Use pcs 0.9 style authkey/remotes when doing an upgrade
We leverage the _override keys for pacemaker and pacemaker_remote services in order to decide if we should use the old way of managing remotes (managed authkey and pcs 0.9 way of doing remotes). The pacemaker_remote override keys are introduced via https://review.opendev.org/741610 Related-Bug: #1888398 Change-Id: Iad23663d6c98e4fd3a507980638870e0ad0cee45 (cherry picked from commit5cb4565c01
) (cherry picked from commit16bb6f5d7f
)
This commit is contained in:
parent
d833f86083
commit
7d21ae36fa
|
@ -121,6 +121,14 @@ class tripleo::profile::base::pacemaker (
|
||||||
if $pcs_password == undef {
|
if $pcs_password == undef {
|
||||||
fail('The $pcs_password param is undefined, did you forget to include ::tripleo::profile::base::pacemaker in your role?')
|
fail('The $pcs_password param is undefined, did you forget to include ::tripleo::profile::base::pacemaker in your role?')
|
||||||
}
|
}
|
||||||
|
# During FFU when override keys are set we need to use the old authkey style
|
||||||
|
# This should be kept until FFU from CentOS 7->8 is being supported
|
||||||
|
if count(hiera('pacemaker_node_ips_override', [])) > 0 {
|
||||||
|
$force_old_style_remotes_real = true
|
||||||
|
} else {
|
||||||
|
$force_old_style_remotes_real = false
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
Pcmk_resource <| |> {
|
Pcmk_resource <| |> {
|
||||||
tries => 10,
|
tries => 10,
|
||||||
|
@ -188,6 +196,7 @@ class tripleo::profile::base::pacemaker (
|
||||||
setup_cluster => $pacemaker_master,
|
setup_cluster => $pacemaker_master,
|
||||||
cluster_setup_extras => $cluster_setup_extras,
|
cluster_setup_extras => $cluster_setup_extras,
|
||||||
remote_authkey => $remote_authkey,
|
remote_authkey => $remote_authkey,
|
||||||
|
force_authkey => $force_old_style_remotes_real,
|
||||||
cluster_members_addr => $pacemaker_node_ips_real,
|
cluster_members_addr => $pacemaker_node_ips_real,
|
||||||
pcsd_bind_addr => $pcsd_bind_addr,
|
pcsd_bind_addr => $pcsd_bind_addr,
|
||||||
tls_priorities => $tls_priorities,
|
tls_priorities => $tls_priorities,
|
||||||
|
@ -245,6 +254,9 @@ class tripleo::profile::base::pacemaker (
|
||||||
try_sleep => $remote_try_sleep,
|
try_sleep => $remote_try_sleep,
|
||||||
pcs_user => $pcs_user,
|
pcs_user => $pcs_user,
|
||||||
pcs_password => $pcs_password,
|
pcs_password => $pcs_password,
|
||||||
|
# When we force the use of old style remotes we must also use --force
|
||||||
|
force => $force_old_style_remotes_real,
|
||||||
|
force_oldstyle => $force_old_style_remotes_real,
|
||||||
before => Exec["exec-wait-for-${remote_short_node}"],
|
before => Exec["exec-wait-for-${remote_short_node}"],
|
||||||
notify => Exec["exec-wait-for-${remote_short_node}"],
|
notify => Exec["exec-wait-for-${remote_short_node}"],
|
||||||
}
|
}
|
||||||
|
|
|
@ -69,12 +69,20 @@ class tripleo::profile::base::pacemaker_remote (
|
||||||
|
|
||||||
include ::pacemaker::params
|
include ::pacemaker::params
|
||||||
|
|
||||||
|
# During FFU when override keys are set we need to use the old authkey style
|
||||||
|
# This should be kept until FFU from CentOS 7->8 is being supported
|
||||||
|
if count(hiera('pacemaker_remote_node_ips_override', [])) > 0 {
|
||||||
|
$force_authkey = true
|
||||||
|
} else {
|
||||||
|
$force_authkey = false
|
||||||
|
}
|
||||||
class { '::pacemaker::remote':
|
class { '::pacemaker::remote':
|
||||||
pcs_user => $pcs_user,
|
pcs_user => $pcs_user,
|
||||||
pcs_password => $pcs_password,
|
pcs_password => $pcs_password,
|
||||||
remote_authkey => $remote_authkey,
|
remote_authkey => $remote_authkey,
|
||||||
use_pcsd => $pacemaker::params::pcs_010,
|
use_pcsd => $pacemaker::params::pcs_010,
|
||||||
pcsd_bind_addr => $pcsd_bind_addr,
|
pcsd_bind_addr => $pcsd_bind_addr,
|
||||||
|
force_authkey => $force_authkey,
|
||||||
tls_priorities => $tls_priorities,
|
tls_priorities => $tls_priorities,
|
||||||
}
|
}
|
||||||
if str2bool(hiera('docker_enabled', false)) {
|
if str2bool(hiera('docker_enabled', false)) {
|
||||||
|
|
Loading…
Reference in New Issue