1 # Copyright 2015 Red Hat, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
21 # TODO(jistr): use pcs resource provider instead of just no-ops
23 tag == 'aodh-service' or
24 tag == 'cinder-service' or
25 tag == 'ceilometer-service' or
26 tag == 'glance-service' or
27 tag == 'gnocchi-service' or
28 tag == 'heat-service' or
29 tag == 'keystone-service' or
30 tag == 'neutron-service' or
31 tag == 'nova-service' or
32 tag == 'sahara-service'
35 restart => '/bin/true',
40 include ::tripleo::packages
41 include ::tripleo::firewall
43 if $::hostname == downcase(hiera('bootstrap_nodeid')) {
44 $pacemaker_master = true
47 $pacemaker_master = false
51 $enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 6
52 $enable_load_balancer = hiera('enable_load_balancer', true)
54 # When to start and enable services which haven't been Pacemakerized
55 # FIXME: remove when we start all OpenStack services using Pacemaker
56 # (occurrences of this variable will be gradually replaced with false)
57 $non_pcmk_start = hiera('step') >= 5
59 if hiera('step') >= 1 {
61 create_resources(kmod::load, hiera('kernel_modules'), {})
62 create_resources(sysctl::value, hiera('sysctl_settings'), {})
63 Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
67 if count(hiera('ntp::servers')) > 0 {
71 $controller_node_ips = split(hiera('controller_node_ips'), ',')
72 $controller_node_names = split(downcase(hiera('controller_node_names')), ',')
73 if $enable_load_balancer {
74 class { '::tripleo::loadbalancer' :
75 controller_hosts => $controller_node_ips,
76 controller_hosts_names => $controller_node_names,
78 mysql_clustercheck => true,
79 haproxy_service_manage => false,
83 $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G'))
84 $corosync_ipv6 = str2bool(hiera('corosync_ipv6', false))
86 $cluster_setup_extras = { '--token' => hiera('corosync_token_timeout', 1000), '--ipv6' => '' }
88 $cluster_setup_extras = { '--token' => hiera('corosync_token_timeout', 1000) }
90 class { '::pacemaker':
91 hacluster_pwd => hiera('hacluster_pwd'),
93 class { '::pacemaker::corosync':
94 cluster_members => $pacemaker_cluster_members,
95 setup_cluster => $pacemaker_master,
96 cluster_setup_extras => $cluster_setup_extras,
98 class { '::pacemaker::stonith':
99 disable => !$enable_fencing,
102 include ::tripleo::fencing
104 # enable stonith after all fencing devices have been created
105 Class['tripleo::fencing'] -> Class['pacemaker::stonith']
108 # FIXME(gfidente): sets 200secs as default start timeout op
109 # param; until we can use pcmk global defaults we'll still
110 # need to add it to every resource which redefines op params
111 Pacemaker::Resource::Service {
112 op_params => 'start timeout=200s stop timeout=200s',
115 # Only configure RabbitMQ in this step, don't start it yet to
116 # avoid races where non-master nodes attempt to start without
117 # config (eg. binding on 0.0.0.0)
118 # The module ignores erlang_cookie if cluster_config is false
119 $rabbit_ipv6 = str2bool(hiera('rabbit_ipv6', false))
121 $rabbit_env = merge(hiera('rabbitmq_environment'), {
122 'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"'
125 $rabbit_env = hiera('rabbitmq_environment')
128 class { '::rabbitmq':
129 service_manage => false,
130 tcp_keepalive => false,
131 config_kernel_variables => hiera('rabbitmq_kernel_variables'),
132 config_variables => hiera('rabbitmq_config_variables'),
133 environment_variables => $rabbit_env,
135 file { '/var/lib/rabbitmq/.erlang.cookie':
140 content => hiera('rabbitmq::erlang_cookie'),
144 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
145 include ::mongodb::globals
146 include ::mongodb::client
147 class { '::mongodb::server' :
148 service_manage => false,
153 class {'::memcached' :
154 service_manage => false,
159 service_manage => false,
160 notify_service => false,
164 if str2bool(hiera('enable_galera', true)) {
165 $mysql_config_file = '/etc/my.cnf.d/galera.cnf'
167 $mysql_config_file = '/etc/my.cnf.d/server.cnf'
169 $galera_nodes = downcase(hiera('galera_node_names', $::hostname))
170 $galera_nodes_count = count(split($galera_nodes, ','))
172 # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we
173 # set bind-address to a hostname instead of an ip address; to move Mysql
174 # from internal_api on another network we'll have to customize both
175 # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap
176 $mysql_bind_host = hiera('mysql_bind_host')
179 'skip-name-resolve' => '1',
180 'binlog_format' => 'ROW',
181 'default-storage-engine' => 'innodb',
182 'innodb_autoinc_lock_mode' => '2',
183 'innodb_locks_unsafe_for_binlog'=> '1',
184 'query_cache_size' => '0',
185 'query_cache_type' => '0',
186 'bind-address' => $::hostname,
187 'max_connections' => hiera('mysql_max_connections'),
188 'open_files_limit' => '-1',
190 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so',
191 'wsrep_cluster_name' => 'galera_cluster',
192 'wsrep_cluster_address' => "gcomm://${galera_nodes}",
193 'wsrep_slave_threads' => '1',
194 'wsrep_certify_nonPK' => '1',
195 'wsrep_max_ws_rows' => '131072',
196 'wsrep_max_ws_size' => '1073741824',
197 'wsrep_debug' => '0',
198 'wsrep_convert_LOCK_to_trx' => '0',
199 'wsrep_retry_autocommit' => '1',
200 'wsrep_auto_increment_control' => '1',
201 'wsrep_drupal_282555_workaround'=> '0',
202 'wsrep_causal_reads' => '0',
203 'wsrep_sst_method' => 'rsync',
204 'wsrep_provider_options' => "gmcast.listen_addr=tcp://[${mysql_bind_host}]:4567;",
208 class { '::mysql::server':
209 create_root_user => false,
210 create_root_my_cnf => false,
211 config_file => $mysql_config_file,
212 override_options => $mysqld_options,
213 remove_default_accounts => $pacemaker_master,
214 service_manage => false,
215 service_enabled => false,
220 if hiera('step') >= 2 {
222 # NOTE(gfidente): the following vars are needed on all nodes so they
223 # need to stay out of pacemaker_master conditional.
224 # The addresses mangling will hopefully go away when we'll be able to
225 # configure the connection string via hostnames, until then, we need to pass
226 # the list of IPv6 addresses *with* port and without the brackets as 'members'
227 # argument for the 'mongodb_replset' resource.
228 if str2bool(hiera('mongodb::server::ipv6', false)) {
229 $mongo_node_ips_with_port_prefixed = prefix(hiera('mongo_node_ips'), '[')
230 $mongo_node_ips_with_port = suffix($mongo_node_ips_with_port_prefixed, ']:27017')
231 $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
233 $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
234 $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
236 $mongodb_replset = hiera('mongodb::server::replset')
238 if $pacemaker_master {
240 if $enable_load_balancer {
242 include ::pacemaker::resource_defaults
244 # Create an openstack-core dummy resource. See RHBZ 1290121
245 pacemaker::resource::ocf { 'openstack-core':
246 ocf_agent_name => 'heartbeat:Dummy',
247 clone_params => true,
249 # FIXME: we should not have to access tripleo::loadbalancer class
250 # parameters here to configure pacemaker VIPs. The configuration
251 # of pacemaker VIPs could move into puppet-tripleo or we should
252 # make use of less specific hiera parameters here for the settings.
253 pacemaker::resource::service { 'haproxy':
254 clone_params => true,
257 $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip')
258 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_control_vip':
259 vip_name => 'control',
260 ip_address => $control_vip,
263 $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip')
264 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_public_vip':
265 ensure => $public_vip and $public_vip != $control_vip,
266 vip_name => 'public',
267 ip_address => $public_vip,
270 $redis_vip = hiera('redis_vip')
271 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_redis_vip':
272 ensure => $redis_vip and $redis_vip != $control_vip,
274 ip_address => $redis_vip,
278 $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip')
279 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_internal_api_vip':
280 ensure => $internal_api_vip and $internal_api_vip != $control_vip,
281 vip_name => 'internal_api',
282 ip_address => $internal_api_vip,
285 $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip')
286 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_vip':
287 ensure => $storage_vip and $storage_vip != $control_vip,
288 vip_name => 'storage',
289 ip_address => $storage_vip,
292 $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip')
293 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_mgmt_vip':
294 ensure => $storage_mgmt_vip and $storage_mgmt_vip != $control_vip,
295 vip_name => 'storage_mgmt',
296 ip_address => $storage_mgmt_vip,
300 pacemaker::resource::service { $::memcached::params::service_name :
301 clone_params => 'interleave=true',
302 require => Class['::memcached'],
305 pacemaker::resource::ocf { 'rabbitmq':
306 ocf_agent_name => 'heartbeat:rabbitmq-cluster',
307 resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'',
308 clone_params => 'ordered=true interleave=true',
309 meta_params => 'notify=true',
310 require => Class['::rabbitmq'],
313 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
314 pacemaker::resource::service { $::mongodb::params::service_name :
315 op_params => 'start timeout=370s stop timeout=200s',
316 clone_params => true,
317 require => Class['::mongodb::server'],
319 # NOTE (spredzy) : The replset can only be run
320 # once all the nodes have joined the cluster.
321 mongodb_conn_validator { $mongo_node_ips_with_port :
323 require => Pacemaker::Resource::Service[$::mongodb::params::service_name],
324 before => Mongodb_replset[$mongodb_replset],
326 mongodb_replset { $mongodb_replset :
327 members => $mongo_node_ips_with_port_nobr,
331 pacemaker::resource::ocf { 'galera' :
332 ocf_agent_name => 'heartbeat:galera',
333 op_params => 'promote timeout=300s on-fail=block',
335 meta_params => "master-max=${galera_nodes_count} ordered=true",
336 resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'",
337 require => Class['::mysql::server'],
338 before => Exec['galera-ready'],
341 pacemaker::resource::ocf { 'redis':
342 ocf_agent_name => 'heartbeat:redis',
344 meta_params => 'notify=true ordered=true interleave=true',
345 resource_params => 'wait_last_known_master=true',
346 require => Class['::redis'],
351 exec { 'galera-ready' :
352 command => '/usr/bin/clustercheck >/dev/null',
356 environment => ['AVAILABLE_WHEN_READONLY=0'],
357 require => File['/etc/sysconfig/clustercheck'],
360 file { '/etc/sysconfig/clustercheck' :
362 content => "MYSQL_USERNAME=root\n
364 MYSQL_HOST=localhost\n",
367 xinetd::service { 'galera-monitor' :
369 server => '/usr/bin/clustercheck',
370 per_source => 'UNLIMITED',
371 log_on_success => '',
372 log_on_failure => 'HOST',
374 service_type => 'UNLISTED',
377 require => File['/etc/sysconfig/clustercheck'],
380 # Create all the database schemas
382 class { '::keystone::db::mysql':
383 require => Exec['galera-ready'],
385 class { '::glance::db::mysql':
386 require => Exec['galera-ready'],
388 class { '::nova::db::mysql':
389 require => Exec['galera-ready'],
391 class { '::nova::db::mysql_api':
392 require => Exec['galera-ready'],
394 class { '::neutron::db::mysql':
395 require => Exec['galera-ready'],
397 class { '::cinder::db::mysql':
398 require => Exec['galera-ready'],
400 class { '::heat::db::mysql':
401 require => Exec['galera-ready'],
404 if downcase(hiera('ceilometer_backend')) == 'mysql' {
405 class { '::ceilometer::db::mysql':
406 require => Exec['galera-ready'],
410 if downcase(hiera('gnocchi_indexer_backend')) == 'mysql' {
411 class { '::gnocchi::db::mysql':
412 require => Exec['galera-ready'],
415 class { '::sahara::db::mysql':
416 require => Exec['galera-ready'],
420 # pre-install swift here so we can build rings
424 $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
427 $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
428 if str2bool(hiera('ceph_ipv6', false)) {
429 $mon_host = hiera('ceph_mon_host_v6')
431 $mon_host = hiera('ceph_mon_host')
433 class { '::ceph::profile::params':
434 mon_initial_members => $mon_initial_members,
435 mon_host => $mon_host,
438 include ::ceph::profile::mon
441 if str2bool(hiera('enable_ceph_storage', false)) {
442 if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
443 exec { 'set selinux to permissive on boot':
444 command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
445 onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
446 path => ['/usr/bin', '/usr/sbin'],
449 exec { 'set selinux to permissive':
450 command => 'setenforce 0',
451 onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
452 path => ['/usr/bin', '/usr/sbin'],
453 } -> Class['ceph::profile::osd']
457 include ::ceph::profile::osd
460 if str2bool(hiera('enable_external_ceph', false)) {
461 if str2bool(hiera('ceph_ipv6', false)) {
462 $mon_host = hiera('ceph_mon_host_v6')
464 $mon_host = hiera('ceph_mon_host')
466 class { '::ceph::profile::params':
467 mon_host => $mon_host,
470 include ::ceph::profile::client
476 if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) {
478 $nova_ipv6 = hiera('nova::use_ipv6', false)
480 $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211')
482 $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211')
486 memcached_servers => $memcached_servers
489 include ::nova::config
491 class { '::nova::api' :
493 sync_db_api => $sync_db,
494 manage_service => false,
497 class { '::nova::cert' :
498 manage_service => false,
501 class { '::nova::conductor' :
502 manage_service => false,
505 class { '::nova::consoleauth' :
506 manage_service => false,
509 class { '::nova::vncproxy' :
510 manage_service => false,
513 include ::nova::scheduler::filter
514 class { '::nova::scheduler' :
515 manage_service => false,
518 include ::nova::network::neutron
520 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
522 # TODO(devvesa) provide non-controller ips for these services
523 $zookeeper_node_ips = hiera('neutron_api_node_ips')
524 $cassandra_node_ips = hiera('neutron_api_node_ips')
526 # Run zookeeper in the controller if configured
527 if hiera('enable_zookeeper_on_controller') {
528 class {'::tripleo::cluster::zookeeper':
529 zookeeper_server_ips => $zookeeper_node_ips,
530 # TODO: create a 'bind' hiera key for zookeeper
531 zookeeper_client_ip => hiera('neutron::bind_host'),
532 zookeeper_hostnames => split(hiera('controller_node_names'), ',')
536 # Run cassandra in the controller if configured
537 if hiera('enable_cassandra_on_controller') {
538 class {'::tripleo::cluster::cassandra':
539 cassandra_servers => $cassandra_node_ips,
540 # TODO: create a 'bind' hiera key for cassandra
541 cassandra_ip => hiera('neutron::bind_host'),
545 class {'::tripleo::network::midonet::agent':
546 zookeeper_servers => $zookeeper_node_ips,
547 cassandra_seeds => $cassandra_node_ips
550 class {'::tripleo::network::midonet::api':
551 zookeeper_servers => $zookeeper_node_ips,
552 vip => hiera('tripleo::loadbalancer::public_virtual_ip'),
553 keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
554 keystone_admin_token => hiera('keystone::admin_token'),
555 # TODO: create a 'bind' hiera key for api
556 bind_address => hiera('neutron::bind_host'),
557 admin_password => hiera('admin_password')
562 service_plugins => []
567 # Neutron class definitions
571 include ::neutron::config
572 class { '::neutron::server' :
574 manage_service => false,
577 include ::neutron::server::notifications
578 if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
579 include ::neutron::plugins::nuage
581 if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
582 include ::neutron::plugins::opencontrail
584 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
585 class {'::neutron::plugins::midonet':
586 midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
587 keystone_tenant => hiera('neutron::server::auth_tenant'),
588 keystone_password => hiera('neutron::server::auth_password')
591 if hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
592 class { '::neutron::plugins::plumgrid' :
593 connection => hiera('neutron::server::database_connection'),
594 controller_priv_host => hiera('keystone_admin_api_vip'),
595 admin_password => hiera('admin_password'),
596 metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'),
599 if hiera('neutron::enable_dhcp_agent',true) {
600 class { '::neutron::agents::dhcp' :
601 manage_service => false,
604 file { '/etc/neutron/dnsmasq-neutron.conf':
605 content => hiera('neutron_dnsmasq_options'),
608 notify => Service['neutron-dhcp-service'],
609 require => Package['neutron'],
612 if hiera('neutron::enable_l3_agent',true) {
613 class { '::neutron::agents::l3' :
614 manage_service => false,
618 if hiera('neutron::enable_metadata_agent',true) {
619 class { '::neutron::agents::metadata':
620 manage_service => false,
624 include ::neutron::plugins::ml2
625 class { '::neutron::agents::ml2::ovs':
626 manage_service => false,
630 if 'cisco_ucsm' in hiera('neutron::plugins::ml2::mechanism_drivers') {
631 include ::neutron::plugins::ml2::cisco::ucsm
633 if 'cisco_nexus' in hiera('neutron::plugins::ml2::mechanism_drivers') {
634 include ::neutron::plugins::ml2::cisco::nexus
635 include ::neutron::plugins::ml2::cisco::type_nexus_vxlan
637 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
638 include ::neutron::plugins::ml2::cisco::nexus1000v
640 class { '::neutron::agents::n1kv_vem':
641 n1kv_source => hiera('n1kv_vem_source', undef),
642 n1kv_version => hiera('n1kv_vem_version', undef),
646 n1kv_source => hiera('n1kv_vsm_source', undef),
647 n1kv_version => hiera('n1kv_vsm_version', undef),
651 if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') {
652 include ::neutron::plugins::ml2::bigswitch::restproxy
653 include ::neutron::agents::bigswitch
655 neutron_l3_agent_config {
656 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
658 neutron_dhcp_agent_config {
659 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
662 'DEFAULT/notification_driver': value => 'messaging';
666 include ::cinder::config
667 include ::tripleo::ssl::cinder_config
668 class { '::cinder::api':
670 manage_service => false,
673 class { '::cinder::scheduler' :
674 manage_service => false,
677 class { '::cinder::volume' :
678 manage_service => false,
681 include ::cinder::glance
682 include ::cinder::ceilometer
683 class { '::cinder::setup_test_volume':
684 size => join([hiera('cinder_lvm_loop_device_size'), 'M']),
687 $cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true)
688 if $cinder_enable_iscsi {
689 $cinder_iscsi_backend = 'tripleo_iscsi'
691 cinder::backend::iscsi { $cinder_iscsi_backend :
692 iscsi_ip_address => hiera('cinder_iscsi_ip_address'),
693 iscsi_helper => hiera('cinder_iscsi_helper'),
699 $ceph_pools = hiera('ceph_pools')
700 ceph::pool { $ceph_pools :
701 pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
702 pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
703 size => hiera('ceph::profile::params::osd_pool_default_size'),
706 $cinder_pool_requires = [Ceph::Pool[hiera('cinder_rbd_pool_name')]]
709 $cinder_pool_requires = []
712 if hiera('cinder_enable_rbd_backend', false) {
713 $cinder_rbd_backend = 'tripleo_ceph'
715 cinder::backend::rbd { $cinder_rbd_backend :
716 backend_host => hiera('cinder::host'),
717 rbd_pool => hiera('cinder_rbd_pool_name'),
718 rbd_user => hiera('ceph_client_user_name'),
719 rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
720 require => $cinder_pool_requires,
724 if hiera('cinder_enable_eqlx_backend', false) {
725 $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name')
727 cinder::backend::eqlx { $cinder_eqlx_backend :
728 volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef),
729 san_ip => hiera('cinder::backend::eqlx::san_ip', undef),
730 san_login => hiera('cinder::backend::eqlx::san_login', undef),
731 san_password => hiera('cinder::backend::eqlx::san_password', undef),
732 san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef),
733 eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef),
734 eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef),
735 eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef),
736 eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef),
737 eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef),
741 if hiera('cinder_enable_dellsc_backend', false) {
742 $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name')
744 cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend :
745 volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef),
746 san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef),
747 san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef),
748 san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef),
749 dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef),
750 iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef),
751 iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef),
752 dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef),
753 dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef),
754 dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef),
758 if hiera('cinder_enable_netapp_backend', false) {
759 $cinder_netapp_backend = hiera('cinder::backend::netapp::title')
761 if hiera('cinder::backend::netapp::nfs_shares', undef) {
762 $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',')
765 cinder::backend::netapp { $cinder_netapp_backend :
766 netapp_login => hiera('cinder::backend::netapp::netapp_login', undef),
767 netapp_password => hiera('cinder::backend::netapp::netapp_password', undef),
768 netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef),
769 netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef),
770 netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef),
771 netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef),
772 netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef),
773 netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef),
774 netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef),
775 netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef),
776 netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef),
777 netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef),
778 nfs_shares => $cinder_netapp_nfs_shares,
779 nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef),
780 netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef),
781 netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef),
782 netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef),
783 netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef),
784 netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef),
785 netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef),
789 if hiera('cinder_enable_nfs_backend', false) {
790 $cinder_nfs_backend = 'tripleo_nfs'
792 if str2bool($::selinux) {
793 selboolean { 'virt_use_nfs':
796 } -> Package['nfs-utils']
799 package { 'nfs-utils': } ->
800 cinder::backend::nfs { $cinder_nfs_backend:
801 nfs_servers => hiera('cinder_nfs_servers'),
802 nfs_mount_options => hiera('cinder_nfs_mount_options',''),
803 nfs_shares_config => '/etc/cinder/shares-nfs.conf',
807 $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_eqlx_backend, $cinder_dellsc_backend, $cinder_netapp_backend, $cinder_nfs_backend])
808 class { '::cinder::backends' :
809 enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')),
815 class { '::sahara::service::api':
816 manage_service => false,
819 class { '::sahara::service::engine':
820 manage_service => false,
825 class { '::swift::proxy' :
826 manage_service => $non_pcmk_start,
827 enabled => $non_pcmk_start,
829 include ::swift::proxy::proxy_logging
830 include ::swift::proxy::healthcheck
831 include ::swift::proxy::cache
832 include ::swift::proxy::keystone
833 include ::swift::proxy::authtoken
834 include ::swift::proxy::staticweb
835 include ::swift::proxy::ratelimit
836 include ::swift::proxy::catch_errors
837 include ::swift::proxy::tempurl
838 include ::swift::proxy::formpost
841 if str2bool(hiera('enable_swift_storage', true)) {
842 class {'::swift::storage::all':
843 mount_check => str2bool(hiera('swift_mount_check')),
845 class {'::swift::storage::account':
846 manage_service => $non_pcmk_start,
847 enabled => $non_pcmk_start,
849 class {'::swift::storage::container':
850 manage_service => $non_pcmk_start,
851 enabled => $non_pcmk_start,
853 class {'::swift::storage::object':
854 manage_service => $non_pcmk_start,
855 enabled => $non_pcmk_start,
857 if(!defined(File['/srv/node'])) {
862 require => Package['openstack-swift'],
865 $swift_components = ['account', 'container', 'object']
866 swift::storage::filter::recon { $swift_components : }
867 swift::storage::filter::healthcheck { $swift_components : }
871 case downcase(hiera('ceilometer_backend')) {
873 $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
876 $mongo_node_string = join($mongo_node_ips_with_port, ',')
877 $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
881 include ::ceilometer::config
882 class { '::ceilometer::api' :
883 manage_service => false,
886 class { '::ceilometer::agent::notification' :
887 manage_service => false,
890 class { '::ceilometer::agent::central' :
891 manage_service => false,
894 class { '::ceilometer::collector' :
895 manage_service => false,
898 include ::ceilometer::expirer
899 class { '::ceilometer::db' :
900 database_connection => $ceilometer_database_connection,
903 include ::ceilometer::agent::auth
904 include ::ceilometer::dispatcher::gnocchi
906 Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
909 include ::heat::config
912 notification_driver => 'messaging',
914 class { '::heat::api' :
915 manage_service => false,
918 class { '::heat::api_cfn' :
919 manage_service => false,
922 class { '::heat::api_cloudwatch' :
923 manage_service => false,
926 class { '::heat::engine' :
927 manage_service => false,
931 # httpd/apache and horizon
932 # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent
934 service_enable => false,
935 # service_manage => false, # <-- not supported with horizon&apache mod_wsgi?
937 include ::apache::mod::remoteip
938 include ::apache::mod::status
939 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
940 $_profile_support = 'cisco'
942 $_profile_support = 'None'
944 $neutron_options = {'profile_support' => $_profile_support }
946 $memcached_ipv6 = hiera('memcached_ipv6', false)
948 $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
950 $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
954 cache_server_ip => $horizon_memcached_servers,
955 neutron_options => $neutron_options,
960 database_connection => $ceilometer_database_connection,
962 include ::aodh::config
964 include ::aodh::client
965 include ::aodh::wsgi::apache
966 class { '::aodh::api':
967 manage_service => false,
969 service_name => 'httpd',
971 class { '::aodh::evaluator':
972 manage_service => false,
975 class { '::aodh::notifier':
976 manage_service => false,
979 class { '::aodh::listener':
980 manage_service => false,
985 $gnocchi_database_connection = hiera('gnocchi_mysql_conn_string')
986 include ::gnocchi::client
988 include ::gnocchi::db::sync
990 include ::gnocchi::storage
991 $gnocchi_backend = downcase(hiera('gnocchi_backend', 'swift'))
992 case $gnocchi_backend {
993 'swift': { include ::gnocchi::storage::swift }
994 'file': { include ::gnocchi::storage::file }
995 'rbd': { include ::gnocchi::storage::ceph }
996 default: { fail('Unrecognized gnocchi_backend parameter.') }
999 database_connection => $gnocchi_database_connection,
1001 class { '::gnocchi::api' :
1002 manage_service => false,
1004 service_name => 'httpd',
1006 class { '::gnocchi::wsgi::apache' :
1009 class { '::gnocchi::metricd' :
1010 manage_service => false,
1013 class { '::gnocchi::statsd' :
1014 manage_service => false,
1018 $snmpd_user = hiera('snmpd_readonly_user_name')
1019 snmp::snmpv3_user { $snmpd_user:
1021 authpass => hiera('snmpd_readonly_user_password'),
1024 agentaddress => ['udp:161','udp6:[::1]:161'],
1025 snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
1028 hiera_include('controller_classes')
1032 if hiera('step') >= 5 {
1033 $nova_enable_db_purge = hiera('nova_enable_db_purge', true)
1034 $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true)
1035 $heat_enable_db_purge = hiera('heat_enable_db_purge', true)
1037 if $nova_enable_db_purge {
1038 include ::nova::cron::archive_deleted_rows
1040 if $cinder_enable_db_purge {
1041 include ::cinder::cron::db_purge
1043 if $heat_enable_db_purge {
1044 include ::heat::cron::purge_deleted
1047 if $pacemaker_master {
1049 pacemaker::constraint::base { 'openstack-core-then-httpd-constraint':
1050 constraint_type => 'order',
1051 first_resource => 'openstack-core-clone',
1052 second_resource => "${::apache::params::service_name}-clone",
1053 first_action => 'start',
1054 second_action => 'start',
1055 require => [Pacemaker::Resource::Service[$::apache::params::service_name],
1056 Pacemaker::Resource::Ocf['openstack-core']],
1058 pacemaker::constraint::base { 'memcached-then-openstack-core-constraint':
1059 constraint_type => 'order',
1060 first_resource => 'memcached-clone',
1061 second_resource => 'openstack-core-clone',
1062 first_action => 'start',
1063 second_action => 'start',
1064 require => [Pacemaker::Resource::Service['memcached'],
1065 Pacemaker::Resource::Ocf['openstack-core']],
1067 pacemaker::constraint::base { 'galera-then-openstack-core-constraint':
1068 constraint_type => 'order',
1069 first_resource => 'galera-master',
1070 second_resource => 'openstack-core-clone',
1071 first_action => 'promote',
1072 second_action => 'start',
1073 require => [Pacemaker::Resource::Ocf['galera'],
1074 Pacemaker::Resource::Ocf['openstack-core']],
1078 pacemaker::resource::service { $::cinder::params::api_service :
1079 clone_params => 'interleave=true',
1080 require => Pacemaker::Resource::Ocf['openstack-core'],
1082 pacemaker::resource::service { $::cinder::params::scheduler_service :
1083 clone_params => 'interleave=true',
1085 pacemaker::resource::service { $::cinder::params::volume_service : }
1087 pacemaker::constraint::base { 'keystone-then-cinder-api-constraint':
1088 constraint_type => 'order',
1089 first_resource => 'openstack-core-clone',
1090 second_resource => "${::cinder::params::api_service}-clone",
1091 first_action => 'start',
1092 second_action => 'start',
1093 require => [Pacemaker::Resource::Ocf['openstack-core'],
1094 Pacemaker::Resource::Service[$::cinder::params::api_service]],
1096 pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint':
1097 constraint_type => 'order',
1098 first_resource => "${::cinder::params::api_service}-clone",
1099 second_resource => "${::cinder::params::scheduler_service}-clone",
1100 first_action => 'start',
1101 second_action => 'start',
1102 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
1103 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
1105 pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation':
1106 source => "${::cinder::params::scheduler_service}-clone",
1107 target => "${::cinder::params::api_service}-clone",
1108 score => 'INFINITY',
1109 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
1110 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
1112 pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint':
1113 constraint_type => 'order',
1114 first_resource => "${::cinder::params::scheduler_service}-clone",
1115 second_resource => $::cinder::params::volume_service,
1116 first_action => 'start',
1117 second_action => 'start',
1118 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
1119 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
1121 pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation':
1122 source => $::cinder::params::volume_service,
1123 target => "${::cinder::params::scheduler_service}-clone",
1124 score => 'INFINITY',
1125 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
1126 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
1130 pacemaker::resource::service { $::sahara::params::api_service_name :
1131 clone_params => 'interleave=true',
1132 require => Pacemaker::Resource::Ocf['openstack-core'],
1134 pacemaker::resource::service { $::sahara::params::engine_service_name :
1135 clone_params => 'interleave=true',
1137 pacemaker::constraint::base { 'keystone-then-sahara-api-constraint':
1138 constraint_type => 'order',
1139 first_resource => 'openstack-core-clone',
1140 second_resource => "${::sahara::params::api_service_name}-clone",
1141 first_action => 'start',
1142 second_action => 'start',
1143 require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
1144 Pacemaker::Resource::Ocf['openstack-core']],
1146 pacemaker::constraint::base { 'sahara-api-then-sahara-engine-constraint':
1147 constraint_type => 'order',
1148 first_resource => "${::sahara::params::api_service_name}-clone",
1149 second_resource => "${::sahara::params::engine_service_name}-clone",
1150 first_action => 'start',
1151 second_action => 'start',
1152 require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
1153 Pacemaker::Resource::Service[$::sahara::params::engine_service_name]],
1156 if hiera('step') == 5 {
1158 # NOTE(gfidente): Neutron will try to populate the database with some data
1159 # as soon as neutron-server is started; to avoid races we want to make this
1160 # happen only on one node, before normal Pacemaker initialization
1161 # https://bugzilla.redhat.com/show_bug.cgi?id=1233061
1162 # NOTE(emilien): we need to run this Exec only at Step 4 otherwise this exec
1163 # will try to start the service while it's already started by Pacemaker
1164 # It would result to a deployment failure since systemd would return 1 to Puppet
1165 # and the overcloud would fail to deploy (6 would be returned).
1166 # This conditional prevents from a race condition during the deployment.
1167 # https://bugzilla.redhat.com/show_bug.cgi?id=1290582
1168 exec { 'neutron-server-systemd-start-sleep' :
1169 command => 'systemctl start neutron-server && /usr/bin/sleep 5',
1171 unless => '/sbin/pcs resource show neutron-server',
1173 pacemaker::resource::service { $::neutron::params::server_service:
1174 clone_params => 'interleave=true',
1175 require => Pacemaker::Resource::Ocf['openstack-core']
1178 pacemaker::resource::service { $::neutron::params::server_service:
1179 clone_params => 'interleave=true',
1180 require => Pacemaker::Resource::Ocf['openstack-core']
1183 if hiera('neutron::enable_l3_agent', true) {
1184 pacemaker::resource::service { $::neutron::params::l3_agent_service:
1185 clone_params => 'interleave=true',
1188 if hiera('neutron::enable_dhcp_agent', true) {
1189 pacemaker::resource::service { $::neutron::params::dhcp_agent_service:
1190 clone_params => 'interleave=true',
1193 if hiera('neutron::enable_ovs_agent', true) {
1194 pacemaker::resource::service { $::neutron::params::ovs_agent_service:
1195 clone_params => 'interleave=true',
1198 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
1199 pacemaker::resource::service {'tomcat':
1200 clone_params => 'interleave=true',
1203 if hiera('neutron::enable_metadata_agent', true) {
1204 pacemaker::resource::service { $::neutron::params::metadata_agent_service:
1205 clone_params => 'interleave=true',
1208 if hiera('neutron::enable_ovs_agent', true) {
1209 pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service:
1210 ocf_agent_name => 'neutron:OVSCleanup',
1211 clone_params => 'interleave=true',
1213 pacemaker::resource::ocf { 'neutron-netns-cleanup':
1214 ocf_agent_name => 'neutron:NetnsCleanup',
1215 clone_params => 'interleave=true',
1218 # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent
1219 pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint':
1220 constraint_type => 'order',
1221 first_resource => "${::neutron::params::ovs_cleanup_service}-clone",
1222 second_resource => 'neutron-netns-cleanup-clone',
1223 first_action => 'start',
1224 second_action => 'start',
1225 require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
1226 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1228 pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation':
1229 source => 'neutron-netns-cleanup-clone',
1230 target => "${::neutron::params::ovs_cleanup_service}-clone",
1231 score => 'INFINITY',
1232 require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
1233 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1235 pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint':
1236 constraint_type => 'order',
1237 first_resource => 'neutron-netns-cleanup-clone',
1238 second_resource => "${::neutron::params::ovs_agent_service}-clone",
1239 first_action => 'start',
1240 second_action => 'start',
1241 require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
1242 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1244 pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation':
1245 source => "${::neutron::params::ovs_agent_service}-clone",
1246 target => 'neutron-netns-cleanup-clone',
1247 score => 'INFINITY',
1248 require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
1249 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1252 pacemaker::constraint::base { 'keystone-to-neutron-server-constraint':
1253 constraint_type => 'order',
1254 first_resource => 'openstack-core-clone',
1255 second_resource => "${::neutron::params::server_service}-clone",
1256 first_action => 'start',
1257 second_action => 'start',
1258 require => [Pacemaker::Resource::Ocf['openstack-core'],
1259 Pacemaker::Resource::Service[$::neutron::params::server_service]],
1261 if hiera('neutron::enable_ovs_agent',true) {
1262 pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint':
1263 constraint_type => 'order',
1264 first_resource => "${::neutron::params::ovs_agent_service}-clone",
1265 second_resource => "${::neutron::params::dhcp_agent_service}-clone",
1266 first_action => 'start',
1267 second_action => 'start',
1268 require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
1269 Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
1272 if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) {
1273 pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint':
1274 constraint_type => 'order',
1275 first_resource => "${::neutron::params::server_service}-clone",
1276 second_resource => "${::neutron::params::ovs_agent_service}-clone",
1277 first_action => 'start',
1278 second_action => 'start',
1279 require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
1280 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1283 pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation':
1284 source => "${::neutron::params::dhcp_agent_service}-clone",
1285 target => "${::neutron::params::ovs_agent_service}-clone",
1286 score => 'INFINITY',
1287 require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
1288 Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
1291 if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_l3_agent',true) {
1292 pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint':
1293 constraint_type => 'order',
1294 first_resource => "${::neutron::params::dhcp_agent_service}-clone",
1295 second_resource => "${::neutron::params::l3_agent_service}-clone",
1296 first_action => 'start',
1297 second_action => 'start',
1298 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1299 Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
1301 pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation':
1302 source => "${::neutron::params::l3_agent_service}-clone",
1303 target => "${::neutron::params::dhcp_agent_service}-clone",
1304 score => 'INFINITY',
1305 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1306 Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
1309 if hiera('neutron::enable_l3_agent',true) and hiera('neutron::enable_metadata_agent',true) {
1310 pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint':
1311 constraint_type => 'order',
1312 first_resource => "${::neutron::params::l3_agent_service}-clone",
1313 second_resource => "${::neutron::params::metadata_agent_service}-clone",
1314 first_action => 'start',
1315 second_action => 'start',
1316 require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
1317 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
1319 pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation':
1320 source => "${::neutron::params::metadata_agent_service}-clone",
1321 target => "${::neutron::params::l3_agent_service}-clone",
1322 score => 'INFINITY',
1323 require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
1324 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
1327 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
1328 #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat
1329 pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint':
1330 constraint_type => 'order',
1331 first_resource => "${::neutron::params::server_service}-clone",
1332 second_resource => "${::neutron::params::dhcp_agent_service}-clone",
1333 first_action => 'start',
1334 second_action => 'start',
1335 require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
1336 Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
1338 pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint':
1339 constraint_type => 'order',
1340 first_resource => "${::neutron::params::dhcp_agent_service}-clone",
1341 second_resource => "${::neutron::params::metadata_agent_service}-clone",
1342 first_action => 'start',
1343 second_action => 'start',
1344 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1345 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
1347 pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint':
1348 constraint_type => 'order',
1349 first_resource => "${::neutron::params::metadata_agent_service}-clone",
1350 second_resource => 'tomcat-clone',
1351 first_action => 'start',
1352 second_action => 'start',
1353 require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service],
1354 Pacemaker::Resource::Service['tomcat']],
1356 pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation':
1357 source => "${::neutron::params::metadata_agent_service}-clone",
1358 target => "${::neutron::params::dhcp_agent_service}-clone",
1359 score => 'INFINITY',
1360 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1361 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
1366 pacemaker::resource::service { $::nova::params::api_service_name :
1367 clone_params => 'interleave=true',
1369 pacemaker::resource::service { $::nova::params::conductor_service_name :
1370 clone_params => 'interleave=true',
1372 pacemaker::resource::service { $::nova::params::consoleauth_service_name :
1373 clone_params => 'interleave=true',
1374 require => Pacemaker::Resource::Ocf['openstack-core'],
1376 pacemaker::resource::service { $::nova::params::vncproxy_service_name :
1377 clone_params => 'interleave=true',
1379 pacemaker::resource::service { $::nova::params::scheduler_service_name :
1380 clone_params => 'interleave=true',
1383 pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':
1384 constraint_type => 'order',
1385 first_resource => 'openstack-core-clone',
1386 second_resource => "${::nova::params::consoleauth_service_name}-clone",
1387 first_action => 'start',
1388 second_action => 'start',
1389 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1390 Pacemaker::Resource::Ocf['openstack-core']],
1392 pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint':
1393 constraint_type => 'order',
1394 first_resource => "${::nova::params::consoleauth_service_name}-clone",
1395 second_resource => "${::nova::params::vncproxy_service_name}-clone",
1396 first_action => 'start',
1397 second_action => 'start',
1398 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1399 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1401 pacemaker::constraint::colocation { 'nova-vncproxy-with-nova-consoleauth-colocation':
1402 source => "${::nova::params::vncproxy_service_name}-clone",
1403 target => "${::nova::params::consoleauth_service_name}-clone",
1404 score => 'INFINITY',
1405 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1406 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1408 pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint':
1409 constraint_type => 'order',
1410 first_resource => "${::nova::params::vncproxy_service_name}-clone",
1411 second_resource => "${::nova::params::api_service_name}-clone",
1412 first_action => 'start',
1413 second_action => 'start',
1414 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1415 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1417 pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation':
1418 source => "${::nova::params::api_service_name}-clone",
1419 target => "${::nova::params::vncproxy_service_name}-clone",
1420 score => 'INFINITY',
1421 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1422 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1424 pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint':
1425 constraint_type => 'order',
1426 first_resource => "${::nova::params::api_service_name}-clone",
1427 second_resource => "${::nova::params::scheduler_service_name}-clone",
1428 first_action => 'start',
1429 second_action => 'start',
1430 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1431 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1433 pacemaker::constraint::colocation { 'nova-scheduler-with-nova-api-colocation':
1434 source => "${::nova::params::scheduler_service_name}-clone",
1435 target => "${::nova::params::api_service_name}-clone",
1436 score => 'INFINITY',
1437 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1438 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1440 pacemaker::constraint::base { 'nova-scheduler-then-nova-conductor-constraint':
1441 constraint_type => 'order',
1442 first_resource => "${::nova::params::scheduler_service_name}-clone",
1443 second_resource => "${::nova::params::conductor_service_name}-clone",
1444 first_action => 'start',
1445 second_action => 'start',
1446 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1447 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1449 pacemaker::constraint::colocation { 'nova-conductor-with-nova-scheduler-colocation':
1450 source => "${::nova::params::conductor_service_name}-clone",
1451 target => "${::nova::params::scheduler_service_name}-clone",
1452 score => 'INFINITY',
1453 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1454 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1457 # Ceilometer and Aodh
1458 case downcase(hiera('ceilometer_backend')) {
1460 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
1461 clone_params => 'interleave=true',
1462 require => Pacemaker::Resource::Ocf['openstack-core'],
1466 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
1467 clone_params => 'interleave=true',
1468 require => [Pacemaker::Resource::Ocf['openstack-core'],
1469 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1473 pacemaker::resource::service { $::ceilometer::params::collector_service_name :
1474 clone_params => 'interleave=true',
1476 pacemaker::resource::service { $::ceilometer::params::api_service_name :
1477 clone_params => 'interleave=true',
1479 pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
1480 clone_params => 'interleave=true',
1482 pacemaker::resource::ocf { 'delay' :
1483 ocf_agent_name => 'heartbeat:Delay',
1484 clone_params => 'interleave=true',
1485 resource_params => 'startdelay=10',
1487 # Fedora doesn't know `require-all` parameter for constraints yet
1488 if $::operatingsystem == 'Fedora' {
1489 $redis_ceilometer_constraint_params = undef
1490 $redis_aodh_constraint_params = undef
1492 $redis_ceilometer_constraint_params = 'require-all=false'
1493 $redis_aodh_constraint_params = 'require-all=false'
1495 pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint':
1496 constraint_type => 'order',
1497 first_resource => 'redis-master',
1498 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1499 first_action => 'promote',
1500 second_action => 'start',
1501 constraint_params => $redis_ceilometer_constraint_params,
1502 require => [Pacemaker::Resource::Ocf['redis'],
1503 Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]],
1505 pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint':
1506 constraint_type => 'order',
1507 first_resource => 'redis-master',
1508 second_resource => "${::aodh::params::evaluator_service_name}-clone",
1509 first_action => 'promote',
1510 second_action => 'start',
1511 constraint_params => $redis_aodh_constraint_params,
1512 require => [Pacemaker::Resource::Ocf['redis'],
1513 Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]],
1515 pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
1516 constraint_type => 'order',
1517 first_resource => 'openstack-core-clone',
1518 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1519 first_action => 'start',
1520 second_action => 'start',
1521 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1522 Pacemaker::Resource::Ocf['openstack-core']],
1524 pacemaker::constraint::base { 'keystone-then-ceilometer-notification-constraint':
1525 constraint_type => 'order',
1526 first_resource => 'openstack-core-clone',
1527 second_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
1528 first_action => 'start',
1529 second_action => 'start',
1530 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1531 Pacemaker::Resource::Ocf['openstack-core']],
1533 pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
1534 constraint_type => 'order',
1535 first_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1536 second_resource => "${::ceilometer::params::collector_service_name}-clone",
1537 first_action => 'start',
1538 second_action => 'start',
1539 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1540 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1542 pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
1543 constraint_type => 'order',
1544 first_resource => "${::ceilometer::params::collector_service_name}-clone",
1545 second_resource => "${::ceilometer::params::api_service_name}-clone",
1546 first_action => 'start',
1547 second_action => 'start',
1548 require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
1549 Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
1551 pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
1552 source => "${::ceilometer::params::api_service_name}-clone",
1553 target => "${::ceilometer::params::collector_service_name}-clone",
1554 score => 'INFINITY',
1555 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1556 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1558 pacemaker::constraint::base { 'ceilometer-api-then-ceilometer-delay-constraint':
1559 constraint_type => 'order',
1560 first_resource => "${::ceilometer::params::api_service_name}-clone",
1561 second_resource => 'delay-clone',
1562 first_action => 'start',
1563 second_action => 'start',
1564 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1565 Pacemaker::Resource::Ocf['delay']],
1567 pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation':
1568 source => 'delay-clone',
1569 target => "${::ceilometer::params::api_service_name}-clone",
1570 score => 'INFINITY',
1571 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1572 Pacemaker::Resource::Ocf['delay']],
1575 pacemaker::resource::service { $::aodh::params::evaluator_service_name :
1576 clone_params => 'interleave=true',
1578 pacemaker::resource::service { $::aodh::params::notifier_service_name :
1579 clone_params => 'interleave=true',
1581 pacemaker::resource::service { $::aodh::params::listener_service_name :
1582 clone_params => 'interleave=true',
1584 pacemaker::constraint::base { 'aodh-delay-then-aodh-evaluator-constraint':
1585 constraint_type => 'order',
1586 first_resource => 'delay-clone',
1587 second_resource => "${::aodh::params::evaluator_service_name}-clone",
1588 first_action => 'start',
1589 second_action => 'start',
1590 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1591 Pacemaker::Resource::Ocf['delay']],
1593 pacemaker::constraint::colocation { 'aodh-evaluator-with-aodh-delay-colocation':
1594 source => "${::aodh::params::evaluator_service_name}-clone",
1595 target => 'delay-clone',
1596 score => 'INFINITY',
1597 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1598 Pacemaker::Resource::Ocf['delay']],
1600 pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint':
1601 constraint_type => 'order',
1602 first_resource => "${::aodh::params::evaluator_service_name}-clone",
1603 second_resource => "${::aodh::params::notifier_service_name}-clone",
1604 first_action => 'start',
1605 second_action => 'start',
1606 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1607 Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
1609 pacemaker::constraint::colocation { 'aodh-notifier-with-aodh-evaluator-colocation':
1610 source => "${::aodh::params::notifier_service_name}-clone",
1611 target => "${::aodh::params::evaluator_service_name}-clone",
1612 score => 'INFINITY',
1613 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1614 Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
1616 pacemaker::constraint::base { 'aodh-evaluator-then-aodh-listener-constraint':
1617 constraint_type => 'order',
1618 first_resource => "${::aodh::params::evaluator_service_name}-clone",
1619 second_resource => "${::aodh::params::listener_service_name}-clone",
1620 first_action => 'start',
1621 second_action => 'start',
1622 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1623 Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
1625 pacemaker::constraint::colocation { 'aodh-listener-with-aodh-evaluator-colocation':
1626 source => "${::aodh::params::listener_service_name}-clone",
1627 target => "${::aodh::params::evaluator_service_name}-clone",
1628 score => 'INFINITY',
1629 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1630 Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
1632 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
1633 pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint':
1634 constraint_type => 'order',
1635 first_resource => "${::mongodb::params::service_name}-clone",
1636 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1637 first_action => 'start',
1638 second_action => 'start',
1639 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1640 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1645 pacemaker::resource::service { $::gnocchi::params::metricd_service_name :
1646 clone_params => 'interleave=true',
1648 pacemaker::resource::service { $::gnocchi::params::statsd_service_name :
1649 clone_params => 'interleave=true',
1651 pacemaker::constraint::base { 'gnocchi-metricd-then-gnocchi-statsd-constraint':
1652 constraint_type => 'order',
1653 first_resource => "${::gnocchi::params::metricd_service_name}-clone",
1654 second_resource => "${::gnocchi::params::statsd_service_name}-clone",
1655 first_action => 'start',
1656 second_action => 'start',
1657 require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
1658 Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
1660 pacemaker::constraint::colocation { 'gnocchi-statsd-with-metricd-colocation':
1661 source => "${::gnocchi::params::statsd_service_name}-clone",
1662 target => "${::gnocchi::params::metricd_service_name}-clone",
1663 score => 'INFINITY',
1664 require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
1665 Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
1669 pacemaker::resource::service { $::heat::params::api_service_name :
1670 clone_params => 'interleave=true',
1672 pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name :
1673 clone_params => 'interleave=true',
1675 pacemaker::resource::service { $::heat::params::api_cfn_service_name :
1676 clone_params => 'interleave=true',
1678 pacemaker::resource::service { $::heat::params::engine_service_name :
1679 clone_params => 'interleave=true',
1681 pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint':
1682 constraint_type => 'order',
1683 first_resource => "${::heat::params::api_service_name}-clone",
1684 second_resource => "${::heat::params::api_cfn_service_name}-clone",
1685 first_action => 'start',
1686 second_action => 'start',
1687 require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
1688 Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
1690 pacemaker::constraint::colocation { 'heat-api-cfn-with-heat-api-colocation':
1691 source => "${::heat::params::api_cfn_service_name}-clone",
1692 target => "${::heat::params::api_service_name}-clone",
1693 score => 'INFINITY',
1694 require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
1695 Pacemaker::Resource::Service[$::heat::params::api_service_name]],
1697 pacemaker::constraint::base { 'heat-api-cfn-then-heat-api-cloudwatch-constraint':
1698 constraint_type => 'order',
1699 first_resource => "${::heat::params::api_cfn_service_name}-clone",
1700 second_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
1701 first_action => 'start',
1702 second_action => 'start',
1703 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1704 Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
1706 pacemaker::constraint::colocation { 'heat-api-cloudwatch-with-heat-api-cfn-colocation':
1707 source => "${::heat::params::api_cloudwatch_service_name}-clone",
1708 target => "${::heat::params::api_cfn_service_name}-clone",
1709 score => 'INFINITY',
1710 require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
1711 Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name]],
1713 pacemaker::constraint::base { 'heat-api-cloudwatch-then-heat-engine-constraint':
1714 constraint_type => 'order',
1715 first_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
1716 second_resource => "${::heat::params::engine_service_name}-clone",
1717 first_action => 'start',
1718 second_action => 'start',
1719 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1720 Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
1722 pacemaker::constraint::colocation { 'heat-engine-with-heat-api-cloudwatch-colocation':
1723 source => "${::heat::params::engine_service_name}-clone",
1724 target => "${::heat::params::api_cloudwatch_service_name}-clone",
1725 score => 'INFINITY',
1726 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1727 Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
1729 pacemaker::constraint::base { 'ceilometer-notification-then-heat-api-constraint':
1730 constraint_type => 'order',
1731 first_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
1732 second_resource => "${::heat::params::api_service_name}-clone",
1733 first_action => 'start',
1734 second_action => 'start',
1735 require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
1736 Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]],
1739 # Horizon and Keystone
1740 pacemaker::resource::service { $::apache::params::service_name:
1741 clone_params => 'interleave=true',
1742 verify_on_create => true,
1743 require => [File['/etc/keystone/ssl/certs/ca.pem'],
1744 File['/etc/keystone/ssl/private/signing_key.pem'],
1745 File['/etc/keystone/ssl/certs/signing_cert.pem']],
1749 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
1750 pacemaker::resource::ocf { 'vsm-p' :
1751 ocf_agent_name => 'heartbeat:VirtualDomain',
1752 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_primary_deploy.xml',
1753 require => Class['n1k_vsm'],
1754 meta_params => 'resource-stickiness=INFINITY',
1756 if str2bool(hiera('n1k_vsm::pacemaker_control', true)) {
1757 pacemaker::resource::ocf { 'vsm-s' :
1758 ocf_agent_name => 'heartbeat:VirtualDomain',
1759 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_secondary_deploy.xml',
1760 require => Class['n1k_vsm'],
1761 meta_params => 'resource-stickiness=INFINITY',
1763 pacemaker::constraint::colocation { 'vsm-colocation-contraint':
1766 score => '-INFINITY',
1767 require => [Pacemaker::Resource::Ocf['vsm-p'],
1768 Pacemaker::Resource::Ocf['vsm-s']],
1777 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
1778 package_manifest{$package_manifest_name: ensure => present}
Code Review / apex-tripleo-heat-templates.git / blob