diff options
Diffstat (limited to 'manifests/profile')
-rw-r--r-- | manifests/profile/base/cinder.pp | 1 | ||||
-rw-r--r-- | manifests/profile/base/cinder/api.pp | 1 | ||||
-rw-r--r-- | manifests/profile/base/database/mysql.pp | 3 | ||||
-rw-r--r-- | manifests/profile/base/glance/api.pp | 77 | ||||
-rw-r--r-- | manifests/profile/base/keystone.pp | 4 | ||||
-rw-r--r-- | manifests/profile/base/metrics/collectd.pp | 111 | ||||
-rw-r--r-- | manifests/profile/base/metrics/collectd/collectd_plugin.pp | 6 | ||||
-rw-r--r-- | manifests/profile/base/metrics/collectd/collectd_service.pp | 11 | ||||
-rw-r--r-- | manifests/profile/base/nova.pp | 1 | ||||
-rw-r--r-- | manifests/profile/base/nova/ec2api.pp | 35 | ||||
-rw-r--r-- | manifests/profile/base/nova/placement.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/octavia.pp | 57 | ||||
-rw-r--r-- | manifests/profile/base/octavia/api.pp (renamed from manifests/profile/base/glance/registry.pp) | 38 | ||||
-rw-r--r-- | manifests/profile/base/pacemaker.pp | 64 | ||||
-rw-r--r-- | manifests/profile/base/pacemaker_remote.pp | 37 | ||||
-rw-r--r-- | manifests/profile/pacemaker/ceph/rbdmirror.pp | 77 |
16 files changed, 446 insertions, 79 deletions
diff --git a/manifests/profile/base/cinder.pp b/manifests/profile/base/cinder.pp index 6a821f3..6e8fbb2 100644 --- a/manifests/profile/base/cinder.pp +++ b/manifests/profile/base/cinder.pp @@ -57,6 +57,7 @@ class tripleo::profile::base::cinder ( rabbit_hosts => $rabbit_endpoints, } include ::cinder::config + include ::cinder::glance } if $step >= 5 { diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp index 5ea2058..450a8e6 100644 --- a/manifests/profile/base/cinder/api.pp +++ b/manifests/profile/base/cinder/api.pp @@ -94,7 +94,6 @@ class tripleo::profile::base::cinder::api ( ssl_key => $tls_keyfile, } include ::cinder::ceilometer - include ::cinder::glance } } diff --git a/manifests/profile/base/database/mysql.pp b/manifests/profile/base/database/mysql.pp index 1692108..5154464 100644 --- a/manifests/profile/base/database/mysql.pp +++ b/manifests/profile/base/database/mysql.pp @@ -191,6 +191,9 @@ class tripleo::profile::base::database::mysql ( if hiera('panko_api_enabled', false) { include ::panko::db::mysql } + if hiera('ec2_api_enabled', false) { + include ::ec2api::db::mysql + } } } diff --git a/manifests/profile/base/glance/api.pp b/manifests/profile/base/glance/api.pp index 8945fff..6134a87 100644 --- a/manifests/profile/base/glance/api.pp +++ b/manifests/profile/base/glance/api.pp @@ -22,10 +22,39 @@ # (Optional) The hostname of the node responsible for bootstrapping tasks # Defaults to hiera('bootstrap_nodeid') # +# [*certificates_specs*] +# (Optional) The specifications to give to certmonger for the certificate(s) +# it will create. +# Example with hiera: +# apache_certificates_specs: +# httpd-internal_api: +# hostname: <overcloud controller fqdn> +# service_certificate: <service certificate path> +# service_key: <service key path> +# principal: "haproxy/<overcloud controller fqdn>" +# Defaults to hiera('apache_certificate_specs', {}). +# +# [*enable_internal_tls*] +# (Optional) Whether TLS in the internal network is enabled or not. +# Defaults to hiera('enable_internal_tls', false) +# +# [*generate_service_certificates*] +# (Optional) Whether or not certmonger will generate certificates for +# HAProxy. This could be as many as specified by the $certificates_specs +# variable. +# Note that this doesn't configure the certificates in haproxy, it merely +# creates the certificates. +# Defaults to hiera('generate_service_certificate', false). +# # [*glance_backend*] # (Optional) Glance backend(s) to use. # Defaults to downcase(hiera('glance_backend', 'swift')) # +# [*glance_network*] +# (Optional) The network name where the glance endpoint is listening on. +# This is set by t-h-t. +# Defaults to hiera('glance_api_network', undef) +# # [*glance_nfs_enabled*] # (Optional) Whether to use NFS mount as 'file' backend storage location. # Defaults to false @@ -42,15 +71,22 @@ # [*rabbit_port*] # IP port for rabbitmq service # Defaults to hiera('glance::notify::rabbitmq::rabbit_port', 5672) - +# class tripleo::profile::base::glance::api ( - $bootstrap_node = hiera('bootstrap_nodeid', undef), - $glance_backend = downcase(hiera('glance_backend', 'swift')), - $glance_nfs_enabled = false, - $step = hiera('step'), - $rabbit_hosts = hiera('rabbitmq_node_names', undef), - $rabbit_port = hiera('glance::notify::rabbitmq::rabbit_port', 5672), + $bootstrap_node = hiera('bootstrap_nodeid', undef), + $certificates_specs = hiera('apache_certificates_specs', {}), + $enable_internal_tls = hiera('enable_internal_tls', false), + $generate_service_certificates = hiera('generate_service_certificates', false), + $glance_backend = downcase(hiera('glance_backend', 'swift')), + $glance_network = hiera('glance_api_network', undef), + $glance_nfs_enabled = false, + $step = hiera('step'), + $rabbit_hosts = hiera('rabbitmq_node_names', undef), + $rabbit_port = hiera('glance::notify::rabbitmq::rabbit_port', 5672), ) { + if $enable_internal_tls and $generate_service_certificates { + ensure_resources('tripleo::certmonger::httpd', $certificates_specs) + } if $::hostname == downcase($bootstrap_node) { $sync_db = true @@ -63,6 +99,27 @@ class tripleo::profile::base::glance::api ( } if $step >= 4 or ($step >= 3 and $sync_db) { + if $enable_internal_tls { + if !$glance_network { + fail('glance_api_network is not set in the hieradata.') + } + $tls_certfile = $certificates_specs["httpd-${glance_network}"]['service_certificate'] + $tls_keyfile = $certificates_specs["httpd-${glance_network}"]['service_key'] + + ::tripleo::tls_proxy { 'glance-api': + servername => hiera("fqdn_${glance_network}"), + ip => hiera('glance::api::bind_host'), + port => hiera('glance::api::bind_port'), + tls_cert => $tls_certfile, + tls_key => $tls_keyfile, + notify => Class['::glance::api'], + } + # TODO(jaosorior): Remove this when we pass it via t-h-t + $bind_host = 'localhost' + } else { + # TODO(jaosorior): Remove this when we pass it via t-h-t + $bind_host = hiera('glance::api::bind_host') + } case $glance_backend { 'swift': { $backend_store = 'glance.store.swift.Store' } 'file': { $backend_store = 'glance.store.filesystem.Store' } @@ -75,9 +132,11 @@ class tripleo::profile::base::glance::api ( # TODO: notifications, scrubber, etc. include ::glance include ::glance::config + # TODO(jaosorior): Remove bind_host when we set it up conditionally in t-h-t class { '::glance::api': - stores => $glance_store, - sync_db => $sync_db, + bind_host => $bind_host, + stores => $glance_store, + sync_db => $sync_db, } $rabbit_endpoints = suffix(any2array($rabbit_hosts), ":${rabbit_port}") class { '::glance::notify::rabbitmq' : diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index a388def..a3a39e9 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -255,6 +255,8 @@ class tripleo::profile::base::keystone ( include ::zaqar::keystone::auth include ::zaqar::keystone::auth_websocket } + if hiera('ec2_api_enabled', false) { + include ::ec2api::keystone::auth + } } } - diff --git a/manifests/profile/base/metrics/collectd.pp b/manifests/profile/base/metrics/collectd.pp index 0f738d1..d8e6f89 100644 --- a/manifests/profile/base/metrics/collectd.pp +++ b/manifests/profile/base/metrics/collectd.pp @@ -1,13 +1,27 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# # == Class: tripleo::profile::base::metrics::collectd # # Collectd configuration for TripleO # # === Parameters # -# [*collectd_plugins*] -# (Optional) List. A list of collectd plugins to configure (the -# corresponding collectd::plugin::NAME class must exist in the -# collectd package). +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') # # [*collectd_server*] # (Optional) String. The name or address of a collectd server to @@ -28,61 +42,62 @@ # [*collectd_securitylevel*] # (Optional) String. # -# [*collectd_interface*] -# (Optional) String. Name of a network interface. -# -# [*collectd_graphite_server*] -# (Optional) String. The name or address of a graphite server to -# which we should send metrics. -# -# [*collectd_graphite_port*] -# (Optional) Integer. This is the port to which we will connect on -# the graphite server. Defaults to 2004. -# -# [*collectd_graphite_prefix*] -# (Optional) String. Prefix to add to metric names. Defaults to -# 'overcloud.'. -# -# [*collectd_graphite_protocol*] -# (Optional) String. One of 'udp' or 'tcp'. -# +# [*service_names*] +# (Optional) List of strings. A list of active services in this tripleo +# deployment. This is used to look up service-specific plugins that +# need to be installed. class tripleo::profile::base::metrics::collectd ( - $collectd_plugins = [], + $step = hiera('step'), $collectd_server = undef, - $collectd_port = 25826, + $collectd_port = undef, $collectd_username = undef, $collectd_password = undef, $collectd_securitylevel = undef, - - $collectd_graphite_server = undef, - $collectd_graphite_port = 2004, - $collectd_graphite_prefix = undef, - $collectd_graphite_protocol = 'udp' + $service_names = hiera('service_names', []) ) { - include ::collectd - ::tripleo::profile::base::metrics::collectd::plugin_helper { $collectd_plugins: } + if $step >= 3 { + include ::collectd - if ! ($collectd_graphite_protocol in ['udp', 'tcp']) { - fail("collectd_graphite_protocol must be one of 'udp' or 'tcp'") - } + if ! ($collectd_securitylevel in [undef, 'None', 'Sign', 'Encrypt']) { + fail('collectd_securitylevel must be one of (None, Sign, Encrypt).') + } + + # Load per-service plugin configuration + ::tripleo::profile::base::metrics::collectd::collectd_service { + $service_names: } + + # Because THT doesn't allow us to default values to undef, we need + # to perform a number of transformations here to avoid passing a bunch of + # empty strings to the collectd plugins. - if $collectd_server { - ::collectd::plugin::network::server { $collectd_server: - username => $collectd_username, - password => $collectd_password, - port => $collectd_port, - securitylevel => $collectd_securitylevel, + $_collectd_username = empty($collectd_username) ? { + true => undef, + default => $collectd_username + } + + $_collectd_password = empty($collectd_password) ? { + true => undef, + default => $collectd_password } - } - if $collectd_graphite_server { - ::collectd::plugin::write_graphite::carbon { 'openstack_graphite': - graphitehost => $collectd_graphite_server, - graphiteport => $collectd_graphite_port, - graphiteprefix => $collectd_graphite_prefix, - protocol => $collectd_graphite_protocol, + $_collectd_port = empty($collectd_port) ? { + true => undef, + default => $collectd_port + } + + $_collectd_securitylevel = empty($collectd_securitylevel) ? { + true => undef, + default => $collectd_securitylevel + } + + if ! empty($collectd_server) { + ::collectd::plugin::network::server { $collectd_server: + username => $_collectd_username, + password => $_collectd_password, + port => $_collectd_port, + securitylevel => $_collectd_securitylevel, + } } } } - diff --git a/manifests/profile/base/metrics/collectd/collectd_plugin.pp b/manifests/profile/base/metrics/collectd/collectd_plugin.pp new file mode 100644 index 0000000..5ab940b --- /dev/null +++ b/manifests/profile/base/metrics/collectd/collectd_plugin.pp @@ -0,0 +1,6 @@ +# We use this to transform a list of unqualified plugin names +# (like ['disk', 'ntpd']) into the correct collectd plugin classes. +define tripleo::profile::base::metrics::collectd::collectd_plugin ( +) { + include "collectd::plugin::${title}" +} diff --git a/manifests/profile/base/metrics/collectd/collectd_service.pp b/manifests/profile/base/metrics/collectd/collectd_service.pp new file mode 100644 index 0000000..c1b3a60 --- /dev/null +++ b/manifests/profile/base/metrics/collectd/collectd_service.pp @@ -0,0 +1,11 @@ +# This is used to look up a list of service-specific collectd plugins +# in the hiera data provided by THT. +define tripleo::profile::base::metrics::collectd::collectd_service ( +) { + $plugins = hiera("tripleo.collectd.plugins.${title}", []) + + if $plugins { + ::tripleo::profile::base::metrics::collectd::collectd_plugin { + $plugins: } + } +} diff --git a/manifests/profile/base/nova.pp b/manifests/profile/base/nova.pp index dae627c..fe1e6a6 100644 --- a/manifests/profile/base/nova.pp +++ b/manifests/profile/base/nova.pp @@ -110,6 +110,7 @@ class tripleo::profile::base::nova ( } if $step >= 4 { + include ::nova::placement if $manage_migration { class { '::nova::migration::libvirt': configure_libvirt => $libvirt_enabled, diff --git a/manifests/profile/base/nova/ec2api.pp b/manifests/profile/base/nova/ec2api.pp new file mode 100644 index 0000000..f34b071 --- /dev/null +++ b/manifests/profile/base/nova/ec2api.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::ec2api +# +# EC2-compatible Nova API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::nova::ec2api ( + $step = hiera('step') +) { + if $step >= 4 { + include ::ec2api + include ::ec2api::api + include ::ec2api::db::sync + include ::ec2api::metadata + } +} diff --git a/manifests/profile/base/nova/placement.pp b/manifests/profile/base/nova/placement.pp index 7edd4e8..aa8c3c7 100644 --- a/manifests/profile/base/nova/placement.pp +++ b/manifests/profile/base/nova/placement.pp @@ -86,8 +86,6 @@ class tripleo::profile::base::nova::placement ( } if $step >= 4 { - include ::nova::placement - class { '::nova::wsgi::apache_placement': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/octavia.pp b/manifests/profile/base/octavia.pp new file mode 100644 index 0000000..46ca009 --- /dev/null +++ b/manifests/profile/base/octavia.pp @@ -0,0 +1,57 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::octavia +# +# Octavia server profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +# [*rabbit_user*] +# [*rabbit_password*] +# (Optional) RabbitMQ user details +# Defaults to undef +# +# [*rabbit_hosts*] +# list of the rabbbit host fqdns +# Defaults to hiera('rabbitmq_node_names') +# +# [*rabbit_port*] +# IP port for rabbitmq service +# Defaults to 5672. +# +class tripleo::profile::base::octavia ( + $step = hiera('step'), + $rabbit_user = undef, + $rabbit_password = undef, + $rabbit_hosts = hiera('rabbitmq_node_names', undef), + $rabbit_port = '5672' +) { + if $step >= 3 { + class { '::octavia' : + default_transport_url => os_transport_url({ + 'transport' => 'rabbit', + 'hosts' => $rabbit_hosts, + 'port' => sprintf('%s', $rabbit_port), + 'username' => $rabbit_user, + 'password' => $rabbit_password + }) + } + include ::octavia::config + } +} diff --git a/manifests/profile/base/glance/registry.pp b/manifests/profile/base/octavia/api.pp index cd40aeb..d457478 100644 --- a/manifests/profile/base/glance/registry.pp +++ b/manifests/profile/base/octavia/api.pp @@ -12,39 +12,43 @@ # License for the specific language governing permissions and limitations # under the License. # -# == Class: tripleo::profile::base::glance::registry +# == Class: tripleo::profile::base::octavia::api # -# Glance Registry profile for tripleo +# Octavia API server profile for tripleo # # === Parameters # # [*bootstrap_node*] -# DEPRECATED # (Optional) The hostname of the node responsible for bootstrapping tasks # Defaults to hiera('bootstrap_nodeid') # -# [*glance_backend*] -# (Optional) Glance backend(s) to use. -# Defaults to downcase(hiera('glance_backend', 'swift')) -# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. # Defaults to hiera('step') # -class tripleo::profile::base::glance::registry ( - $bootstrap_node = undef, - $glance_backend = downcase(hiera('glance_backend', 'swift')), +class tripleo::profile::base::octavia::api ( + $bootstrap_node = hiera('bootstrap_nodeid', undef), $step = hiera('step'), ) { + if $::hostname == downcase($bootstrap_node) { + $sync_db = true + } else { + $sync_db = false + } - if $step >= 4 { - # TODO: notifications, scrubber, etc. - include ::glance - include ::glance::config - include ::glance::registry - include ::glance::notify::rabbitmq - include join(['::glance::backend::', $glance_backend]) + include ::tripleo::profile::base::octavia + + if $step >= 3 and $sync_db { + include ::octavia::db::mysql } + # We start the Octavia API server on the bootstrap node first, because + # it will try to populate tables and we need to make sure this happens + # before it starts on other nodes + if ($step >= 4 and $sync_db) or ($step >= 5 and !$sync_db) { + class { '::octavia::api': + sync_db => $sync_db, + } + } } diff --git a/manifests/profile/base/pacemaker.pp b/manifests/profile/base/pacemaker.pp index 671f1e7..6021731 100644 --- a/manifests/profile/base/pacemaker.pp +++ b/manifests/profile/base/pacemaker.pp @@ -23,9 +23,54 @@ # for more details. # Defaults to hiera('step') # +# [*pcs_tries*] +# (Optional) The number of times pcs commands should be retried. +# Defaults to hiera('pcs_tries', 20) +# +# [*remote_short_node_names*] +# (Optional) List of short node names for pacemaker remote nodes +# Defaults to hiera('pacemaker_remote_short_node_names', []) +# +# [*remote_node_ips*] +# (Optional) List of node ips for pacemaker remote nodes +# Defaults to hiera('pacemaker_remote_node_ips', []) +# +# [*remote_authkey*] +# (Optional) Authkey for pacemaker remote nodes +# Defaults to undef +# +# [*remote_reconnect_interval*] +# (Optional) Reconnect interval for the remote +# Defaults to hiera('pacemaker_remote_reconnect_interval', 60) +# +# [*remote_monitor_interval*] +# (Optional) Monitor interval for the remote +# Defaults to hiera('pacemaker_monitor_reconnect_interval', 20) +# +# [*remote_tries*] +# (Optional) Number of tries for the remote resource creation +# Defaults to hiera('pacemaker_remote_tries', 5) +# +# [*remote_try_sleep*] +# (Optional) Number of seconds to sleep between remote creation tries +# Defaults to hiera('pacemaker_remote_try_sleep', 60) +# class tripleo::profile::base::pacemaker ( - $step = hiera('step'), + $step = hiera('step'), + $pcs_tries = hiera('pcs_tries', 20), + $remote_short_node_names = hiera('pacemaker_remote_short_node_names', []), + $remote_node_ips = hiera('pacemaker_remote_node_ips', []), + $remote_authkey = undef, + $remote_reconnect_interval = hiera('pacemaker_remote_reconnect_interval', 60), + $remote_monitor_interval = hiera('pacemaker_remote_monitor_interval', 20), + $remote_tries = hiera('pacemaker_remote_tries', 5), + $remote_try_sleep = hiera('pacemaker_remote_try_sleep', 60), ) { + + if count($remote_short_node_names) != count($remote_node_ips) { + fail("Count of ${remote_short_node_names} is not equal to count of ${remote_node_ips}") + } + Pcmk_resource <| |> { tries => 10, try_sleep => 3, @@ -55,9 +100,11 @@ class tripleo::profile::base::pacemaker ( cluster_members => $pacemaker_cluster_members, setup_cluster => $pacemaker_master, cluster_setup_extras => $cluster_setup_extras, + remote_authkey => $remote_authkey, } class { '::pacemaker::stonith': disable => !$enable_fencing, + tries => $pcs_tries, } if $enable_fencing { include ::tripleo::fencing @@ -69,6 +116,21 @@ class tripleo::profile::base::pacemaker ( # enable stonith after all fencing devices have been created Class['tripleo::fencing'] -> Class['pacemaker::stonith'] } + # We have pacemaker remote nodes configured so let's add them as resources + # We do this during step 1 right after wait-for-settle, because during step 2 + # resources might already be created on pacemaker remote nodes and we need + # a guarantee that remote nodes are already up + if $pacemaker_master and count($remote_short_node_names) > 0 { + # Creates a { "node" => "ip_address", ...} hash + $remotes_hash = hash(zip($remote_short_node_names, $remote_node_ips)) + pacemaker::resource::remote { $remote_short_node_names: + remote_address => $remotes_hash[$title], + reconnect_interval => $remote_reconnect_interval, + op_params => "monitor interval=${remote_monitor_interval}", + tries => $remote_tries, + try_sleep => $remote_try_sleep, + } + } } if $step >= 2 { diff --git a/manifests/profile/base/pacemaker_remote.pp b/manifests/profile/base/pacemaker_remote.pp new file mode 100644 index 0000000..e0fff63 --- /dev/null +++ b/manifests/profile/base/pacemaker_remote.pp @@ -0,0 +1,37 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::pacemaker_remote +# +# Pacemaker remote profile for tripleo +# +# === Parameters +# +# [*remote_authkey*] +# Authkey for pacemaker remote nodes +# Defaults to unset +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::pacemaker_remote ( + $remote_authkey, + $step = hiera('step'), +) { + class { '::pacemaker::remote': + remote_authkey => $remote_authkey, + } +} diff --git a/manifests/profile/pacemaker/ceph/rbdmirror.pp b/manifests/profile/pacemaker/ceph/rbdmirror.pp new file mode 100644 index 0000000..8e2ff77 --- /dev/null +++ b/manifests/profile/pacemaker/ceph/rbdmirror.pp @@ -0,0 +1,77 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::ceph::rbdmirror +# +# Ceph RBD mirror Pacemaker profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('ceph_rbdmirror_bootstrap_short_node_name') +# +# [*client_name*] +# (Optional) Name assigned to the RBD mirror client +# Defaults to 'rbd-mirror' +# +# [*stack_action*] +# (Optional) Action executed on the stack. See tripleo-heat-templates +# for more details. +# Defaults to hiera('stack_action') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::ceph::rbdmirror ( + $bootstrap_node = hiera('ceph_rbdmirror_bootstrap_short_node_name'), + $client_name = 'openstack', + $stack_action = hiera('stack_action'), + $step = hiera('step'), +) { + Service <| tag == 'ceph-rbd-mirror' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::ceph + + if $step >= 3 { + ceph::mirror { $client_name: + rbd_mirror_enable => false, + rbd_mirror_ensure => 'stopped', + } -> + pacemaker::resource::service { "ceph-rbd-mirror_${client_name}": + # NOTE(gfidente): systemd uses the @ sign but it is an invalid + # character in a pcmk resource name, so we need to use it only + # for the name of the service + service_name => "ceph-rbd-mirror@${client_name}" + } + } + + if $step >= 3 and $pacemaker_master and $stack_action == 'UPDATE' { + Ceph_config<||> ~> Tripleo::Pacemaker::Resource_restart_flag["ceph-rbd-mirror@${client_name}"] + tripleo::pacemaker::resource_restart_flag { "ceph-rbd-mirror@${client_name}": } + } +} |