diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/packages.pp | 36 | ||||
| -rw-r--r-- | manifests/packages/upgrades.pp | 43 | ||||
| -rw-r--r-- | manifests/profile/base/heat.pp | 16 | ||||
| -rw-r--r-- | manifests/profile/base/keystone.pp | 23 | ||||
| -rw-r--r-- | manifests/profile/pacemaker/database/redis.pp | 1 | ||||
| -rw-r--r-- | manifests/profile/pacemaker/rabbitmq.pp | 1 |
6 files changed, 78 insertions, 42 deletions
diff --git a/manifests/packages.pp b/manifests/packages.pp index 5e111fa..ec2635a 100644 --- a/manifests/packages.pp +++ b/manifests/packages.pp @@ -32,6 +32,9 @@ class tripleo::packages ( $enable_upgrade = false, ) { + # required for stages + include ::stdlib + if !$enable_install and !$enable_upgrade { case $::osfamily { 'RedHat': { @@ -45,33 +48,12 @@ class tripleo::packages ( if $enable_upgrade { Package <| |> { ensure => 'latest' } - - case $::osfamily { - 'RedHat': { - $pkg_upgrade_cmd = 'yum -y update' - } - default: { - warning('Please specify a package upgrade command for distribution.') - } - } - - exec { 'package-upgrade': - command => $pkg_upgrade_cmd, - path => '/usr/bin', - timeout => 0, - } - # A resource chain to ensure the upgrade ordering we want: - # 1) Upgrade all packages via exec. - # Note: The Package Puppet resources can be managed after or before package-upgrade, - # it does not matter. what we need to make sure is that they'll notify their - # respective services (if they have ~> in their manifests or here with the ->) - # for the other packages, they'll be upgraded before any Service notify. - # This approach prevents from Puppet dependencies cycle. - # 2) This upgrade will be run before any Service notified & managed by Puppet. - # Note: For example, during the Puppet catalog, configuration will change for most of - # the services so the Services will be likely restarted after the package upgrade. - Exec['package-upgrade'] -> Service <| |> - + # Running the package upgrade before managing Services in the main stage. + # So we're sure that services will be able to restart with the new version + # of the package. + ensure_resource('class', 'tripleo::packages::upgrades', { + 'stage' => 'setup', + }) } } diff --git a/manifests/packages/upgrades.pp b/manifests/packages/upgrades.pp new file mode 100644 index 0000000..a6ca1c8 --- /dev/null +++ b/manifests/packages/upgrades.pp @@ -0,0 +1,43 @@ +# Copyright 2016 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# == Class: tripleo::packages::upgrades +# +# Upgrade packages using yum. +# +class tripleo::packages::upgrades { + + # required for stages + include ::stdlib + + case $::osfamily { + 'RedHat': { + $pkg_upgrade_cmd = 'yum -y update' + } + default: { + fail('Please specify a package upgrade command for distribution.') + } + } + + # Running the package upgrade before managing Services in the main stage. + # So we're sure that services will be able to restart with the new version + # of the package. + ensure_resource('exec', 'package-upgrade', { + 'command' => $pkg_upgrade_cmd, + 'path' => '/usr/bin', + 'timeout' => 0, + }) + +} diff --git a/manifests/profile/base/heat.pp b/manifests/profile/base/heat.pp index 027ab7e..2035a4f 100644 --- a/manifests/profile/base/heat.pp +++ b/manifests/profile/base/heat.pp @@ -46,7 +46,7 @@ class tripleo::profile::base::heat ( $step = hiera('step'), $rabbit_hosts = hiera('rabbitmq_node_ips', undef), ) { - # Domain resources will be created at step5 on the bootstrap_node so we + # Domain resources will be created at step5 on the node running keystone.pp # configure heat.conf at step3 and 4 but actually create the domain later. if $step == 3 or $step == 4 { class { '::heat::keystone::domain': @@ -69,20 +69,6 @@ class tripleo::profile::base::heat ( if $manage_db_purge { include ::heat::cron::purge_deleted } - if $bootstrap_node == $::hostname { - # Class ::heat::keystone::domain has to run on bootstrap node - # because it creates DB entities via API calls. - include ::heat::keystone::domain - - Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain'] - } else { - # On non-bootstrap node we don't need to create Keystone resources again - class { '::heat::keystone::domain': - manage_domain => false, - manage_user => false, - manage_role => false, - } - } } } diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index d515f8f..846296e 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -45,10 +45,12 @@ class tripleo::profile::base::keystone ( $sync_db = true $manage_roles = true $manage_endpoint = true + $manage_domain = true } else { $sync_db = false $manage_roles = false $manage_endpoint = false + $manage_domain = false } if $step >= 4 or ( $step >= 3 and $sync_db ) { @@ -76,6 +78,27 @@ class tripleo::profile::base::keystone ( include ::keystone::cron::token_flush } + if $step >= 5 and $manage_domain { + if hiera('heat_engine_enabled', false) { + # if Heat and Keystone are collocated, so we want to + # both configure heat.conf and create Keystone resources. + # note: domain_password is given via Hiera. + if defined(Class['::tripleo::profile::base::heat']) { + include ::heat::keystone::domain + } else { + # if Heat and Keystone are not collocated, we want Puppet + # to only create Keystone resources on the Keystone node + # but not try to configure Heat, to avoid leaking the password. + class { '::heat::keystone::domain': + domain_name => $::os_service_default, + domain_admin => $::os_service_default, + domain_password => $::os_service_default, + } + } + Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain'] + } + } + if $step >= 5 and $manage_endpoint{ if hiera('aodh_api_enabled', false) { include ::aodh::keystone::auth diff --git a/manifests/profile/pacemaker/database/redis.pp b/manifests/profile/pacemaker/database/redis.pp index e081516..261df30 100644 --- a/manifests/profile/pacemaker/database/redis.pp +++ b/manifests/profile/pacemaker/database/redis.pp @@ -60,6 +60,7 @@ class tripleo::profile::pacemaker::database::redis ( master_params => '', meta_params => 'notify=true ordered=true interleave=true', resource_params => 'wait_last_known_master=true', + op_params => 'start timeout=200s stop timeout=200s', require => Class['::redis'], } } diff --git a/manifests/profile/pacemaker/rabbitmq.pp b/manifests/profile/pacemaker/rabbitmq.pp index 8d5f9d0..dba01e3 100644 --- a/manifests/profile/pacemaker/rabbitmq.pp +++ b/manifests/profile/pacemaker/rabbitmq.pp @@ -86,6 +86,7 @@ class tripleo::profile::pacemaker::rabbitmq ( resource_params => "set_policy='ha-all ^(?!amq\\.).* {\"ha-mode\":\"exactly\",\"ha-params\":${nr_ha_queues}}'", clone_params => 'ordered=true interleave=true', meta_params => 'notify=true', + op_params => 'start timeout=200s stop timeout=200s', require => Class['::rabbitmq'], } } |