aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/manifests/overcloud_controller_pacemaker.pp
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/manifests/overcloud_controller_pacemaker.pp')
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp202
1 files changed, 39 insertions, 163 deletions
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 13271116..ce9c6f70 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -22,9 +22,7 @@ Pcmk_resource <| |> {
Service <|
tag == 'aodh-service' or
tag == 'ceilometer-service' or
- tag == 'gnocchi-service' or
- tag == 'neutron-service' or
- tag == 'nova-service'
+ tag == 'gnocchi-service'
|> {
hasrestart => true,
restart => '/bin/true',
@@ -53,16 +51,6 @@ $non_pcmk_start = hiera('step') >= 5
if hiera('step') >= 1 {
- create_resources(kmod::load, hiera('kernel_modules'), {})
- create_resources(sysctl::value, hiera('sysctl_settings'), {})
- Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-
- include ::timezone
-
- if count(hiera('ntp::servers')) > 0 {
- include ::ntp
- }
-
$pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G'))
$corosync_ipv6 = str2bool(hiera('corosync_ipv6', false))
if $corosync_ipv6 {
@@ -198,48 +186,25 @@ if hiera('step') >= 2 {
require => Class['::mysql::server'],
before => Exec['galera-ready'],
}
- }
- $mysql_root_password = hiera('mysql::server::root_password')
- $mysql_clustercheck_password = hiera('mysql_clustercheck_password')
- # This step is to create a sysconfig clustercheck file with the root user and empty password
- # on the first install only (because later on the clustercheck db user will be used)
- # We are using exec and not file in order to not have duplicate definition errors in puppet
- # when we later set the the file to contain the clustercheck data
- exec { 'create-root-sysconfig-clustercheck':
- command => "/bin/echo 'MYSQL_USERNAME=root\nMYSQL_PASSWORD=\'\'\nMYSQL_HOST=localhost\n' > /etc/sysconfig/clustercheck",
- unless => '/bin/test -e /etc/sysconfig/clustercheck && grep -q clustercheck /etc/sysconfig/clustercheck',
- }
- exec { 'galera-ready' :
- command => '/usr/bin/clustercheck >/dev/null',
- timeout => 30,
- tries => 180,
- try_sleep => 10,
- environment => ['AVAILABLE_WHEN_READONLY=0'],
- require => Exec['create-root-sysconfig-clustercheck'],
- }
+ exec { 'galera-ready' :
+ command => '/usr/bin/clustercheck >/dev/null',
+ timeout => 30,
+ tries => 180,
+ try_sleep => 10,
+ environment => ['AVAILABLE_WHEN_READONLY=0'],
+ require => Exec['create-root-sysconfig-clustercheck'],
+ }
- xinetd::service { 'galera-monitor' :
- port => '9200',
- server => '/usr/bin/clustercheck',
- per_source => 'UNLIMITED',
- log_on_success => '',
- log_on_failure => 'HOST',
- flags => 'REUSE',
- service_type => 'UNLISTED',
- user => 'root',
- group => 'root',
- require => Exec['create-root-sysconfig-clustercheck'],
- }
- # We add a clustercheck db user and we will switch /etc/sysconfig/clustercheck
- # to it in a later step. We do this only on one node as it will replicate on
- # the other members. We also make sure that the permissions are the minimum necessary
- if $pacemaker_master {
+ # We add a clustercheck db user and we will switch /etc/sysconfig/clustercheck
+ # to it in a later step. We do this only on one node as it will replicate on
+ # the other members. We also make sure that the permissions are the minimum necessary
mysql_user { 'clustercheck@localhost':
ensure => 'present',
- password_hash => mysql_password($mysql_clustercheck_password),
+ password_hash => mysql_password(hiera('mysql_clustercheck_password')),
require => Exec['galera-ready'],
}
+
mysql_grant { 'clustercheck@localhost/*.*':
ensure => 'present',
options => ['GRANT'],
@@ -247,17 +212,8 @@ if hiera('step') >= 2 {
table => '*.*',
user => 'clustercheck@localhost',
}
- }
-
- # Create all the database schemas
- if $sync_db {
- class { '::nova::db::mysql':
- require => Exec['galera-ready'],
- }
- class { '::nova::db::mysql_api':
- require => Exec['galera-ready'],
- }
+ # Create all the database schemas
if downcase(hiera('ceilometer_backend')) == 'mysql' {
class { '::ceilometer::db::mysql':
require => Exec['galera-ready'],
@@ -269,64 +225,39 @@ if hiera('step') >= 2 {
require => Exec['galera-ready'],
}
}
- }
-
- # Ceph
- $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
- if $enable_ceph {
- $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_initial_members => $mon_initial_members,
- mon_host => $mon_host,
+ class { '::aodh::db::mysql':
+ require => Exec['galera-ready'],
}
- include ::ceph::conf
- include ::ceph::profile::mon
}
-
- if str2bool(hiera('enable_ceph_storage', false)) {
- if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
- exec { 'set selinux to permissive on boot':
- command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
- onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
- path => ['/usr/bin', '/usr/sbin'],
- }
-
- exec { 'set selinux to permissive':
- command => 'setenforce 0',
- onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
- path => ['/usr/bin', '/usr/sbin'],
- } -> Class['ceph::profile::osd']
- }
-
- include ::ceph::conf
- include ::ceph::profile::osd
+ # This step is to create a sysconfig clustercheck file with the root user and empty password
+ # on the first install only (because later on the clustercheck db user will be used)
+ # We are using exec and not file in order to not have duplicate definition errors in puppet
+ # when we later set the the file to contain the clustercheck data
+ exec { 'create-root-sysconfig-clustercheck':
+ command => "/bin/echo 'MYSQL_USERNAME=root\nMYSQL_PASSWORD=\'\'\nMYSQL_HOST=localhost\n' > /etc/sysconfig/clustercheck",
+ unless => '/bin/test -e /etc/sysconfig/clustercheck && grep -q clustercheck /etc/sysconfig/clustercheck',
}
- if str2bool(hiera('enable_external_ceph', false)) {
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_host => $mon_host,
- }
- include ::ceph::conf
- include ::ceph::profile::client
+ xinetd::service { 'galera-monitor' :
+ port => '9200',
+ server => '/usr/bin/clustercheck',
+ per_source => 'UNLIMITED',
+ log_on_success => '',
+ log_on_failure => 'HOST',
+ flags => 'REUSE',
+ service_type => 'UNLISTED',
+ user => 'root',
+ group => 'root',
+ require => Exec['create-root-sysconfig-clustercheck'],
}
-
} #END STEP 2
if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) {
# At this stage we are guaranteed that the clustercheck db user exists
# so we switch the resource agent to use it.
+ $mysql_clustercheck_password = hiera('mysql_clustercheck_password')
file { '/etc/sysconfig/clustercheck' :
ensure => file,
mode => '0600',
@@ -349,7 +280,6 @@ MYSQL_HOST=localhost\n",
}
include ::nova::config
- include ::nova::network::neutron
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
@@ -400,12 +330,6 @@ MYSQL_HOST=localhost\n",
}
- if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
- include ::neutron::plugins::nuage
- }
- if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
- include ::neutron::plugins::opencontrail
- }
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
class {'::neutron::plugins::midonet':
midonet_api_ip => hiera('public_virtual_ip'),
@@ -414,45 +338,6 @@ MYSQL_HOST=localhost\n",
}
}
- if $enable_ceph {
- $ceph_pools = hiera('ceph_pools')
- ceph::pool { $ceph_pools :
- pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
- pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
- size => hiera('ceph::profile::params::osd_pool_default_size'),
- }
- }
-
- # swift storage
- if str2bool(hiera('enable_swift_storage', true)) {
- class {'::swift::storage::all':
- mount_check => str2bool(hiera('swift_mount_check')),
- }
- class {'::swift::storage::account':
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- class {'::swift::storage::container':
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- class {'::swift::storage::object':
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- if(!defined(File['/srv/node'])) {
- file { '/srv/node':
- ensure => directory,
- owner => 'swift',
- group => 'swift',
- require => Package['openstack-swift'],
- }
- }
- $swift_components = ['account', 'container', 'object']
- swift::storage::filter::recon { $swift_components : }
- swift::storage::filter::healthcheck { $swift_components : }
- }
-
# Ceilometer
case downcase(hiera('ceilometer_backend')) {
/mysql/: {
@@ -504,7 +389,7 @@ MYSQL_HOST=localhost\n",
} else {
$_profile_support = 'None'
}
- $neutron_options = {'profile_support' => $_profile_support }
+ $neutron_options = merge({'profile_support' => $_profile_support },hiera('horizon::neutron_options',undef))
$memcached_ipv6 = hiera('memcached_ipv6', false)
if $memcached_ipv6 {
@@ -520,7 +405,7 @@ MYSQL_HOST=localhost\n",
# Aodh
class { '::aodh' :
- database_connection => $ceilometer_database_connection,
+ database_connection => hiera('aodh_mysql_conn_string'),
}
include ::aodh::config
include ::aodh::auth
@@ -578,16 +463,6 @@ MYSQL_HOST=localhost\n",
enabled => false,
}
- $snmpd_user = hiera('snmpd_readonly_user_name')
- snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
- }
- class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
- }
-
hiera_include('controller_classes')
} #END STEP 4
@@ -598,6 +473,7 @@ if hiera('step') >= 5 {
# password. On second runs or updates /root/.my.cnf will already be populated
# with proper credentials. This step happens on every node because this sql
# statement does not automatically replicate across nodes.
+ $mysql_root_password = hiera('mysql::server::root_password')
exec { 'galera-set-root-password':
command => "/bin/touch /root/.my.cnf && /bin/echo \"UPDATE mysql.user SET Password = PASSWORD('${mysql_root_password}') WHERE user = 'root'; flush privileges;\" | /bin/mysql --defaults-extra-file=/root/.my.cnf -u root",
}