Allow to enable fencing, pass through fencing config
Add two new parameters: EnableFencing and FencingConfig. FencingConfig is a json with an expected structure documented in the templates. It gets passed further to puppet-tripleo, which configures the fencing devices. Fencing is configured and enabled in the last step after all pacemaker resources and constraints have been created, which should be a more stable approach than the other way round. Change-Id: Ifd432bfd2443b6d13e7efa006d4120bb0eaa2554 Depends-On: I819fc8c126ec47cd207c59b3dcf92ff699649c5a Depends-On: I8b7adff6f05f864115071c51810b41efad887584
This commit is contained in:
parent
5d1738f6e3
commit
1787fbc7ca
@ -67,6 +67,10 @@ parameters:
|
|||||||
default: ''
|
default: ''
|
||||||
description: Set to True to enable debugging on all services.
|
description: Set to True to enable debugging on all services.
|
||||||
type: string
|
type: string
|
||||||
|
EnableFencing:
|
||||||
|
default: false
|
||||||
|
description: Whether to enable fencing in Pacemaker or not.
|
||||||
|
type: boolean
|
||||||
EnableGalera:
|
EnableGalera:
|
||||||
default: true
|
default: true
|
||||||
description: Whether to use Galera instead of regular MariaDB.
|
description: Whether to use Galera instead of regular MariaDB.
|
||||||
@ -117,6 +121,38 @@ parameters:
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
type: json
|
type: json
|
||||||
|
FencingConfig:
|
||||||
|
default: {}
|
||||||
|
description: |
|
||||||
|
Pacemaker fencing configuration. The JSON should have
|
||||||
|
the following structure:
|
||||||
|
{
|
||||||
|
"devices": [
|
||||||
|
{
|
||||||
|
"agent": "AGENT_NAME",
|
||||||
|
"host_mac": "HOST_MAC_ADDRESS",
|
||||||
|
"params": {"PARAM_NAME": "PARAM_VALUE"}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
For instance:
|
||||||
|
{
|
||||||
|
"devices": [
|
||||||
|
{
|
||||||
|
"agent": "fence_xvm",
|
||||||
|
"host_mac": "52:54:00:aa:bb:cc",
|
||||||
|
"params": {
|
||||||
|
"multicast_address": "225.0.0.12",
|
||||||
|
"port": "baremetal_0",
|
||||||
|
"manage_fw": true,
|
||||||
|
"manage_key_file": true,
|
||||||
|
"key_file": "/etc/fence_xvm.key",
|
||||||
|
"key_file_password": "abcdef"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
type: json
|
||||||
Flavor:
|
Flavor:
|
||||||
description: Flavor for control nodes to request when deploying.
|
description: Flavor for control nodes to request when deploying.
|
||||||
type: string
|
type: string
|
||||||
|
@ -257,6 +257,10 @@ parameters:
|
|||||||
default: 'br-ex'
|
default: 'br-ex'
|
||||||
description: Interface where virtual ip will be assigned.
|
description: Interface where virtual ip will be assigned.
|
||||||
type: string
|
type: string
|
||||||
|
EnableFencing:
|
||||||
|
default: false
|
||||||
|
description: Whether to enable fencing in Pacemaker or not.
|
||||||
|
type: boolean
|
||||||
EnableGalera:
|
EnableGalera:
|
||||||
default: true
|
default: true
|
||||||
description: Whether to use Galera instead of regular MariaDB.
|
description: Whether to use Galera instead of regular MariaDB.
|
||||||
@ -307,6 +311,38 @@ parameters:
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
type: json
|
type: json
|
||||||
|
FencingConfig:
|
||||||
|
default: {}
|
||||||
|
description: |
|
||||||
|
Pacemaker fencing configuration. The JSON should have
|
||||||
|
the following structure:
|
||||||
|
{
|
||||||
|
"devices": [
|
||||||
|
{
|
||||||
|
"agent": "AGENT_NAME",
|
||||||
|
"host_mac": "HOST_MAC_ADDRESS",
|
||||||
|
"params": {"PARAM_NAME": "PARAM_VALUE"}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
For instance:
|
||||||
|
{
|
||||||
|
"devices": [
|
||||||
|
{
|
||||||
|
"agent": "fence_xvm",
|
||||||
|
"host_mac": "52:54:00:aa:bb:cc",
|
||||||
|
"params": {
|
||||||
|
"multicast_address": "225.0.0.12",
|
||||||
|
"port": "baremetal_0",
|
||||||
|
"manage_fw": true,
|
||||||
|
"manage_key_file": true,
|
||||||
|
"key_file": "/etc/fence_xvm.key",
|
||||||
|
"key_file_password": "abcdef"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
type: json
|
||||||
GlanceLogFile:
|
GlanceLogFile:
|
||||||
description: The filepath of the file to use for logging messages from Glance.
|
description: The filepath of the file to use for logging messages from Glance.
|
||||||
type: string
|
type: string
|
||||||
@ -624,10 +660,12 @@ resources:
|
|||||||
ControlVirtualInterface: {get_param: ControlVirtualInterface}
|
ControlVirtualInterface: {get_param: ControlVirtualInterface}
|
||||||
ControllerExtraConfig: {get_param: controllerExtraConfig}
|
ControllerExtraConfig: {get_param: controllerExtraConfig}
|
||||||
Debug: {get_param: Debug}
|
Debug: {get_param: Debug}
|
||||||
|
EnableFencing: {get_param: EnableFencing}
|
||||||
EnableGalera: {get_param: EnableGalera}
|
EnableGalera: {get_param: EnableGalera}
|
||||||
EnableCephStorage: {get_param: ControllerEnableCephStorage}
|
EnableCephStorage: {get_param: ControllerEnableCephStorage}
|
||||||
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
|
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
|
||||||
ExtraConfig: {get_param: ExtraConfig}
|
ExtraConfig: {get_param: ExtraConfig}
|
||||||
|
FencingConfig: {get_param: FencingConfig}
|
||||||
Flavor: {get_param: OvercloudControlFlavor}
|
Flavor: {get_param: OvercloudControlFlavor}
|
||||||
GlancePort: {get_param: GlancePort}
|
GlancePort: {get_param: GlancePort}
|
||||||
GlanceProtocol: {get_param: GlanceProtocol}
|
GlanceProtocol: {get_param: GlanceProtocol}
|
||||||
|
@ -83,6 +83,16 @@ resources:
|
|||||||
step: 4
|
step: 4
|
||||||
update_identifier: {get_param: NodeConfigIdentifiers}
|
update_identifier: {get_param: NodeConfigIdentifiers}
|
||||||
|
|
||||||
|
ControllerOvercloudServicesDeployment_Step6:
|
||||||
|
type: OS::Heat::StructuredDeployments
|
||||||
|
depends_on: ControllerOvercloudServicesDeployment_Step5
|
||||||
|
properties:
|
||||||
|
servers: {get_param: servers}
|
||||||
|
config: {get_resource: ControllerPuppetConfig}
|
||||||
|
input_values:
|
||||||
|
step: 5
|
||||||
|
update_identifier: {get_param: NodeConfigIdentifiers}
|
||||||
|
|
||||||
# Note, this should come last, so use depends_on to ensure
|
# Note, this should come last, so use depends_on to ensure
|
||||||
# this is created after any other resources.
|
# this is created after any other resources.
|
||||||
ExtraConfig:
|
ExtraConfig:
|
||||||
|
@ -72,6 +72,10 @@ parameters:
|
|||||||
default: ''
|
default: ''
|
||||||
description: Set to True to enable debugging on all services.
|
description: Set to True to enable debugging on all services.
|
||||||
type: string
|
type: string
|
||||||
|
EnableFencing:
|
||||||
|
default: false
|
||||||
|
description: Whether to enable fencing in Pacemaker or not.
|
||||||
|
type: boolean
|
||||||
EnableGalera:
|
EnableGalera:
|
||||||
default: true
|
default: true
|
||||||
description: Whether to use Galera instead of regular MariaDB.
|
description: Whether to use Galera instead of regular MariaDB.
|
||||||
@ -122,6 +126,38 @@ parameters:
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
type: json
|
type: json
|
||||||
|
FencingConfig:
|
||||||
|
default: {}
|
||||||
|
description: |
|
||||||
|
Pacemaker fencing configuration. The JSON should have
|
||||||
|
the following structure:
|
||||||
|
{
|
||||||
|
"devices": [
|
||||||
|
{
|
||||||
|
"agent": "AGENT_NAME",
|
||||||
|
"host_mac": "HOST_MAC_ADDRESS",
|
||||||
|
"params": {"PARAM_NAME": "PARAM_VALUE"}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
For instance:
|
||||||
|
{
|
||||||
|
"devices": [
|
||||||
|
{
|
||||||
|
"agent": "fence_xvm",
|
||||||
|
"host_mac": "52:54:00:aa:bb:cc",
|
||||||
|
"params": {
|
||||||
|
"multicast_address": "225.0.0.12",
|
||||||
|
"port": "baremetal_0",
|
||||||
|
"manage_fw": true,
|
||||||
|
"manage_key_file": true,
|
||||||
|
"key_file": "/etc/fence_xvm.key",
|
||||||
|
"key_file_password": "abcdef"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
type: json
|
||||||
Flavor:
|
Flavor:
|
||||||
description: Flavor for control nodes to request when deploying.
|
description: Flavor for control nodes to request when deploying.
|
||||||
type: string
|
type: string
|
||||||
@ -634,6 +670,7 @@ resources:
|
|||||||
- - 'http://'
|
- - 'http://'
|
||||||
- {get_param: KeystonePublicApiVirtualIP}
|
- {get_param: KeystonePublicApiVirtualIP}
|
||||||
- ':5000/v2.0/'
|
- ':5000/v2.0/'
|
||||||
|
enable_fencing: {get_param: EnableFencing}
|
||||||
enable_galera: {get_param: EnableGalera}
|
enable_galera: {get_param: EnableGalera}
|
||||||
enable_ceph_storage: {get_param: EnableCephStorage}
|
enable_ceph_storage: {get_param: EnableCephStorage}
|
||||||
enable_swift_storage: {get_param: EnableSwiftStorage}
|
enable_swift_storage: {get_param: EnableSwiftStorage}
|
||||||
@ -714,6 +751,7 @@ resources:
|
|||||||
- '@'
|
- '@'
|
||||||
- {get_param: MysqlVirtualIP}
|
- {get_param: MysqlVirtualIP}
|
||||||
- '/nova'
|
- '/nova'
|
||||||
|
fencing_config: {get_param: FencingConfig}
|
||||||
pcsd_password: {get_param: PcsdPassword}
|
pcsd_password: {get_param: PcsdPassword}
|
||||||
rabbit_username: {get_param: RabbitUserName}
|
rabbit_username: {get_param: RabbitUserName}
|
||||||
rabbit_password: {get_param: RabbitPassword}
|
rabbit_password: {get_param: RabbitPassword}
|
||||||
@ -803,7 +841,9 @@ resources:
|
|||||||
bootstack_nodeid: {get_input: bootstack_nodeid}
|
bootstack_nodeid: {get_input: bootstack_nodeid}
|
||||||
|
|
||||||
# Pacemaker
|
# Pacemaker
|
||||||
|
enable_fencing: {get_input: enable_fencing}
|
||||||
hacluster_pwd: {get_input: pcsd_password}
|
hacluster_pwd: {get_input: pcsd_password}
|
||||||
|
tripleo::fencing::config: {get_input: fencing_config}
|
||||||
|
|
||||||
# Swift
|
# Swift
|
||||||
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
|
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
|
||||||
|
@ -37,6 +37,8 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) {
|
|||||||
$sync_db = false
|
$sync_db = false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$enable_fencing = str2bool(hiera('enable_fencing', 'false')) and hiera('step') >= 5
|
||||||
|
|
||||||
# When to start and enable services which haven't been Pacemakerized
|
# When to start and enable services which haven't been Pacemakerized
|
||||||
# FIXME: remove when we start all OpenStack services using Pacemaker
|
# FIXME: remove when we start all OpenStack services using Pacemaker
|
||||||
# (occurences of this variable will be gradually replaced with false)
|
# (occurences of this variable will be gradually replaced with false)
|
||||||
@ -72,7 +74,13 @@ if hiera('step') >= 1 {
|
|||||||
setup_cluster => $pacemaker_master,
|
setup_cluster => $pacemaker_master,
|
||||||
}
|
}
|
||||||
class { '::pacemaker::stonith':
|
class { '::pacemaker::stonith':
|
||||||
disable => true,
|
disable => !$enable_fencing,
|
||||||
|
}
|
||||||
|
if $enable_fencing {
|
||||||
|
include tripleo::fencing
|
||||||
|
|
||||||
|
# enable stonith after all fencing devices have been created
|
||||||
|
Class['tripleo::fencing'] -> Class['pacemaker::stonith']
|
||||||
}
|
}
|
||||||
|
|
||||||
# Only configure RabbitMQ in this step, don't start it yet to
|
# Only configure RabbitMQ in this step, don't start it yet to
|
||||||
|
Loading…
x
Reference in New Issue
Block a user