diff options
35 files changed, 406 insertions, 107 deletions
diff --git a/ceph-storage-post.yaml b/ceph-storage-post.yaml index 06c2a291..734f90bd 100644 --- a/ceph-storage-post.yaml +++ b/ceph-storage-post.yaml @@ -6,6 +6,9 @@ description: 'Ceph Storage Post Deployment' parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/ceph-storage.yaml b/ceph-storage.yaml index 2b44642b..15092bae 100644 --- a/ceph-storage.yaml +++ b/ceph-storage.yaml @@ -152,3 +152,6 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: "None - NO_SIGNAL" diff --git a/cinder-storage-post.yaml b/cinder-storage-post.yaml index 8943c502..ad4e0460 100644 --- a/cinder-storage-post.yaml +++ b/cinder-storage-post.yaml @@ -6,6 +6,9 @@ description: 'Common Block Storage Post Deployment' parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/cinder-storage.yaml b/cinder-storage.yaml index 2b59607e..be088d66 100644 --- a/cinder-storage.yaml +++ b/cinder-storage.yaml @@ -222,3 +222,6 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: "None - NO_SIGNAL" diff --git a/compute-post.yaml b/compute-post.yaml index e568a5a6..695690d4 100644 --- a/compute-post.yaml +++ b/compute-post.yaml @@ -6,6 +6,9 @@ description: 'Compute Post Deployment' parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/compute.yaml b/compute.yaml index 408e0f31..4a9a92b9 100644 --- a/compute.yaml +++ b/compute.yaml @@ -477,3 +477,6 @@ outputs: description: Heat resource handle for the Nova compute server value: {get_resource: NovaCompute} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: "None - NO_SIGNAL" diff --git a/controller-post.yaml b/controller-post.yaml index 926adeae..aac96357 100644 --- a/controller-post.yaml +++ b/controller-post.yaml @@ -6,6 +6,9 @@ description: 'Controller Post Deployment' parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/controller.yaml b/controller.yaml index 36bd77bc..5596591f 100644 --- a/controller.yaml +++ b/controller.yaml @@ -67,6 +67,10 @@ parameters: default: '' description: Set to True to enable debugging on all services. type: string + EnableFencing: + default: false + description: Whether to enable fencing in Pacemaker or not. + type: boolean EnableGalera: default: true description: Whether to use Galera instead of regular MariaDB. @@ -117,6 +121,38 @@ parameters: } } type: json + FencingConfig: + default: {} + description: | + Pacemaker fencing configuration. The JSON should have + the following structure: + { + "devices": [ + { + "agent": "AGENT_NAME", + "host_mac": "HOST_MAC_ADDRESS", + "params": {"PARAM_NAME": "PARAM_VALUE"} + } + ] + } + For instance: + { + "devices": [ + { + "agent": "fence_xvm", + "host_mac": "52:54:00:aa:bb:cc", + "params": { + "multicast_address": "225.0.0.12", + "port": "baremetal_0", + "manage_fw": true, + "manage_key_file": true, + "key_file": "/etc/fence_xvm.key", + "key_file_password": "abcdef" + } + } + ] + } + type: json Flavor: description: Flavor for control nodes to request when deploying. type: string @@ -1046,3 +1082,6 @@ outputs: template: "IP:11211" params: IP: {get_attr: [Controller, networks, ctlplane, 0]} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: "None - NO_SIGNAL" diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml index 5eb2b2da..937931d1 100644 --- a/environments/network-isolation.yaml +++ b/environments/network-isolation.yaml @@ -33,3 +33,6 @@ resource_registry: OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + + # Port assignments for service virtual IPs for the controller role + OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml index ed9fff7a..cd70cbef 100644 --- a/network/config/bond-with-vlans/ceph-storage.yaml +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -50,16 +50,6 @@ resources: network_config: - type: ovs_bridge - name: br-storage - use_dhcp: true - members: - - - type: interface - name: nic1 - # force the MAC address of the bridge to this interface - primary: true - - - type: ovs_bridge name: br-bond members: - diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml index 95733fca..866112cb 100644 --- a/network/config/bond-with-vlans/cinder-storage.yaml +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -53,16 +53,6 @@ resources: network_config: - type: ovs_bridge - name: br-storage - use_dhcp: true - members: - - - type: interface - name: nic1 - # force the MAC address of the bridge to this interface - primary: true - - - type: ovs_bridge name: br-bond members: - diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml index 709b3b5b..5105ee14 100644 --- a/network/config/bond-with-vlans/compute.yaml +++ b/network/config/bond-with-vlans/compute.yaml @@ -53,16 +53,6 @@ resources: network_config: - type: ovs_bridge - name: {get_input: bridge_name} - use_dhcp: true - members: - - - type: interface - name: nic1 - # force the MAC address of the bridge to this interface - primary: true - - - type: ovs_bridge name: br-bond members: - diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml index 16a0dec2..9d6a6810 100644 --- a/network/config/bond-with-vlans/controller.yaml +++ b/network/config/bond-with-vlans/controller.yaml @@ -50,6 +50,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string resources: OsNetConfigImpl: @@ -62,16 +66,6 @@ resources: - type: ovs_bridge name: {get_input: bridge_name} - use_dhcp: true - members: - - - type: interface - name: nic1 - # force the MAC address of the bridge to this interface - primary: true - - - type: ovs_bridge - name: br-bond members: - type: ovs_bond @@ -90,8 +84,12 @@ resources: device: bond1 vlan_id: {get_param: ExternalNetworkVlanID} addresses: - - - ip_netmask: {get_param: ExternalIpSubnet} + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + ip_netmask: 0.0.0.0/0 + next_hop: {get_param: ExternalInterfaceDefaultRoute} - type: vlan device: bond1 diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml index 6549ce7a..f31ed0e7 100644 --- a/network/config/bond-with-vlans/swift-storage.yaml +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -53,16 +53,6 @@ resources: network_config: - type: ovs_bridge - name: br-storage - use_dhcp: true - members: - - - type: interface - name: nic1 - # force the MAC address of the bridge to this interface - primary: true - - - type: ovs_bridge name: br-bond members: - diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml index ca0cbcad..4cfa1317 100644 --- a/network/config/single-nic-vlans/controller.yaml +++ b/network/config/single-nic-vlans/controller.yaml @@ -45,6 +45,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string resources: OsNetConfigImpl: @@ -70,6 +74,10 @@ resources: addresses: - ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + ip_netmask: 0.0.0.0/0 + next_hop: {get_param: ExternalInterfaceDefaultRoute} - type: vlan vlan_id: {get_param: InternalApiNetworkVlanID} diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml index b957e132..ab72083d 100644 --- a/network/ports/vip.yaml +++ b/network/ports/vip.yaml @@ -15,6 +15,10 @@ parameters: ControlPlaneIP: # Here for compatability with noop.yaml description: IP address on the control plane type: string + ControlPlaneNetwork: + description: The name of the undercloud Neutron control plane + default: ctlplane + type: string resources: diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index e13b9acb..14e2ac24 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -257,6 +257,10 @@ parameters: default: 'br-ex' description: Interface where virtual ip will be assigned. type: string + EnableFencing: + default: false + description: Whether to enable fencing in Pacemaker or not. + type: boolean EnableGalera: default: true description: Whether to use Galera instead of regular MariaDB. @@ -307,6 +311,38 @@ parameters: } } type: json + FencingConfig: + default: {} + description: | + Pacemaker fencing configuration. The JSON should have + the following structure: + { + "devices": [ + { + "agent": "AGENT_NAME", + "host_mac": "HOST_MAC_ADDRESS", + "params": {"PARAM_NAME": "PARAM_VALUE"} + } + ] + } + For instance: + { + "devices": [ + { + "agent": "fence_xvm", + "host_mac": "52:54:00:aa:bb:cc", + "params": { + "multicast_address": "225.0.0.12", + "port": "baremetal_0", + "manage_fw": true, + "manage_key_file": true, + "key_file": "/etc/fence_xvm.key", + "key_file_password": "abcdef" + } + } + ] + } + type: json GlanceLogFile: description: The filepath of the file to use for logging messages from Glance. type: string @@ -624,10 +660,12 @@ resources: ControlVirtualInterface: {get_param: ControlVirtualInterface} ControllerExtraConfig: {get_param: controllerExtraConfig} Debug: {get_param: Debug} + EnableFencing: {get_param: EnableFencing} EnableGalera: {get_param: EnableGalera} EnableCephStorage: {get_param: ControllerEnableCephStorage} EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage} ExtraConfig: {get_param: ExtraConfig} + FencingConfig: {get_param: FencingConfig} Flavor: {get_param: OvercloudControlFlavor} GlancePort: {get_param: GlancePort} GlanceProtocol: {get_param: GlanceProtocol} @@ -1110,30 +1148,36 @@ resources: depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment] properties: servers: {get_attr: [Controller, attributes, nova_server_resource]} + NodeConfigIdentifiers: {get_attr: [Controller, attributes, config_identifier]} ComputeNodesPostDeployment: type: OS::TripleO::ComputePostDeployment depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment] properties: servers: {get_attr: [Compute, attributes, nova_server_resource]} + NodeConfigIdentifiers: {get_attr: [Compute, attributes, config_identifier]} ObjectStorageNodesPostDeployment: type: OS::TripleO::ObjectStoragePostDeployment depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment] properties: servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + NodeConfigIdentifiers: {get_attr: [ObjectStorage, attributes, config_identifier]} + BlockStorageNodesPostDeployment: type: OS::TripleO::BlockStoragePostDeployment depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment] properties: servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + NodeConfigIdentifiers: {get_attr: [BlockStorage, attributes, config_identifier]} CephStorageNodesPostDeployment: type: OS::TripleO::CephStoragePostDeployment depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment] properties: servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + NodeConfigIdentifiers: {get_attr: [CephStorage, attributes, config_identifier]} outputs: KeystoneURL: diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index c50d6820..060f4c81 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -78,6 +78,8 @@ resources: - {get_param: ceph_storage_hosts} hiera: datafiles: + RedHat: + raw_data: {get_file: hieradata/RedHat.yaml} all_nodes: mapped_data: controller_node_ips: diff --git a/puppet/ceph-storage-post-puppet.yaml b/puppet/ceph-storage-post-puppet.yaml index eb62ba1e..1b5b944d 100644 --- a/puppet/ceph-storage-post-puppet.yaml +++ b/puppet/ceph-storage-post-puppet.yaml @@ -6,6 +6,10 @@ description: > parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied + resources: CephStoragePuppetConfig: @@ -22,6 +26,8 @@ resources: properties: servers: {get_param: servers} config: {get_resource: CephStoragePuppetConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} # Note, this should come last, so use depends_on to ensure # this is created after any other resources. diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage-puppet.yaml index 2250f429..245d8ebb 100644 --- a/puppet/ceph-storage-puppet.yaml +++ b/puppet/ceph-storage-puppet.yaml @@ -157,3 +157,7 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: {get_attr: [CephStorageDeployment, deploy_stdout]} + diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index f17a1567..24d2b8a3 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -4,6 +4,9 @@ description: 'OpenStack cinder storage post deployment for Puppet' parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage-puppet.yaml index a368ffd1..cc8d17c4 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage-puppet.yaml @@ -295,3 +295,6 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: {get_attr: [BlockStorageDeployment, deploy_stdout]} diff --git a/puppet/compute-post-puppet.yaml b/puppet/compute-post-puppet.yaml index ca5eb649..b4a6126b 100644 --- a/puppet/compute-post-puppet.yaml +++ b/puppet/compute-post-puppet.yaml @@ -6,6 +6,10 @@ description: > parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied + resources: @@ -23,6 +27,8 @@ resources: properties: servers: {get_param: servers} config: {get_resource: ComputePuppetConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} # Note, this should come last, so use depends_on to ensure # this is created after any other resources. diff --git a/puppet/compute-puppet.yaml b/puppet/compute-puppet.yaml index b34e7a6f..afe85d18 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute-puppet.yaml @@ -351,7 +351,7 @@ resources: nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type} nova_api_host: {get_input: nova_api_host} nova::compute::vncproxy_host: {get_input: nova_public_ip} - nova_enable_rbd_backend: {get_input: nova_enable_rbd_backend} + nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend} nova_password: {get_input: nova_password} nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} ceilometer::debug: {get_input: debug} @@ -516,3 +516,7 @@ outputs: description: Heat resource handle for the Nova compute server value: {get_resource: NovaCompute} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: {get_attr: [NovaComputeDeployment, deploy_stdout]} + diff --git a/puppet/controller-post-puppet.yaml b/puppet/controller-post-puppet.yaml index 373daba2..49cbe1e2 100644 --- a/puppet/controller-post-puppet.yaml +++ b/puppet/controller-post-puppet.yaml @@ -6,6 +6,10 @@ description: > parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied + resources: @@ -23,6 +27,7 @@ resources: config: {get_resource: ControllerPuppetConfig} input_values: step: 1 + update_identifier: {get_param: NodeConfigIdentifiers} actions: ['CREATE'] # no need for two passes on an UPDATE ControllerServicesBaseDeployment_Step2: @@ -33,6 +38,7 @@ resources: config: {get_resource: ControllerPuppetConfig} input_values: step: 2 + update_identifier: {get_param: NodeConfigIdentifiers} actions: ['CREATE'] # no need for two passes on an UPDATE ControllerRingbuilderPuppetConfig: @@ -54,6 +60,8 @@ resources: properties: servers: {get_param: servers} config: {get_resource: ControllerRingbuilderPuppetConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step4: type: OS::Heat::StructuredDeployments @@ -63,6 +71,7 @@ resources: config: {get_resource: ControllerPuppetConfig} input_values: step: 3 + update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step5: type: OS::Heat::StructuredDeployments @@ -72,6 +81,17 @@ resources: config: {get_resource: ControllerPuppetConfig} input_values: step: 4 + update_identifier: {get_param: NodeConfigIdentifiers} + + ControllerOvercloudServicesDeployment_Step6: + type: OS::Heat::StructuredDeployments + depends_on: ControllerOvercloudServicesDeployment_Step5 + properties: + servers: {get_param: servers} + config: {get_resource: ControllerPuppetConfig} + input_values: + step: 5 + update_identifier: {get_param: NodeConfigIdentifiers} # Note, this should come last, so use depends_on to ensure # this is created after any other resources. diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index 3d7ecd58..5a356bcc 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -72,6 +72,10 @@ parameters: default: '' description: Set to True to enable debugging on all services. type: string + EnableFencing: + default: false + description: Whether to enable fencing in Pacemaker or not. + type: boolean EnableGalera: default: true description: Whether to use Galera instead of regular MariaDB. @@ -122,6 +126,38 @@ parameters: } } type: json + FencingConfig: + default: {} + description: | + Pacemaker fencing configuration. The JSON should have + the following structure: + { + "devices": [ + { + "agent": "AGENT_NAME", + "host_mac": "HOST_MAC_ADDRESS", + "params": {"PARAM_NAME": "PARAM_VALUE"} + } + ] + } + For instance: + { + "devices": [ + { + "agent": "fence_xvm", + "host_mac": "52:54:00:aa:bb:cc", + "params": { + "multicast_address": "225.0.0.12", + "port": "baremetal_0", + "manage_fw": true, + "manage_key_file": true, + "key_file": "/etc/fence_xvm.key", + "key_file_password": "abcdef" + } + } + ] + } + type: json Flavor: description: Flavor for control nodes to request when deploying. type: string @@ -634,6 +670,7 @@ resources: - - 'http://' - {get_param: KeystonePublicApiVirtualIP} - ':5000/v2.0/' + enable_fencing: {get_param: EnableFencing} enable_galera: {get_param: EnableGalera} enable_ceph_storage: {get_param: EnableCephStorage} enable_swift_storage: {get_param: EnableSwiftStorage} @@ -714,6 +751,7 @@ resources: - '@' - {get_param: MysqlVirtualIP} - '/nova' + fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} @@ -803,7 +841,9 @@ resources: bootstack_nodeid: {get_input: bootstack_nodeid} # Pacemaker + enable_fencing: {get_input: enable_fencing} hacluster_pwd: {get_input: pcsd_password} + tripleo::fencing::config: {get_input: fencing_config} # Swift swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network} @@ -1070,3 +1110,6 @@ outputs: template: "IP:11211" params: IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} + config_identifier: + description: identifier which changes if the controller configuration may need re-applying + value: {get_attr: [ControllerDeployment, deploy_stdout]} diff --git a/puppet/hieradata/RedHat.yaml b/puppet/hieradata/RedHat.yaml index f42c7159..25902828 100644 --- a/puppet/hieradata/RedHat.yaml +++ b/puppet/hieradata/RedHat.yaml @@ -1,2 +1,9 @@ # RedHat specific overrides go here rabbitmq::package_provider: 'yum' + +# The Galera package should work in cluster and +# non-cluster modes based on the config file. +# We set the package name here explicitly so +# that it matches what we pre-install +# in tripleo-puppet-elements. +mysql::server::package_name: 'mariadb-galera-server' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index d0cbe890..3de9bd91 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -48,7 +48,6 @@ swift::proxy::pipeline: - 'tempurl' - 'formpost' - 'staticweb' - - 'ceilometer' - 'authtoken' - 'keystone' - 'proxy-logging' @@ -90,13 +89,9 @@ pacemaker::corosync::manage_fw: false horizon::allowed_hosts: '*' horizon::django_session_engine: 'django.contrib.sessions.backends.cache' - +# mysql mysql::server::manage_config_file: true -mysql::server::package_name: mariadb-galera-server - -tripleo::loadbalancer::galera_master_ip: "%{hiera('bootstrap_nodeid_ip')}" -tripleo::loadbalancer::galera_master_hostname: "%{hiera('bootstrap_nodeid')}" tripleo::loadbalancer::keystone_admin: true tripleo::loadbalancer::keystone_public: true diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index 00bab7f6..cc26f851 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -51,7 +51,7 @@ nova_config { 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; } -$nova_enable_rbd_backend = hiera('nova_enable_rbd_backend', false) +$nova_enable_rbd_backend = hiera('nova::compute::rbd::ephemeral_storage', false) if $nova_enable_rbd_backend { include ::ceph::profile::client diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 7312c774..896545c3 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -366,7 +366,6 @@ if hiera('step') >= 3 { include ::swift::proxy::keystone include ::swift::proxy::authtoken include ::swift::proxy::staticweb - include ::swift::proxy::ceilometer include ::swift::proxy::ratelimit include ::swift::proxy::catch_errors include ::swift::proxy::tempurl diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 3c986e2f..3b5b8fe4 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -37,6 +37,8 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) { $sync_db = false } +$enable_fencing = str2bool(hiera('enable_fencing', 'false')) and hiera('step') >= 5 + # When to start and enable services which haven't been Pacemakerized # FIXME: remove when we start all OpenStack services using Pacemaker # (occurences of this variable will be gradually replaced with false) @@ -56,6 +58,7 @@ if hiera('step') >= 1 { controller_hosts => $controller_node_ips, controller_hosts_names => $controller_node_names, manage_vip => false, + mysql_clustercheck => true, haproxy_service_manage => false, } @@ -71,7 +74,13 @@ if hiera('step') >= 1 { setup_cluster => $pacemaker_master, } class { '::pacemaker::stonith': - disable => true, + disable => !$enable_fencing, + } + if $enable_fencing { + include tripleo::fencing + + # enable stonith after all fencing devices have been created + Class['tripleo::fencing'] -> Class['pacemaker::stonith'] } # Only configure RabbitMQ in this step, don't start it yet to @@ -156,6 +165,7 @@ if hiera('step') >= 1 { config_file => $mysql_config_file, override_options => $mysqld_options, service_manage => false, + service_enabled => false, } } @@ -173,13 +183,78 @@ if hiera('step') >= 2 { # parameters here to configure pacemaker VIPs. The configuration # of pacemaker VIPs could move into puppet-tripleo or we should # make use of less specific hiera parameters here for the settings. + pacemaker::resource::service { 'haproxy': + clone_params => true, + } + $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip') pacemaker::resource::ip { 'control_vip': ip_address => $control_vip, } + pacemaker::constraint::base { 'control_vip-then-haproxy': + constraint_type => 'order', + first_resource => "ip-${control_vip}", + second_resource => 'haproxy-clone', + first_action => 'start', + second_action => 'start', + constraint_params => 'kind=Optional', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['control_vip']], + } + pacemaker::constraint::colocation { 'control_vip-with-haproxy': + source => "ip-${control_vip}", + target => 'haproxy-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['control_vip']], + } + $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip') - pacemaker::resource::ip { 'public_vip': - ip_address => $public_vip, + if $public_vip and $public_vip != $control_vip { + pacemaker::resource::ip { 'public_vip': + ip_address => $public_vip, + } + pacemaker::constraint::base { 'public_vip-then-haproxy': + constraint_type => 'order', + first_resource => "ip-${public_vip}", + second_resource => 'haproxy-clone', + first_action => 'start', + second_action => 'start', + constraint_params => 'kind=Optional', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['public_vip']], + } + pacemaker::constraint::colocation { 'public_vip-with-haproxy': + source => "ip-${public_vip}", + target => 'haproxy-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['public_vip']], + } + } + + $redis_vip = hiera('redis_vip') + if $redis_vip and $redis_vip != $control_vip { + pacemaker::resource::ip { 'redis_vip': + ip_address => $redis_vip, + } + pacemaker::constraint::base { 'redis_vip-then-haproxy': + constraint_type => 'order', + first_resource => "ip-${redis_vip}", + second_resource => 'haproxy-clone', + first_action => 'start', + second_action => 'start', + constraint_params => 'kind=Optional', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['redis_vip']], + } + pacemaker::constraint::colocation { 'redis_vip-with-haproxy': + source => "ip-${redis_vip}", + target => 'haproxy-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['redis_vip']], + } } $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip') @@ -187,6 +262,23 @@ if hiera('step') >= 2 { pacemaker::resource::ip { 'internal_api_vip': ip_address => $internal_api_vip, } + pacemaker::constraint::base { 'internal_api_vip-then-haproxy': + constraint_type => 'order', + first_resource => "ip-${internal_api_vip}", + second_resource => 'haproxy-clone', + first_action => 'start', + second_action => 'start', + constraint_params => 'kind=Optional', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['internal_api_vip']], + } + pacemaker::constraint::colocation { 'internal_api_vip-with-haproxy': + source => "ip-${internal_api_vip}", + target => 'haproxy-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['internal_api_vip']], + } } $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip') @@ -194,6 +286,23 @@ if hiera('step') >= 2 { pacemaker::resource::ip { 'storage_vip': ip_address => $storage_vip, } + pacemaker::constraint::base { 'storage_vip-then-haproxy': + constraint_type => 'order', + first_resource => "ip-${storage_vip}", + second_resource => 'haproxy-clone', + first_action => 'start', + second_action => 'start', + constraint_params => 'kind=Optional', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['storage_vip']], + } + pacemaker::constraint::colocation { 'storage_vip-with-haproxy': + source => "ip-${storage_vip}", + target => 'haproxy-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['storage_vip']], + } } $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip') @@ -201,11 +310,25 @@ if hiera('step') >= 2 { pacemaker::resource::ip { 'storage_mgmt_vip': ip_address => $storage_mgmt_vip, } + pacemaker::constraint::base { 'storage_mgmt_vip-then-haproxy': + constraint_type => 'order', + first_resource => "ip-${storage_mgmt_vip}", + second_resource => 'haproxy-clone', + first_action => 'start', + second_action => 'start', + constraint_params => 'kind=Optional', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['storage_mgmt_vip']], + } + pacemaker::constraint::colocation { 'storage_mgmt_vip-with-haproxy': + source => "ip-${storage_mgmt_vip}", + target => 'haproxy-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service['haproxy'], + Pacemaker::Resource::Ip['storage_mgmt_vip']], + } } - pacemaker::resource::service { 'haproxy': - clone_params => true, - } pacemaker::resource::service { $::memcached::params::service_name : clone_params => true, require => Class['::memcached'], @@ -227,6 +350,7 @@ if hiera('step') >= 2 { # NOTE (spredzy) : The replset can only be run # once all the nodes have joined the cluster. mongodb_conn_validator { $mongo_node_ips_with_port : + timeout => '600', require => Pacemaker::Resource::Service[$::mongodb::params::service_name], before => Mongodb_replset[$mongodb_replset], } @@ -252,28 +376,6 @@ if hiera('step') >= 2 { resource_params => 'wait_last_known_master=true', require => Class['::redis'], } - $redis_vip = hiera('redis_vip') - if $redis_vip and $redis_vip != $control_vip { - pacemaker::resource::ip { 'vip-redis': - ip_address => $redis_vip, - } - } - pacemaker::constraint::base { 'redis-master-then-vip-redis': - constraint_type => 'order', - first_resource => 'redis-master', - second_resource => "ip-${redis_vip}", - first_action => 'promote', - second_action => 'start', - require => [Pacemaker::Resource::Ocf['redis'], - Pacemaker::Resource::Ip['vip-redis']], - } - pacemaker::constraint::colocation { 'vip-redis-with-redis-master': - source => "ip-${redis_vip}", - target => 'redis-master', - score => 'INFINITY', - require => [Pacemaker::Resource::Ocf['redis'], - Pacemaker::Resource::Ip['vip-redis']], - } } @@ -841,6 +943,16 @@ if hiera('step') >= 4 { } # Neutron + # NOTE(gfidente): Neutron will try to populate the database with some data + # as soon as neutron-server is started; to avoid races we want to make this + # happen only on one node, before normal Pacemaker initialization + # https://bugzilla.redhat.com/show_bug.cgi?id=1233061 + exec { 'neutron-server-start-wait-stop' : + command => "systemctl start neutron-server && \ + sleep 5s && \ + systemctl stop neutron-server", + path => ["/usr/bin", "/usr/sbin"], + } -> pacemaker::resource::service { $::neutron::params::server_service: op_params => "start timeout=90", clone_params => "interleave=true", @@ -1111,6 +1223,15 @@ if hiera('step') >= 4 { clone_params => 'interleave=true', resource_params => 'startdelay=10', } + pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': + constraint_type => 'order', + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Service[$::keystone::params::service_name]], + } pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint': constraint_type => 'order', first_resource => "${::ceilometer::params::agent_central_service_name}-clone", @@ -1211,24 +1332,6 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::mongodb::params::service_name]], } } - pacemaker::constraint::base { 'vip-redis-then-ceilometer-central': - constraint_type => 'order', - first_resource => "ip-${redis_vip}", - second_resource => "${::ceilometer::params::agent_central_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], - Pacemaker::Resource::Ip['vip-redis']], - } - pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': - constraint_type => 'order', - first_resource => "${::keystone::params::service_name}-clone", - second_resource => "${::ceilometer::params::agent_central_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], - Pacemaker::Resource::Service[$::keystone::params::service_name]], - } # Heat pacemaker::resource::service { $::heat::params::api_service_name : @@ -1243,6 +1346,15 @@ if hiera('step') >= 4 { pacemaker::resource::service { $::heat::params::engine_service_name : clone_params => 'interleave=true', } + pacemaker::constraint::base { 'keystone-then-heat-api-constraint': + constraint_type => 'order', + first_resource => "${::keystone::params::service_name}-clone", + second_resource => "${::heat::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], + Pacemaker::Resource::Service[$::keystone::params::service_name]], + } pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint': constraint_type => 'order', first_resource => "${::heat::params::api_service_name}-clone", diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index 7a3c1abb..ee50c86a 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -4,6 +4,10 @@ description: 'OpenStack swift storage node post deployment for Puppet' parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied + resources: @@ -21,6 +25,8 @@ resources: properties: servers: {get_param: servers} config: {get_resource: StoragePuppetConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} StorageRingbuilderPuppetConfig: type: OS::Heat::SoftwareConfig @@ -37,6 +43,8 @@ resources: properties: servers: {get_param: servers} config: {get_resource: StorageRingbuilderPuppetConfig} + input_values: + update_identifier: {get_param: NodeConfigIdentifiers} # Note, this should come last, so use depends_on to ensure # this is created after any other resources. diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage-puppet.yaml index 15481032..82922a87 100644 --- a/puppet/swift-storage-puppet.yaml +++ b/puppet/swift-storage-puppet.yaml @@ -216,3 +216,7 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: {get_attr: [SwiftStorageHieraDeploy, deploy_stdout]} + diff --git a/swift-storage-post.yaml b/swift-storage-post.yaml index 53490d71..1b1c406d 100644 --- a/swift-storage-post.yaml +++ b/swift-storage-post.yaml @@ -6,6 +6,9 @@ description: 'Swift Storage Post Deployment' parameters: servers: type: json + NodeConfigIdentifiers: + type: json + description: Value which changes if the node configuration may need to be re-applied resources: diff --git a/swift-storage.yaml b/swift-storage.yaml index 466f2fbb..e4cacf3c 100644 --- a/swift-storage.yaml +++ b/swift-storage.yaml @@ -198,3 +198,6 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + config_identifier: + description: identifier which changes if the node configuration may need re-applying + value: "None - NO_SIGNAL" |