1 # Copyright 2015 Red Hat, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
21 # TODO(jistr): use pcs resource provider instead of just no-ops
23 tag == 'aodh-service' or
24 tag == 'cinder-service' or
25 tag == 'ceilometer-service' or
26 tag == 'gnocchi-service' or
27 tag == 'neutron-service' or
28 tag == 'nova-service' or
29 tag == 'sahara-service'
32 restart => '/bin/true',
37 include ::tripleo::packages
38 include ::tripleo::firewall
40 if $::hostname == downcase(hiera('bootstrap_nodeid')) {
41 $pacemaker_master = true
44 $pacemaker_master = false
48 $enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 5
49 $enable_load_balancer = hiera('enable_load_balancer', true)
51 # When to start and enable services which haven't been Pacemakerized
52 # FIXME: remove when we start all OpenStack services using Pacemaker
53 # (occurrences of this variable will be gradually replaced with false)
54 $non_pcmk_start = hiera('step') >= 5
56 if hiera('step') >= 1 {
58 create_resources(kmod::load, hiera('kernel_modules'), {})
59 create_resources(sysctl::value, hiera('sysctl_settings'), {})
60 Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
64 if count(hiera('ntp::servers')) > 0 {
68 $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G'))
69 $corosync_ipv6 = str2bool(hiera('corosync_ipv6', false))
71 $cluster_setup_extras = { '--token' => hiera('corosync_token_timeout', 1000), '--ipv6' => '' }
73 $cluster_setup_extras = { '--token' => hiera('corosync_token_timeout', 1000) }
75 class { '::pacemaker':
76 hacluster_pwd => hiera('hacluster_pwd'),
78 class { '::pacemaker::corosync':
79 cluster_members => $pacemaker_cluster_members,
80 setup_cluster => $pacemaker_master,
81 cluster_setup_extras => $cluster_setup_extras,
83 class { '::pacemaker::stonith':
84 disable => !$enable_fencing,
87 include ::tripleo::fencing
89 # enable stonith after all Pacemaker resources have been created
90 Pcmk_resource<||> -> Class['tripleo::fencing']
91 Pcmk_constraint<||> -> Class['tripleo::fencing']
92 Exec <| tag == 'pacemaker_constraint' |> -> Class['tripleo::fencing']
93 # enable stonith after all fencing devices have been created
94 Class['tripleo::fencing'] -> Class['pacemaker::stonith']
97 # FIXME(gfidente): sets 200secs as default start timeout op
98 # param; until we can use pcmk global defaults we'll still
99 # need to add it to every resource which redefines op params
100 Pacemaker::Resource::Service {
101 op_params => 'start timeout=200s stop timeout=200s',
104 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
105 include ::mongodb::globals
106 include ::mongodb::client
107 class { '::mongodb::server' :
108 service_manage => false,
114 service_manage => false,
115 notify_service => false,
119 if str2bool(hiera('enable_galera', true)) {
120 $mysql_config_file = '/etc/my.cnf.d/galera.cnf'
122 $mysql_config_file = '/etc/my.cnf.d/server.cnf'
124 $galera_nodes = downcase(hiera('galera_node_names', $::hostname))
125 $galera_nodes_count = count(split($galera_nodes, ','))
127 # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we
128 # set bind-address to a hostname instead of an ip address; to move Mysql
129 # from internal_api on another network we'll have to customize both
130 # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap
131 $mysql_bind_host = hiera('mysql_bind_host')
134 'skip-name-resolve' => '1',
135 'binlog_format' => 'ROW',
136 'default-storage-engine' => 'innodb',
137 'innodb_autoinc_lock_mode' => '2',
138 'innodb_locks_unsafe_for_binlog'=> '1',
139 'query_cache_size' => '0',
140 'query_cache_type' => '0',
141 'bind-address' => $::hostname,
142 'max_connections' => hiera('mysql_max_connections'),
143 'open_files_limit' => '-1',
145 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so',
146 'wsrep_cluster_name' => 'galera_cluster',
147 'wsrep_cluster_address' => "gcomm://${galera_nodes}",
148 'wsrep_slave_threads' => '1',
149 'wsrep_certify_nonPK' => '1',
150 'wsrep_max_ws_rows' => '131072',
151 'wsrep_max_ws_size' => '1073741824',
152 'wsrep_debug' => '0',
153 'wsrep_convert_LOCK_to_trx' => '0',
154 'wsrep_retry_autocommit' => '1',
155 'wsrep_auto_increment_control' => '1',
156 'wsrep_drupal_282555_workaround'=> '0',
157 'wsrep_causal_reads' => '0',
158 'wsrep_sst_method' => 'rsync',
159 'wsrep_provider_options' => "gmcast.listen_addr=tcp://[${mysql_bind_host}]:4567;",
163 class { '::mysql::server':
164 create_root_user => false,
165 create_root_my_cnf => false,
166 config_file => $mysql_config_file,
167 override_options => $mysqld_options,
168 remove_default_accounts => $pacemaker_master,
169 service_manage => false,
170 service_enabled => false,
175 if hiera('step') >= 2 {
177 # NOTE(gfidente): the following vars are needed on all nodes so they
178 # need to stay out of pacemaker_master conditional.
179 # The addresses mangling will hopefully go away when we'll be able to
180 # configure the connection string via hostnames, until then, we need to pass
181 # the list of IPv6 addresses *with* port and without the brackets as 'members'
182 # argument for the 'mongodb_replset' resource.
183 if str2bool(hiera('mongodb::server::ipv6', false)) {
184 $mongo_node_ips_with_port_prefixed = prefix(hiera('mongo_node_ips'), '[')
185 $mongo_node_ips_with_port = suffix($mongo_node_ips_with_port_prefixed, ']:27017')
186 $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
188 $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
189 $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
191 $mongodb_replset = hiera('mongodb::server::replset')
193 if $pacemaker_master {
195 include ::pacemaker::resource_defaults
197 # Create an openstack-core dummy resource. See RHBZ 1290121
198 pacemaker::resource::ocf { 'openstack-core':
199 ocf_agent_name => 'heartbeat:Dummy',
200 clone_params => true,
203 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
204 pacemaker::resource::service { $::mongodb::params::service_name :
205 op_params => 'start timeout=370s stop timeout=200s',
206 clone_params => true,
207 require => Class['::mongodb::server'],
209 # NOTE (spredzy) : The replset can only be run
210 # once all the nodes have joined the cluster.
211 mongodb_conn_validator { $mongo_node_ips_with_port :
213 require => Pacemaker::Resource::Service[$::mongodb::params::service_name],
214 before => Mongodb_replset[$mongodb_replset],
216 mongodb_replset { $mongodb_replset :
217 members => $mongo_node_ips_with_port_nobr,
221 pacemaker::resource::ocf { 'galera' :
222 ocf_agent_name => 'heartbeat:galera',
223 op_params => 'promote timeout=300s on-fail=block',
225 meta_params => "master-max=${galera_nodes_count} ordered=true",
226 resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'",
227 require => Class['::mysql::server'],
228 before => Exec['galera-ready'],
231 pacemaker::resource::ocf { 'redis':
232 ocf_agent_name => 'heartbeat:redis',
234 meta_params => 'notify=true ordered=true interleave=true',
235 resource_params => 'wait_last_known_master=true',
236 require => Class['::redis'],
240 $mysql_root_password = hiera('mysql::server::root_password')
241 $mysql_clustercheck_password = hiera('mysql_clustercheck_password')
242 # This step is to create a sysconfig clustercheck file with the root user and empty password
243 # on the first install only (because later on the clustercheck db user will be used)
244 # We are using exec and not file in order to not have duplicate definition errors in puppet
245 # when we later set the the file to contain the clustercheck data
246 exec { 'create-root-sysconfig-clustercheck':
247 command => "/bin/echo 'MYSQL_USERNAME=root\nMYSQL_PASSWORD=\'\'\nMYSQL_HOST=localhost\n' > /etc/sysconfig/clustercheck",
248 unless => '/bin/test -e /etc/sysconfig/clustercheck && grep -q clustercheck /etc/sysconfig/clustercheck',
251 exec { 'galera-ready' :
252 command => '/usr/bin/clustercheck >/dev/null',
256 environment => ['AVAILABLE_WHEN_READONLY=0'],
257 require => Exec['create-root-sysconfig-clustercheck'],
260 xinetd::service { 'galera-monitor' :
262 server => '/usr/bin/clustercheck',
263 per_source => 'UNLIMITED',
264 log_on_success => '',
265 log_on_failure => 'HOST',
267 service_type => 'UNLISTED',
270 require => Exec['create-root-sysconfig-clustercheck'],
272 # We add a clustercheck db user and we will switch /etc/sysconfig/clustercheck
273 # to it in a later step. We do this only on one node as it will replicate on
274 # the other members. We also make sure that the permissions are the minimum necessary
275 if $pacemaker_master {
276 mysql_user { 'clustercheck@localhost':
278 password_hash => mysql_password($mysql_clustercheck_password),
279 require => Exec['galera-ready'],
281 mysql_grant { 'clustercheck@localhost/*.*':
283 options => ['GRANT'],
284 privileges => ['PROCESS'],
286 user => 'clustercheck@localhost',
290 # Create all the database schemas
292 class { '::nova::db::mysql':
293 require => Exec['galera-ready'],
295 class { '::nova::db::mysql_api':
296 require => Exec['galera-ready'],
298 class { '::neutron::db::mysql':
299 require => Exec['galera-ready'],
301 class { '::cinder::db::mysql':
302 require => Exec['galera-ready'],
305 if downcase(hiera('ceilometer_backend')) == 'mysql' {
306 class { '::ceilometer::db::mysql':
307 require => Exec['galera-ready'],
311 if downcase(hiera('gnocchi_indexer_backend')) == 'mysql' {
312 class { '::gnocchi::db::mysql':
313 require => Exec['galera-ready'],
316 class { '::sahara::db::mysql':
317 require => Exec['galera-ready'],
321 # pre-install swift here so we can build rings
325 $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
328 $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
329 if str2bool(hiera('ceph_ipv6', false)) {
330 $mon_host = hiera('ceph_mon_host_v6')
332 $mon_host = hiera('ceph_mon_host')
334 class { '::ceph::profile::params':
335 mon_initial_members => $mon_initial_members,
336 mon_host => $mon_host,
339 include ::ceph::profile::mon
342 if str2bool(hiera('enable_ceph_storage', false)) {
343 if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
344 exec { 'set selinux to permissive on boot':
345 command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
346 onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
347 path => ['/usr/bin', '/usr/sbin'],
350 exec { 'set selinux to permissive':
351 command => 'setenforce 0',
352 onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
353 path => ['/usr/bin', '/usr/sbin'],
354 } -> Class['ceph::profile::osd']
358 include ::ceph::profile::osd
361 if str2bool(hiera('enable_external_ceph', false)) {
362 if str2bool(hiera('ceph_ipv6', false)) {
363 $mon_host = hiera('ceph_mon_host_v6')
365 $mon_host = hiera('ceph_mon_host')
367 class { '::ceph::profile::params':
368 mon_host => $mon_host,
371 include ::ceph::profile::client
377 if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) {
378 # At this stage we are guaranteed that the clustercheck db user exists
379 # so we switch the resource agent to use it.
380 file { '/etc/sysconfig/clustercheck' :
385 content => "MYSQL_USERNAME=clustercheck\n
386 MYSQL_PASSWORD='${mysql_clustercheck_password}'\n
387 MYSQL_HOST=localhost\n",
390 $nova_ipv6 = hiera('nova::use_ipv6', false)
392 $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211')
394 $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211')
398 memcached_servers => $memcached_servers
401 include ::nova::config
403 class { '::nova::api' :
405 sync_db_api => $sync_db,
406 manage_service => false,
409 class { '::nova::cert' :
410 manage_service => false,
413 class { '::nova::conductor' :
414 manage_service => false,
417 class { '::nova::consoleauth' :
418 manage_service => false,
421 class { '::nova::vncproxy' :
422 manage_service => false,
425 include ::nova::scheduler::filter
426 class { '::nova::scheduler' :
427 manage_service => false,
430 include ::nova::network::neutron
432 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
434 # TODO(devvesa) provide non-controller ips for these services
435 $zookeeper_node_ips = hiera('neutron_api_node_ips')
436 $cassandra_node_ips = hiera('neutron_api_node_ips')
438 # Run zookeeper in the controller if configured
439 if hiera('enable_zookeeper_on_controller') {
440 class {'::tripleo::cluster::zookeeper':
441 zookeeper_server_ips => $zookeeper_node_ips,
442 # TODO: create a 'bind' hiera key for zookeeper
443 zookeeper_client_ip => hiera('neutron::bind_host'),
444 zookeeper_hostnames => split(hiera('controller_node_names'), ',')
448 # Run cassandra in the controller if configured
449 if hiera('enable_cassandra_on_controller') {
450 class {'::tripleo::cluster::cassandra':
451 cassandra_servers => $cassandra_node_ips,
452 # TODO: create a 'bind' hiera key for cassandra
453 cassandra_ip => hiera('neutron::bind_host'),
457 class {'::tripleo::network::midonet::agent':
458 zookeeper_servers => $zookeeper_node_ips,
459 cassandra_seeds => $cassandra_node_ips
462 class {'::tripleo::network::midonet::api':
463 zookeeper_servers => $zookeeper_node_ips,
464 vip => hiera('tripleo::loadbalancer::public_virtual_ip'),
465 keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
466 keystone_admin_token => hiera('keystone::admin_token'),
467 # TODO: create a 'bind' hiera key for api
468 bind_address => hiera('neutron::bind_host'),
469 admin_password => hiera('admin_password')
474 service_plugins => []
479 # Neutron class definitions
483 include ::neutron::config
484 class { '::neutron::server' :
486 manage_service => false,
489 include ::neutron::server::notifications
490 if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
491 include ::neutron::plugins::nuage
493 if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
494 include ::neutron::plugins::opencontrail
496 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
497 class {'::neutron::plugins::midonet':
498 midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
499 keystone_tenant => hiera('neutron::server::auth_tenant'),
500 keystone_password => hiera('neutron::server::auth_password')
503 if hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
504 class { '::neutron::plugins::plumgrid' :
505 connection => hiera('neutron::server::database_connection'),
506 controller_priv_host => hiera('keystone_admin_api_vip'),
507 admin_password => hiera('admin_password'),
508 metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'),
511 include ::neutron::plugins::ml2
512 class { '::neutron::agents::ml2::ovs':
513 manage_service => false,
517 if 'cisco_ucsm' in hiera('neutron::plugins::ml2::mechanism_drivers') {
518 include ::neutron::plugins::ml2::cisco::ucsm
520 if 'cisco_nexus' in hiera('neutron::plugins::ml2::mechanism_drivers') {
521 include ::neutron::plugins::ml2::cisco::nexus
522 include ::neutron::plugins::ml2::cisco::type_nexus_vxlan
524 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
525 include ::neutron::plugins::ml2::cisco::nexus1000v
527 class { '::neutron::agents::n1kv_vem':
528 n1kv_source => hiera('n1kv_vem_source', undef),
529 n1kv_version => hiera('n1kv_vem_version', undef),
533 n1kv_source => hiera('n1kv_vsm_source', undef),
534 n1kv_version => hiera('n1kv_vsm_version', undef),
538 if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') {
539 include ::neutron::plugins::ml2::bigswitch::restproxy
540 include ::neutron::agents::bigswitch
544 include ::cinder::config
545 class { '::cinder::api':
547 manage_service => false,
550 class { '::cinder::scheduler' :
551 manage_service => false,
554 class { '::cinder::volume' :
555 manage_service => false,
558 include ::cinder::glance
559 include ::cinder::ceilometer
560 class { '::cinder::setup_test_volume':
561 size => join([hiera('cinder_lvm_loop_device_size'), 'M']),
564 $cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true)
565 if $cinder_enable_iscsi {
566 $cinder_iscsi_backend = 'tripleo_iscsi'
568 cinder::backend::iscsi { $cinder_iscsi_backend :
569 iscsi_ip_address => hiera('cinder_iscsi_ip_address'),
570 iscsi_helper => hiera('cinder_iscsi_helper'),
576 $ceph_pools = hiera('ceph_pools')
577 ceph::pool { $ceph_pools :
578 pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
579 pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
580 size => hiera('ceph::profile::params::osd_pool_default_size'),
583 $cinder_pool_requires = [Ceph::Pool[hiera('cinder_rbd_pool_name')]]
586 $cinder_pool_requires = []
589 if hiera('cinder_enable_rbd_backend', false) {
590 $cinder_rbd_backend = 'tripleo_ceph'
592 cinder::backend::rbd { $cinder_rbd_backend :
593 backend_host => hiera('cinder::host'),
594 rbd_pool => hiera('cinder_rbd_pool_name'),
595 rbd_user => hiera('ceph_client_user_name'),
596 rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
597 require => $cinder_pool_requires,
601 if hiera('cinder_enable_eqlx_backend', false) {
602 $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name')
604 cinder::backend::eqlx { $cinder_eqlx_backend :
605 volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef),
606 san_ip => hiera('cinder::backend::eqlx::san_ip', undef),
607 san_login => hiera('cinder::backend::eqlx::san_login', undef),
608 san_password => hiera('cinder::backend::eqlx::san_password', undef),
609 san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef),
610 eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef),
611 eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef),
612 eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef),
613 eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef),
614 eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef),
618 if hiera('cinder_enable_dellsc_backend', false) {
619 $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name')
621 cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend :
622 volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef),
623 san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef),
624 san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef),
625 san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef),
626 dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef),
627 iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef),
628 iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef),
629 dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef),
630 dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef),
631 dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef),
635 if hiera('cinder_enable_netapp_backend', false) {
636 $cinder_netapp_backend = hiera('cinder::backend::netapp::title')
638 if hiera('cinder::backend::netapp::nfs_shares', undef) {
639 $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',')
642 cinder::backend::netapp { $cinder_netapp_backend :
643 netapp_login => hiera('cinder::backend::netapp::netapp_login', undef),
644 netapp_password => hiera('cinder::backend::netapp::netapp_password', undef),
645 netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef),
646 netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef),
647 netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef),
648 netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef),
649 netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef),
650 netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef),
651 netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef),
652 netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef),
653 netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef),
654 netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef),
655 nfs_shares => $cinder_netapp_nfs_shares,
656 nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef),
657 netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef),
658 netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef),
659 netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef),
660 netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef),
661 netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef),
662 netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef),
666 if hiera('cinder_enable_nfs_backend', false) {
667 $cinder_nfs_backend = 'tripleo_nfs'
669 if str2bool($::selinux) {
670 selboolean { 'virt_use_nfs':
673 } -> Package['nfs-utils']
676 package { 'nfs-utils': } ->
677 cinder::backend::nfs { $cinder_nfs_backend:
678 nfs_servers => hiera('cinder_nfs_servers'),
679 nfs_mount_options => hiera('cinder_nfs_mount_options',''),
680 nfs_shares_config => '/etc/cinder/shares-nfs.conf',
684 $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_eqlx_backend, $cinder_dellsc_backend, $cinder_netapp_backend, $cinder_nfs_backend])
685 class { '::cinder::backends' :
686 enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')),
692 class { '::sahara::service::api':
693 manage_service => false,
696 class { '::sahara::service::engine':
697 manage_service => false,
702 class { '::swift::proxy' :
703 manage_service => $non_pcmk_start,
704 enabled => $non_pcmk_start,
706 include ::swift::proxy::proxy_logging
707 include ::swift::proxy::healthcheck
708 include ::swift::proxy::cache
709 include ::swift::proxy::keystone
710 include ::swift::proxy::authtoken
711 include ::swift::proxy::staticweb
712 include ::swift::proxy::ratelimit
713 include ::swift::proxy::catch_errors
714 include ::swift::proxy::tempurl
715 include ::swift::proxy::formpost
718 if str2bool(hiera('enable_swift_storage', true)) {
719 class {'::swift::storage::all':
720 mount_check => str2bool(hiera('swift_mount_check')),
722 class {'::swift::storage::account':
723 manage_service => $non_pcmk_start,
724 enabled => $non_pcmk_start,
726 class {'::swift::storage::container':
727 manage_service => $non_pcmk_start,
728 enabled => $non_pcmk_start,
730 class {'::swift::storage::object':
731 manage_service => $non_pcmk_start,
732 enabled => $non_pcmk_start,
734 if(!defined(File['/srv/node'])) {
739 require => Package['openstack-swift'],
742 $swift_components = ['account', 'container', 'object']
743 swift::storage::filter::recon { $swift_components : }
744 swift::storage::filter::healthcheck { $swift_components : }
748 case downcase(hiera('ceilometer_backend')) {
750 $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
753 $mongo_node_string = join($mongo_node_ips_with_port, ',')
754 $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
758 include ::ceilometer::config
759 class { '::ceilometer::api' :
760 manage_service => false,
763 class { '::ceilometer::agent::notification' :
764 manage_service => false,
767 class { '::ceilometer::agent::central' :
768 manage_service => false,
771 class { '::ceilometer::collector' :
772 manage_service => false,
775 include ::ceilometer::expirer
776 class { '::ceilometer::db' :
777 database_connection => $ceilometer_database_connection,
780 include ::ceilometer::agent::auth
781 include ::ceilometer::dispatcher::gnocchi
783 Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
785 # httpd/apache and horizon
786 # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent
788 service_enable => false,
789 # service_manage => false, # <-- not supported with horizon&apache mod_wsgi?
791 include ::apache::mod::remoteip
792 include ::apache::mod::status
793 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
794 $_profile_support = 'cisco'
796 $_profile_support = 'None'
798 $neutron_options = {'profile_support' => $_profile_support }
800 $memcached_ipv6 = hiera('memcached_ipv6', false)
802 $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
804 $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
808 cache_server_ip => $horizon_memcached_servers,
809 neutron_options => $neutron_options,
814 database_connection => $ceilometer_database_connection,
816 include ::aodh::config
818 include ::aodh::client
819 include ::aodh::wsgi::apache
820 class { '::aodh::api':
821 manage_service => false,
823 service_name => 'httpd',
825 class { '::aodh::evaluator':
826 manage_service => false,
829 class { '::aodh::notifier':
830 manage_service => false,
833 class { '::aodh::listener':
834 manage_service => false,
839 $gnocchi_database_connection = hiera('gnocchi_mysql_conn_string')
840 include ::gnocchi::client
842 include ::gnocchi::db::sync
844 include ::gnocchi::storage
845 $gnocchi_backend = downcase(hiera('gnocchi_backend', 'swift'))
846 case $gnocchi_backend {
847 'swift': { include ::gnocchi::storage::swift }
848 'file': { include ::gnocchi::storage::file }
849 'rbd': { include ::gnocchi::storage::ceph }
850 default: { fail('Unrecognized gnocchi_backend parameter.') }
853 database_connection => $gnocchi_database_connection,
855 class { '::gnocchi::api' :
856 manage_service => false,
858 service_name => 'httpd',
860 class { '::gnocchi::wsgi::apache' :
863 class { '::gnocchi::metricd' :
864 manage_service => false,
867 class { '::gnocchi::statsd' :
868 manage_service => false,
872 $snmpd_user = hiera('snmpd_readonly_user_name')
873 snmp::snmpv3_user { $snmpd_user:
875 authpass => hiera('snmpd_readonly_user_password'),
878 agentaddress => ['udp:161','udp6:[::1]:161'],
879 snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
882 hiera_include('controller_classes')
886 if hiera('step') >= 5 {
887 # We now make sure that the root db password is set to a random one
888 # At first installation /root/.my.cnf will be empty and we connect without a root
889 # password. On second runs or updates /root/.my.cnf will already be populated
890 # with proper credentials. This step happens on every node because this sql
891 # statement does not automatically replicate across nodes.
892 exec { 'galera-set-root-password':
893 command => "/bin/touch /root/.my.cnf && /bin/echo \"UPDATE mysql.user SET Password = PASSWORD('${mysql_root_password}') WHERE user = 'root'; flush privileges;\" | /bin/mysql --defaults-extra-file=/root/.my.cnf -u root",
895 file { '/root/.my.cnf' :
902 password=\"${mysql_root_password}\"
906 password=\"${mysql_root_password}\"",
907 require => Exec['galera-set-root-password'],
910 $nova_enable_db_purge = hiera('nova_enable_db_purge', true)
911 $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true)
913 if $nova_enable_db_purge {
914 include ::nova::cron::archive_deleted_rows
916 if $cinder_enable_db_purge {
917 include ::cinder::cron::db_purge
920 if $pacemaker_master {
922 pacemaker::constraint::base { 'openstack-core-then-httpd-constraint':
923 constraint_type => 'order',
924 first_resource => 'openstack-core-clone',
925 second_resource => "${::apache::params::service_name}-clone",
926 first_action => 'start',
927 second_action => 'start',
928 require => [Pacemaker::Resource::Service[$::apache::params::service_name],
929 Pacemaker::Resource::Ocf['openstack-core']],
931 pacemaker::constraint::base { 'galera-then-openstack-core-constraint':
932 constraint_type => 'order',
933 first_resource => 'galera-master',
934 second_resource => 'openstack-core-clone',
935 first_action => 'promote',
936 second_action => 'start',
937 require => [Pacemaker::Resource::Ocf['galera'],
938 Pacemaker::Resource::Ocf['openstack-core']],
942 pacemaker::resource::service { $::cinder::params::api_service :
943 clone_params => 'interleave=true',
944 require => Pacemaker::Resource::Ocf['openstack-core'],
946 pacemaker::resource::service { $::cinder::params::scheduler_service :
947 clone_params => 'interleave=true',
949 pacemaker::resource::service { $::cinder::params::volume_service : }
951 pacemaker::constraint::base { 'keystone-then-cinder-api-constraint':
952 constraint_type => 'order',
953 first_resource => 'openstack-core-clone',
954 second_resource => "${::cinder::params::api_service}-clone",
955 first_action => 'start',
956 second_action => 'start',
957 require => [Pacemaker::Resource::Ocf['openstack-core'],
958 Pacemaker::Resource::Service[$::cinder::params::api_service]],
960 pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint':
961 constraint_type => 'order',
962 first_resource => "${::cinder::params::api_service}-clone",
963 second_resource => "${::cinder::params::scheduler_service}-clone",
964 first_action => 'start',
965 second_action => 'start',
966 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
967 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
969 pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation':
970 source => "${::cinder::params::scheduler_service}-clone",
971 target => "${::cinder::params::api_service}-clone",
973 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
974 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
976 pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint':
977 constraint_type => 'order',
978 first_resource => "${::cinder::params::scheduler_service}-clone",
979 second_resource => $::cinder::params::volume_service,
980 first_action => 'start',
981 second_action => 'start',
982 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
983 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
985 pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation':
986 source => $::cinder::params::volume_service,
987 target => "${::cinder::params::scheduler_service}-clone",
989 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
990 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
994 pacemaker::resource::service { $::sahara::params::api_service_name :
995 clone_params => 'interleave=true',
996 require => Pacemaker::Resource::Ocf['openstack-core'],
998 pacemaker::resource::service { $::sahara::params::engine_service_name :
999 clone_params => 'interleave=true',
1001 pacemaker::constraint::base { 'keystone-then-sahara-api-constraint':
1002 constraint_type => 'order',
1003 first_resource => 'openstack-core-clone',
1004 second_resource => "${::sahara::params::api_service_name}-clone",
1005 first_action => 'start',
1006 second_action => 'start',
1007 require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
1008 Pacemaker::Resource::Ocf['openstack-core']],
1010 pacemaker::constraint::base { 'sahara-api-then-sahara-engine-constraint':
1011 constraint_type => 'order',
1012 first_resource => "${::sahara::params::api_service_name}-clone",
1013 second_resource => "${::sahara::params::engine_service_name}-clone",
1014 first_action => 'start',
1015 second_action => 'start',
1016 require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
1017 Pacemaker::Resource::Service[$::sahara::params::engine_service_name]],
1020 if hiera('neutron::enable_ovs_agent', true) {
1021 pacemaker::resource::service { $::neutron::params::ovs_agent_service:
1022 clone_params => 'interleave=true',
1025 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
1026 pacemaker::resource::service {'tomcat':
1027 clone_params => 'interleave=true',
1030 if hiera('neutron::enable_ovs_agent', true) {
1031 pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service:
1032 ocf_agent_name => 'neutron:OVSCleanup',
1033 clone_params => 'interleave=true',
1035 pacemaker::resource::ocf { 'neutron-netns-cleanup':
1036 ocf_agent_name => 'neutron:NetnsCleanup',
1037 clone_params => 'interleave=true',
1040 # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent
1041 pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint':
1042 constraint_type => 'order',
1043 first_resource => "${::neutron::params::ovs_cleanup_service}-clone",
1044 second_resource => 'neutron-netns-cleanup-clone',
1045 first_action => 'start',
1046 second_action => 'start',
1047 require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
1048 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1050 pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation':
1051 source => 'neutron-netns-cleanup-clone',
1052 target => "${::neutron::params::ovs_cleanup_service}-clone",
1053 score => 'INFINITY',
1054 require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
1055 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1057 pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint':
1058 constraint_type => 'order',
1059 first_resource => 'neutron-netns-cleanup-clone',
1060 second_resource => "${::neutron::params::ovs_agent_service}-clone",
1061 first_action => 'start',
1062 second_action => 'start',
1063 require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
1064 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1066 pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation':
1067 source => "${::neutron::params::ovs_agent_service}-clone",
1068 target => 'neutron-netns-cleanup-clone',
1069 score => 'INFINITY',
1070 require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
1071 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1074 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
1075 #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat
1076 pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint':
1077 constraint_type => 'order',
1078 first_resource => "${::neutron::params::server_service}-clone",
1079 second_resource => "${::neutron::params::dhcp_agent_service}-clone",
1080 first_action => 'start',
1081 second_action => 'start',
1082 require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
1083 Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
1085 pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint':
1086 constraint_type => 'order',
1087 first_resource => "${::neutron::params::dhcp_agent_service}-clone",
1088 second_resource => "${::neutron::params::metadata_agent_service}-clone",
1089 first_action => 'start',
1090 second_action => 'start',
1091 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1092 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
1094 pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint':
1095 constraint_type => 'order',
1096 first_resource => "${::neutron::params::metadata_agent_service}-clone",
1097 second_resource => 'tomcat-clone',
1098 first_action => 'start',
1099 second_action => 'start',
1100 require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service],
1101 Pacemaker::Resource::Service['tomcat']],
1103 pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation':
1104 source => "${::neutron::params::metadata_agent_service}-clone",
1105 target => "${::neutron::params::dhcp_agent_service}-clone",
1106 score => 'INFINITY',
1107 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1108 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
1113 pacemaker::resource::service { $::nova::params::api_service_name :
1114 clone_params => 'interleave=true',
1116 pacemaker::resource::service { $::nova::params::conductor_service_name :
1117 clone_params => 'interleave=true',
1119 pacemaker::resource::service { $::nova::params::consoleauth_service_name :
1120 clone_params => 'interleave=true',
1121 require => Pacemaker::Resource::Ocf['openstack-core'],
1123 pacemaker::resource::service { $::nova::params::vncproxy_service_name :
1124 clone_params => 'interleave=true',
1126 pacemaker::resource::service { $::nova::params::scheduler_service_name :
1127 clone_params => 'interleave=true',
1130 pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':
1131 constraint_type => 'order',
1132 first_resource => 'openstack-core-clone',
1133 second_resource => "${::nova::params::consoleauth_service_name}-clone",
1134 first_action => 'start',
1135 second_action => 'start',
1136 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1137 Pacemaker::Resource::Ocf['openstack-core']],
1139 pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint':
1140 constraint_type => 'order',
1141 first_resource => "${::nova::params::consoleauth_service_name}-clone",
1142 second_resource => "${::nova::params::vncproxy_service_name}-clone",
1143 first_action => 'start',
1144 second_action => 'start',
1145 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1146 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1148 pacemaker::constraint::colocation { 'nova-vncproxy-with-nova-consoleauth-colocation':
1149 source => "${::nova::params::vncproxy_service_name}-clone",
1150 target => "${::nova::params::consoleauth_service_name}-clone",
1151 score => 'INFINITY',
1152 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1153 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1155 pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint':
1156 constraint_type => 'order',
1157 first_resource => "${::nova::params::vncproxy_service_name}-clone",
1158 second_resource => "${::nova::params::api_service_name}-clone",
1159 first_action => 'start',
1160 second_action => 'start',
1161 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1162 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1164 pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation':
1165 source => "${::nova::params::api_service_name}-clone",
1166 target => "${::nova::params::vncproxy_service_name}-clone",
1167 score => 'INFINITY',
1168 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1169 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1171 pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint':
1172 constraint_type => 'order',
1173 first_resource => "${::nova::params::api_service_name}-clone",
1174 second_resource => "${::nova::params::scheduler_service_name}-clone",
1175 first_action => 'start',
1176 second_action => 'start',
1177 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1178 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1180 pacemaker::constraint::colocation { 'nova-scheduler-with-nova-api-colocation':
1181 source => "${::nova::params::scheduler_service_name}-clone",
1182 target => "${::nova::params::api_service_name}-clone",
1183 score => 'INFINITY',
1184 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1185 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1187 pacemaker::constraint::base { 'nova-scheduler-then-nova-conductor-constraint':
1188 constraint_type => 'order',
1189 first_resource => "${::nova::params::scheduler_service_name}-clone",
1190 second_resource => "${::nova::params::conductor_service_name}-clone",
1191 first_action => 'start',
1192 second_action => 'start',
1193 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1194 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1196 pacemaker::constraint::colocation { 'nova-conductor-with-nova-scheduler-colocation':
1197 source => "${::nova::params::conductor_service_name}-clone",
1198 target => "${::nova::params::scheduler_service_name}-clone",
1199 score => 'INFINITY',
1200 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1201 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1204 # Ceilometer and Aodh
1205 case downcase(hiera('ceilometer_backend')) {
1207 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
1208 clone_params => 'interleave=true',
1209 require => Pacemaker::Resource::Ocf['openstack-core'],
1213 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
1214 clone_params => 'interleave=true',
1215 require => [Pacemaker::Resource::Ocf['openstack-core'],
1216 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1220 pacemaker::resource::service { $::ceilometer::params::collector_service_name :
1221 clone_params => 'interleave=true',
1223 pacemaker::resource::service { $::ceilometer::params::api_service_name :
1224 clone_params => 'interleave=true',
1226 pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
1227 clone_params => 'interleave=true',
1229 # Fedora doesn't know `require-all` parameter for constraints yet
1230 if $::operatingsystem == 'Fedora' {
1231 $redis_ceilometer_constraint_params = undef
1232 $redis_aodh_constraint_params = undef
1234 $redis_ceilometer_constraint_params = 'require-all=false'
1235 $redis_aodh_constraint_params = 'require-all=false'
1237 pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint':
1238 constraint_type => 'order',
1239 first_resource => 'redis-master',
1240 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1241 first_action => 'promote',
1242 second_action => 'start',
1243 constraint_params => $redis_ceilometer_constraint_params,
1244 require => [Pacemaker::Resource::Ocf['redis'],
1245 Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]],
1247 pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint':
1248 constraint_type => 'order',
1249 first_resource => 'redis-master',
1250 second_resource => "${::aodh::params::evaluator_service_name}-clone",
1251 first_action => 'promote',
1252 second_action => 'start',
1253 constraint_params => $redis_aodh_constraint_params,
1254 require => [Pacemaker::Resource::Ocf['redis'],
1255 Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]],
1257 pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
1258 constraint_type => 'order',
1259 first_resource => 'openstack-core-clone',
1260 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1261 first_action => 'start',
1262 second_action => 'start',
1263 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1264 Pacemaker::Resource::Ocf['openstack-core']],
1266 pacemaker::constraint::base { 'keystone-then-ceilometer-notification-constraint':
1267 constraint_type => 'order',
1268 first_resource => 'openstack-core-clone',
1269 second_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
1270 first_action => 'start',
1271 second_action => 'start',
1272 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1273 Pacemaker::Resource::Ocf['openstack-core']],
1275 pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
1276 constraint_type => 'order',
1277 first_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1278 second_resource => "${::ceilometer::params::collector_service_name}-clone",
1279 first_action => 'start',
1280 second_action => 'start',
1281 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1282 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1284 pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
1285 constraint_type => 'order',
1286 first_resource => "${::ceilometer::params::collector_service_name}-clone",
1287 second_resource => "${::ceilometer::params::api_service_name}-clone",
1288 first_action => 'start',
1289 second_action => 'start',
1290 require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
1291 Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
1293 pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
1294 source => "${::ceilometer::params::api_service_name}-clone",
1295 target => "${::ceilometer::params::collector_service_name}-clone",
1296 score => 'INFINITY',
1297 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1298 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1301 pacemaker::resource::service { $::aodh::params::evaluator_service_name :
1302 clone_params => 'interleave=true',
1304 pacemaker::resource::service { $::aodh::params::notifier_service_name :
1305 clone_params => 'interleave=true',
1307 pacemaker::resource::service { $::aodh::params::listener_service_name :
1308 clone_params => 'interleave=true',
1310 pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint':
1311 constraint_type => 'order',
1312 first_resource => "${::aodh::params::evaluator_service_name}-clone",
1313 second_resource => "${::aodh::params::notifier_service_name}-clone",
1314 first_action => 'start',
1315 second_action => 'start',
1316 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1317 Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
1319 pacemaker::constraint::colocation { 'aodh-notifier-with-aodh-evaluator-colocation':
1320 source => "${::aodh::params::notifier_service_name}-clone",
1321 target => "${::aodh::params::evaluator_service_name}-clone",
1322 score => 'INFINITY',
1323 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1324 Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
1326 pacemaker::constraint::base { 'aodh-evaluator-then-aodh-listener-constraint':
1327 constraint_type => 'order',
1328 first_resource => "${::aodh::params::evaluator_service_name}-clone",
1329 second_resource => "${::aodh::params::listener_service_name}-clone",
1330 first_action => 'start',
1331 second_action => 'start',
1332 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1333 Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
1335 pacemaker::constraint::colocation { 'aodh-listener-with-aodh-evaluator-colocation':
1336 source => "${::aodh::params::listener_service_name}-clone",
1337 target => "${::aodh::params::evaluator_service_name}-clone",
1338 score => 'INFINITY',
1339 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1340 Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
1342 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
1343 pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint':
1344 constraint_type => 'order',
1345 first_resource => "${::mongodb::params::service_name}-clone",
1346 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1347 first_action => 'start',
1348 second_action => 'start',
1349 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1350 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1355 pacemaker::resource::service { $::gnocchi::params::metricd_service_name :
1356 clone_params => 'interleave=true',
1358 pacemaker::resource::service { $::gnocchi::params::statsd_service_name :
1359 clone_params => 'interleave=true',
1361 pacemaker::constraint::base { 'gnocchi-metricd-then-gnocchi-statsd-constraint':
1362 constraint_type => 'order',
1363 first_resource => "${::gnocchi::params::metricd_service_name}-clone",
1364 second_resource => "${::gnocchi::params::statsd_service_name}-clone",
1365 first_action => 'start',
1366 second_action => 'start',
1367 require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
1368 Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
1370 pacemaker::constraint::colocation { 'gnocchi-statsd-with-metricd-colocation':
1371 source => "${::gnocchi::params::statsd_service_name}-clone",
1372 target => "${::gnocchi::params::metricd_service_name}-clone",
1373 score => 'INFINITY',
1374 require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
1375 Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
1378 # Horizon and Keystone
1379 pacemaker::resource::service { $::apache::params::service_name:
1380 clone_params => 'interleave=true',
1381 verify_on_create => true,
1382 require => [File['/etc/keystone/ssl/certs/ca.pem'],
1383 File['/etc/keystone/ssl/private/signing_key.pem'],
1384 File['/etc/keystone/ssl/certs/signing_cert.pem']],
1388 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
1389 pacemaker::resource::ocf { 'vsm-p' :
1390 ocf_agent_name => 'heartbeat:VirtualDomain',
1391 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_primary_deploy.xml',
1392 require => Class['n1k_vsm'],
1393 meta_params => 'resource-stickiness=INFINITY',
1395 if str2bool(hiera('n1k_vsm::pacemaker_control', true)) {
1396 pacemaker::resource::ocf { 'vsm-s' :
1397 ocf_agent_name => 'heartbeat:VirtualDomain',
1398 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_secondary_deploy.xml',
1399 require => Class['n1k_vsm'],
1400 meta_params => 'resource-stickiness=INFINITY',
1402 pacemaker::constraint::colocation { 'vsm-colocation-contraint':
1405 score => '-INFINITY',
1406 require => [Pacemaker::Resource::Ocf['vsm-p'],
1407 Pacemaker::Resource::Ocf['vsm-s']],
1416 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
1417 package_manifest{$package_manifest_name: ensure => present}
Code Review / apex-tripleo-heat-templates.git / blob