From b18985d8a92ed3086c1a8bbf56754d6f05eaa699 Mon Sep 17 00:00:00 2001 From: Sergii Golovatiuk Date: Tue, 14 Oct 2014 09:36:39 +0200 Subject: [PATCH] Support for corosync 2 Partial sync from upstream puppetlabs-corosync v 0.6.0 for corosync 2 support Fuel-ci: disable related blueprint corosync-2 Change-Id: I3700edaff004d287396286f3d86ed211acc8fab1 --- deployment/puppet/cluster/manifests/init.pp | 15 +- deployment/puppet/corosync/.fixtures.yml | 8 +- deployment/puppet/corosync/.gitignore | 5 +- deployment/puppet/corosync/.travis.yml | 35 +++ deployment/puppet/corosync/CHANGELOG | 44 +++ deployment/puppet/corosync/Gemfile | 16 + deployment/puppet/corosync/LICENSE | 201 +++++++++++++ deployment/puppet/corosync/Modulefile | 9 - deployment/puppet/corosync/manifests/init.pp | 283 ++++++++++++------ .../puppet/corosync/manifests/reprobe.pp | 5 +- .../puppet/corosync/manifests/service.pp | 3 +- .../{corosync.conf.erb => corosync1.conf.erb} | 23 +- ....conf.udpu.erb => corosync1.conf.udpu.erb} | 15 +- .../corosync/templates/corosync2.conf.erb | 66 ++++ .../templates/corosync2.conf.udpu.erb | 66 ++++ .../{corosync => openstack}/files/limits.conf | 0 .../puppet/openstack/manifests/corosync.pp | 157 +++++----- .../osnailyfacter/manifests/cluster_ha.pp | 6 +- 18 files changed, 741 insertions(+), 216 deletions(-) create mode 100644 deployment/puppet/corosync/.travis.yml create mode 100644 deployment/puppet/corosync/Gemfile create mode 100644 deployment/puppet/corosync/LICENSE delete mode 100644 deployment/puppet/corosync/Modulefile rename deployment/puppet/corosync/templates/{corosync.conf.erb => corosync1.conf.erb} (60%) rename deployment/puppet/corosync/templates/{corosync.conf.udpu.erb => corosync1.conf.udpu.erb} (74%) create mode 100644 deployment/puppet/corosync/templates/corosync2.conf.erb create mode 100644 deployment/puppet/corosync/templates/corosync2.conf.udpu.erb rename deployment/puppet/{corosync => openstack}/files/limits.conf (100%) diff --git a/deployment/puppet/cluster/manifests/init.pp b/deployment/puppet/cluster/manifests/init.pp index 06cdb7305e..020729ea42 100644 --- a/deployment/puppet/cluster/manifests/init.pp +++ b/deployment/puppet/cluster/manifests/init.pp @@ -5,27 +5,28 @@ class cluster ( $internal_address = '127.0.0.1', $unicast_addresses = undef, -) -{ - #todo: move half of openstack::corosync to this module, another half -- to Neutron_ha +) { + + #todo: move half of openstack::corosync + #to this module, another half -- to Neutron if defined(Stage['corosync_setup']) { class { 'openstack::corosync': bind_address => $internal_address, unicast_addresses => $unicast_addresses, - stage => 'corosync_setup' + stage => 'corosync_setup', } } else { class { 'openstack::corosync': bind_address => $internal_address, - unicast_addresses => $unicast_addresses + unicast_addresses => $unicast_addresses, } } file { 'ocf-fuel-path': ensure => directory, path =>'/usr/lib/ocf/resource.d/fuel', recurse => true, - owner => root, - group => root, + owner => 'root', + group => 'root', } Package['corosync'] -> File['ocf-fuel-path'] Package<| title == 'pacemaker' |> -> File['ocf-fuel-path'] diff --git a/deployment/puppet/corosync/.fixtures.yml b/deployment/puppet/corosync/.fixtures.yml index fecc1b9c2b..03ea6c47ca 100644 --- a/deployment/puppet/corosync/.fixtures.yml +++ b/deployment/puppet/corosync/.fixtures.yml @@ -1,5 +1,5 @@ fixtures: - repositories: - stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib" - symlinks: - corosync: "#{source_dir}" + repositories: + stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" + symlinks: + corosync: "#{source_dir}" diff --git a/deployment/puppet/corosync/.gitignore b/deployment/puppet/corosync/.gitignore index 40d901ec92..353d51f79d 100644 --- a/deployment/puppet/corosync/.gitignore +++ b/deployment/puppet/corosync/.gitignore @@ -1,2 +1,3 @@ -metadata.json -.externalToolBuilders +Gemfile.lock +spec/fixtures +.bundle diff --git a/deployment/puppet/corosync/.travis.yml b/deployment/puppet/corosync/.travis.yml new file mode 100644 index 0000000000..02f15332b3 --- /dev/null +++ b/deployment/puppet/corosync/.travis.yml @@ -0,0 +1,35 @@ +language: ruby +bundler_args: --without development +before_install: + - gem update --system 2.1.11 + - gem --version +script: "bundle exec rake spec SPEC_OPTS='--format documentation'" +rvm: + - 1.8.7 + - 1.9.3 + - 2.0.0 +env: + - PUPPET_GEM_VERSION="~> 2.7.0" + - PUPPET_GEM_VERSION="~> 3.0.0" + - PUPPET_GEM_VERSION="~> 3.1.0" + - PUPPET_GEM_VERSION="~> 3.2.0" + - PUPPET_GEM_VERSION="~> 3.3.0" + - PUPPET_GEM_VERSION="~> 3.4.0" +matrix: + exclude: + - rvm: 1.9.3 + env: PUPPET_GEM_VERSION="~> 2.7.0" + - rvm: 2.0.0 + env: PUPPET_GEM_VERSION="~> 2.7.0" + - rvm: 2.0.0 + env: PUPPET_GEM_VERSION="~> 3.0.0" + - rvm: 2.0.0 + env: PUPPET_GEM_VERSION="~> 3.1.0" + - rvm: 1.8.7 + env: PUPPET_GEM_VERSION="~> 3.2.0" + - rvm: 1.8.7 + env: PUPPET_GEM_VERSION="~> 3.3.0" + - rvm: 1.8.7 + env: PUPPET_GEM_VERSION="~> 3.4.0" +notifications: + email: false diff --git a/deployment/puppet/corosync/CHANGELOG b/deployment/puppet/corosync/CHANGELOG index 876ca8fd2e..bddb28404e 100644 --- a/deployment/puppet/corosync/CHANGELOG +++ b/deployment/puppet/corosync/CHANGELOG @@ -1,3 +1,47 @@ +2014-07-15 Release 0.6.0 + +Summary: + +This release adds support for the PCS provider. It also updates metadata.json +so the module can be uninstalled and upgraded via the puppet module command. + +Features: +- Add support for PCS provider + +2014-06-24 - Version 0.5.0 + +Summary: + +This module has undergone two years of development, and pretty much every +aspect of it has changed in some regard. I've tried to capture the key +changes below, but you should rely on the README to see how things work +now. + +Features: +- Added a new resource type cs_location. +- Make primitive utilization attributes managable. +- Added symmetrical parameter on cs_order (for ordering). +- Allow ordering of cs_groups. +- Allow to specify rrpmode and ttl. +- Allow to specifiy several rings. +- Permit broadcast. +- Allow more than two primitives per cs_colocation. +- Allow the authkey to be provided as a string. +- Add tests. +- Rework significant amounts of the provider code. + + +Bugs: +- Delete an existing cib to start fresh +- Only change /etc/defaults for corosync startup on Debian platforms +- Fix templates for Puppet 3.2+. +- Don't complain if cs_primitive doesn't have a utilization parameter. +- Consider within primitive operations. +- Changed osfamily check to include other operating systems. +- Updated node to node_name in cs_location function as 'node' is a reserved +name, this replacement allows cs_location to work correctly. + + 2012-10-14 - Version 0.1.0 - Added robustness for general corosync management (read the merges) - Added `cs_group` type diff --git a/deployment/puppet/corosync/Gemfile b/deployment/puppet/corosync/Gemfile new file mode 100644 index 0000000000..0c9691d2bd --- /dev/null +++ b/deployment/puppet/corosync/Gemfile @@ -0,0 +1,16 @@ +source 'https://rubygems.org' + +group :development, :test do + gem 'rake', :require => false + gem 'rspec-puppet', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'puppet-lint', :require => false +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/deployment/puppet/corosync/LICENSE b/deployment/puppet/corosync/LICENSE new file mode 100644 index 0000000000..297f85cfa8 --- /dev/null +++ b/deployment/puppet/corosync/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2013 Puppet Labs + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/deployment/puppet/corosync/Modulefile b/deployment/puppet/corosync/Modulefile deleted file mode 100644 index 5230d79aec..0000000000 --- a/deployment/puppet/corosync/Modulefile +++ /dev/null @@ -1,9 +0,0 @@ -name 'puppetlabs-corosync' -version '0.1.1' -source 'https://github.com/puppetlabs/puppetlabs-corosync.git' -author 'Mirantis Inc.' -license 'APL 2.0' -summary 'Sets up and manages Corosync' -description 'This module is a set of manifests and types/providers for quickly setting up highly available clusters using Corosync' -project_page 'https://github.com/puppetlabs/puppetlabs-corosync' -dependency 'puppetlabs/stdlib', '>= 2.3.1' diff --git a/deployment/puppet/corosync/manifests/init.pp b/deployment/puppet/corosync/manifests/init.pp index bc868a5f7e..d9c123d41e 100644 --- a/deployment/puppet/corosync/manifests/init.pp +++ b/deployment/puppet/corosync/manifests/init.pp @@ -10,8 +10,13 @@ # [*enable_secauth*] # Controls corosync's ability to authenticate and encrypt multicast messages. # +# [*authkey_source*] +# Allows to use either a file or a string as a authkey. +# Defaults to 'file'. Can be set to 'string'. +# # [*authkey*] -# Specifies the path to the CA which is used to sign Corosync's certificate. +# Specifies the path to the CA which is used to sign Corosync's certificate if +# authkey_source is 'file' or the actual authkey if 'string' is used instead. # # [*threads*] # How many threads you are going to let corosync use to encode and decode @@ -20,14 +25,18 @@ # # [*bind_address*] # The ip address we are going to bind the corosync daemon too. +# Can be specified as an array to have multiple rings (multicast only). # # [*port*] -# The udp port that corosync will use to do its multcast communication. Be +# The udp port that corosync will use to do its multicast communication. Be # aware that corosync used this defined port plus minus one. +# Can be specified as an array to have multiple rings (multicast only). # # [*multicast_address*] # An IP address that has been reserved for multicast traffic. This is the # default way that Corosync accomplishes communication across the cluster. +# Use 'broadcast' to have broadcast instead +# Can be specified as an array to have multiple rings (multicast only). # # [*unicast_addresses*] # An array of IP addresses that make up the cluster's members. These are @@ -47,6 +56,15 @@ # True/false parameter specifying whether Corosync should produce debug # output in its logs. # +# [*rrp_mode*] +# Mode of redundant ring. May be none, active, or passive. +# +# [*ttl*] +# Time To Live (multicast only). +# +# [*packages*] +# Define the list of software packages which should be installed. +# # === Examples # # class { 'corosync': @@ -63,82 +81,138 @@ # # Copyright 2012, Puppet Labs, LLC. # -class corosync ( - $enable_secauth = 'off', - $authkey = '/etc/puppet/ssl/certs/ca.pem', - $threads = 0, - $port = 5405, - $bind_address = $::ipaddress_eth0, - $multicast_address = "239.1.1.2", - $unicast_addresses = undef, - $force_online = false, - $check_standby = false, - $debug = false, +class corosync( + $enable_secauth = 'UNSET', + $authkey_source = 'file', + $authkey = '/etc/puppet/ssl/certs/ca.pem', + $threads = 'UNSET', + $port = 'UNSET', + $bind_address = 'UNSET', + $multicast_address = 'UNSET', + $unicast_addresses = 'UNSET', + $force_online = false, + $check_standby = false, + $debug = false, + $rrp_mode = 'none', + $ttl = false, + $packages = ['corosync', 'pacemaker'], + $corosync_version = '1', ) { # Making it possible to provide data with parameterized class declarations or # Console. + $threads_real = $threads ? { + 'UNSET' => $::threads ? { + undef => $::processorcount, + default => $::threads, + }, + default => $threads, + } - if $unicast_addresses == undef { - $corosync_conf = "${module_name}/corosync.conf.erb" + $port_real = $port ? { + 'UNSET' => $::port ? { + undef => '5405', + default => $::port, + }, + default => $port, + } + + $bind_address_real = $bind_address ? { + 'UNSET' => $::bind_address ? { + undef => $::ipaddress, + default => $::bind_address, + }, + default => $bind_address, + } + $unicast_addresses_real = $unicast_addresses ? { + 'UNSET' => $::unicast_addresses ? { + undef => 'UNSET', + default => $::unicast_addresses + }, + default => $unicast_addresses + } + if $unicast_addresses_real == 'UNSET' { + $corosync_conf = "${module_name}/corosync${corosync_version}.conf.erb" } else { - $corosync_conf = "${module_name}/corosync.conf.udpu.erb" + $corosync_conf = "${module_name}/corosync${corosync_version}.conf.udpu.erb" } # We use an if here instead of a selector since we need to fail the catalog if # this value is provided. This is emulating a required variable as defined in # parameterized class. - file { 'limitsconf': - ensure => present, - path => '/etc/security/limits.conf', - source => 'puppet:///modules/corosync/limits.conf', - replace => true, - owner => '0', - group => '0', - mode => '0644', - before => Service["corosync"], + # $multicast_address is NOT required if $unicast_address is provided + if $multicast_address == 'UNSET' and $unicast_addresses_real == 'UNSET' { + if ! $::multicast_address { + fail('You must provide a value for multicast_address') + } else { + $multicast_address_real = $::multicast_address + } + } else { + $multicast_address_real = $multicast_address } + if $enable_secauth == 'UNSET' { + case $::enable_secauth { + true: { $enable_secauth_real = 'on' } + false: { $enable_secauth_real = 'off' } + undef: { $enable_secauth_real = 'on' } + '': { $enable_secauth_real = 'on' } + default: { validate_re($::enable_secauth, '^true$|^false$') } + } + } else { + case $enable_secauth { + true: { $enable_secauth_real = 'on' } + false: { $enable_secauth_real = 'off' } + default: { fail('The enable_secauth class parameter requires a true or false boolean') } + } + } # Using the Puppet infrastructure's ca as the authkey, this means any node in # Puppet can join the cluster. Totally not ideal, going to come up with # something better. - if $enable_secauth == 'on' { - file { '/etc/corosync/authkey': - ensure => file, - source => $authkey, - mode => '0400', - owner => 'root', - group => 'root', - notify => Service['corosync'], + if $enable_secauth_real == 'on' { + case $authkey_source { + 'file': { + file { '/etc/corosync/authkey': + ensure => file, + source => $authkey, + mode => '0400', + owner => 'root', + group => 'root', + notify => Service['corosync'], + require => Package['corosync'], + } + } + 'string': { + file { '/etc/corosync/authkey': + ensure => file, + content => $authkey, + mode => '0400', + owner => 'root', + group => 'root', + notify => Service['corosync'], + require => Package['corosync'], + } + } + default: { + fail("authkey_source must be either 'file' or 'string'.") + } } } - if $::operatingsystem == 'Ubuntu' { - file { "/etc/init/corosync.override": - replace => "no", - ensure => "present", - content => "manual", - mode => '0644', - before => Package[corosync], - } - package {'python-pcs': ensure => present} -> - Package['pacemaker'] - } else { - package {'pcs': ensure => present} -> - package {'crmsh': ensure => present} -> - Package['pacemaker'] + + package {$packages: + ensure => present, } - package { ['corosync', 'pacemaker']: ensure => present } # Template uses: # - $unicast_addresses # - $multicast_address # - $debug - # - $bind_address - # - $port - # - $enable_secauth - # - $threads + # - $bind_address_real + # - $port_real + # - $enable_secauth_real + # - $threads_real file { '/etc/corosync/corosync.conf': ensure => file, mode => '0644', @@ -148,6 +222,11 @@ class corosync ( require => Package['corosync'], } + file { '/tmp/variable': + content => "${unicast_addresses}", + require => File['/etc/corosync/corosync.conf'], + } + file { '/etc/corosync/service.d': ensure => directory, mode => '0755', @@ -158,53 +237,69 @@ class corosync ( require => Package['corosync'] } - if $::osfamily == "RedHat" { - Package['pacemaker'] -> - file { '/var/lib/pacemaker': - ensure => directory, - mode => '0750', - owner => 'hacluster', - group => 'haclient', - } -> - file { '/var/lib/pacemaker/cores': - ensure => directory, - mode => '0750', - owner => 'hacluster', - group => 'haclient', - } -> - file { '/var/lib/pacemaker/cores/root': - ensure => directory, - mode => '0750', - owner => 'hacluster', - group => 'haclient', - } -> - Service['corosync'] + package { 'crmsh': + ensure => present, + before => Package['pacemaker'], } - if $::osfamily == 'Debian' { - exec { 'enable corosync': - command => 'sed -i s/START=no/START=yes/ /etc/default/corosync', - path => ['/bin', '/usr/bin'], - unless => 'grep START=yes /etc/default/corosync', - require => Package['corosync'], - before => Service['corosync'], - } - if $::operatingsystem == 'Ubuntu' { - exec { 'rm_corosync_override': - command => '/bin/rm -f /etc/init/corosync.override', - path => ['/bin', '/usr/bin'], + case $::osfamily { + 'RedHat': { + exec { 'enable corosync': + require => Package['corosync'], + before => Service['corosync'], + } + package { 'pcs': + ensure => present, + before => Package['pacemaker'], + } + file { ['/var/lib/pacemaker', + '/var/lib/pacemaker/cores', + '/var/lib/pacemaker/cores/root', + ]: + ensure => directory, + mode => '0750', + owner => 'hacluster', + group => 'haclient', + require => Package['pacemaker'], + before => Service['corosync'], } } + 'Debian': { + exec { 'enable corosync': + command => 'sed -i s/START=no/START=yes/ /etc/default/corosync', + path => [ '/bin', '/usr/bin' ], + unless => 'grep START=yes /etc/default/corosync', + require => Package['corosync'], + before => Service['corosync'], + } + if $::operatingsystem == 'Ubuntu' { + package {'python-pcs': + ensure => present, + before => Package['pacemaker'], + } + file { "/etc/init/corosync.override": + replace => "no", + ensure => "present", + content => "manual", + mode => '0644', + before => Package['corosync'], + } + exec { 'rm_corosync_override': + command => '/bin/rm -f /etc/init/corosync.override', + path => ['/bin', '/usr/bin'], + require => Package['corosync'], + } + } + } + default: {} } - if $check_standby == true { # Throws a puppet error if node is on standby exec { 'check_standby node': command => 'echo "Node appears to be on standby" && false', - path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], - onlyif => "crm node status|grep ${::hostname}-standby| - grep 'value=\"on\"'", + path => [ '/bin', '/usr/bin', '/sbin', '/usr/sbin' ], + onlyif => "crm node status|grep ${::hostname}-standby|grep 'value=\"on\"'", require => Service['corosync'], } } @@ -212,9 +307,8 @@ class corosync ( if $force_online == true { exec { 'force_online node': command => 'crm node online', - path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], - onlyif => "crm node status|grep ${::hostname}-standby| - grep 'value=\"on\"'", + path => [ '/bin', '/usr/bin', '/sbin', '/usr/sbin' ], + onlyif => "crm node status|grep ${::hostname}-standby|grep 'value=\"on\"'", require => Service['corosync'], } } @@ -222,9 +316,6 @@ class corosync ( service { 'corosync': ensure => running, enable => true, - hasrestart => true, - hasstatus => true, - subscribe => File[['/etc/corosync/corosync.conf', '/etc/corosync/service.d']], + subscribe => File[ [ '/etc/corosync/corosync.conf', '/etc/corosync/service.d' ] ], } - } diff --git a/deployment/puppet/corosync/manifests/reprobe.pp b/deployment/puppet/corosync/manifests/reprobe.pp index 66ef20f0b4..aac06c98d7 100644 --- a/deployment/puppet/corosync/manifests/reprobe.pp +++ b/deployment/puppet/corosync/manifests/reprobe.pp @@ -16,10 +16,8 @@ # class corosync::reprobe { exec { 'crm resource reprobe': - command => 'crm resource reprobe || :', - path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], + path => ['/bin','/usr/bin','/sbin','/usr/sbin'], refreshonly => true, - timeout => 600, } Cs_resource <| |> { notify => Exec['crm resource reprobe'], @@ -30,7 +28,6 @@ class corosync::reprobe { Cs_location <| |> { notify => Exec['crm resource reprobe'], } - Cs_order <| |> { notify => Exec['crm resource reprobe'], } diff --git a/deployment/puppet/corosync/manifests/service.pp b/deployment/puppet/corosync/manifests/service.pp index de258d4792..a40a5e72b1 100644 --- a/deployment/puppet/corosync/manifests/service.pp +++ b/deployment/puppet/corosync/manifests/service.pp @@ -30,7 +30,8 @@ # # Copyright 2012 Puppet Labs, LLC. # -define corosync::service ($version) { +define corosync::service($version) { + file { "/etc/corosync/service.d/${name}": ensure => file, content => template("${module_name}/service.erb"), diff --git a/deployment/puppet/corosync/templates/corosync.conf.erb b/deployment/puppet/corosync/templates/corosync1.conf.erb similarity index 60% rename from deployment/puppet/corosync/templates/corosync.conf.erb rename to deployment/puppet/corosync/templates/corosync1.conf.erb index cf171d8a69..0c569096a3 100644 --- a/deployment/puppet/corosync/templates/corosync.conf.erb +++ b/deployment/puppet/corosync/templates/corosync1.conf.erb @@ -7,15 +7,24 @@ totem { vsftype: none max_messages: 20 clear_node_high_bit: yes - rrp_mode: none - secauth: <%= @enable_secauth %> - threads: <%= @threads %> + rrp_mode: <%= @rrp_mode %> + secauth: <%= @enable_secauth_real %> + threads: <%= @threads_real %> +<% [@bind_address_real].flatten.each_index do |i| -%> interface { - ringnumber: 0 - bindnetaddr: <%= @bind_address %> - mcastaddr: <%= @multicast_address %> - mcastport: <%= @port %> + ringnumber: <%= i %> + bindnetaddr: <%= [@bind_address_real].flatten[i] %> +<% if [@multicast_address_real].flatten[i] == 'broadcast' -%> + broadcast: yes +<% else -%> + mcastaddr: <%= [@multicast_address_real].flatten[i] %> + mcastport: <%= [@port_real].flatten[i] %> +<% end -%> +<% if @ttl -%> + ttl: <%= @ttl %> +<% end -%> } +<% end -%> } logging { diff --git a/deployment/puppet/corosync/templates/corosync.conf.udpu.erb b/deployment/puppet/corosync/templates/corosync1.conf.udpu.erb similarity index 74% rename from deployment/puppet/corosync/templates/corosync.conf.udpu.erb rename to deployment/puppet/corosync/templates/corosync1.conf.udpu.erb index fc2f2fed20..9e1b72c2da 100644 --- a/deployment/puppet/corosync/templates/corosync.conf.udpu.erb +++ b/deployment/puppet/corosync/templates/corosync1.conf.udpu.erb @@ -7,19 +7,22 @@ totem { vsftype: none max_messages: 20 clear_node_high_bit: yes - rrp_mode: none - secauth: <%= @enable_secauth %> - threads: <%= @threads %> + rrp_mode: <%= @rrp_mode %> + secauth: <%= @enable_secauth_real %> + threads: <%= @threads_real %> transport: udpu interface { -<% @unicast_addresses.sort.each do |hostname,addr| -%> +<% @unicast_addresses.each do |addr| -%> member { memberaddr: <%= addr %> } <% end -%> ringnumber: 0 - bindnetaddr: <%= @bind_address %> - mcastport: <%= @port %> + bindnetaddr: <%= @bind_address_real %> + mcastport: <%= @port_real %> +<% if @ttl -%> + ttl: <%= @ttl %> +<% end -%> } } diff --git a/deployment/puppet/corosync/templates/corosync2.conf.erb b/deployment/puppet/corosync/templates/corosync2.conf.erb new file mode 100644 index 0000000000..3e15d99fcd --- /dev/null +++ b/deployment/puppet/corosync/templates/corosync2.conf.erb @@ -0,0 +1,66 @@ +compatibility: whitetank + +totem { + version: 2 + token: 3000 + token_retransmits_before_loss_const: 10 + join: 60 + consensus: 3600 + vsftype: none + max_messages: 20 + clear_node_high_bit: yes + rrp_mode: none + secauth: <%= @enable_secauth_real %> + threads: <%= @threads_real %> + interface { + ringnumber: 0 + bindnetaddr: <%= @bind_address_real %> + mcastaddr: <%= @multicast_address_real %> + mcastport: <%= @port_real %> + } +} +quorum { + provider: corosync_votequorum + <% if @unicast_addresses.length == 2 %> + two_node: 1 + <% else %> + two_node: 0 + <% end %> + } + +nodelist { + <% id = 0 %> + <% @unicast_addresses.each do |node| %> + node { + ring0_addr: <%= node %> + nodeid: <%= id+=1 %> + } + <% end %> + } + + + +logging { + fileline: off + to_stderr: yes + to_logfile: yes + to_syslog: no + logfile: /var/log/corosync.log + syslog_facility: daemon + debug: <%= scope.lookupvar('debug') ? 'on' : 'off' %> + timestamp: on + logger_subsys { + subsys: AMF + debug: off + tags: enter|leave|trace1|trace2|trace3|trace4|trace6 + } +} + +amf { + mode: disabled +} + +aisexec { + user: root + group: root +} diff --git a/deployment/puppet/corosync/templates/corosync2.conf.udpu.erb b/deployment/puppet/corosync/templates/corosync2.conf.udpu.erb new file mode 100644 index 0000000000..d57e9d57e4 --- /dev/null +++ b/deployment/puppet/corosync/templates/corosync2.conf.udpu.erb @@ -0,0 +1,66 @@ +compatibility: whitetank + +totem { + version: 2 + token: 3000 + token_retransmits_before_loss_const: 10 + join: 60 + consensus: 3600 + vsftype: none + max_messages: 20 + clear_node_high_bit: yes + rrp_mode: none + secauth: <%= @enable_secauth_real %> + threads: <%= @threads_real %> + transport: udpu + interface { + ringnumber: 0 + bindnetaddr: <%= @bind_address_real %> + mcastaddr: <%= @multicast_address_real %> + mcastport: <%= @port_real %> + } +} + +quorum { + provider: corosync_votequorum + <% if @unicast_addresses.length == 2 %> + two_node: 1 + <% else %> + two_node: 0 + <% end %> + } + +nodelist { + <% id = 0 %> + <% @unicast_addresses.each do |node| %> + node { + ring0_addr: <%= node %> + nodeid: <%= id+=1 %> + } + <% end %> + } + +logging { + fileline: off + to_stderr: yes + to_logfile: yes + to_syslog: no + logfile: /var/log/corosync.log + syslog_facility: daemon + debug: <%= scope.lookupvar('debug') ? 'on' : 'off' %> + timestamp: on + logger_subsys { + subsys: AMF + debug: off + tags: enter|leave|trace1|trace2|trace3|trace4|trace6 + } +} + +amf { + mode: disabled +} + +aisexec { + user: root + group: root +} diff --git a/deployment/puppet/corosync/files/limits.conf b/deployment/puppet/openstack/files/limits.conf similarity index 100% rename from deployment/puppet/corosync/files/limits.conf rename to deployment/puppet/openstack/files/limits.conf diff --git a/deployment/puppet/openstack/manifests/corosync.pp b/deployment/puppet/openstack/manifests/corosync.pp index d9ab081d22..c02c1a6d3d 100644 --- a/deployment/puppet/openstack/manifests/corosync.pp +++ b/deployment/puppet/openstack/manifests/corosync.pp @@ -1,87 +1,90 @@ -# todo: move this file and ocf scripts to cluster module -# todo: refactor neutron-* ocf scripts class openstack::corosync ( - $bind_address = '127.0.0.1', - $multicast_address = '239.1.1.2', - $secauth = 'off', - $stonith = 'false', - $quorum_policy = 'ignore', - $expected_quorum_votes = "2", - $unicast_addresses = undef + $bind_address = '127.0.0.1', + $multicast_address = '239.1.1.2', + $secauth = false, + $stonith = false, + $quorum_policy = 'ignore', + $expected_quorum_votes = '2', + $unicast_addresses = undef ) { + file { 'limitsconf': + ensure => present, + path => '/etc/security/limits.conf', + source => 'puppet:///modules/openstack/limits.conf', + replace => true, + owner => '0', + group => '0', + mode => '0644', + before => Service['corosync'], + } -anchor {'corosync':} + anchor {'corosync':} -Anchor['corosync'] -> Cs_property<||> + Anchor['corosync'] -> Cs_property<||> -#Define shadow CIB + Class['::corosync']->Cs_shadow<||> + Class['::corosync']->Cs_property<||>->Cs_resource<||> + Cs_property<||>->Cs_shadow<||> -#Cs_resource {cib => 'shadow'} -#Cs_property {cib => 'shadow'} -#Cs_order {cib => 'shadow'} -#Cs_colocation {cib => 'shadow'} -#Cs_group {cib => 'shadow'} + Cs_property['no-quorum-policy']-> + Cs_property['stonith-enabled']-> + Cs_property['start-failure-is-fatal'] -Class['::corosync']->Cs_shadow<||> -Class['::corosync']->Cs_property<||>->Cs_resource<||> -Cs_property<||>->Cs_shadow<||> -Cs_property['no-quorum-policy']->Cs_property['stonith-enabled']->Cs_property['start-failure-is-fatal'] + file {'filter_quantum_ports.py': + path =>'/usr/bin/filter_quantum_ports.py', + mode => '0744', + owner => root, + group => root, + source => 'puppet:///modules/openstack/filter_quantum_ports.py', + } -file {'filter_quantum_ports.py': - path =>'/usr/bin/filter_quantum_ports.py', - mode => '0744', - #require =>[Package['corosync'],File['/root/openrc']], - #require =>Package['corosync'], - owner => root, - group => root, - source => "puppet:///modules/openstack/filter_quantum_ports.py", -} - -Anchor['corosync'] -> -corosync::service { 'pacemaker': - version => '0', -} -Corosync::Service['pacemaker'] ~> Service['corosync'] -Corosync::Service['pacemaker'] -> Anchor['corosync-done'] - -class { '::corosync': - enable_secauth => $secauth, - bind_address => $bind_address, - multicast_address => $multicast_address, - unicast_addresses => $unicast_addresses -} -> Anchor['corosync-done'] - -#cs_property { 'expected-quorum-votes': -# ensure => present, -# value => $expected_quorum_votes -#} - -cs_property { 'no-quorum-policy': - ensure => present, - value => $quorum_policy, - retries => 5 -} -> Anchor['corosync-done'] - -cs_property { 'stonith-enabled': - ensure => present, - value => $stonith, -} -> Anchor['corosync-done'] - -cs_property { 'start-failure-is-fatal': - ensure => present, - value => "false", -} -> Anchor['corosync-done'] - -cs_property { 'symmetric-cluster': - ensure => present, - value => "false", -} -> Anchor['corosync-done'] - -#cs_property { 'placement-strategy': -# ensure => absent, -# value => 'default', -#} - -anchor {'corosync-done':} + Anchor['corosync'] -> + corosync::service { 'pacemaker': + version => '0', + } + Corosync::Service['pacemaker'] ~> Service['corosync'] + Corosync::Service['pacemaker'] -> Anchor['corosync-done'] + + + class { '::corosync': + enable_secauth => $secauth, + bind_address => $bind_address, + multicast_address => $multicast_address, + unicast_addresses => $unicast_addresses, + corosync_version => '2', + } -> Anchor['corosync-done'] + + #cs_property { 'expected-quorum-votes': + # ensure => present, + # value => $expected_quorum_votes + #} + + cs_property { 'no-quorum-policy': + ensure => present, + value => $quorum_policy, + retries => 5 + } -> Anchor['corosync-done'] + + cs_property { 'stonith-enabled': + ensure => present, + value => $stonith, + } -> Anchor['corosync-done'] + + cs_property { 'start-failure-is-fatal': + ensure => present, + value => false, + } -> Anchor['corosync-done'] + + cs_property { 'symmetric-cluster': + ensure => present, + value => false, + } -> Anchor['corosync-done'] + + #cs_property { 'placement-strategy': + # ensure => absent, + # value => 'default', + #} + + anchor {'corosync-done':} } diff --git a/deployment/puppet/osnailyfacter/manifests/cluster_ha.pp b/deployment/puppet/osnailyfacter/manifests/cluster_ha.pp index 03a0cd74cb..db020ec3d0 100644 --- a/deployment/puppet/osnailyfacter/manifests/cluster_ha.pp +++ b/deployment/puppet/osnailyfacter/manifests/cluster_ha.pp @@ -32,8 +32,8 @@ class osnailyfacter::cluster_ha { $cinder_nodes_array = [] } - # All hash assignment from a dimensional hash must be in the local scope or they will - # be undefined (don't move to site.pp) + # All hash assignment from a dimensional hash must be in the local scope or + # they will be undefined (don't move to site.pp) #These aren't always present. if !$::fuel_settings['sahara'] { @@ -517,7 +517,7 @@ class osnailyfacter::cluster_ha { class { '::cluster': stage => 'corosync_setup', internal_address => $::internal_address, - unicast_addresses => $::osnailyfacter::cluster_ha::controller_internal_addresses, + unicast_addresses => $::osnailyfacter::cluster_ha::controller_nodes, } Class['::cluster']->