diff options
40 files changed, 147 insertions, 68 deletions
diff --git a/manifests/firewall.pp b/manifests/firewall.pp index edcb5e7..3184cd3 100644 --- a/manifests/firewall.pp +++ b/manifests/firewall.pp @@ -102,7 +102,7 @@ class tripleo::firewall( # dport: 999 # proto: udp # action: accept - $service_names = reject(hiera('service_names', []), '^$') + $service_names = hiera('service_names', []) tripleo::firewall::service_rules { $service_names: } } diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index 6a81731..eab7cc9 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -439,11 +439,14 @@ class tripleo::haproxy ( "${public_virtual_ip}:443" => union($haproxy_listen_bind_param, ['ssl', 'crt', $service_certificate]), } $horizon_options = { - 'cookie' => 'SERVERID insert indirect nocache', - 'rsprep' => '^Location:\ http://(.*) Location:\ https://\1', + 'cookie' => 'SERVERID insert indirect nocache', + 'rsprep' => '^Location:\ http://(.*) Location:\ https://\1', # NOTE(jaosorior): We always redirect to https for the public_virtual_ip. - 'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }", - 'option' => 'forwardfor', + 'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }", + 'option' => 'forwardfor', + 'http-request' => [ + 'set-header X-Forwarded-Proto https if { ssl_fc }', + 'set-header X-Forwarded-Proto http if !{ ssl_fc }'], } } else { $horizon_bind_opts = { @@ -530,7 +533,7 @@ class tripleo::haproxy ( internal_ip => hiera('keystone_admin_api_vip', $controller_virtual_ip), service_port => $ports[keystone_admin_api_port], ip_addresses => hiera('keystone_admin_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('keystone_admin_api_node_names', $controller_hosts_names_real), mode => 'http', listen_options => { 'http-request' => [ @@ -562,7 +565,7 @@ class tripleo::haproxy ( internal_ip => hiera('keystone_public_api_vip', $controller_virtual_ip), service_port => $ports[keystone_public_api_port], ip_addresses => hiera('keystone_public_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('keystone_public_api_node_names', $controller_hosts_names_real), mode => 'http', listen_options => merge($keystone_listen_opts, $keystone_public_tls_listen_opts), public_ssl_port => $ports[keystone_public_api_ssl_port], @@ -575,7 +578,7 @@ class tripleo::haproxy ( internal_ip => hiera('neutron_api_vip', $controller_virtual_ip), service_port => $ports[neutron_api_port], ip_addresses => hiera('neutron_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('neutron_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[neutron_api_ssl_port], } } @@ -586,7 +589,7 @@ class tripleo::haproxy ( internal_ip => hiera('cinder_api_vip', $controller_virtual_ip), service_port => $ports[cinder_api_port], ip_addresses => hiera('cinder_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('cinder_api_node_names', $controller_hosts_names_real), mode => 'http', listen_options => { 'http-request' => [ @@ -603,7 +606,7 @@ class tripleo::haproxy ( internal_ip => hiera('manila_api_vip', $controller_virtual_ip), service_port => $ports[manila_api_port], ip_addresses => hiera('manila_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('manila_api_node_names', $controller_hosts_names_real), listen_options => { 'http-request' => [ 'set-header X-Forwarded-Proto https if { ssl_fc }', @@ -619,7 +622,7 @@ class tripleo::haproxy ( internal_ip => hiera('sahara_api_vip', $controller_virtual_ip), service_port => $ports[sahara_api_port], ip_addresses => hiera('sahara_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('sahara_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[sahara_api_ssl_port], } } @@ -630,7 +633,7 @@ class tripleo::haproxy ( internal_ip => hiera('trove_api_vip', $controller_virtual_ip), service_port => $ports[trove_api_port], ip_addresses => hiera('trove_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('trove_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[trove_api_ssl_port], } } @@ -641,7 +644,7 @@ class tripleo::haproxy ( internal_ip => hiera('glance_api_vip', $controller_virtual_ip), service_port => $ports[glance_api_port], ip_addresses => hiera('glance_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('glance_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[glance_api_ssl_port], mode => 'http', listen_options => { @@ -657,7 +660,7 @@ class tripleo::haproxy ( internal_ip => hiera('glance_registry_vip', $controller_virtual_ip), service_port => $ports[glance_registry_port], ip_addresses => hiera('glance_registry_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('glance_registry_node_names', $controller_hosts_names_real), } } @@ -668,7 +671,7 @@ class tripleo::haproxy ( internal_ip => $nova_api_vip, service_port => $ports[nova_api_port], ip_addresses => hiera('nova_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('nova_api_node_names', $controller_hosts_names_real), mode => 'http', listen_options => { 'http-request' => [ @@ -684,7 +687,7 @@ class tripleo::haproxy ( internal_ip => hiera('nova_metadata_vip', $controller_virtual_ip), service_port => $ports[nova_metadata_port], ip_addresses => hiera('nova_metadata_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('nova_metadata_node_names', $controller_hosts_names_real), } } @@ -694,7 +697,7 @@ class tripleo::haproxy ( internal_ip => $nova_api_vip, service_port => $ports[nova_novnc_port], ip_addresses => hiera('nova_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('nova_api_node_names', $controller_hosts_names_real), listen_options => { 'balance' => 'source', 'timeout' => [ 'tunnel 1h' ], @@ -709,7 +712,7 @@ class tripleo::haproxy ( internal_ip => hiera('ceilometer_api_vip', $controller_virtual_ip), service_port => $ports[ceilometer_api_port], ip_addresses => hiera('ceilometer_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('ceilometer_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[ceilometer_api_ssl_port], } } @@ -720,7 +723,7 @@ class tripleo::haproxy ( internal_ip => hiera('aodh_api_vip', $controller_virtual_ip), service_port => $ports[aodh_api_port], ip_addresses => hiera('aodh_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('aodh_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[aodh_api_ssl_port], } } @@ -731,7 +734,7 @@ class tripleo::haproxy ( internal_ip => hiera('gnocchi_api_vip', $controller_virtual_ip), service_port => $ports[gnocchi_api_port], ip_addresses => hiera('gnocchi_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('gnocchi_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[gnocchi_api_ssl_port], } } @@ -742,7 +745,7 @@ class tripleo::haproxy ( internal_ip => hiera('mistral_api_vip', $controller_virtual_ip), service_port => $ports[mistral_api_port], ip_addresses => hiera('mistral_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('mistral_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[mistral_api_ssl_port], } } @@ -753,7 +756,7 @@ class tripleo::haproxy ( internal_ip => hiera('swift_proxy_vip', $controller_virtual_ip), service_port => $ports[swift_proxy_port], ip_addresses => hiera('swift_proxy_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('swift_proxy_node_names', $controller_hosts_names_real), public_ssl_port => $ports[swift_proxy_ssl_port], } } @@ -779,7 +782,7 @@ class tripleo::haproxy ( internal_ip => $heat_api_vip, service_port => $ports[heat_api_port], ip_addresses => $heat_ip_addresses, - server_names => $controller_hosts_names_real, + server_names => hiera('heat_api_node_names', $controller_hosts_names_real), mode => 'http', listen_options => $heat_options, public_ssl_port => $ports[heat_api_ssl_port], @@ -792,7 +795,7 @@ class tripleo::haproxy ( internal_ip => $heat_api_vip, service_port => $ports[heat_cw_port], ip_addresses => $heat_ip_addresses, - server_names => $controller_hosts_names_real, + server_names => hiera('heat_api_node_names', $controller_hosts_names_real), mode => 'http', listen_options => $heat_options, public_ssl_port => $ports[heat_cw_ssl_port], @@ -805,7 +808,7 @@ class tripleo::haproxy ( internal_ip => $heat_api_vip, service_port => $ports[heat_cfn_port], ip_addresses => $heat_ip_addresses, - server_names => $controller_hosts_names_real, + server_names => hiera('heat_api_node_names', $controller_hosts_names_real), mode => 'http', listen_options => $heat_options, public_ssl_port => $ports[heat_cfn_ssl_port], @@ -823,7 +826,7 @@ class tripleo::haproxy ( listening_service => 'horizon', ports => '80', ipaddresses => hiera('horizon_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('horizon_node_names', $controller_hosts_names_real), options => union($haproxy_member_options, ["cookie ${::hostname}"]), } } @@ -834,7 +837,7 @@ class tripleo::haproxy ( internal_ip => hiera('ironic_api_vip', $controller_virtual_ip), service_port => $ports[ironic_api_port], ip_addresses => hiera('ironic_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('ironic_api_node_names', $controller_hosts_names_real), public_ssl_port => $ports[ironic_api_ssl_port], } } @@ -845,7 +848,7 @@ class tripleo::haproxy ( internal_ip => hiera('ironic_inspector_vip', $controller_virtual_ip), service_port => $ports[ironic_inspector_port], ip_addresses => hiera('ironic_inspector_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('ironic_inspector_node_names', $controller_hosts_names_real), public_ssl_port => $ports[ironic_inspector_ssl_port], } } @@ -877,7 +880,7 @@ class tripleo::haproxy ( listening_service => 'mysql', ports => '3306', ipaddresses => hiera('mysql_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('mysql_node_names', $controller_hosts_names_real), options => $mysql_member_options, } } @@ -895,7 +898,7 @@ class tripleo::haproxy ( listening_service => 'rabbitmq', ports => '5672', ipaddresses => hiera('rabbitmq_network', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('rabbitmq_node_names', $controller_hosts_names_real), options => $haproxy_member_options, } } @@ -924,7 +927,7 @@ class tripleo::haproxy ( listening_service => 'redis', ports => '6379', ipaddresses => hiera('redis_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('redis_node_names', $controller_hosts_names_real), options => $haproxy_member_options, } } @@ -944,7 +947,7 @@ class tripleo::haproxy ( listening_service => 'midonet_api', ports => '8081', ipaddresses => hiera('midonet_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('midonet_api_node_names', $controller_hosts_names_real), options => $haproxy_member_options, } } @@ -954,7 +957,7 @@ class tripleo::haproxy ( internal_ip => hiera('zaqar_api_vip', $controller_virtual_ip), service_port => $ports[zaqar_api_port], ip_addresses => hiera('zaqar_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('zaqar_api_node_names', $controller_hosts_names_real), mode => 'http', public_ssl_port => $ports[zaqar_api_ssl_port], } @@ -966,7 +969,7 @@ class tripleo::haproxy ( internal_ip => hiera('ceph_rgw_vip', $controller_virtual_ip), service_port => $ports[ceph_rgw_port], ip_addresses => hiera('ceph_rgw_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('ceph_rgw_node_names', $controller_hosts_names_real), public_ssl_port => $ports[ceph_rgw_ssl_port], } } @@ -989,7 +992,7 @@ class tripleo::haproxy ( listening_service => 'opendaylight', ports => '8081', ipaddresses => hiera('opendaylight_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('opendaylight_api_node_names', $controller_hosts_names_real), options => ['check', 'inter 2000', 'rise 2', 'fall 5'], } } @@ -1000,7 +1003,7 @@ class tripleo::haproxy ( internal_ip => hiera('zaqar_ws_vip', $controller_virtual_ip), service_port => $ports[zaqar_ws_port], ip_addresses => hiera('zaqar_ws_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, + server_names => hiera('zaqar_ws_node_names', $controller_hosts_names_real), mode => 'http', haproxy_listen_bind_param => [], # We don't use a transparent proxy here listen_options => { diff --git a/manifests/profile/base/ceph.pp b/manifests/profile/base/ceph.pp index 6ffd4ef..f4404e0 100644 --- a/manifests/profile/base/ceph.pp +++ b/manifests/profile/base/ceph.pp @@ -20,7 +20,7 @@ # # [*ceph_mon_initial_members*] # (Optional) List of IP addresses to use as mon_initial_members -# Defaults to hiera('ceph_mon_node_names') +# Defaults to hiera('ceph_mon_short_node_names') # # [*ceph_mon_host*] # (Optional) List of IP addresses to use as mon_host @@ -36,18 +36,23 @@ # Defaults to hiera('step') # class tripleo::profile::base::ceph ( - $ceph_mon_initial_members = hiera('ceph_mon_node_names', undef), + $ceph_mon_initial_members = hiera('ceph_mon_short_node_names', undef), $ceph_mon_host = hiera('ceph_mon_node_ips', '127.0.0.1'), $enable_ceph_storage = false, $step = hiera('step'), ) { + if ! $ceph_mon_initial_members { + $ceph_mon_initial_members_real = hiera('ceph_mon_node_names', undef) + } else { + $ceph_mon_initial_members_real = $ceph_mon_initial_members + } if $step >= 2 { - if $ceph_mon_initial_members { - if is_array($ceph_mon_initial_members) { - $mon_initial_members = downcase(join($ceph_mon_initial_members, ',')) + if $ceph_mon_initial_members_real { + if is_array($ceph_mon_initial_members_real) { + $mon_initial_members = downcase(join($ceph_mon_initial_members_real, ',')) } else { - $mon_initial_members = downcase($ceph_mon_initial_members) + $mon_initial_members = downcase($ceph_mon_initial_members_real) } } else { $mon_initial_members = undef diff --git a/manifests/profile/base/cinder/volume/iscsi.pp b/manifests/profile/base/cinder/volume/iscsi.pp index 8baaf1c..4d333c8 100644 --- a/manifests/profile/base/cinder/volume/iscsi.pp +++ b/manifests/profile/base/cinder/volume/iscsi.pp @@ -29,6 +29,10 @@ # (Optional) The iscsi helper to use # Defaults to 'tgtadm' # +# [*cinder_iscsi_protocol*] +# (Optional) The iscsi protocol to use +# Defaults to 'iscsi' +# # [*cinder_lvm_loop_device_size*] # (Optional) The size (in MB) of the LVM loopback volume # Defaults to '10280' @@ -42,6 +46,7 @@ class tripleo::profile::base::cinder::volume::iscsi ( $cinder_iscsi_address, $backend_name = hiera('cinder::backend::iscsi::volume_backend_name', 'tripleo_iscsi'), $cinder_iscsi_helper = 'tgtadm', + $cinder_iscsi_protocol = 'iscsi', $cinder_lvm_loop_device_size = '10280', $step = hiera('step'), ) { @@ -58,6 +63,7 @@ class tripleo::profile::base::cinder::volume::iscsi ( cinder::backend::iscsi { $backend_name : iscsi_ip_address => normalize_ip_for_uri($cinder_iscsi_address), iscsi_helper => $cinder_iscsi_helper, + iscsi_protocol => $cinder_iscsi_protocol, } } diff --git a/manifests/profile/base/pacemaker.pp b/manifests/profile/base/pacemaker.pp index 0d628b5..43edfaf 100644 --- a/manifests/profile/base/pacemaker.pp +++ b/manifests/profile/base/pacemaker.pp @@ -69,13 +69,6 @@ class tripleo::profile::base::pacemaker ( Class['tripleo::fencing'] -> Class['pacemaker::stonith'] } - # FIXME(gfidente): sets 200secs as default start timeout op - # param; until we can use pcmk global defaults we'll still - # need to add it to every resource which redefines op params - Pacemaker::Resource::Service { - op_params => 'start timeout=200s stop timeout=200s', - } - file { '/var/lib/tripleo/pacemaker-restarts': ensure => directory, } ~> Tripleo::Pacemaker::Resource_restart_flag<||> diff --git a/manifests/profile/base/swift/proxy.pp b/manifests/profile/base/swift/proxy.pp index 9d50462..fc9fe11 100644 --- a/manifests/profile/base/swift/proxy.pp +++ b/manifests/profile/base/swift/proxy.pp @@ -52,5 +52,6 @@ class tripleo::profile::base::swift::proxy ( include ::swift::proxy::tempurl include ::swift::proxy::formpost include ::swift::proxy::bulk + include ::swift::proxy::ceilometer } } diff --git a/manifests/profile/pacemaker/apache.pp b/manifests/profile/pacemaker/apache.pp index 980b3a4..c8aeac5 100644 --- a/manifests/profile/pacemaker/apache.pp +++ b/manifests/profile/pacemaker/apache.pp @@ -40,6 +40,7 @@ class tripleo::profile::pacemaker::apache ( if $step >= 5 and $pacemaker_master { include ::apache::params pacemaker::resource::service { $::apache::params::service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', verify_on_create => true, } diff --git a/manifests/profile/pacemaker/ceilometer/agent/central.pp b/manifests/profile/pacemaker/ceilometer/agent/central.pp index 90266be..b9655c3 100644 --- a/manifests/profile/pacemaker/ceilometer/agent/central.pp +++ b/manifests/profile/pacemaker/ceilometer/agent/central.pp @@ -40,12 +40,14 @@ class tripleo::profile::pacemaker::ceilometer::agent::central ( case downcase(hiera('ceilometer_backend')) { /mysql/: { pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', require => Pacemaker::Resource::Ocf['openstack-core'], } } default: { pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', require => [Pacemaker::Resource::Ocf['openstack-core'], Pacemaker::Resource::Service[$::mongodb::params::service_name]], diff --git a/manifests/profile/pacemaker/ceilometer/agent/notification.pp b/manifests/profile/pacemaker/ceilometer/agent/notification.pp index e419356..394cc36 100644 --- a/manifests/profile/pacemaker/ceilometer/agent/notification.pp +++ b/manifests/profile/pacemaker/ceilometer/agent/notification.pp @@ -37,6 +37,7 @@ class tripleo::profile::pacemaker::ceilometer::agent::notification ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/ceilometer/collector.pp b/manifests/profile/pacemaker/ceilometer/collector.pp index d0f7217..350125f 100644 --- a/manifests/profile/pacemaker/ceilometer/collector.pp +++ b/manifests/profile/pacemaker/ceilometer/collector.pp @@ -41,6 +41,7 @@ class tripleo::profile::pacemaker::ceilometer::collector ( Exec<| title == 'galera-ready'|> -> Class['ceilometer::db::mysql'] } pacemaker::resource::service { $::ceilometer::params::collector_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/cinder/api.pp b/manifests/profile/pacemaker/cinder/api.pp index d18942d..f25a050 100644 --- a/manifests/profile/pacemaker/cinder/api.pp +++ b/manifests/profile/pacemaker/cinder/api.pp @@ -48,6 +48,7 @@ class tripleo::profile::pacemaker::cinder::api ( if $step >= 5 and $pacemaker_master { pacemaker::resource::service { $::cinder::params::api_service : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', require => Pacemaker::Resource::Ocf['openstack-core'], } diff --git a/manifests/profile/pacemaker/cinder/backup.pp b/manifests/profile/pacemaker/cinder/backup.pp index 72ec456..63988d6 100644 --- a/manifests/profile/pacemaker/cinder/backup.pp +++ b/manifests/profile/pacemaker/cinder/backup.pp @@ -54,7 +54,9 @@ class tripleo::profile::pacemaker::cinder::backup ( } if $step >= 5 and $pacemaker_master { - pacemaker::resource::service { $::cinder::params::backup_service : } + pacemaker::resource::service { $::cinder::params::backup_service : + op_params => 'start timeout=200s stop timeout=200s', + } } } diff --git a/manifests/profile/pacemaker/cinder/scheduler.pp b/manifests/profile/pacemaker/cinder/scheduler.pp index e25ef54..4bfb89a 100644 --- a/manifests/profile/pacemaker/cinder/scheduler.pp +++ b/manifests/profile/pacemaker/cinder/scheduler.pp @@ -48,6 +48,7 @@ class tripleo::profile::pacemaker::cinder::scheduler ( if $step >= 5 and $pacemaker_master { pacemaker::resource::service { $::cinder::params::scheduler_service : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint': diff --git a/manifests/profile/pacemaker/cinder/volume.pp b/manifests/profile/pacemaker/cinder/volume.pp index 82e2522..46e8b79 100644 --- a/manifests/profile/pacemaker/cinder/volume.pp +++ b/manifests/profile/pacemaker/cinder/volume.pp @@ -53,7 +53,9 @@ class tripleo::profile::pacemaker::cinder::volume ( } if $step >= 5 and $pacemaker_master { - pacemaker::resource::service { $::cinder::params::volume_service : } + pacemaker::resource::service { $::cinder::params::volume_service : + op_params => 'start timeout=200s stop timeout=200s', + } } } diff --git a/manifests/profile/pacemaker/database/mysql.pp b/manifests/profile/pacemaker/database/mysql.pp index 0169e16..7464854 100644 --- a/manifests/profile/pacemaker/database/mysql.pp +++ b/manifests/profile/pacemaker/database/mysql.pp @@ -45,7 +45,12 @@ class tripleo::profile::pacemaker::database::mysql ( # use only mysql_node_names when we land a patch in t-h-t that # switches to autogenerating these values from composable services - $galera_node_names_lookup = hiera('mysql_node_names', hiera('galera_node_names', $::hostname)) + # The galera node names need to match the pacemaker node names... so if we + # want to use FQDNs for this, the cluster will not finish bootstrapping, + # since all the nodes will be marked as slaves. For now, we'll stick to the + # short name which is already registered in pacemaker until we get around + # this issue. + $galera_node_names_lookup = hiera('mysql_short_node_names', hiera('mysql_node_names', $::hostname)) if is_array($galera_node_names_lookup) { $galera_nodes = downcase(join($galera_node_names_lookup, ',')) } else { diff --git a/manifests/profile/pacemaker/glance.pp b/manifests/profile/pacemaker/glance.pp index 664b91f..cace5ae 100644 --- a/manifests/profile/pacemaker/glance.pp +++ b/manifests/profile/pacemaker/glance.pp @@ -92,10 +92,12 @@ class tripleo::profile::pacemaker::glance ( if $step >= 5 and $pacemaker_master { pacemaker::resource::service { $::glance::params::registry_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', require => Pacemaker::Resource::Ocf['openstack-core'], } pacemaker::resource::service { $::glance::params::api_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } diff --git a/manifests/profile/pacemaker/gnocchi/metricd.pp b/manifests/profile/pacemaker/gnocchi/metricd.pp index c9dc2d9..aacec01 100644 --- a/manifests/profile/pacemaker/gnocchi/metricd.pp +++ b/manifests/profile/pacemaker/gnocchi/metricd.pp @@ -39,6 +39,7 @@ class tripleo::profile::pacemaker::gnocchi::metricd ( include ::gnocchi::metricd pacemaker::resource::service { $::gnocchi::params::metricd_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/gnocchi/statsd.pp b/manifests/profile/pacemaker/gnocchi/statsd.pp index 42d30b9..1058010 100644 --- a/manifests/profile/pacemaker/gnocchi/statsd.pp +++ b/manifests/profile/pacemaker/gnocchi/statsd.pp @@ -39,6 +39,7 @@ class tripleo::profile::pacemaker::gnocchi::statsd ( include ::gnocchi::statsd pacemaker::resource::service { $::gnocchi::params::statsd_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/haproxy.pp b/manifests/profile/pacemaker/haproxy.pp index b2e127b..21d8ab1 100644 --- a/manifests/profile/pacemaker/haproxy.pp +++ b/manifests/profile/pacemaker/haproxy.pp @@ -56,6 +56,7 @@ class tripleo::profile::pacemaker::haproxy ( # of pacemaker VIPs could move into puppet-tripleo or we should # make use of less specific hiera parameters here for the settings. pacemaker::resource::service { 'haproxy': + op_params => 'start timeout=200s stop timeout=200s', clone_params => true, } diff --git a/manifests/profile/pacemaker/heat/api.pp b/manifests/profile/pacemaker/heat/api.pp index 0fc4f8a..7b0987f 100644 --- a/manifests/profile/pacemaker/heat/api.pp +++ b/manifests/profile/pacemaker/heat/api.pp @@ -42,6 +42,7 @@ class tripleo::profile::pacemaker::heat::api ( if $step >= 5 and $pacemaker_master { pacemaker::resource::service { $::heat::params::api_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/heat/api_cfn.pp b/manifests/profile/pacemaker/heat/api_cfn.pp index 1230c6b..6e40dba 100644 --- a/manifests/profile/pacemaker/heat/api_cfn.pp +++ b/manifests/profile/pacemaker/heat/api_cfn.pp @@ -42,6 +42,7 @@ class tripleo::profile::pacemaker::heat::api_cfn ( if $step >= 5 and $pacemaker_master { pacemaker::resource::service { $::heat::params::api_cfn_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/heat/api_cloudwatch.pp b/manifests/profile/pacemaker/heat/api_cloudwatch.pp index 6110a0c..9403812 100644 --- a/manifests/profile/pacemaker/heat/api_cloudwatch.pp +++ b/manifests/profile/pacemaker/heat/api_cloudwatch.pp @@ -43,6 +43,7 @@ class tripleo::profile::pacemaker::heat::api_cloudwatch ( if $step >= 5 and $pacemaker_master { # Heat pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/heat/engine.pp b/manifests/profile/pacemaker/heat/engine.pp index 88744ad..bd50dc0 100644 --- a/manifests/profile/pacemaker/heat/engine.pp +++ b/manifests/profile/pacemaker/heat/engine.pp @@ -42,6 +42,7 @@ class tripleo::profile::pacemaker::heat::engine ( if $step >= 5 and $pacemaker_master { pacemaker::resource::service { $::heat::params::engine_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp index a1ff5ca..5cbeb7f 100644 --- a/manifests/profile/pacemaker/manila.pp +++ b/manifests/profile/pacemaker/manila.pp @@ -139,7 +139,9 @@ class tripleo::profile::pacemaker::manila ( if $step >= 5 and $pacemaker_master { # only manila-share is pacemaker managed, and in a/p - pacemaker::resource::service { $::manila::params::share_service : } + pacemaker::resource::service { $::manila::params::share_service : + op_params => 'start timeout=200s stop timeout=200s', + } } } diff --git a/manifests/profile/pacemaker/memcached.pp b/manifests/profile/pacemaker/memcached.pp index 2a6bd4d..9c6a1a3 100644 --- a/manifests/profile/pacemaker/memcached.pp +++ b/manifests/profile/pacemaker/memcached.pp @@ -41,6 +41,7 @@ class tripleo::profile::pacemaker::memcached ( if $step >= 2 and $pacemaker_master { pacemaker::resource::service { $::memcached::params::service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', require => Class['::memcached'], } diff --git a/manifests/profile/pacemaker/neutron.pp b/manifests/profile/pacemaker/neutron.pp index 6525126..ccc1401 100644 --- a/manifests/profile/pacemaker/neutron.pp +++ b/manifests/profile/pacemaker/neutron.pp @@ -91,11 +91,13 @@ class tripleo::profile::pacemaker::neutron ( unless => '/sbin/pcs resource show neutron-server', } -> pacemaker::resource::service { $::neutron::params::server_service: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', require => Pacemaker::Resource::Ocf['openstack-core'] } } else { pacemaker::resource::service { $::neutron::params::server_service: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', require => Pacemaker::Resource::Ocf['openstack-core'] } diff --git a/manifests/profile/pacemaker/neutron/dhcp.pp b/manifests/profile/pacemaker/neutron/dhcp.pp index e76012f..2081357 100644 --- a/manifests/profile/pacemaker/neutron/dhcp.pp +++ b/manifests/profile/pacemaker/neutron/dhcp.pp @@ -37,6 +37,7 @@ class tripleo::profile::pacemaker::neutron::dhcp ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::neutron::params::dhcp_agent_service: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/neutron/l3.pp b/manifests/profile/pacemaker/neutron/l3.pp index c3ae3b8..b59edc1 100644 --- a/manifests/profile/pacemaker/neutron/l3.pp +++ b/manifests/profile/pacemaker/neutron/l3.pp @@ -37,6 +37,7 @@ class tripleo::profile::pacemaker::neutron::l3 ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::neutron::params::l3_agent_service: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/neutron/metadata.pp b/manifests/profile/pacemaker/neutron/metadata.pp index f09edba..6b0e537 100644 --- a/manifests/profile/pacemaker/neutron/metadata.pp +++ b/manifests/profile/pacemaker/neutron/metadata.pp @@ -37,6 +37,7 @@ class tripleo::profile::pacemaker::neutron::metadata ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::neutron::params::metadata_agent_service: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/neutron/midonet.pp b/manifests/profile/pacemaker/neutron/midonet.pp index 453641a..33aed64 100644 --- a/manifests/profile/pacemaker/neutron/midonet.pp +++ b/manifests/profile/pacemaker/neutron/midonet.pp @@ -38,6 +38,7 @@ class tripleo::profile::pacemaker::neutron::midonet ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service {'tomcat': + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } diff --git a/manifests/profile/pacemaker/neutron/ovs.pp b/manifests/profile/pacemaker/neutron/ovs.pp index 7e3b15c..c97cd65 100644 --- a/manifests/profile/pacemaker/neutron/ovs.pp +++ b/manifests/profile/pacemaker/neutron/ovs.pp @@ -38,6 +38,7 @@ class tripleo::profile::pacemaker::neutron::ovs ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::neutron::params::ovs_agent_service: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } diff --git a/manifests/profile/pacemaker/nova/api.pp b/manifests/profile/pacemaker/nova/api.pp index 188beda..6724b4d 100644 --- a/manifests/profile/pacemaker/nova/api.pp +++ b/manifests/profile/pacemaker/nova/api.pp @@ -46,6 +46,7 @@ class tripleo::profile::pacemaker::nova::api ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::nova::params::api_service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } diff --git a/manifests/profile/pacemaker/nova/conductor.pp b/manifests/profile/pacemaker/nova/conductor.pp index f2605cb..b7ffe0c 100644 --- a/manifests/profile/pacemaker/nova/conductor.pp +++ b/manifests/profile/pacemaker/nova/conductor.pp @@ -45,6 +45,7 @@ class tripleo::profile::pacemaker::nova::conductor ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::nova::params::conductor_service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } diff --git a/manifests/profile/pacemaker/nova/consoleauth.pp b/manifests/profile/pacemaker/nova/consoleauth.pp index 6cd8c15..aeec6b4 100644 --- a/manifests/profile/pacemaker/nova/consoleauth.pp +++ b/manifests/profile/pacemaker/nova/consoleauth.pp @@ -45,6 +45,7 @@ class tripleo::profile::pacemaker::nova::consoleauth ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::nova::params::consoleauth_service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } diff --git a/manifests/profile/pacemaker/nova/scheduler.pp b/manifests/profile/pacemaker/nova/scheduler.pp index 8c387d2..d4d3dab 100644 --- a/manifests/profile/pacemaker/nova/scheduler.pp +++ b/manifests/profile/pacemaker/nova/scheduler.pp @@ -44,6 +44,7 @@ class tripleo::profile::pacemaker::nova::scheduler ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::nova::params::scheduler_service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/nova/vncproxy.pp b/manifests/profile/pacemaker/nova/vncproxy.pp index 3652daa..e9a1124 100644 --- a/manifests/profile/pacemaker/nova/vncproxy.pp +++ b/manifests/profile/pacemaker/nova/vncproxy.pp @@ -44,6 +44,7 @@ class tripleo::profile::pacemaker::nova::vncproxy ( if $step >= 5 and downcase($::hostname) == $pacemaker_master { pacemaker::resource::service { $::nova::params::vncproxy_service_name: + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/rabbitmq.pp b/manifests/profile/pacemaker/rabbitmq.pp index 1f25e8b..8d5f9d0 100644 --- a/manifests/profile/pacemaker/rabbitmq.pp +++ b/manifests/profile/pacemaker/rabbitmq.pp @@ -26,6 +26,16 @@ # (Optional) Content of erlang cookie. # Defaults to hiera('rabbitmq::erlang_cookie'). # +# [*user_ha_queues*] +# (Optional) The number of HA queues in to be configured in rabbitmq +# Defaults to hiera('rabbitmq::nr_ha_queues'), which is usually 0 meaning +# that the queues number will be CEIL(N/2) where N is the number of rabbitmq +# nodes. +# +# [*rabbit_nodes*] +# (Optional) The list of rabbitmq nodes names +# Defaults to hiera('rabbitmq_node_names') +# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. @@ -34,6 +44,8 @@ class tripleo::profile::pacemaker::rabbitmq ( $bootstrap_node = hiera('bootstrap_nodeid'), $erlang_cookie = hiera('rabbitmq::erlang_cookie'), + $user_ha_queues = hiera('rabbitmq::nr_ha_queues', 0), + $rabbit_nodes = hiera('rabbitmq_node_names'), $step = hiera('step'), ) { if $::hostname == downcase($bootstrap_node) { @@ -61,9 +73,17 @@ class tripleo::profile::pacemaker::rabbitmq ( } if $step >= 2 and $pacemaker_master { + include ::stdlib + # The default nr of ha queues is ceiling(N/2) + if $user_ha_queues == 0 { + $nr_rabbit_nodes = size($rabbit_nodes) + $nr_ha_queues = $nr_rabbit_nodes / 2 + ($nr_rabbit_nodes % 2) + } else { + $nr_ha_queues = $user_ha_queues + } pacemaker::resource::ocf { 'rabbitmq': ocf_agent_name => 'heartbeat:rabbitmq-cluster', - resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'', + resource_params => "set_policy='ha-all ^(?!amq\\.).* {\"ha-mode\":\"exactly\",\"ha-params\":${nr_ha_queues}}'", clone_params => 'ordered=true interleave=true', meta_params => 'notify=true', require => Class['::rabbitmq'], diff --git a/manifests/profile/pacemaker/sahara/api.pp b/manifests/profile/pacemaker/sahara/api.pp index 0e3d97a..70632d1 100644 --- a/manifests/profile/pacemaker/sahara/api.pp +++ b/manifests/profile/pacemaker/sahara/api.pp @@ -43,6 +43,7 @@ class tripleo::profile::pacemaker::sahara::api ( if $step >= 5 and $pacemaker_master { # Sahara pacemaker::resource::service { $::sahara::params::api_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/profile/pacemaker/sahara/engine.pp b/manifests/profile/pacemaker/sahara/engine.pp index ada6c06..640acc0 100644 --- a/manifests/profile/pacemaker/sahara/engine.pp +++ b/manifests/profile/pacemaker/sahara/engine.pp @@ -42,6 +42,7 @@ class tripleo::profile::pacemaker::sahara::engine ( if $step >= 5 and $pacemaker_master { pacemaker::resource::service { $::sahara::params::engine_service_name : + op_params => 'start timeout=200s stop timeout=200s', clone_params => 'interleave=true', } } diff --git a/manifests/ui.pp b/manifests/ui.pp index 0a12af0..dc51bfc 100644 --- a/manifests/ui.pp +++ b/manifests/ui.pp @@ -72,7 +72,7 @@ class tripleo::ui ( $servername = $::fqdn, $bind_host = undef, $ui_port = 3000, - $keystone_url = hiera('keystone::endpoint::public_url'), + $keystone_url = hiera('keystone_auth_uri_v2'), $heat_url = hiera('heat::keystone::auth::public_url', undef), $ironic_url = hiera('ironic::keystone::auth::public_url', undef), $mistral_url = hiera('mistral::keystone::auth::public_url', undef), @@ -82,19 +82,28 @@ class tripleo::ui ( ) { ::apache::vhost { 'tripleo-ui': - ensure => 'present', - servername => $servername, - ip => $bind_host, - port => $ui_port, - docroot => '/var/www/openstack-tripleo-ui/dist', - options => ['Indexes', 'FollowSymLinks'], - rewrites => [ - { - comment => 'Redirect 404 to index', - rewrite_cond => ['%{REQUEST_FILENAME} !-f', '%{REQUEST_FILENAME} !-d'], - rewrite_rule => ['(.*) index.html'], - }, - ], + ensure => 'present', + servername => $servername, + ip => $bind_host, + port => $ui_port, + docroot => '/var/www/openstack-tripleo-ui/dist', + options => ['Indexes', 'FollowSymLinks'], + fallbackresource => '/index.html', + } + + # We already use apache::vhost to generate our own + # configuration file, let's clean the configuration + # embedded within the package + file { "${apache::confd_dir}/openstack-tripleo-ui.conf" : + ensure => present, + content => "# +# This file has been cleaned by Puppet. +# +# OpenStack TripleO UI configuration has been moved to: +# - 25-tripleo-ui.conf +#", + require => Package['openstack-tripleo-ui'], + before => Service[$::apache::params::service_name], } file { '/var/www/openstack-tripleo-ui/dist/tripleo_ui_config.js' : |