heat_template_version: ocata description: > Pacemaker service configured with Puppet parameters: ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json MonitoringSubscriptionPacemaker: default: 'overcloud-pacemaker' type: string CorosyncIPv6: default: false description: Enable IPv6 in Corosync type: boolean EnableFencing: default: false description: Whether to enable fencing in Pacemaker or not. type: boolean PacemakerRemoteAuthkey: type: string description: The authkey for the pacemaker remote service. hidden: true default: '' PcsdPassword: type: string description: The password for the 'pcsd' user for pacemaker. hidden: true default: '' CorosyncSettleTries: type: number description: Number of tries for cluster settling. This has the same default as the pacemaker puppet module. Override to a smaller value when in need to replace a controller node. default: 360 FencingConfig: default: {} description: | Pacemaker fencing configuration. The JSON should have the following structure: { "devices": [ { "agent": "AGENT_NAME", "host_mac": "HOST_MAC_ADDRESS", "params": {"PARAM_NAME": "PARAM_VALUE"} } ] } For instance: { "devices": [ { "agent": "fence_xvm", "host_mac": "52:54:00:aa:bb:cc", "params": { "multicast_address": "225.0.0.12", "port": "baremetal_0", "manage_fw": true, "manage_key_file": true, "key_file": "/etc/fence_xvm.key", "key_file_password": "abcdef" } } ] } type: json PacemakerLoggingSource: type: json default: tag: system.pacemaker path: /var/log/pacemaker.log,/var/log/cluster/corosync.log format: >- /^(?<time>[^ ]*\s*[^ ]* [^ ]*) \[(?<pid>[^ ]*)\] (?<host>[^ ]*) (?<message>.*)$/ EnableLoadBalancer: default: true description: Whether to deploy a LoadBalancer on the Controller type: boolean PacemakerResources: type: comma_delimited_list description: List of resources managed by pacemaker default: ['rabbitmq', 'galera'] outputs: role_data: description: Role data for the Pacemaker role. value: service_name: pacemaker monitoring_subscription: {get_param: MonitoringSubscriptionPacemaker} logging_groups: - haclient logging_source: {get_param: PacemakerLoggingSource} config_settings: pacemaker::corosync::cluster_name: 'tripleo_cluster' pacemaker::corosync::manage_fw: false pacemaker::resource_defaults::defaults: resource-stickiness: { value: INFINITY } corosync_token_timeout: 10000 pacemaker::corosync::settle_tries: {get_param: CorosyncSettleTries} tripleo.pacemaker.firewall_rules: '130 pacemaker tcp': proto: 'tcp' dport: - 2224 - 3121 - 21064 '131 pacemaker udp': proto: 'udp' dport: 5405 corosync_ipv6: {get_param: CorosyncIPv6} tripleo::fencing::config: {get_param: FencingConfig} enable_fencing: {get_param: EnableFencing} hacluster_pwd: yaql: expression: $.data.passwords.where($ != '').first() data: passwords: - {get_param: PcsdPassword} - {get_param: [DefaultPasswords, pcsd_password]} tripleo::profile::base::pacemaker::remote_authkey: {get_param: PacemakerRemoteAuthkey} step_config: | include ::tripleo::profile::base::pacemaker upgrade_tasks: - name: Check pacemaker cluster running before upgrade tags: step0,validation pacemaker_cluster: state=online check_and_fail=true async: 30 poll: 4 - name: Stop pacemaker cluster tags: step2 pacemaker_cluster: state=offline - name: Start pacemaker cluster tags: step4 pacemaker_cluster: state=online - name: Check pacemaker resource tags: step4 pacemaker_is_active: resource: "{{ item }}" max_wait: 500 with_items: {get_param: PacemakerResources} - name: Check pacemaker haproxy resource tags: step4 pacemaker_is_active: resource: haproxy max_wait: 500 when: {get_param: EnableLoadBalancer}