aboutsummaryrefslogtreecommitdiffstats
path: root/docker/services/pacemaker
diff options
context:
space:
mode:
Diffstat (limited to 'docker/services/pacemaker')
-rw-r--r--docker/services/pacemaker/cinder-backup.yaml46
-rw-r--r--docker/services/pacemaker/cinder-volume.yaml49
-rw-r--r--docker/services/pacemaker/clustercheck.yaml21
-rw-r--r--docker/services/pacemaker/database/mysql.yaml58
-rw-r--r--docker/services/pacemaker/database/redis.yaml55
-rw-r--r--docker/services/pacemaker/haproxy.yaml81
-rw-r--r--docker/services/pacemaker/rabbitmq.yaml55
7 files changed, 241 insertions, 124 deletions
diff --git a/docker/services/pacemaker/cinder-backup.yaml b/docker/services/pacemaker/cinder-backup.yaml
index d15c920e..26ae9bca 100644
--- a/docker/services/pacemaker/cinder-backup.yaml
+++ b/docker/services/pacemaker/cinder-backup.yaml
@@ -4,17 +4,11 @@ description: >
OpenStack containerized Cinder Backup service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderBackupImage:
description: image
- default: 'centos-binary-cinder-backup:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
CinderBackupBackend:
default: swift
@@ -33,6 +27,10 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -58,6 +56,7 @@ resources:
type: ../../../puppet/services/cinder-backup.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
@@ -74,10 +73,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [CinderBackupBase, role_data, config_settings]
- - tripleo::profile::pacemaker::cinder::backup_bundle::cinder_backup_docker_image: &cinder_backup_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderBackupImage} ]
+ - tripleo::profile::pacemaker::cinder::backup_bundle::cinder_backup_docker_image: &cinder_backup_image {get_param: DockerCinderBackupImage}
cinder::backup::manage_service: false
cinder::backup::enabled: false
step_config: ""
@@ -87,10 +83,7 @@ outputs:
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: {get_attr: [CinderBackupBase, role_data, step_config]}
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
@@ -146,6 +139,27 @@ outputs:
- /var/lib/cinder
- /var/log/containers/cinder
upgrade_tasks:
- - name: Stop and disable cinder_backup service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the openstack-cinder-backup cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-backup
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped openstack-cinder-backup cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-backup
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable cinder_backup service
tags: step2
- service: name=openstack-cinder-backup state=stopped enabled=no
+ service: name=openstack-cinder-backup enabled=no
diff --git a/docker/services/pacemaker/cinder-volume.yaml b/docker/services/pacemaker/cinder-volume.yaml
index 07e5fc2e..262e999d 100644
--- a/docker/services/pacemaker/cinder-volume.yaml
+++ b/docker/services/pacemaker/cinder-volume.yaml
@@ -4,23 +4,21 @@ description: >
OpenStack containerized Cinder Volume service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderVolumeImage:
description: image
- default: 'centos-binary-cinder-volume:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -54,6 +52,7 @@ resources:
type: ../../../puppet/services/cinder-volume.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
@@ -67,10 +66,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [CinderBase, role_data, config_settings]
- - tripleo::profile::pacemaker::cinder::volume_bundle::cinder_volume_docker_image: &cinder_volume_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderVolumeImage} ]
+ - tripleo::profile::pacemaker::cinder::volume_bundle::cinder_volume_docker_image: &cinder_volume_image {get_param: DockerCinderVolumeImage}
cinder::volume::manage_service: false
cinder::volume::enabled: false
cinder::host: hostgroup
@@ -81,10 +77,7 @@ outputs:
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: {get_attr: [CinderBase, role_data, step_config]}
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
@@ -164,6 +157,30 @@ outputs:
executable: /bin/bash
creates: /dev/loop2
upgrade_tasks:
- - name: Stop and disable cinder_volume service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the openstack-cinder-volume cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped openstack-cinder-volume cluster resource.
tags: step2
- service: name=openstack-cinder-volume state=stopped enabled=no
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable cinder_volume service from boot
+ tags: step2
+ service: name=openstack-cinder-volume enabled=no
+
+
+
diff --git a/docker/services/pacemaker/clustercheck.yaml b/docker/services/pacemaker/clustercheck.yaml
index 007aa9c9..c7c316a4 100644
--- a/docker/services/pacemaker/clustercheck.yaml
+++ b/docker/services/pacemaker/clustercheck.yaml
@@ -6,23 +6,21 @@ description: >
the local galera node is synced
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerClustercheckImage:
description: image
- default: 'centos-binary-mariadb:latest'
type: string
DockerClustercheckConfigImage:
description: The container image to use for the clustercheck config_volume
- default: 'centos-binary-mariadb:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -50,6 +48,7 @@ resources:
type: ../../../puppet/services/pacemaker/database/mysql.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
@@ -67,10 +66,7 @@ outputs:
config_volume: clustercheck
puppet_tags: file # set this even though file is the default
step_config: "include ::tripleo::profile::pacemaker::clustercheck"
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerClustercheckConfigImage} ]
+ config_image: {get_param: DockerClustercheckConfigImage}
kolla_config:
/var/lib/kolla/config_files/clustercheck.json:
command: /usr/sbin/xinetd -dontfork
@@ -83,10 +79,7 @@ outputs:
step_2:
clustercheck:
start_order: 1
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerClustercheckImage} ]
+ image: {get_param: DockerClustercheckImage}
restart: always
net: host
volumes:
diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml
index 3d996f7f..f12852f8 100644
--- a/docker/services/pacemaker/database/mysql.yaml
+++ b/docker/services/pacemaker/database/mysql.yaml
@@ -4,23 +4,21 @@ description: >
MySQL service deployment with pacemaker bundle
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMysqlImage:
description: image
- default: 'centos-binary-mariadb:latest'
type: string
DockerMysqlConfigImage:
description: The container image to use for the mysql config_volume
- default: 'centos-binary-mariadb:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -52,6 +50,7 @@ resources:
type: ../../../../puppet/services/pacemaker/database/mysql.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
@@ -65,11 +64,18 @@ outputs:
config_settings:
map_merge:
- {get_attr: [MysqlPuppetBase, role_data, config_settings]}
- - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image
- list_join:
- - '/'
- - - {get_param: DockerNamespace}
- - {get_param: DockerMysqlImage}
+ - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image {get_param: DockerMysqlImage}
+ tripleo::profile::pacemaker::database::mysql_bundle::control_port: 3123
+ tripleo.mysql.firewall_rules:
+ '104 mysql galera-bundle':
+ dport:
+ - 873
+ - 3123
+ - 3306
+ - 4444
+ - 4567
+ - 4568
+ - 9200
step_config: ""
# BEGIN DOCKER SETTINGS #
puppet_config:
@@ -81,10 +87,7 @@ outputs:
- - "['Mysql_datadir', 'Mysql_user', 'Mysql_database', 'Mysql_grant', 'Mysql_plugin'].each |String $val| { noop_resource($val) }"
- "exec {'wait-for-settle': command => '/bin/true' }"
- "include ::tripleo::profile::pacemaker::database::mysql_bundle"
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMysqlConfigImage} ]
+ config_image: {get_param: DockerMysqlConfigImage}
kolla_config:
/var/lib/kolla/config_files/mysql.json:
command: /usr/sbin/pacemaker_remoted
@@ -172,6 +175,27 @@ outputs:
path: /var/lib/mysql
state: directory
upgrade_tasks:
- - name: Stop and disable mysql service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the galera cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: galera
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped galera cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: galera
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable mysql service
tags: step2
- service: name=mariadb state=stopped enabled=no
+ service: name=mariadb enabled=no
diff --git a/docker/services/pacemaker/database/redis.yaml b/docker/services/pacemaker/database/redis.yaml
index ff6de15d..75b6d650 100644
--- a/docker/services/pacemaker/database/redis.yaml
+++ b/docker/services/pacemaker/database/redis.yaml
@@ -4,23 +4,21 @@ description: >
OpenStack containerized Redis services
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerRedisImage:
description: image
- default: 'centos-binary-redis:latest'
type: string
DockerRedisConfigImage:
description: The container image to use for the redis config_volume
- default: 'centos-binary-redis:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -45,6 +43,7 @@ resources:
type: ../../../../puppet/services/database/redis.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
@@ -61,12 +60,14 @@ outputs:
- redis::service_manage: false
redis::notify_service: false
redis::managed_by_cluster_manager: true
- tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image
- list_join:
- - '/'
- - - {get_param: DockerNamespace}
- - {get_param: DockerRedisImage}
-
+ tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image {get_param: DockerRedisImage}
+ tripleo::profile::pacemaker::database::redis_bundle::control_port: 3124
+ tripleo.redis.firewall_rules:
+ '108 redis-bundle':
+ dport:
+ - 3124
+ - 6379
+ - 26379
step_config: ""
service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
@@ -78,10 +79,7 @@ outputs:
puppet_tags: 'exec'
step_config:
get_attr: [RedisBase, role_data, step_config]
- config_image: &redis_config_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRedisConfigImage} ]
+ config_image: &redis_config_image {get_param: DockerRedisConfigImage}
kolla_config:
/var/lib/kolla/config_files/redis.json:
command: /usr/sbin/pacemaker_remoted
@@ -147,6 +145,27 @@ outputs:
path: /var/lib/redis
state: directory
upgrade_tasks:
- - name: Stop and disable redis service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the redis cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RedisBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped redis cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RedisBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable redis service
tags: step2
- service: name=redis state=stopped enabled=no
+ service: name=redis enabled=no
diff --git a/docker/services/pacemaker/haproxy.yaml b/docker/services/pacemaker/haproxy.yaml
index bfc9ca50..24155912 100644
--- a/docker/services/pacemaker/haproxy.yaml
+++ b/docker/services/pacemaker/haproxy.yaml
@@ -4,18 +4,16 @@ description: >
OpenStack containerized HAproxy service for pacemaker
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerHAProxyImage:
description: image
- default: 'centos-binary-haproxy:latest'
type: string
DockerHAProxyConfigImage:
description: The container image to use for the haproxy config_volume
- default: 'centos-binary-haproxy:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -30,6 +28,11 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ DeployedSSLCertificatePath:
+ default: '/etc/pki/tls/private/overcloud_endpoint.pem'
+ description: >
+ The filepath of the certificate as it will be stored in the controller.
+ type: string
RoleName:
default: ''
description: Role name on which the service is applied
@@ -45,6 +48,7 @@ resources:
type: ../../../puppet/services/pacemaker/haproxy.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
@@ -60,10 +64,7 @@ outputs:
- get_attr: [HAProxyBase, role_data, config_settings]
- tripleo::haproxy::haproxy_daemon: false
haproxy_docker: true
- tripleo::profile::pacemaker::haproxy_bundle::haproxy_docker_image: &haproxy_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyImage} ]
+ tripleo::profile::pacemaker::haproxy_bundle::haproxy_docker_image: &haproxy_image {get_param: DockerHAProxyImage}
step_config: ""
service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
@@ -77,10 +78,13 @@ outputs:
- "class tripleo::firewall(){}; define tripleo::firewall::rule( $port = undef, $dport = undef, $sport = undef, $proto = undef, $action = undef, $state = undef, $source = undef, $iniface = undef, $chain = undef, $destination = undef, $extras = undef){}"
- "['pcmk_bundle', 'pcmk_resource', 'pcmk_property', 'pcmk_constraint', 'pcmk_resource_default'].each |String $val| { noop_resource($val) }"
- 'include ::tripleo::profile::pacemaker::haproxy_bundle'
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ]
+ config_image: {get_param: DockerHAProxyConfigImage}
+ volumes: &deployed_cert_mount
+ - list_join:
+ - ':'
+ - - {get_param: DeployedSSLCertificatePath}
+ - {get_param: DeployedSSLCertificatePath}
+ - 'ro'
kolla_config:
/var/lib/kolla/config_files/haproxy.json:
command: haproxy -f /etc/haproxy/haproxy.cfg
@@ -116,17 +120,42 @@ outputs:
- 'include ::tripleo::profile::pacemaker::haproxy_bundle'
image: *haproxy_image
volumes:
- # puppet saves iptables rules in /etc/sysconfig
- - /etc/sysconfig:/etc/sysconfig:rw
- # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
- # the necessary bit and prevent systemd to try to reload the service in the container
- - /usr/libexec/iptables:/usr/libexec/iptables:ro
- - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /etc/puppet:/tmp/puppet-etc:ro
- - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- - /dev/shm:/dev/shm:rw
+ list_concat:
+ - *deployed_cert_mount
+ -
+ # puppet saves iptables rules in /etc/sysconfig
+ - /etc/sysconfig:/etc/sysconfig:rw
+ # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
+ # the necessary bit and prevent systemd to try to reload the service in the container
+ - /usr/libexec/iptables:/usr/libexec/iptables:ro
+ - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings]
+ upgrade_tasks:
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the haproxy cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [HAProxyBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped haproxy cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [HAProxyBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
diff --git a/docker/services/pacemaker/rabbitmq.yaml b/docker/services/pacemaker/rabbitmq.yaml
index b8ff6bfd..de53ceee 100644
--- a/docker/services/pacemaker/rabbitmq.yaml
+++ b/docker/services/pacemaker/rabbitmq.yaml
@@ -4,23 +4,21 @@ description: >
OpenStack containerized Rabbitmq service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerRabbitmqImage:
description: image
- default: 'centos-binary-rabbitmq:latest'
type: string
DockerRabbitmqConfigImage:
description: The container image to use for the rabbitmq config_volume
- default: 'centos-binary-rabbitmq:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -49,6 +47,7 @@ resources:
type: ../../../puppet/services/rabbitmq.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
@@ -63,11 +62,15 @@ outputs:
map_merge:
- {get_attr: [RabbitmqBase, role_data, config_settings]}
- rabbitmq::service_manage: false
- tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image
- list_join:
- - '/'
- - - {get_param: DockerNamespace}
- - {get_param: DockerRabbitmqImage}
+ tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image {get_param: DockerRabbitmqImage}
+ tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122
+ tripleo.rabbitmq.firewall_rules:
+ '109 rabbitmq-bundle':
+ dport:
+ - 3122
+ - 4369
+ - 5672
+ - 25672
step_config: &step_config
get_attr: [RabbitmqBase, role_data, step_config]
service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
@@ -76,10 +79,7 @@ outputs:
config_volume: rabbitmq
puppet_tags: file
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRabbitmqConfigImage} ]
+ config_image: {get_param: DockerRabbitmqConfigImage}
kolla_config:
/var/lib/kolla/config_files/rabbitmq.json:
command: /usr/sbin/pacemaker_remoted
@@ -165,6 +165,27 @@ outputs:
echo 'export ERL_EPMD_PORT=4370' >> /etc/rabbitmq/rabbitmq-env.conf
for pid in $(pgrep epmd); do if [ "$(lsns -o NS -p $pid)" == "$(lsns -o NS -p 1)" ]; then kill $pid; break; fi; done
upgrade_tasks:
- - name: Stop and disable rabbitmq service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the rabbitmq cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RabbitmqBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped rabbitmq cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RabbitmqBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable rabbitmq service
tags: step2
- service: name=rabbitmq-server state=stopped enabled=no
+ service: name=rabbitmq-server enabled=no