interface {
-    {{ keepalived_interface }}
+    {{ KEEPALIVED_INTERFACE }}
   }
 
   state BACKUP
   virtual_router_id 51
-  priority {{ keepalived_priority }}
+  priority {{ KEEPALIVED_PRIORITY }}
   nopreempt
 
   unicast_peer {
-    {{ keepalived_unicast_peers }}
+    {{ KEEPALIVED_UNICAST_PEERS }}
   }
 
   virtual_ipaddress {
-    {{ keepalived_virtual_ips }}
+    {{ KEEPALIVED_VIRTUAL_IPS }}
   }
 
   authentication {
     auth_type PASS
-    auth_pass {{ keepalived_password }}
+    auth_pass {{ KEEPALIVED_PASSWORD }}
   }
 
-  {{ keepalived_notify }}
+  {{ KEEPALIVED_NOTIFY }}
 }

image/service/keepalived/assets/notify.sh

@@ -16,16 +16,16 @@ NAME=$2
 STATE=$3
 
 case $STATE in
-        "MASTER") logger -s -t keepalived-notify "I'm the MASTER! Whup whup."
+        "MASTER") echo "I'm the MASTER! Whup whup." > /proc/1/fd/1
                   exit 0
                   ;;
-        "BACKUP") logger -s -t keepalived-notify "Ok, i'm just a backup, great."
+        "BACKUP") echo "Ok, i'm just a backup, great." > /proc/1/fd/1
                   exit 0
                   ;;
-        "FAULT")  logger -s -t keepalived-notify "Fault, what ?"
+        "FAULT")  echo "Fault, what ?" > /proc/1/fd/1
                   exit 0
                   ;;
-        *)        logger -s -t keepalived-notify "Unknown state"
+        *)        echo "Unknown state" > /proc/1/fd/1
                   exit 1
                   ;;
 esac

image/service/keepalived/finish.sh

@@ -7,7 +7,20 @@ log-helper level eq trace && set -x
 # try to delete virtual ips from interface
 for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
 do
-  ip addr del ${vip}/32 dev ${KEEPALIVED_INTERFACE} || true
+  IP=$(echo ${!vip} | awk '{print $1}')
+  IP_INFO=$(ip addr list | grep ${IP}) || continue
+  IP_V6=$(echo "${IP_INFO}" | grep "inet6") || true
+
+  # ipv4
+  if [ -z "${IP_V6}" ]; then
+    IP_INTERFACE=$(echo "${IP_INFO}" |  awk '{print $5}')
+  # ipv6
+  else
+    echo "skipping address: ${IP} - ipv6 not supported yet :("
+    continue
+  fi
+
+  ip addr del ${IP} dev ${IP_INTERFACE} || true
 done
 
 exit 0

image/service/keepalived/install.sh

@@ -0,0 +1,5 @@
+#!/bin/bash -e
+# this script is run during the image build
+
+# delete keepalived default config file
+rm /usr/local/etc/keepalived/keepalived.conf

image/service/keepalived/process.sh

@@ -4,4 +4,12 @@
 # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/log-helper
 log-helper level eq trace && set -x
 
-exec /usr/local/sbin/keepalived -f /etc/keepalived/keepalived.conf --dont-fork --log-console ${KEEPALIVED_COMMAND_LINE_ARGUMENTS}
+echo -n "Waiting config file /usr/local/etc/keepalived/keepalived.conf"
+while [ ! -e "/usr/local/etc/keepalived/keepalived.conf" ]
+do
+  echo -n "."
+  sleep 0.1
+done
+echo "ok"
+
+exec /usr/local/sbin/keepalived -f /usr/local/etc/keepalived/keepalived.conf --dont-fork --log-console ${KEEPALIVED_COMMAND_LINE_ARGUMENTS}

image/service/keepalived/startup.sh

@@ -11,30 +11,30 @@ if [ ! -e "$FIRST_START_DONE" ]; then
   #
   # bootstrap config
   #
-  sed -i --follow-symlinks "s|{{ keepalived_interface }}|$KEEPALIVED_INTERFACE|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "s|{{ KEEPALIVED_INTERFACE }}|$KEEPALIVED_INTERFACE|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
-  sed -i --follow-symlinks "s|{{ keepalived_priority }}|$KEEPALIVED_PRIORITY|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "s|{{ KEEPALIVED_PRIORITY }}|$KEEPALIVED_PRIORITY|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
-  sed -i --follow-symlinks "s|{{ keepalived_password }}|$KEEPALIVED_PASSWORD|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "s|{{ KEEPALIVED_PASSWORD }}|$KEEPALIVED_PASSWORD|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
 
   if [ -n "$KEEPALIVED_NOTIFY" ]; then
-    sed -i --follow-symlinks "s|{{ keepalived_notify }}|notify \"$KEEPALIVED_NOTIFY\"|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "s|{{ KEEPALIVED_NOTIFY }}|notify \"$KEEPALIVED_NOTIFY\"|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
     chmod +x $KEEPALIVED_NOTIFY
   else
-    sed -i --follow-symlinks "/{{ keepalived_notify }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "/{{ KEEPALIVED_NOTIFY }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
   fi
 
   # unicast peers
   for peer in $(complex-bash-env iterate KEEPALIVED_UNICAST_PEERS)
   do
-    sed -i --follow-symlinks "s|{{ keepalived_unicast_peers }}|${!peer}\n    {{ keepalived_unicast_peers }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "s|{{ KEEPALIVED_UNICAST_PEERS }}|${!peer}\n    {{ KEEPALIVED_UNICAST_PEERS }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
   done
-  sed -i --follow-symlinks "/{{ keepalived_unicast_peers }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "/{{ KEEPALIVED_UNICAST_PEERS }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
 
   # virtual ips
   for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
   do
-    sed -i --follow-symlinks "s|{{ keepalived_virtual_ips }}|${!vip}\n    {{ keepalived_virtual_ips }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "s|{{ KEEPALIVED_VIRTUAL_IPS }}|${!vip}\n    {{ KEEPALIVED_VIRTUAL_IPS }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
   done
-  sed -i --follow-symlinks "/{{ keepalived_virtual_ips }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "/{{ KEEPALIVED_VIRTUAL_IPS }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
 
   touch $FIRST_START_DONE
 fi
@@ -42,11 +42,24 @@ fi
 # try to delete virtual ips from interface
 for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
 do
-  ip addr del ${vip}/32 dev ${KEEPALIVED_INTERFACE} || true
+  IP=$(echo ${!vip} | awk '{print $1}')
+  IP_INFO=$(ip addr list | grep ${IP}) || continue
+  IP_V6=$(echo "${IP_INFO}" | grep "inet6") || true
+
+  # ipv4
+  if [ -z "${IP_V6}" ]; then
+    IP_INTERFACE=$(echo "${IP_INFO}" |  awk '{print $5}')
+  # ipv6
+  else
+    echo "skipping address: ${IP} - ipv6 not supported yet :("
+    continue
+  fi
+
+  ip addr del ${IP} dev ${IP_INTERFACE} || true
 done
 
-if [ ! -e "/etc/backup-manager.conf" ]; then
+if [ ! -e "/usr/local/etc/keepalived/keepalived.conf" ]; then
-  ln -sf ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf /etc/keepalived/keepalived.conf
+  ln -sf ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf /usr/local/etc/keepalived/keepalived.conf
 fi
 
 exit 0