summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--environments/puppet-pacemaker.yaml1
-rw-r--r--network/service_net_map.j2.yaml1
-rw-r--r--overcloud-resource-registry-puppet.j2.yaml1
-rw-r--r--puppet/services/pacemaker.yaml6
-rw-r--r--puppet/services/pacemaker_remote.yaml57
5 files changed, 66 insertions, 0 deletions
diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml
index 0b71dbd9..da607a72 100644
--- a/environments/puppet-pacemaker.yaml
+++ b/environments/puppet-pacemaker.yaml
@@ -12,6 +12,7 @@ resource_registry:
OS::TripleO::Services::RabbitMQ: ../puppet/services/pacemaker/rabbitmq.yaml
OS::TripleO::Services::HAproxy: ../puppet/services/pacemaker/haproxy.yaml
OS::TripleO::Services::Pacemaker: ../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::PacemakerRemote: ../puppet/services/pacemaker_remote.yaml
OS::TripleO::Services::Redis: ../puppet/services/pacemaker/database/redis.yaml
OS::TripleO::Services::MySQL: ../puppet/services/pacemaker/database/mysql.yaml
# Services that are disabled by default (use relevant environment files):
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index 36342cb7..cb4f464a 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -64,6 +64,7 @@ parameters:
OvnDbsNetwork: internal_api
MistralApiNetwork: internal_api
ZaqarApiNetwork: internal_api
+ PacemakerRemoteNetwork: internal_api
# We special-case the default ResolveNetwork for the CephStorage role
# for backwards compatibility, all other roles default to internal_api
CephStorageHostnameResolveNetwork: storage
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 47dfebb2..01f22393 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -159,6 +159,7 @@ resource_registry:
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::Pacemaker: OS::Heat::None
+ OS::TripleO::Services::PacemakerRemote: OS::Heat::None
OS::TripleO::Services::NeutronSriovAgent: OS::Heat::None
OS::TripleO::Services::RabbitMQ: puppet/services/rabbitmq.yaml
OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml
diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml
index 9adf1bdb..a8a9fb99 100644
--- a/puppet/services/pacemaker.yaml
+++ b/puppet/services/pacemaker.yaml
@@ -29,6 +29,11 @@ parameters:
default: false
description: Whether to enable fencing in Pacemaker or not.
type: boolean
+ PacemakerRemoteAuthkey:
+ type: string
+ description: The authkey for the pacemaker remote service.
+ hidden: true
+ default: ''
PcsdPassword:
type: string
description: The password for the 'pcsd' user for pacemaker.
@@ -112,5 +117,6 @@ outputs:
passwords:
- {get_param: PcsdPassword}
- {get_param: [DefaultPasswords, pcsd_password]}
+ tripleo::profile::base::pacemaker::remote_authkey: {get_param: PacemakerRemoteAuthkey}
step_config: |
include ::tripleo::profile::base::pacemaker
diff --git a/puppet/services/pacemaker_remote.yaml b/puppet/services/pacemaker_remote.yaml
new file mode 100644
index 00000000..daee43e6
--- /dev/null
+++ b/puppet/services/pacemaker_remote.yaml
@@ -0,0 +1,57 @@
+heat_template_version: ocata
+
+description: >
+ Pacemaker remote service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ PacemakerRemoteAuthkey:
+ type: string
+ description: The authkey for the pacemaker remote service.
+ hidden: true
+ default: ''
+ MonitoringSubscriptionPacemakerRemote:
+ default: 'overcloud-pacemaker_remote'
+ type: string
+ PacemakerRemoteLoggingSource:
+ type: json
+ default:
+ tag: system.pacemaker_remote
+ path: /var/log/pacemaker.log
+ format: >-
+ /^(?<time>[^ ]*\s*[^ ]* [^ ]*)
+ \[(?<pid>[^ ]*)\]
+ (?<host>[^ ]*)
+ (?<message>.*)$/
+
+outputs:
+ role_data:
+ description: Role data for the Pacemaker remote role.
+ value:
+ service_name: pacemaker_remote
+ monitoring_subscription: {get_param: MonitoringSubscriptionPacemakerRemote}
+ logging_groups:
+ - haclient
+ logging_source: {get_param: PacemakerRemoteLoggingSource}
+ config_settings:
+ tripleo.pacemaker_remote.firewall_rules:
+ '130 pacemaker_remote tcp':
+ proto: 'tcp'
+ dport:
+ - 3121
+ tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey}
+ step_config: |
+ include ::tripleo::profile::base::pacemaker_remote