Implement automatic reassignment of the public VIP to the physical MAC of the router currently in CARP MASTER state.
This is done by reacting to CARP state changes using devd : when a specific event happened, it triggers a script that calls the OVH API to update the physical MAC associated with the VIP.
Why ??? This avoids situations where the backup router receives traffic for the VIP while the other node is the actual CARP master.
devd
If we trigger the script through devd, we can provide a .conf configuration file in /usr/local/etc/devd.
Use of action "logger CARP is now active/backup" is probably a good idea to ensure we trigger correctly the right event.
OVH API
A Python library as API client exists, https://github.com/ovh/python-ovh
Secrets can be stored in Vault.
It's unclear if we should create a full Python package with abstraction, and then a concrete implementation for OVH, or if we should write a small script doing this task.
It's especially unclear if we need to do that in Python as:
My take on this is we can write it in Python, ideally with separation of concerns between the operation and the OVH API execution, and we'll see if we evolve this into a full application when we need more API calls or more ISP.