2018-03-05 19:28:35 +01:00
|
|
|
heat_template_version: rocky
|
2016-11-22 22:27:34 +01:00
|
|
|
|
|
|
|
description: >
|
|
|
|
Pacemaker remote service configured with Puppet
|
|
|
|
|
|
|
|
parameters:
|
2017-06-22 17:25:03 +02:00
|
|
|
ServiceData:
|
|
|
|
default: {}
|
|
|
|
description: Dictionary packing service data
|
|
|
|
type: json
|
2016-11-22 22:27:34 +01:00
|
|
|
ServiceNetMap:
|
|
|
|
default: {}
|
|
|
|
description: Mapping of service_name -> network name. Typically set
|
|
|
|
via parameter_defaults in the resource registry. This
|
|
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
|
|
type: json
|
2017-02-24 06:27:58 -05:00
|
|
|
RoleName:
|
|
|
|
default: ''
|
|
|
|
description: Role name on which the service is applied
|
|
|
|
type: string
|
|
|
|
RoleParameters:
|
|
|
|
default: {}
|
|
|
|
description: Parameters specific to the role
|
|
|
|
type: json
|
2016-11-22 22:27:34 +01:00
|
|
|
EndpointMap:
|
|
|
|
default: {}
|
|
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
|
|
via parameter_defaults in the resource registry.
|
|
|
|
type: json
|
|
|
|
PacemakerRemoteAuthkey:
|
|
|
|
type: string
|
|
|
|
description: The authkey for the pacemaker remote service.
|
|
|
|
hidden: true
|
2017-08-08 21:27:48 +02:00
|
|
|
PcsdPassword:
|
|
|
|
type: string
|
|
|
|
description: The password for the 'pcsd' user for pacemaker.
|
|
|
|
hidden: true
|
2016-11-22 22:27:34 +01:00
|
|
|
MonitoringSubscriptionPacemakerRemote:
|
|
|
|
default: 'overcloud-pacemaker_remote'
|
|
|
|
type: string
|
2017-04-25 16:03:10 +01:00
|
|
|
EnableFencing:
|
|
|
|
default: false
|
|
|
|
description: Whether to enable fencing in Pacemaker or not.
|
|
|
|
type: boolean
|
|
|
|
FencingConfig:
|
|
|
|
default: {}
|
|
|
|
description: |
|
|
|
|
Pacemaker fencing configuration. The JSON should have
|
|
|
|
the following structure:
|
|
|
|
{
|
|
|
|
"devices": [
|
|
|
|
{
|
|
|
|
"agent": "AGENT_NAME",
|
|
|
|
"host_mac": "HOST_MAC_ADDRESS",
|
|
|
|
"params": {"PARAM_NAME": "PARAM_VALUE"}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
For instance:
|
|
|
|
{
|
|
|
|
"devices": [
|
|
|
|
{
|
|
|
|
"agent": "fence_xvm",
|
|
|
|
"host_mac": "52:54:00:aa:bb:cc",
|
|
|
|
"params": {
|
|
|
|
"multicast_address": "225.0.0.12",
|
|
|
|
"port": "baremetal_0",
|
|
|
|
"manage_fw": true,
|
|
|
|
"manage_key_file": true,
|
|
|
|
"key_file": "/etc/fence_xvm.key",
|
|
|
|
"key_file_password": "abcdef"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
type: json
|
2016-11-22 22:27:34 +01:00
|
|
|
PacemakerRemoteLoggingSource:
|
|
|
|
type: json
|
|
|
|
default:
|
|
|
|
tag: system.pacemaker_remote
|
2019-07-03 11:49:46 +02:00
|
|
|
file: /var/log/pacemaker.log
|
|
|
|
startmsg.regex: ^[^ ]*\s*[^ ]* [^ ]* \[[^ ]*\] [^ ]*
|
2016-11-22 22:27:34 +01:00
|
|
|
|
|
|
|
outputs:
|
|
|
|
role_data:
|
|
|
|
description: Role data for the Pacemaker remote role.
|
|
|
|
value:
|
|
|
|
service_name: pacemaker_remote
|
2019-08-19 10:38:24 -05:00
|
|
|
firewall_rules:
|
|
|
|
'130 pacemaker_remote tcp':
|
|
|
|
proto: 'tcp'
|
|
|
|
dport:
|
|
|
|
- 3121
|
2016-11-22 22:27:34 +01:00
|
|
|
monitoring_subscription: {get_param: MonitoringSubscriptionPacemakerRemote}
|
|
|
|
config_settings:
|
2017-04-25 16:03:10 +01:00
|
|
|
tripleo::fencing::config: {get_param: FencingConfig}
|
2019-09-12 18:20:01 +02:00
|
|
|
tripleo::fencing::deep_compare: true
|
2017-04-25 16:03:10 +01:00
|
|
|
enable_fencing: {get_param: EnableFencing}
|
2016-11-22 22:27:34 +01:00
|
|
|
tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey}
|
2019-12-09 12:29:06 +09:00
|
|
|
tripleo::profile::base::pacemaker_remote::pcsd_bind_addr:
|
|
|
|
str_replace:
|
|
|
|
template:
|
|
|
|
"%{hiera('$NETWORK')}"
|
|
|
|
params:
|
|
|
|
$NETWORK: {get_param: [ServiceNetMap, PacemakerRemoteNetwork]}
|
2017-08-08 21:27:48 +02:00
|
|
|
pacemaker::corosync::manage_fw: false
|
2021-02-12 09:53:59 +05:30
|
|
|
hacluster_pwd: {get_param: PcsdPassword}
|
2017-08-24 21:29:44 -07:00
|
|
|
service_config_settings:
|
2019-07-03 11:49:46 +02:00
|
|
|
rsyslog:
|
|
|
|
tripleo_logging_sources_pacemaker_remote:
|
2017-08-24 21:29:44 -07:00
|
|
|
- {get_param: PacemakerRemoteLoggingSource}
|
2016-11-22 22:27:34 +01:00
|
|
|
step_config: |
|
2020-04-09 21:07:34 +09:00
|
|
|
include tripleo::profile::base::pacemaker_remote
|
2020-07-17 12:13:03 +02:00
|
|
|
upgrade_tasks:
|
|
|
|
- name: Create hiera data to upgrade pacemaker remote in a stepwise manner.
|
|
|
|
when:
|
|
|
|
- step|int == 1
|
|
|
|
block:
|
|
|
|
- name: set pacemaker upgrade remote node facts in a single-node environment
|
|
|
|
set_fact:
|
|
|
|
pacemaker_remote_short_node_names_upgraded: "{{ pacemaker_remote_short_node_names }}"
|
|
|
|
cacheable: no
|
|
|
|
when: groups['pacemaker_remote'] | length <= 1
|
|
|
|
- name: set pacemaker remote upgrade node facts from the limit option
|
|
|
|
set_fact:
|
|
|
|
pacemaker_remote_short_node_names_upgraded: "{{ pacemaker_remote_short_node_names_upgraded|default([]) + [item.split('.')[0]] }}"
|
|
|
|
cacheable: no
|
|
|
|
when:
|
|
|
|
- groups['pacemaker_remote'] | length > 1
|
|
|
|
- item.split('.')[0] in ansible_limit.split(':')
|
|
|
|
loop: "{{ pacemaker_remote_short_node_names | default([]) }}"
|
|
|
|
- debug:
|
|
|
|
msg: "Prepare pacemaker remote upgrade for {{ pacemaker_remote_short_node_names_upgraded }}"
|
|
|
|
- name: set pacemaker remote node ips fact from the names fact
|
|
|
|
set_fact:
|
|
|
|
# Generate matching IPs for the names, e.g. for these varaible values:
|
|
|
|
# pacemaker_node_ips: [ "1", "2", "3" ]
|
|
|
|
# pacemaker_short_node_names: [ "a", "b", "c" ]
|
|
|
|
# pacemaker_short_node_names_override: [ "b" ]
|
|
|
|
# it will set:
|
|
|
|
# pacemaker_node_ips_override: [ "2" ]
|
|
|
|
pacemaker_remote_node_ips_upgraded: "{{
|
|
|
|
dict(pacemaker_remote_short_node_names|zip(pacemaker_remote_node_ips))
|
|
|
|
| dict2items
|
|
|
|
| selectattr('key', 'in', pacemaker_remote_short_node_names_upgraded)
|
|
|
|
| map(attribute='value')
|
|
|
|
| list }}"
|
|
|
|
cacheable: no
|
|
|
|
- name: add the pacemaker remote short name to hiera data for the upgrade.
|
|
|
|
include_role:
|
|
|
|
name: tripleo_upgrade_hiera
|
|
|
|
tasks_from: set.yml
|
|
|
|
vars:
|
|
|
|
tripleo_upgrade_key: pacemaker_remote_short_node_names_override
|
|
|
|
tripleo_upgrade_value: "{{pacemaker_remote_short_node_names_upgraded}}"
|
|
|
|
- name: add the pacemaker remote ips to hiera data for the upgrade.
|
|
|
|
include_role:
|
|
|
|
name: tripleo_upgrade_hiera
|
|
|
|
tasks_from: set.yml
|
|
|
|
vars:
|
|
|
|
tripleo_upgrade_key: pacemaker_remote_node_ips_override
|
|
|
|
tripleo_upgrade_value: "{{pacemaker_remote_node_ips_upgraded}}"
|
|
|
|
post_upgrade_tasks:
|
|
|
|
- name: remove the extra hiera data needed for the upgrade.
|
|
|
|
when: step|int == 1
|
|
|
|
include_role:
|
|
|
|
name: tripleo_upgrade_hiera
|
|
|
|
tasks_from: remove.yml
|
|
|
|
vars:
|
|
|
|
tripleo_upgrade_key: "{{item}}"
|
|
|
|
loop:
|
|
|
|
- pacemaker_remote_short_node_names_override
|
|
|
|
- pacemaker_remote_node_ips_override
|