puppet-tripleo/manifests/pacemaker/haproxy_with_vip.pp
Michele Baldessari 8e4c5065a6 Fix nic selection when no nic is specified
This is a way to reinstate change
https://review.opendev.org/c/openstack/puppet-tripleo/+/761833 which was
supposed to remove a workaround for VIP selection on IPv6. Turns out
the workaround is still needed because the resource-agent for IPaddr2
is still problematic with IPv6:
https://bugzilla.redhat.com/show_bug.cgi?id=1902851

With this change we still force a nic when using ipv6 except in the
case a user specifies the nic via the tripleo::pacemaker::force_nic
hiera key.

Tested this and I can correctly bind the VIPs as expected:
    tripleo::pacemaker::force_nic: lo
    force_vip_nic_overrides:
      redis_vip: vlan20
      ovn_dbs_vip: vlan20

[root@controller-2 ~]# grep -ir ovn_dbs_v /etc/puppet/hieradata/
/etc/puppet/hieradata/all_nodes.json:    "ovn_dbs_vip": "172.17.1.107",
/etc/puppet/hieradata/extraconfig.json:        "ovn_dbs_vip": "vlan20",
[root@controller-2 ~]# ip -o a |grep 17.1.107/32
10: vlan20    inet 172.17.1.107/32 brd 172.17.1.255 scope global vlan20\
    valid_lft forever preferred_lft forever

Change-Id: I14bfaf0060093811cddf0cdd9a130b91a3cd0477
(cherry picked from commit c47aa021f0)
2020-12-20 07:53:43 +00:00

136 lines
4.1 KiB
Puppet

# Copyright 2016 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Define: tripleo::pacemaker::haproxy_with_vip
#
# Configure the vip with the haproxy under pacemaker
#
# === Parameters:
#
# [*vip_name*]
# (String) Logical name of the vip (control, public, storage ...)
# Required
#
# [*ip_address*]
# (String) IP address on which HAProxy is colocated
# Required
#
# [*location_rule*]
# (optional) Add a location constraint before actually enabling
# the resource. Must be a hash like the following example:
# location_rule => {
# resource_discovery => 'exclusive', # optional
# role => 'master|slave', # optional
# score => 0, # optional
# score_attribute => foo, # optional
# # Multiple expressions can be used
# expression => ['opsrole eq controller']
# }
# Defaults to undef
#
# [*meta_params*]
# (optional) Additional meta parameters to pass to "pcs resource create" for the VIP
# Defaults to ''
#
# [*op_params*]
# (optional) Additional op parameters to pass to "pcs resource create" for the VIP
# Defaults to ''
#
# [*pcs_tries*]
# (Optional) The number of times pcs commands should be retried.
# Defaults to 1
#
# [*nic*]
# (Optional) Specifies the nic interface on which the VIP should be added
# Defaults to undef
#
# [*ensure*]
# (Boolean) Create the all the resources only if true. False won't
# destroy the resource, it will just not create them.
# Default to true
#
define tripleo::pacemaker::haproxy_with_vip(
$vip_name,
$ip_address,
$location_rule = undef,
$meta_params = '',
$op_params = '',
$pcs_tries = 1,
$nic = undef,
$ensure = true)
{
if($ensure) {
if !is_ip_addresses($ip_address) {
fail("Haproxy VIP: ${ip_address} is not a proper IP address.")
}
if is_ipv6_address($ip_address) {
$netmask = '128'
$vip_nic = interface_for_ip($ip_address)
$ipv6_addrlabel = '99'
} else {
$netmask = '32'
$vip_nic = ''
$ipv6_addrlabel = ''
}
if $nic != undef {
$nic_real = $nic
} else {
$nic_real = $vip_nic
}
$haproxy_in_container = hiera('haproxy_docker', false)
$constraint_target_name = $haproxy_in_container ? {
true => 'haproxy-bundle',
default => 'haproxy-clone'
}
pacemaker::resource::ip { "${vip_name}_vip":
ip_address => $ip_address,
cidr_netmask => $netmask,
nic => $nic_real,
ipv6_addrlabel => $ipv6_addrlabel,
meta_params => "resource-stickiness=INFINITY ${meta_params}",
location_rule => $location_rule,
op_params => $op_params,
tries => $pcs_tries,
}
pacemaker::constraint::order { "${vip_name}_vip-then-haproxy":
first_resource => "ip-${ip_address}",
second_resource => $constraint_target_name,
first_action => 'start',
second_action => 'start',
constraint_params => 'kind=Optional',
tries => $pcs_tries,
}
pacemaker::constraint::colocation { "${vip_name}_vip-with-haproxy":
source => "ip-${ip_address}",
target => $constraint_target_name,
score => 'INFINITY',
tries => $pcs_tries,
}
$service_resource = $haproxy_in_container ? {
true => Pacemaker::Resource::Bundle['haproxy-bundle'],
default => Pacemaker::Resource::Service['haproxy']
}
Pacemaker::Resource::Ip["${vip_name}_vip"]
-> $service_resource
-> Pacemaker::Constraint::Order["${vip_name}_vip-then-haproxy"]
-> Pacemaker::Constraint::Colocation["${vip_name}_vip-with-haproxy"]
}
}