openstack/tripleo-heat-templates
Code Issues Proposed changes
14f4f239d6
tripleo-heat-templates/puppet/services/pacemaker_remote.yaml
Alex Schultz fb0e8f62fc Convert dynamic lookups to use colon notation 
With the upgrade to puppet 5, we can no longer use dots in the hieradata
key lookups. This change updates the THT for firewall_rules,
haproxy_endpoints and haproxy_userlists to use the colon notation.

Change-Id: I6f67153e04aed191acb715fe8cfa976ee2e75878
Related-Bug: #1803024
2018-11-12 21:21:49 -07:00

122 lines
3.6 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
Pacemaker remote service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
PacemakerRemoteAuthkey:
type: string
description: The authkey for the pacemaker remote service.
hidden: true
PcsdPassword:
type: string
description: The password for the 'pcsd' user for pacemaker.
hidden: true
MonitoringSubscriptionPacemakerRemote:
default: 'overcloud-pacemaker_remote'
type: string
EnableFencing:
default: false
description: Whether to enable fencing in Pacemaker or not.
type: boolean
FencingConfig:
default: {}
description: |
Pacemaker fencing configuration. The JSON should have
the following structure:
{
"devices": [
{
"agent": "AGENT_NAME",
"host_mac": "HOST_MAC_ADDRESS",
"params": {"PARAM_NAME": "PARAM_VALUE"}
}
]
}
For instance:
{
"devices": [
{
"agent": "fence_xvm",
"host_mac": "52:54:00:aa:bb:cc",
"params": {
"multicast_address": "225.0.0.12",
"port": "baremetal_0",
"manage_fw": true,
"manage_key_file": true,
"key_file": "/etc/fence_xvm.key",
"key_file_password": "abcdef"
}
}
]
}
type: json
PacemakerRemoteLoggingSource:
type: json
default:
tag: system.pacemaker_remote
path: /var/log/pacemaker.log
format: >-
/^(?<time>[^ ]*\s*[^ ]* [^ ]*)
\[(?<pid>[^ ]*)\]
(?<host>[^ ]*)
(?<message>.*)$/
outputs:
role_data:
description: Role data for the Pacemaker remote role.
value:
service_name: pacemaker_remote
monitoring_subscription: {get_param: MonitoringSubscriptionPacemakerRemote}
config_settings:
tripleo::pacemaker_remote::firewall_rules:
'130 pacemaker_remote tcp':
proto: 'tcp'
dport:
- 3121
tripleo::fencing::config: {get_param: FencingConfig}
enable_fencing: {get_param: EnableFencing}
tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey}
pacemaker::corosync::manage_fw: false
hacluster_pwd:
yaql:
expression: $.data.passwords.where($ != '').first()
data:
passwords:
- {get_param: PcsdPassword}
- {get_param: [DefaultPasswords, pcsd_password]}
service_config_settings:
fluentd:
tripleo_fluentd_groups_pacemaker_remote:
- haclient
tripleo_fluentd_sources_pacemaker_remote:
- {get_param: PacemakerRemoteLoggingSource}
step_config: |
include ::tripleo::profile::base::pacemaker_remote
View Git Blame Copy Permalink