Allow to enable fencing, pass through fencing config
Add two new parameters: EnableFencing and FencingConfig. FencingConfig is a json with an expected structure documented in the templates. It gets passed further to puppet-tripleo, which configures the fencing devices. Fencing is configured and enabled in the last step after all pacemaker resources and constraints have been created, which should be a more stable approach than the other way round. Change-Id: Ifd432bfd2443b6d13e7efa006d4120bb0eaa2554 Depends-On: I819fc8c126ec47cd207c59b3dcf92ff699649c5a Depends-On: I8b7adff6f05f864115071c51810b41efad887584
This commit is contained in:
Jiri Stransky
parent
5d1738f6e3
commit
1787fbc7ca
@ -67,6 +67,10 @@ parameters:
|
||||
default: ''
|
||||
description: Set to True to enable debugging on all services.
|
||||
type: string
|
||||
EnableFencing:
|
||||
default: false
|
||||
description: Whether to enable fencing in Pacemaker or not.
|
||||
type: boolean
|
||||
EnableGalera:
|
||||
default: true
|
||||
description: Whether to use Galera instead of regular MariaDB.
|
||||
@ -117,6 +121,38 @@ parameters:
|
||||
}
|
||||
}
|
||||
type: json
|
||||
FencingConfig:
|
||||
default: {}
|
||||
description: |
|
||||
Pacemaker fencing configuration. The JSON should have
|
||||
the following structure:
|
||||
{
|
||||
"devices": [
|
||||
{
|
||||
"agent": "AGENT_NAME",
|
||||
"host_mac": "HOST_MAC_ADDRESS",
|
||||
"params": {"PARAM_NAME": "PARAM_VALUE"}
|
||||
}
|
||||
]
|
||||
}
|
||||
For instance:
|
||||
{
|
||||
"devices": [
|
||||
{
|
||||
"agent": "fence_xvm",
|
||||
"host_mac": "52:54:00:aa:bb:cc",
|
||||
"params": {
|
||||
"multicast_address": "225.0.0.12",
|
||||
"port": "baremetal_0",
|
||||
"manage_fw": true,
|
||||
"manage_key_file": true,
|
||||
"key_file": "/etc/fence_xvm.key",
|
||||
"key_file_password": "abcdef"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
type: json
|
||||
Flavor:
|
||||
description: Flavor for control nodes to request when deploying.
|
||||
type: string
|
||||
|
||||
@ -257,6 +257,10 @@ parameters:
|
||||
default: 'br-ex'
|
||||
description: Interface where virtual ip will be assigned.
|
||||
type: string
|
||||
EnableFencing:
|
||||
default: false
|
||||
description: Whether to enable fencing in Pacemaker or not.
|
||||
type: boolean
|
||||
EnableGalera:
|
||||
default: true
|
||||
description: Whether to use Galera instead of regular MariaDB.
|
||||
@ -307,6 +311,38 @@ parameters:
|
||||
}
|
||||
}
|
||||
type: json
|
||||
FencingConfig:
|
||||
default: {}
|
||||
description: |
|
||||
Pacemaker fencing configuration. The JSON should have
|
||||
the following structure:
|
||||
{
|
||||
"devices": [
|
||||
{
|
||||
"agent": "AGENT_NAME",
|
||||
"host_mac": "HOST_MAC_ADDRESS",
|
||||
"params": {"PARAM_NAME": "PARAM_VALUE"}
|
||||
}
|
||||
]
|
||||
}
|
||||
For instance:
|
||||
{
|
||||
"devices": [
|
||||
{
|
||||
"agent": "fence_xvm",
|
||||
"host_mac": "52:54:00:aa:bb:cc",
|
||||
"params": {
|
||||
"multicast_address": "225.0.0.12",
|
||||
"port": "baremetal_0",
|
||||
"manage_fw": true,
|
||||
"manage_key_file": true,
|
||||
"key_file": "/etc/fence_xvm.key",
|
||||
"key_file_password": "abcdef"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
type: json
|
||||
GlanceLogFile:
|
||||
description: The filepath of the file to use for logging messages from Glance.
|
||||
type: string
|
||||
@ -624,10 +660,12 @@ resources:
|
||||
ControlVirtualInterface: {get_param: ControlVirtualInterface}
|
||||
ControllerExtraConfig: {get_param: controllerExtraConfig}
|
||||
Debug: {get_param: Debug}
|
||||
EnableFencing: {get_param: EnableFencing}
|
||||
EnableGalera: {get_param: EnableGalera}
|
||||
EnableCephStorage: {get_param: ControllerEnableCephStorage}
|
||||
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
|
||||
ExtraConfig: {get_param: ExtraConfig}
|
||||
FencingConfig: {get_param: FencingConfig}
|
||||
Flavor: {get_param: OvercloudControlFlavor}
|
||||
GlancePort: {get_param: GlancePort}
|
||||
GlanceProtocol: {get_param: GlanceProtocol}
|
||||
|
||||
@ -83,6 +83,16 @@ resources:
|
||||
step: 4
|
||||
update_identifier: {get_param: NodeConfigIdentifiers}
|
||||
|
||||
ControllerOvercloudServicesDeployment_Step6:
|
||||
type: OS::Heat::StructuredDeployments
|
||||
depends_on: ControllerOvercloudServicesDeployment_Step5
|
||||
properties:
|
||||
servers: {get_param: servers}
|
||||
config: {get_resource: ControllerPuppetConfig}
|
||||
input_values:
|
||||
step: 5
|
||||
update_identifier: {get_param: NodeConfigIdentifiers}
|
||||
|
||||
# Note, this should come last, so use depends_on to ensure
|
||||
# this is created after any other resources.
|
||||
ExtraConfig:
|
||||
|
||||
@ -72,6 +72,10 @@ parameters:
|
||||
default: ''
|
||||
description: Set to True to enable debugging on all services.
|
||||
type: string
|
||||
EnableFencing:
|
||||
default: false
|
||||
description: Whether to enable fencing in Pacemaker or not.
|
||||
type: boolean
|
||||
EnableGalera:
|
||||
default: true
|
||||
description: Whether to use Galera instead of regular MariaDB.
|
||||
@ -122,6 +126,38 @@ parameters:
|
||||
}
|
||||
}
|
||||
type: json
|
||||
FencingConfig:
|
||||
default: {}
|
||||
description: |
|
||||
Pacemaker fencing configuration. The JSON should have
|
||||
the following structure:
|
||||
{
|
||||
"devices": [
|
||||
{
|
||||
"agent": "AGENT_NAME",
|
||||
"host_mac": "HOST_MAC_ADDRESS",
|
||||
"params": {"PARAM_NAME": "PARAM_VALUE"}
|
||||
}
|
||||
]
|
||||
}
|
||||
For instance:
|
||||
{
|
||||
"devices": [
|
||||
{
|
||||
"agent": "fence_xvm",
|
||||
"host_mac": "52:54:00:aa:bb:cc",
|
||||
"params": {
|
||||
"multicast_address": "225.0.0.12",
|
||||
"port": "baremetal_0",
|
||||
"manage_fw": true,
|
||||
"manage_key_file": true,
|
||||
"key_file": "/etc/fence_xvm.key",
|
||||
"key_file_password": "abcdef"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
type: json
|
||||
Flavor:
|
||||
description: Flavor for control nodes to request when deploying.
|
||||
type: string
|
||||
@ -634,6 +670,7 @@ resources:
|
||||
- - 'http://'
|
||||
- {get_param: KeystonePublicApiVirtualIP}
|
||||
- ':5000/v2.0/'
|
||||
enable_fencing: {get_param: EnableFencing}
|
||||
enable_galera: {get_param: EnableGalera}
|
||||
enable_ceph_storage: {get_param: EnableCephStorage}
|
||||
enable_swift_storage: {get_param: EnableSwiftStorage}
|
||||
@ -714,6 +751,7 @@ resources:
|
||||
- '@'
|
||||
- {get_param: MysqlVirtualIP}
|
||||
- '/nova'
|
||||
fencing_config: {get_param: FencingConfig}
|
||||
pcsd_password: {get_param: PcsdPassword}
|
||||
rabbit_username: {get_param: RabbitUserName}
|
||||
rabbit_password: {get_param: RabbitPassword}
|
||||
@ -803,7 +841,9 @@ resources:
|
||||
bootstack_nodeid: {get_input: bootstack_nodeid}
|
||||
|
||||
# Pacemaker
|
||||
enable_fencing: {get_input: enable_fencing}
|
||||
hacluster_pwd: {get_input: pcsd_password}
|
||||
tripleo::fencing::config: {get_input: fencing_config}
|
||||
|
||||
# Swift
|
||||
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
|
||||
|
||||
@ -37,6 +37,8 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) {
|
||||
$sync_db = false
|
||||
}
|
||||
|
||||
$enable_fencing = str2bool(hiera('enable_fencing', 'false')) and hiera('step') >= 5
|
||||
|
||||
# When to start and enable services which haven't been Pacemakerized
|
||||
# FIXME: remove when we start all OpenStack services using Pacemaker
|
||||
# (occurences of this variable will be gradually replaced with false)
|
||||
@ -72,7 +74,13 @@ if hiera('step') >= 1 {
|
||||
setup_cluster => $pacemaker_master,
|
||||
}
|
||||
class { '::pacemaker::stonith':
|
||||
disable => true,
|
||||
disable => !$enable_fencing,
|
||||
}
|
||||
if $enable_fencing {
|
||||
include tripleo::fencing
|
||||
|
||||
# enable stonith after all fencing devices have been created
|
||||
Class['tripleo::fencing'] -> Class['pacemaker::stonith']
|
||||
}
|
||||
|
||||
# Only configure RabbitMQ in this step, don't start it yet to
|
||||
|
||||
Loading…
Reference in New Issue
Block a user