The current implementation is not compliant with the latest lint
packages. Because TripleO is being retired soon, instead of fixing
the job, let's make it non-voting so that we can merge some last-minute
The recent change in puppetlabs-haproxy introduced data type check
and now the ports parameter accept only string or array of strings and
no longer accepts an integer.
This ensures the value is converted to avoid validation errors.
Sometimes different services require the same collectd plugin. For
example, ceph-osd and ceph-mon require the common ceph.
This change makes sure that such duplicate requirements do not cause
resource declaration error.
This change is wallaby-backport-potential.
This enables the ironic::nova class, to manage [nova] options in
ironic.conf, to disable/enable power notifications from ironic to
... because it was deprecated several cycles ago in favor of renaming
to Dell/EMC SC driver. The resource template to use this implementation
was already removed from t-h-t by .
The heartbeat_key parameter of the octavia::health_manager class has
been migrated to the octavia::controller class, because it is used by
multiple services, and the old parameter has been removed by .
This updates the test hieradata to make sure the new parameter is set.
This commit extends the fencing manifest to make use of a
"fence_watchdog" device and allows using the resulting "watchdog"
resource in a stonith topology.
In order for this to work the cluster must have been configured with
sbd, either manually or via 'pacemaker::corosync::enable_sbd: true'.
In addition, the fence_watchdog resource needs a supported watchdog
timer device to perform the self fencing.
The fence_watchdog configuration is very much opinionated:
- it assumes the resource name to be 'watchdog' (hardcoded in pacemaker)
- it only supports "all or nothing" scenario, in which all the cluster
nodes need to make use of it
- it is not supported to be used with pacemaker_remote nodes
The fencing creation logic has been adjusted to use the pacemaker
boostrap node to create the watchdog resource and the stonith topology
for all the nodes in the cluster (since this is a single shared
resource we couldn't reuse the old "every man for himself" logic).
fence_watchdog device can be defined like any other fencing device
via fencing.yaml or equivalent:
- agent: fence_watchdog
Ideally fence_watchdog should be used a last resort, and so placed
at the bottom of a stonith topology where power-based fencing agents
are the primary choice for fencing.
The default value for stonith-watchdog-timeout (60s) can be
overridden via tripleo::fencing::watchdog_timeout .
mysql_bundle.pp has been modified to be able to configure --pids-limit option
using a template. By default the parameter remains 'undef' when not specified.
When "tripleo::profile::pacemaker::database::mysql_bundle::pids_limit:" is used
as an ExtraConfig it will automatically set the value in the Galera cluster
... because these services are no longer supported by t-h-t. This
allows us to remove puppet-fdio, which looks unmaintained, from
OSSN-0090  recommends deploying two instances of the glance-api
service: a "user facing" service, plus an "internal" service that is
accessible via keystone's internal endpoint.
To support this, the tripleo::profile::base::glance::api class is
enhanced to allow overriding certain associated glance::api parameters.
This makes it possible to override parameters when including the
glance::api class in order to facilitate configuring two different
instances of the glance-api service, each with their own configuration.
The tripleo::haproxy class is enhanced to provide HA support for running
the internal glance-api service on its own TCP port (defaults to 9293).
This commit allows to inject arbitrary arguments into the
Operators should be extremely careful in doing so as there is no
validation or syntax checking whatsoever.
wsrep_provider_options = evs.suspect_timeout=PT30S;gcache.recover=no;gmcast.listen_addr=tcp://172.17.0.151:4567;socket.ssl_key=/etc/pki/tls/private/mysql.key;socket.ssl_cert=/etc/pki/tls/certs/mysql.crt;socket.ssl_cipher=AES128-SHA256;socket.ssl_ca=/etc/ipa/ca.crt;