openstack/tripleo-heat-templates
Code Issues Proposed changes

Allow to enable fencing, pass through fencing config

Browse Source 
Add two new parameters: EnableFencing and FencingConfig.

FencingConfig is a json with an expected structure documented in the
templates. It gets passed further to puppet-tripleo, which configures
the fencing devices.

Fencing is configured and enabled in the last step after all pacemaker
resources and constraints have been created, which should be a more
stable approach than the other way round.

Change-Id: Ifd432bfd2443b6d13e7efa006d4120bb0eaa2554
Depends-On: I819fc8c126ec47cd207c59b3dcf92ff699649c5a
Depends-On: I8b7adff6f05f864115071c51810b41efad887584
This commit is contained in:
Jiri Stransky 2015-06-04 16:20:52 +02:00
parent 5d1738f6e3
commit 1787fbc7ca
5 changed files with 133 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
controller.yaml
View File

@ -67,6 +67,10 @@ parameters:
default: '' default: ''
description: Set to True to enable debugging on all services. description: Set to True to enable debugging on all services.
type: string type: string
EnableFencing:
default: false
description: Whether to enable fencing in Pacemaker or not.
type: boolean
EnableGalera: EnableGalera:
default: true default: true
description: Whether to use Galera instead of regular MariaDB. description: Whether to use Galera instead of regular MariaDB.
@ -117,6 +121,38 @@ parameters:
} }
} }
type: json type: json
FencingConfig:
default: {}
description: |
Pacemaker fencing configuration. The JSON should have
the following structure:
{
"devices": [
{
"agent": "AGENT_NAME",
"host_mac": "HOST_MAC_ADDRESS",
"params": {"PARAM_NAME": "PARAM_VALUE"}
}
]
}
For instance:
{
"devices": [
{
"agent": "fence_xvm",
"host_mac": "52:54:00:aa:bb:cc",
"params": {
"multicast_address": "225.0.0.12",
"port": "baremetal_0",
"manage_fw": true,
"manage_key_file": true,
"key_file": "/etc/fence_xvm.key",
"key_file_password": "abcdef"
}
}
]
}
type: json
Flavor: Flavor:
description: Flavor for control nodes to request when deploying. description: Flavor for control nodes to request when deploying.
type: string type: string

38
overcloud-without-mergepy.yaml
View File

@ -257,6 +257,10 @@ parameters:
default: 'br-ex' default: 'br-ex'
description: Interface where virtual ip will be assigned. description: Interface where virtual ip will be assigned.
type: string type: string
EnableFencing:
default: false
description: Whether to enable fencing in Pacemaker or not.
type: boolean
EnableGalera: EnableGalera:
default: true default: true
description: Whether to use Galera instead of regular MariaDB. description: Whether to use Galera instead of regular MariaDB.
@ -307,6 +311,38 @@ parameters:
} }
} }
type: json type: json
FencingConfig:
default: {}
description: |
Pacemaker fencing configuration. The JSON should have
the following structure:
{
"devices": [
{
"agent": "AGENT_NAME",
"host_mac": "HOST_MAC_ADDRESS",
"params": {"PARAM_NAME": "PARAM_VALUE"}
}
]
}
For instance:
{
"devices": [
{
"agent": "fence_xvm",
"host_mac": "52:54:00:aa:bb:cc",
"params": {
"multicast_address": "225.0.0.12",
"port": "baremetal_0",
"manage_fw": true,
"manage_key_file": true,
"key_file": "/etc/fence_xvm.key",
"key_file_password": "abcdef"
}
}
]
}
type: json
GlanceLogFile: GlanceLogFile:
description: The filepath of the file to use for logging messages from Glance. description: The filepath of the file to use for logging messages from Glance.
type: string type: string
@ -624,10 +660,12 @@ resources:
ControlVirtualInterface: {get_param: ControlVirtualInterface} ControlVirtualInterface: {get_param: ControlVirtualInterface}
ControllerExtraConfig: {get_param: controllerExtraConfig} ControllerExtraConfig: {get_param: controllerExtraConfig}
Debug: {get_param: Debug} Debug: {get_param: Debug}
EnableFencing: {get_param: EnableFencing}
EnableGalera: {get_param: EnableGalera} EnableGalera: {get_param: EnableGalera}
EnableCephStorage: {get_param: ControllerEnableCephStorage} EnableCephStorage: {get_param: ControllerEnableCephStorage}
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage} EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
ExtraConfig: {get_param: ExtraConfig} ExtraConfig: {get_param: ExtraConfig}
FencingConfig: {get_param: FencingConfig}
Flavor: {get_param: OvercloudControlFlavor} Flavor: {get_param: OvercloudControlFlavor}
GlancePort: {get_param: GlancePort} GlancePort: {get_param: GlancePort}
GlanceProtocol: {get_param: GlanceProtocol} GlanceProtocol: {get_param: GlanceProtocol}

10
puppet/controller-post-puppet.yaml
View File

@ -83,6 +83,16 @@ resources:
step: 4 step: 4
update_identifier: {get_param: NodeConfigIdentifiers} update_identifier: {get_param: NodeConfigIdentifiers}
ControllerOvercloudServicesDeployment_Step6:
type: OS::Heat::StructuredDeployments
depends_on: ControllerOvercloudServicesDeployment_Step5
properties:
servers: {get_param: servers}
config: {get_resource: ControllerPuppetConfig}
input_values:
step: 5
update_identifier: {get_param: NodeConfigIdentifiers}
# Note, this should come last, so use depends_on to ensure # Note, this should come last, so use depends_on to ensure
# this is created after any other resources. # this is created after any other resources.
ExtraConfig: ExtraConfig:

40
puppet/controller-puppet.yaml
View File

@ -72,6 +72,10 @@ parameters:
default: '' default: ''
description: Set to True to enable debugging on all services. description: Set to True to enable debugging on all services.
type: string type: string
EnableFencing:
default: false
description: Whether to enable fencing in Pacemaker or not.
type: boolean
EnableGalera: EnableGalera:
default: true default: true
description: Whether to use Galera instead of regular MariaDB. description: Whether to use Galera instead of regular MariaDB.
@ -122,6 +126,38 @@ parameters:
} }
} }
type: json type: json
FencingConfig:
default: {}
description: |
Pacemaker fencing configuration. The JSON should have
the following structure:
{
"devices": [
{
"agent": "AGENT_NAME",
"host_mac": "HOST_MAC_ADDRESS",
"params": {"PARAM_NAME": "PARAM_VALUE"}
}
]
}
For instance:
{
"devices": [
{
"agent": "fence_xvm",
"host_mac": "52:54:00:aa:bb:cc",
"params": {
"multicast_address": "225.0.0.12",
"port": "baremetal_0",
"manage_fw": true,
"manage_key_file": true,
"key_file": "/etc/fence_xvm.key",
"key_file_password": "abcdef"
}
}
]
}
type: json
Flavor: Flavor:
description: Flavor for control nodes to request when deploying. description: Flavor for control nodes to request when deploying.
type: string type: string
@ -634,6 +670,7 @@ resources:
- - 'http://' - - 'http://'
- {get_param: KeystonePublicApiVirtualIP} - {get_param: KeystonePublicApiVirtualIP}
- ':5000/v2.0/' - ':5000/v2.0/'
enable_fencing: {get_param: EnableFencing}
enable_galera: {get_param: EnableGalera} enable_galera: {get_param: EnableGalera}
enable_ceph_storage: {get_param: EnableCephStorage} enable_ceph_storage: {get_param: EnableCephStorage}
enable_swift_storage: {get_param: EnableSwiftStorage} enable_swift_storage: {get_param: EnableSwiftStorage}
@ -714,6 +751,7 @@ resources:
- '@' - '@'
- {get_param: MysqlVirtualIP} - {get_param: MysqlVirtualIP}
- '/nova' - '/nova'
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword} pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName} rabbit_username: {get_param: RabbitUserName}
rabbit_password: {get_param: RabbitPassword} rabbit_password: {get_param: RabbitPassword}
@ -803,7 +841,9 @@ resources:
bootstack_nodeid: {get_input: bootstack_nodeid} bootstack_nodeid: {get_input: bootstack_nodeid}
# Pacemaker # Pacemaker
enable_fencing: {get_input: enable_fencing}
hacluster_pwd: {get_input: pcsd_password} hacluster_pwd: {get_input: pcsd_password}
tripleo::fencing::config: {get_input: fencing_config}
# Swift # Swift
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network} swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}

10
puppet/manifests/overcloud_controller_pacemaker.pp
View File

@ -37,6 +37,8 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) {
$sync_db = false $sync_db = false
} }
$enable_fencing = str2bool(hiera('enable_fencing', 'false')) and hiera('step') >= 5
# When to start and enable services which haven't been Pacemakerized # When to start and enable services which haven't been Pacemakerized
# FIXME: remove when we start all OpenStack services using Pacemaker # FIXME: remove when we start all OpenStack services using Pacemaker
# (occurences of this variable will be gradually replaced with false) # (occurences of this variable will be gradually replaced with false)
@ -72,7 +74,13 @@ if hiera('step') >= 1 {
setup_cluster => $pacemaker_master, setup_cluster => $pacemaker_master,
} }
class { '::pacemaker::stonith': class { '::pacemaker::stonith':
disable => true, disable => !$enable_fencing,
}
if $enable_fencing {
include tripleo::fencing
# enable stonith after all fencing devices have been created
Class['tripleo::fencing'] -> Class['pacemaker::stonith']
} }
# Only configure RabbitMQ in this step, don't start it yet to # Only configure RabbitMQ in this step, don't start it yet to