1 # Copyright 2015 Red Hat, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
21 # TODO(jistr): use pcs resource provider instead of just no-ops
23 tag == 'aodh-service' or
24 tag == 'cinder-service' or
25 tag == 'ceilometer-service' or
26 tag == 'gnocchi-service' or
27 tag == 'heat-service' or
28 tag == 'neutron-service' or
29 tag == 'nova-service' or
30 tag == 'sahara-service'
33 restart => '/bin/true',
38 include ::tripleo::packages
39 include ::tripleo::firewall
41 if $::hostname == downcase(hiera('bootstrap_nodeid')) {
42 $pacemaker_master = true
45 $pacemaker_master = false
49 $enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 5
50 $enable_load_balancer = hiera('enable_load_balancer', true)
52 # When to start and enable services which haven't been Pacemakerized
53 # FIXME: remove when we start all OpenStack services using Pacemaker
54 # (occurrences of this variable will be gradually replaced with false)
55 $non_pcmk_start = hiera('step') >= 5
57 if hiera('step') >= 1 {
59 create_resources(kmod::load, hiera('kernel_modules'), {})
60 create_resources(sysctl::value, hiera('sysctl_settings'), {})
61 Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
65 if count(hiera('ntp::servers')) > 0 {
69 $controller_node_ips = split(hiera('controller_node_ips'), ',')
70 $controller_node_names = split(downcase(hiera('controller_node_names')), ',')
71 if $enable_load_balancer {
72 class { '::tripleo::loadbalancer' :
73 controller_hosts => $controller_node_ips,
74 controller_hosts_names => $controller_node_names,
76 mysql_clustercheck => true,
77 haproxy_service_manage => false,
81 $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G'))
82 $corosync_ipv6 = str2bool(hiera('corosync_ipv6', false))
84 $cluster_setup_extras = { '--token' => hiera('corosync_token_timeout', 1000), '--ipv6' => '' }
86 $cluster_setup_extras = { '--token' => hiera('corosync_token_timeout', 1000) }
88 class { '::pacemaker':
89 hacluster_pwd => hiera('hacluster_pwd'),
91 class { '::pacemaker::corosync':
92 cluster_members => $pacemaker_cluster_members,
93 setup_cluster => $pacemaker_master,
94 cluster_setup_extras => $cluster_setup_extras,
96 class { '::pacemaker::stonith':
97 disable => !$enable_fencing,
100 include ::tripleo::fencing
102 # enable stonith after all Pacemaker resources have been created
103 Pcmk_resource<||> -> Class['tripleo::fencing']
104 Pcmk_constraint<||> -> Class['tripleo::fencing']
105 Exec <| tag == 'pacemaker_constraint' |> -> Class['tripleo::fencing']
106 # enable stonith after all fencing devices have been created
107 Class['tripleo::fencing'] -> Class['pacemaker::stonith']
110 # FIXME(gfidente): sets 200secs as default start timeout op
111 # param; until we can use pcmk global defaults we'll still
112 # need to add it to every resource which redefines op params
113 Pacemaker::Resource::Service {
114 op_params => 'start timeout=200s stop timeout=200s',
117 # Only configure RabbitMQ in this step, don't start it yet to
118 # avoid races where non-master nodes attempt to start without
119 # config (eg. binding on 0.0.0.0)
120 # The module ignores erlang_cookie if cluster_config is false
121 $rabbit_ipv6 = str2bool(hiera('rabbit_ipv6', false))
123 $rabbit_env = merge(hiera('rabbitmq_environment'), {
124 'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"'
127 $rabbit_env = hiera('rabbitmq_environment')
130 class { '::rabbitmq':
131 service_manage => false,
132 tcp_keepalive => false,
133 config_kernel_variables => hiera('rabbitmq_kernel_variables'),
134 config_variables => hiera('rabbitmq_config_variables'),
135 environment_variables => $rabbit_env,
137 file { '/var/lib/rabbitmq/.erlang.cookie':
142 content => hiera('rabbitmq::erlang_cookie'),
146 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
147 include ::mongodb::globals
148 include ::mongodb::client
149 class { '::mongodb::server' :
150 service_manage => false,
155 class {'::memcached' :
156 service_manage => false,
161 service_manage => false,
162 notify_service => false,
166 if str2bool(hiera('enable_galera', true)) {
167 $mysql_config_file = '/etc/my.cnf.d/galera.cnf'
169 $mysql_config_file = '/etc/my.cnf.d/server.cnf'
171 $galera_nodes = downcase(hiera('galera_node_names', $::hostname))
172 $galera_nodes_count = count(split($galera_nodes, ','))
174 # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we
175 # set bind-address to a hostname instead of an ip address; to move Mysql
176 # from internal_api on another network we'll have to customize both
177 # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap
178 $mysql_bind_host = hiera('mysql_bind_host')
181 'skip-name-resolve' => '1',
182 'binlog_format' => 'ROW',
183 'default-storage-engine' => 'innodb',
184 'innodb_autoinc_lock_mode' => '2',
185 'innodb_locks_unsafe_for_binlog'=> '1',
186 'query_cache_size' => '0',
187 'query_cache_type' => '0',
188 'bind-address' => $::hostname,
189 'max_connections' => hiera('mysql_max_connections'),
190 'open_files_limit' => '-1',
192 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so',
193 'wsrep_cluster_name' => 'galera_cluster',
194 'wsrep_cluster_address' => "gcomm://${galera_nodes}",
195 'wsrep_slave_threads' => '1',
196 'wsrep_certify_nonPK' => '1',
197 'wsrep_max_ws_rows' => '131072',
198 'wsrep_max_ws_size' => '1073741824',
199 'wsrep_debug' => '0',
200 'wsrep_convert_LOCK_to_trx' => '0',
201 'wsrep_retry_autocommit' => '1',
202 'wsrep_auto_increment_control' => '1',
203 'wsrep_drupal_282555_workaround'=> '0',
204 'wsrep_causal_reads' => '0',
205 'wsrep_sst_method' => 'rsync',
206 'wsrep_provider_options' => "gmcast.listen_addr=tcp://[${mysql_bind_host}]:4567;",
210 class { '::mysql::server':
211 create_root_user => false,
212 create_root_my_cnf => false,
213 config_file => $mysql_config_file,
214 override_options => $mysqld_options,
215 remove_default_accounts => $pacemaker_master,
216 service_manage => false,
217 service_enabled => false,
222 if hiera('step') >= 2 {
224 # NOTE(gfidente): the following vars are needed on all nodes so they
225 # need to stay out of pacemaker_master conditional.
226 # The addresses mangling will hopefully go away when we'll be able to
227 # configure the connection string via hostnames, until then, we need to pass
228 # the list of IPv6 addresses *with* port and without the brackets as 'members'
229 # argument for the 'mongodb_replset' resource.
230 if str2bool(hiera('mongodb::server::ipv6', false)) {
231 $mongo_node_ips_with_port_prefixed = prefix(hiera('mongo_node_ips'), '[')
232 $mongo_node_ips_with_port = suffix($mongo_node_ips_with_port_prefixed, ']:27017')
233 $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
235 $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
236 $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
238 $mongodb_replset = hiera('mongodb::server::replset')
240 if $pacemaker_master {
242 if $enable_load_balancer {
244 include ::pacemaker::resource_defaults
246 # Create an openstack-core dummy resource. See RHBZ 1290121
247 pacemaker::resource::ocf { 'openstack-core':
248 ocf_agent_name => 'heartbeat:Dummy',
249 clone_params => true,
251 # FIXME: we should not have to access tripleo::loadbalancer class
252 # parameters here to configure pacemaker VIPs. The configuration
253 # of pacemaker VIPs could move into puppet-tripleo or we should
254 # make use of less specific hiera parameters here for the settings.
255 pacemaker::resource::service { 'haproxy':
256 clone_params => true,
259 $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip')
260 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_control_vip':
261 vip_name => 'control',
262 ip_address => $control_vip,
265 $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip')
266 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_public_vip':
267 ensure => $public_vip and $public_vip != $control_vip,
268 vip_name => 'public',
269 ip_address => $public_vip,
272 $redis_vip = hiera('redis_vip')
273 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_redis_vip':
274 ensure => $redis_vip and $redis_vip != $control_vip,
276 ip_address => $redis_vip,
280 $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip')
281 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_internal_api_vip':
282 ensure => $internal_api_vip and $internal_api_vip != $control_vip,
283 vip_name => 'internal_api',
284 ip_address => $internal_api_vip,
287 $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip')
288 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_vip':
289 ensure => $storage_vip and $storage_vip != $control_vip,
290 vip_name => 'storage',
291 ip_address => $storage_vip,
294 $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip')
295 tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_mgmt_vip':
296 ensure => $storage_mgmt_vip and $storage_mgmt_vip != $control_vip,
297 vip_name => 'storage_mgmt',
298 ip_address => $storage_mgmt_vip,
302 pacemaker::resource::service { $::memcached::params::service_name :
303 clone_params => 'interleave=true',
304 require => Class['::memcached'],
307 pacemaker::resource::ocf { 'rabbitmq':
308 ocf_agent_name => 'heartbeat:rabbitmq-cluster',
309 resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'',
310 clone_params => 'ordered=true interleave=true',
311 meta_params => 'notify=true',
312 require => Class['::rabbitmq'],
315 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
316 pacemaker::resource::service { $::mongodb::params::service_name :
317 op_params => 'start timeout=370s stop timeout=200s',
318 clone_params => true,
319 require => Class['::mongodb::server'],
321 # NOTE (spredzy) : The replset can only be run
322 # once all the nodes have joined the cluster.
323 mongodb_conn_validator { $mongo_node_ips_with_port :
325 require => Pacemaker::Resource::Service[$::mongodb::params::service_name],
326 before => Mongodb_replset[$mongodb_replset],
328 mongodb_replset { $mongodb_replset :
329 members => $mongo_node_ips_with_port_nobr,
333 pacemaker::resource::ocf { 'galera' :
334 ocf_agent_name => 'heartbeat:galera',
335 op_params => 'promote timeout=300s on-fail=block',
337 meta_params => "master-max=${galera_nodes_count} ordered=true",
338 resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'",
339 require => Class['::mysql::server'],
340 before => Exec['galera-ready'],
343 pacemaker::resource::ocf { 'redis':
344 ocf_agent_name => 'heartbeat:redis',
346 meta_params => 'notify=true ordered=true interleave=true',
347 resource_params => 'wait_last_known_master=true',
348 require => Class['::redis'],
353 exec { 'galera-ready' :
354 command => '/usr/bin/clustercheck >/dev/null',
358 environment => ['AVAILABLE_WHEN_READONLY=0'],
359 require => File['/etc/sysconfig/clustercheck'],
362 file { '/etc/sysconfig/clustercheck' :
364 content => "MYSQL_USERNAME=root\n
366 MYSQL_HOST=localhost\n",
369 xinetd::service { 'galera-monitor' :
371 server => '/usr/bin/clustercheck',
372 per_source => 'UNLIMITED',
373 log_on_success => '',
374 log_on_failure => 'HOST',
376 service_type => 'UNLISTED',
379 require => File['/etc/sysconfig/clustercheck'],
382 # Create all the database schemas
384 class { '::nova::db::mysql':
385 require => Exec['galera-ready'],
387 class { '::nova::db::mysql_api':
388 require => Exec['galera-ready'],
390 class { '::neutron::db::mysql':
391 require => Exec['galera-ready'],
393 class { '::cinder::db::mysql':
394 require => Exec['galera-ready'],
396 class { '::heat::db::mysql':
397 require => Exec['galera-ready'],
400 if downcase(hiera('ceilometer_backend')) == 'mysql' {
401 class { '::ceilometer::db::mysql':
402 require => Exec['galera-ready'],
406 if downcase(hiera('gnocchi_indexer_backend')) == 'mysql' {
407 class { '::gnocchi::db::mysql':
408 require => Exec['galera-ready'],
411 class { '::sahara::db::mysql':
412 require => Exec['galera-ready'],
416 # pre-install swift here so we can build rings
420 $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
423 $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
424 if str2bool(hiera('ceph_ipv6', false)) {
425 $mon_host = hiera('ceph_mon_host_v6')
427 $mon_host = hiera('ceph_mon_host')
429 class { '::ceph::profile::params':
430 mon_initial_members => $mon_initial_members,
431 mon_host => $mon_host,
434 include ::ceph::profile::mon
437 if str2bool(hiera('enable_ceph_storage', false)) {
438 if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
439 exec { 'set selinux to permissive on boot':
440 command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
441 onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
442 path => ['/usr/bin', '/usr/sbin'],
445 exec { 'set selinux to permissive':
446 command => 'setenforce 0',
447 onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
448 path => ['/usr/bin', '/usr/sbin'],
449 } -> Class['ceph::profile::osd']
453 include ::ceph::profile::osd
456 if str2bool(hiera('enable_external_ceph', false)) {
457 if str2bool(hiera('ceph_ipv6', false)) {
458 $mon_host = hiera('ceph_mon_host_v6')
460 $mon_host = hiera('ceph_mon_host')
462 class { '::ceph::profile::params':
463 mon_host => $mon_host,
466 include ::ceph::profile::client
472 if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) {
474 $nova_ipv6 = hiera('nova::use_ipv6', false)
476 $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211')
478 $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211')
482 memcached_servers => $memcached_servers
485 include ::nova::config
487 class { '::nova::api' :
489 sync_db_api => $sync_db,
490 manage_service => false,
493 class { '::nova::cert' :
494 manage_service => false,
497 class { '::nova::conductor' :
498 manage_service => false,
501 class { '::nova::consoleauth' :
502 manage_service => false,
505 class { '::nova::vncproxy' :
506 manage_service => false,
509 include ::nova::scheduler::filter
510 class { '::nova::scheduler' :
511 manage_service => false,
514 include ::nova::network::neutron
516 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
518 # TODO(devvesa) provide non-controller ips for these services
519 $zookeeper_node_ips = hiera('neutron_api_node_ips')
520 $cassandra_node_ips = hiera('neutron_api_node_ips')
522 # Run zookeeper in the controller if configured
523 if hiera('enable_zookeeper_on_controller') {
524 class {'::tripleo::cluster::zookeeper':
525 zookeeper_server_ips => $zookeeper_node_ips,
526 # TODO: create a 'bind' hiera key for zookeeper
527 zookeeper_client_ip => hiera('neutron::bind_host'),
528 zookeeper_hostnames => split(hiera('controller_node_names'), ',')
532 # Run cassandra in the controller if configured
533 if hiera('enable_cassandra_on_controller') {
534 class {'::tripleo::cluster::cassandra':
535 cassandra_servers => $cassandra_node_ips,
536 # TODO: create a 'bind' hiera key for cassandra
537 cassandra_ip => hiera('neutron::bind_host'),
541 class {'::tripleo::network::midonet::agent':
542 zookeeper_servers => $zookeeper_node_ips,
543 cassandra_seeds => $cassandra_node_ips
546 class {'::tripleo::network::midonet::api':
547 zookeeper_servers => $zookeeper_node_ips,
548 vip => hiera('tripleo::loadbalancer::public_virtual_ip'),
549 keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
550 keystone_admin_token => hiera('keystone::admin_token'),
551 # TODO: create a 'bind' hiera key for api
552 bind_address => hiera('neutron::bind_host'),
553 admin_password => hiera('admin_password')
558 service_plugins => []
563 # Neutron class definitions
567 include ::neutron::config
568 class { '::neutron::server' :
570 manage_service => false,
573 include ::neutron::server::notifications
574 if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
575 include ::neutron::plugins::nuage
577 if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
578 include ::neutron::plugins::opencontrail
580 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
581 class {'::neutron::plugins::midonet':
582 midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
583 keystone_tenant => hiera('neutron::server::auth_tenant'),
584 keystone_password => hiera('neutron::server::auth_password')
587 if hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
588 class { '::neutron::plugins::plumgrid' :
589 connection => hiera('neutron::server::database_connection'),
590 controller_priv_host => hiera('keystone_admin_api_vip'),
591 admin_password => hiera('admin_password'),
592 metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'),
595 if hiera('neutron::enable_dhcp_agent',true) {
596 class { '::neutron::agents::dhcp' :
597 manage_service => false,
600 file { '/etc/neutron/dnsmasq-neutron.conf':
601 content => hiera('neutron_dnsmasq_options'),
604 notify => Service['neutron-dhcp-service'],
605 require => Package['neutron'],
608 if hiera('neutron::enable_l3_agent',true) {
609 class { '::neutron::agents::l3' :
610 manage_service => false,
614 if hiera('neutron::enable_metadata_agent',true) {
615 class { '::neutron::agents::metadata':
616 manage_service => false,
620 include ::neutron::plugins::ml2
621 class { '::neutron::agents::ml2::ovs':
622 manage_service => false,
626 if 'cisco_ucsm' in hiera('neutron::plugins::ml2::mechanism_drivers') {
627 include ::neutron::plugins::ml2::cisco::ucsm
629 if 'cisco_nexus' in hiera('neutron::plugins::ml2::mechanism_drivers') {
630 include ::neutron::plugins::ml2::cisco::nexus
631 include ::neutron::plugins::ml2::cisco::type_nexus_vxlan
633 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
634 include ::neutron::plugins::ml2::cisco::nexus1000v
636 class { '::neutron::agents::n1kv_vem':
637 n1kv_source => hiera('n1kv_vem_source', undef),
638 n1kv_version => hiera('n1kv_vem_version', undef),
642 n1kv_source => hiera('n1kv_vsm_source', undef),
643 n1kv_version => hiera('n1kv_vsm_version', undef),
647 if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') {
648 include ::neutron::plugins::ml2::bigswitch::restproxy
649 include ::neutron::agents::bigswitch
651 neutron_l3_agent_config {
652 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
654 neutron_dhcp_agent_config {
655 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
658 'DEFAULT/notification_driver': value => 'messaging';
662 include ::cinder::config
663 include ::tripleo::ssl::cinder_config
664 class { '::cinder::api':
666 manage_service => false,
669 class { '::cinder::scheduler' :
670 manage_service => false,
673 class { '::cinder::volume' :
674 manage_service => false,
677 include ::cinder::glance
678 include ::cinder::ceilometer
679 class { '::cinder::setup_test_volume':
680 size => join([hiera('cinder_lvm_loop_device_size'), 'M']),
683 $cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true)
684 if $cinder_enable_iscsi {
685 $cinder_iscsi_backend = 'tripleo_iscsi'
687 cinder::backend::iscsi { $cinder_iscsi_backend :
688 iscsi_ip_address => hiera('cinder_iscsi_ip_address'),
689 iscsi_helper => hiera('cinder_iscsi_helper'),
695 $ceph_pools = hiera('ceph_pools')
696 ceph::pool { $ceph_pools :
697 pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
698 pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
699 size => hiera('ceph::profile::params::osd_pool_default_size'),
702 $cinder_pool_requires = [Ceph::Pool[hiera('cinder_rbd_pool_name')]]
705 $cinder_pool_requires = []
708 if hiera('cinder_enable_rbd_backend', false) {
709 $cinder_rbd_backend = 'tripleo_ceph'
711 cinder::backend::rbd { $cinder_rbd_backend :
712 backend_host => hiera('cinder::host'),
713 rbd_pool => hiera('cinder_rbd_pool_name'),
714 rbd_user => hiera('ceph_client_user_name'),
715 rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
716 require => $cinder_pool_requires,
720 if hiera('cinder_enable_eqlx_backend', false) {
721 $cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name')
723 cinder::backend::eqlx { $cinder_eqlx_backend :
724 volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef),
725 san_ip => hiera('cinder::backend::eqlx::san_ip', undef),
726 san_login => hiera('cinder::backend::eqlx::san_login', undef),
727 san_password => hiera('cinder::backend::eqlx::san_password', undef),
728 san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef),
729 eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef),
730 eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef),
731 eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef),
732 eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef),
733 eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef),
737 if hiera('cinder_enable_dellsc_backend', false) {
738 $cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name')
740 cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend :
741 volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef),
742 san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef),
743 san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef),
744 san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef),
745 dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef),
746 iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef),
747 iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef),
748 dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef),
749 dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef),
750 dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef),
754 if hiera('cinder_enable_netapp_backend', false) {
755 $cinder_netapp_backend = hiera('cinder::backend::netapp::title')
757 if hiera('cinder::backend::netapp::nfs_shares', undef) {
758 $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',')
761 cinder::backend::netapp { $cinder_netapp_backend :
762 netapp_login => hiera('cinder::backend::netapp::netapp_login', undef),
763 netapp_password => hiera('cinder::backend::netapp::netapp_password', undef),
764 netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef),
765 netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef),
766 netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef),
767 netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef),
768 netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef),
769 netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef),
770 netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef),
771 netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef),
772 netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef),
773 netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef),
774 nfs_shares => $cinder_netapp_nfs_shares,
775 nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef),
776 netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef),
777 netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef),
778 netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef),
779 netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef),
780 netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef),
781 netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef),
785 if hiera('cinder_enable_nfs_backend', false) {
786 $cinder_nfs_backend = 'tripleo_nfs'
788 if str2bool($::selinux) {
789 selboolean { 'virt_use_nfs':
792 } -> Package['nfs-utils']
795 package { 'nfs-utils': } ->
796 cinder::backend::nfs { $cinder_nfs_backend:
797 nfs_servers => hiera('cinder_nfs_servers'),
798 nfs_mount_options => hiera('cinder_nfs_mount_options',''),
799 nfs_shares_config => '/etc/cinder/shares-nfs.conf',
803 $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_eqlx_backend, $cinder_dellsc_backend, $cinder_netapp_backend, $cinder_nfs_backend])
804 class { '::cinder::backends' :
805 enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')),
811 class { '::sahara::service::api':
812 manage_service => false,
815 class { '::sahara::service::engine':
816 manage_service => false,
821 class { '::swift::proxy' :
822 manage_service => $non_pcmk_start,
823 enabled => $non_pcmk_start,
825 include ::swift::proxy::proxy_logging
826 include ::swift::proxy::healthcheck
827 include ::swift::proxy::cache
828 include ::swift::proxy::keystone
829 include ::swift::proxy::authtoken
830 include ::swift::proxy::staticweb
831 include ::swift::proxy::ratelimit
832 include ::swift::proxy::catch_errors
833 include ::swift::proxy::tempurl
834 include ::swift::proxy::formpost
837 if str2bool(hiera('enable_swift_storage', true)) {
838 class {'::swift::storage::all':
839 mount_check => str2bool(hiera('swift_mount_check')),
841 class {'::swift::storage::account':
842 manage_service => $non_pcmk_start,
843 enabled => $non_pcmk_start,
845 class {'::swift::storage::container':
846 manage_service => $non_pcmk_start,
847 enabled => $non_pcmk_start,
849 class {'::swift::storage::object':
850 manage_service => $non_pcmk_start,
851 enabled => $non_pcmk_start,
853 if(!defined(File['/srv/node'])) {
858 require => Package['openstack-swift'],
861 $swift_components = ['account', 'container', 'object']
862 swift::storage::filter::recon { $swift_components : }
863 swift::storage::filter::healthcheck { $swift_components : }
867 case downcase(hiera('ceilometer_backend')) {
869 $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
872 $mongo_node_string = join($mongo_node_ips_with_port, ',')
873 $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
877 include ::ceilometer::config
878 class { '::ceilometer::api' :
879 manage_service => false,
882 class { '::ceilometer::agent::notification' :
883 manage_service => false,
886 class { '::ceilometer::agent::central' :
887 manage_service => false,
890 class { '::ceilometer::collector' :
891 manage_service => false,
894 include ::ceilometer::expirer
895 class { '::ceilometer::db' :
896 database_connection => $ceilometer_database_connection,
899 include ::ceilometer::agent::auth
900 include ::ceilometer::dispatcher::gnocchi
902 Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
905 include ::heat::config
908 notification_driver => 'messaging',
910 class { '::heat::api' :
911 manage_service => false,
914 class { '::heat::api_cfn' :
915 manage_service => false,
918 class { '::heat::api_cloudwatch' :
919 manage_service => false,
922 class { '::heat::engine' :
923 manage_service => false,
927 # httpd/apache and horizon
928 # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent
930 service_enable => false,
931 # service_manage => false, # <-- not supported with horizon&apache mod_wsgi?
933 include ::apache::mod::remoteip
934 include ::apache::mod::status
935 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
936 $_profile_support = 'cisco'
938 $_profile_support = 'None'
940 $neutron_options = {'profile_support' => $_profile_support }
942 $memcached_ipv6 = hiera('memcached_ipv6', false)
944 $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
946 $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
950 cache_server_ip => $horizon_memcached_servers,
951 neutron_options => $neutron_options,
956 database_connection => $ceilometer_database_connection,
958 include ::aodh::config
960 include ::aodh::client
961 include ::aodh::wsgi::apache
962 class { '::aodh::api':
963 manage_service => false,
965 service_name => 'httpd',
967 class { '::aodh::evaluator':
968 manage_service => false,
971 class { '::aodh::notifier':
972 manage_service => false,
975 class { '::aodh::listener':
976 manage_service => false,
981 $gnocchi_database_connection = hiera('gnocchi_mysql_conn_string')
982 include ::gnocchi::client
984 include ::gnocchi::db::sync
986 include ::gnocchi::storage
987 $gnocchi_backend = downcase(hiera('gnocchi_backend', 'swift'))
988 case $gnocchi_backend {
989 'swift': { include ::gnocchi::storage::swift }
990 'file': { include ::gnocchi::storage::file }
991 'rbd': { include ::gnocchi::storage::ceph }
992 default: { fail('Unrecognized gnocchi_backend parameter.') }
995 database_connection => $gnocchi_database_connection,
997 class { '::gnocchi::api' :
998 manage_service => false,
1000 service_name => 'httpd',
1002 class { '::gnocchi::wsgi::apache' :
1005 class { '::gnocchi::metricd' :
1006 manage_service => false,
1009 class { '::gnocchi::statsd' :
1010 manage_service => false,
1014 $snmpd_user = hiera('snmpd_readonly_user_name')
1015 snmp::snmpv3_user { $snmpd_user:
1017 authpass => hiera('snmpd_readonly_user_password'),
1020 agentaddress => ['udp:161','udp6:[::1]:161'],
1021 snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
1024 hiera_include('controller_classes')
1028 if hiera('step') >= 5 {
1029 $nova_enable_db_purge = hiera('nova_enable_db_purge', true)
1030 $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true)
1031 $heat_enable_db_purge = hiera('heat_enable_db_purge', true)
1033 if $nova_enable_db_purge {
1034 include ::nova::cron::archive_deleted_rows
1036 if $cinder_enable_db_purge {
1037 include ::cinder::cron::db_purge
1039 if $heat_enable_db_purge {
1040 include ::heat::cron::purge_deleted
1043 if $pacemaker_master {
1045 pacemaker::constraint::base { 'openstack-core-then-httpd-constraint':
1046 constraint_type => 'order',
1047 first_resource => 'openstack-core-clone',
1048 second_resource => "${::apache::params::service_name}-clone",
1049 first_action => 'start',
1050 second_action => 'start',
1051 require => [Pacemaker::Resource::Service[$::apache::params::service_name],
1052 Pacemaker::Resource::Ocf['openstack-core']],
1054 pacemaker::constraint::base { 'memcached-then-openstack-core-constraint':
1055 constraint_type => 'order',
1056 first_resource => 'memcached-clone',
1057 second_resource => 'openstack-core-clone',
1058 first_action => 'start',
1059 second_action => 'start',
1060 require => [Pacemaker::Resource::Service['memcached'],
1061 Pacemaker::Resource::Ocf['openstack-core']],
1063 pacemaker::constraint::base { 'galera-then-openstack-core-constraint':
1064 constraint_type => 'order',
1065 first_resource => 'galera-master',
1066 second_resource => 'openstack-core-clone',
1067 first_action => 'promote',
1068 second_action => 'start',
1069 require => [Pacemaker::Resource::Ocf['galera'],
1070 Pacemaker::Resource::Ocf['openstack-core']],
1074 pacemaker::resource::service { $::cinder::params::api_service :
1075 clone_params => 'interleave=true',
1076 require => Pacemaker::Resource::Ocf['openstack-core'],
1078 pacemaker::resource::service { $::cinder::params::scheduler_service :
1079 clone_params => 'interleave=true',
1081 pacemaker::resource::service { $::cinder::params::volume_service : }
1083 pacemaker::constraint::base { 'keystone-then-cinder-api-constraint':
1084 constraint_type => 'order',
1085 first_resource => 'openstack-core-clone',
1086 second_resource => "${::cinder::params::api_service}-clone",
1087 first_action => 'start',
1088 second_action => 'start',
1089 require => [Pacemaker::Resource::Ocf['openstack-core'],
1090 Pacemaker::Resource::Service[$::cinder::params::api_service]],
1092 pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint':
1093 constraint_type => 'order',
1094 first_resource => "${::cinder::params::api_service}-clone",
1095 second_resource => "${::cinder::params::scheduler_service}-clone",
1096 first_action => 'start',
1097 second_action => 'start',
1098 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
1099 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
1101 pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation':
1102 source => "${::cinder::params::scheduler_service}-clone",
1103 target => "${::cinder::params::api_service}-clone",
1104 score => 'INFINITY',
1105 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
1106 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
1108 pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint':
1109 constraint_type => 'order',
1110 first_resource => "${::cinder::params::scheduler_service}-clone",
1111 second_resource => $::cinder::params::volume_service,
1112 first_action => 'start',
1113 second_action => 'start',
1114 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
1115 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
1117 pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation':
1118 source => $::cinder::params::volume_service,
1119 target => "${::cinder::params::scheduler_service}-clone",
1120 score => 'INFINITY',
1121 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
1122 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
1126 pacemaker::resource::service { $::sahara::params::api_service_name :
1127 clone_params => 'interleave=true',
1128 require => Pacemaker::Resource::Ocf['openstack-core'],
1130 pacemaker::resource::service { $::sahara::params::engine_service_name :
1131 clone_params => 'interleave=true',
1133 pacemaker::constraint::base { 'keystone-then-sahara-api-constraint':
1134 constraint_type => 'order',
1135 first_resource => 'openstack-core-clone',
1136 second_resource => "${::sahara::params::api_service_name}-clone",
1137 first_action => 'start',
1138 second_action => 'start',
1139 require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
1140 Pacemaker::Resource::Ocf['openstack-core']],
1142 pacemaker::constraint::base { 'sahara-api-then-sahara-engine-constraint':
1143 constraint_type => 'order',
1144 first_resource => "${::sahara::params::api_service_name}-clone",
1145 second_resource => "${::sahara::params::engine_service_name}-clone",
1146 first_action => 'start',
1147 second_action => 'start',
1148 require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
1149 Pacemaker::Resource::Service[$::sahara::params::engine_service_name]],
1152 if hiera('step') == 5 {
1154 # NOTE(gfidente): Neutron will try to populate the database with some data
1155 # as soon as neutron-server is started; to avoid races we want to make this
1156 # happen only on one node, before normal Pacemaker initialization
1157 # https://bugzilla.redhat.com/show_bug.cgi?id=1233061
1158 # NOTE(emilien): we need to run this Exec only at Step 4 otherwise this exec
1159 # will try to start the service while it's already started by Pacemaker
1160 # It would result to a deployment failure since systemd would return 1 to Puppet
1161 # and the overcloud would fail to deploy (6 would be returned).
1162 # This conditional prevents from a race condition during the deployment.
1163 # https://bugzilla.redhat.com/show_bug.cgi?id=1290582
1164 exec { 'neutron-server-systemd-start-sleep' :
1165 command => 'systemctl start neutron-server && /usr/bin/sleep 5',
1167 unless => '/sbin/pcs resource show neutron-server',
1169 pacemaker::resource::service { $::neutron::params::server_service:
1170 clone_params => 'interleave=true',
1171 require => Pacemaker::Resource::Ocf['openstack-core']
1174 pacemaker::resource::service { $::neutron::params::server_service:
1175 clone_params => 'interleave=true',
1176 require => Pacemaker::Resource::Ocf['openstack-core']
1179 if hiera('neutron::enable_l3_agent', true) {
1180 pacemaker::resource::service { $::neutron::params::l3_agent_service:
1181 clone_params => 'interleave=true',
1184 if hiera('neutron::enable_dhcp_agent', true) {
1185 pacemaker::resource::service { $::neutron::params::dhcp_agent_service:
1186 clone_params => 'interleave=true',
1189 if hiera('neutron::enable_ovs_agent', true) {
1190 pacemaker::resource::service { $::neutron::params::ovs_agent_service:
1191 clone_params => 'interleave=true',
1194 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
1195 pacemaker::resource::service {'tomcat':
1196 clone_params => 'interleave=true',
1199 if hiera('neutron::enable_metadata_agent', true) {
1200 pacemaker::resource::service { $::neutron::params::metadata_agent_service:
1201 clone_params => 'interleave=true',
1204 if hiera('neutron::enable_ovs_agent', true) {
1205 pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service:
1206 ocf_agent_name => 'neutron:OVSCleanup',
1207 clone_params => 'interleave=true',
1209 pacemaker::resource::ocf { 'neutron-netns-cleanup':
1210 ocf_agent_name => 'neutron:NetnsCleanup',
1211 clone_params => 'interleave=true',
1214 # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent
1215 pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint':
1216 constraint_type => 'order',
1217 first_resource => "${::neutron::params::ovs_cleanup_service}-clone",
1218 second_resource => 'neutron-netns-cleanup-clone',
1219 first_action => 'start',
1220 second_action => 'start',
1221 require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
1222 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1224 pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation':
1225 source => 'neutron-netns-cleanup-clone',
1226 target => "${::neutron::params::ovs_cleanup_service}-clone",
1227 score => 'INFINITY',
1228 require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
1229 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1231 pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint':
1232 constraint_type => 'order',
1233 first_resource => 'neutron-netns-cleanup-clone',
1234 second_resource => "${::neutron::params::ovs_agent_service}-clone",
1235 first_action => 'start',
1236 second_action => 'start',
1237 require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
1238 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1240 pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation':
1241 source => "${::neutron::params::ovs_agent_service}-clone",
1242 target => 'neutron-netns-cleanup-clone',
1243 score => 'INFINITY',
1244 require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
1245 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1248 pacemaker::constraint::base { 'keystone-to-neutron-server-constraint':
1249 constraint_type => 'order',
1250 first_resource => 'openstack-core-clone',
1251 second_resource => "${::neutron::params::server_service}-clone",
1252 first_action => 'start',
1253 second_action => 'start',
1254 require => [Pacemaker::Resource::Ocf['openstack-core'],
1255 Pacemaker::Resource::Service[$::neutron::params::server_service]],
1257 if hiera('neutron::enable_ovs_agent',true) {
1258 pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint':
1259 constraint_type => 'order',
1260 first_resource => "${::neutron::params::ovs_agent_service}-clone",
1261 second_resource => "${::neutron::params::dhcp_agent_service}-clone",
1262 first_action => 'start',
1263 second_action => 'start',
1264 require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
1265 Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
1268 if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) {
1269 pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint':
1270 constraint_type => 'order',
1271 first_resource => "${::neutron::params::server_service}-clone",
1272 second_resource => "${::neutron::params::ovs_agent_service}-clone",
1273 first_action => 'start',
1274 second_action => 'start',
1275 require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
1276 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1279 pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation':
1280 source => "${::neutron::params::dhcp_agent_service}-clone",
1281 target => "${::neutron::params::ovs_agent_service}-clone",
1282 score => 'INFINITY',
1283 require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
1284 Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
1287 if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_l3_agent',true) {
1288 pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint':
1289 constraint_type => 'order',
1290 first_resource => "${::neutron::params::dhcp_agent_service}-clone",
1291 second_resource => "${::neutron::params::l3_agent_service}-clone",
1292 first_action => 'start',
1293 second_action => 'start',
1294 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1295 Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
1297 pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation':
1298 source => "${::neutron::params::l3_agent_service}-clone",
1299 target => "${::neutron::params::dhcp_agent_service}-clone",
1300 score => 'INFINITY',
1301 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1302 Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
1305 if hiera('neutron::enable_l3_agent',true) and hiera('neutron::enable_metadata_agent',true) {
1306 pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint':
1307 constraint_type => 'order',
1308 first_resource => "${::neutron::params::l3_agent_service}-clone",
1309 second_resource => "${::neutron::params::metadata_agent_service}-clone",
1310 first_action => 'start',
1311 second_action => 'start',
1312 require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
1313 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
1315 pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation':
1316 source => "${::neutron::params::metadata_agent_service}-clone",
1317 target => "${::neutron::params::l3_agent_service}-clone",
1318 score => 'INFINITY',
1319 require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
1320 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
1323 if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
1324 #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat
1325 pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint':
1326 constraint_type => 'order',
1327 first_resource => "${::neutron::params::server_service}-clone",
1328 second_resource => "${::neutron::params::dhcp_agent_service}-clone",
1329 first_action => 'start',
1330 second_action => 'start',
1331 require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
1332 Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
1334 pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint':
1335 constraint_type => 'order',
1336 first_resource => "${::neutron::params::dhcp_agent_service}-clone",
1337 second_resource => "${::neutron::params::metadata_agent_service}-clone",
1338 first_action => 'start',
1339 second_action => 'start',
1340 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1341 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
1343 pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint':
1344 constraint_type => 'order',
1345 first_resource => "${::neutron::params::metadata_agent_service}-clone",
1346 second_resource => 'tomcat-clone',
1347 first_action => 'start',
1348 second_action => 'start',
1349 require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service],
1350 Pacemaker::Resource::Service['tomcat']],
1352 pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation':
1353 source => "${::neutron::params::metadata_agent_service}-clone",
1354 target => "${::neutron::params::dhcp_agent_service}-clone",
1355 score => 'INFINITY',
1356 require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
1357 Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
1362 pacemaker::resource::service { $::nova::params::api_service_name :
1363 clone_params => 'interleave=true',
1365 pacemaker::resource::service { $::nova::params::conductor_service_name :
1366 clone_params => 'interleave=true',
1368 pacemaker::resource::service { $::nova::params::consoleauth_service_name :
1369 clone_params => 'interleave=true',
1370 require => Pacemaker::Resource::Ocf['openstack-core'],
1372 pacemaker::resource::service { $::nova::params::vncproxy_service_name :
1373 clone_params => 'interleave=true',
1375 pacemaker::resource::service { $::nova::params::scheduler_service_name :
1376 clone_params => 'interleave=true',
1379 pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':
1380 constraint_type => 'order',
1381 first_resource => 'openstack-core-clone',
1382 second_resource => "${::nova::params::consoleauth_service_name}-clone",
1383 first_action => 'start',
1384 second_action => 'start',
1385 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1386 Pacemaker::Resource::Ocf['openstack-core']],
1388 pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint':
1389 constraint_type => 'order',
1390 first_resource => "${::nova::params::consoleauth_service_name}-clone",
1391 second_resource => "${::nova::params::vncproxy_service_name}-clone",
1392 first_action => 'start',
1393 second_action => 'start',
1394 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1395 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1397 pacemaker::constraint::colocation { 'nova-vncproxy-with-nova-consoleauth-colocation':
1398 source => "${::nova::params::vncproxy_service_name}-clone",
1399 target => "${::nova::params::consoleauth_service_name}-clone",
1400 score => 'INFINITY',
1401 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1402 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1404 pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint':
1405 constraint_type => 'order',
1406 first_resource => "${::nova::params::vncproxy_service_name}-clone",
1407 second_resource => "${::nova::params::api_service_name}-clone",
1408 first_action => 'start',
1409 second_action => 'start',
1410 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1411 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1413 pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation':
1414 source => "${::nova::params::api_service_name}-clone",
1415 target => "${::nova::params::vncproxy_service_name}-clone",
1416 score => 'INFINITY',
1417 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1418 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1420 pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint':
1421 constraint_type => 'order',
1422 first_resource => "${::nova::params::api_service_name}-clone",
1423 second_resource => "${::nova::params::scheduler_service_name}-clone",
1424 first_action => 'start',
1425 second_action => 'start',
1426 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1427 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1429 pacemaker::constraint::colocation { 'nova-scheduler-with-nova-api-colocation':
1430 source => "${::nova::params::scheduler_service_name}-clone",
1431 target => "${::nova::params::api_service_name}-clone",
1432 score => 'INFINITY',
1433 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1434 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1436 pacemaker::constraint::base { 'nova-scheduler-then-nova-conductor-constraint':
1437 constraint_type => 'order',
1438 first_resource => "${::nova::params::scheduler_service_name}-clone",
1439 second_resource => "${::nova::params::conductor_service_name}-clone",
1440 first_action => 'start',
1441 second_action => 'start',
1442 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1443 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1445 pacemaker::constraint::colocation { 'nova-conductor-with-nova-scheduler-colocation':
1446 source => "${::nova::params::conductor_service_name}-clone",
1447 target => "${::nova::params::scheduler_service_name}-clone",
1448 score => 'INFINITY',
1449 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1450 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1453 # Ceilometer and Aodh
1454 case downcase(hiera('ceilometer_backend')) {
1456 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
1457 clone_params => 'interleave=true',
1458 require => Pacemaker::Resource::Ocf['openstack-core'],
1462 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
1463 clone_params => 'interleave=true',
1464 require => [Pacemaker::Resource::Ocf['openstack-core'],
1465 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1469 pacemaker::resource::service { $::ceilometer::params::collector_service_name :
1470 clone_params => 'interleave=true',
1472 pacemaker::resource::service { $::ceilometer::params::api_service_name :
1473 clone_params => 'interleave=true',
1475 pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
1476 clone_params => 'interleave=true',
1478 pacemaker::resource::ocf { 'delay' :
1479 ocf_agent_name => 'heartbeat:Delay',
1480 clone_params => 'interleave=true',
1481 resource_params => 'startdelay=10',
1483 # Fedora doesn't know `require-all` parameter for constraints yet
1484 if $::operatingsystem == 'Fedora' {
1485 $redis_ceilometer_constraint_params = undef
1486 $redis_aodh_constraint_params = undef
1488 $redis_ceilometer_constraint_params = 'require-all=false'
1489 $redis_aodh_constraint_params = 'require-all=false'
1491 pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint':
1492 constraint_type => 'order',
1493 first_resource => 'redis-master',
1494 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1495 first_action => 'promote',
1496 second_action => 'start',
1497 constraint_params => $redis_ceilometer_constraint_params,
1498 require => [Pacemaker::Resource::Ocf['redis'],
1499 Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]],
1501 pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint':
1502 constraint_type => 'order',
1503 first_resource => 'redis-master',
1504 second_resource => "${::aodh::params::evaluator_service_name}-clone",
1505 first_action => 'promote',
1506 second_action => 'start',
1507 constraint_params => $redis_aodh_constraint_params,
1508 require => [Pacemaker::Resource::Ocf['redis'],
1509 Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]],
1511 pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
1512 constraint_type => 'order',
1513 first_resource => 'openstack-core-clone',
1514 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1515 first_action => 'start',
1516 second_action => 'start',
1517 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1518 Pacemaker::Resource::Ocf['openstack-core']],
1520 pacemaker::constraint::base { 'keystone-then-ceilometer-notification-constraint':
1521 constraint_type => 'order',
1522 first_resource => 'openstack-core-clone',
1523 second_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
1524 first_action => 'start',
1525 second_action => 'start',
1526 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1527 Pacemaker::Resource::Ocf['openstack-core']],
1529 pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
1530 constraint_type => 'order',
1531 first_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1532 second_resource => "${::ceilometer::params::collector_service_name}-clone",
1533 first_action => 'start',
1534 second_action => 'start',
1535 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1536 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1538 pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
1539 constraint_type => 'order',
1540 first_resource => "${::ceilometer::params::collector_service_name}-clone",
1541 second_resource => "${::ceilometer::params::api_service_name}-clone",
1542 first_action => 'start',
1543 second_action => 'start',
1544 require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
1545 Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
1547 pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
1548 source => "${::ceilometer::params::api_service_name}-clone",
1549 target => "${::ceilometer::params::collector_service_name}-clone",
1550 score => 'INFINITY',
1551 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1552 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1554 pacemaker::constraint::base { 'ceilometer-api-then-ceilometer-delay-constraint':
1555 constraint_type => 'order',
1556 first_resource => "${::ceilometer::params::api_service_name}-clone",
1557 second_resource => 'delay-clone',
1558 first_action => 'start',
1559 second_action => 'start',
1560 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1561 Pacemaker::Resource::Ocf['delay']],
1563 pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation':
1564 source => 'delay-clone',
1565 target => "${::ceilometer::params::api_service_name}-clone",
1566 score => 'INFINITY',
1567 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1568 Pacemaker::Resource::Ocf['delay']],
1571 pacemaker::resource::service { $::aodh::params::evaluator_service_name :
1572 clone_params => 'interleave=true',
1574 pacemaker::resource::service { $::aodh::params::notifier_service_name :
1575 clone_params => 'interleave=true',
1577 pacemaker::resource::service { $::aodh::params::listener_service_name :
1578 clone_params => 'interleave=true',
1580 pacemaker::constraint::base { 'aodh-delay-then-aodh-evaluator-constraint':
1581 constraint_type => 'order',
1582 first_resource => 'delay-clone',
1583 second_resource => "${::aodh::params::evaluator_service_name}-clone",
1584 first_action => 'start',
1585 second_action => 'start',
1586 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1587 Pacemaker::Resource::Ocf['delay']],
1589 pacemaker::constraint::colocation { 'aodh-evaluator-with-aodh-delay-colocation':
1590 source => "${::aodh::params::evaluator_service_name}-clone",
1591 target => 'delay-clone',
1592 score => 'INFINITY',
1593 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1594 Pacemaker::Resource::Ocf['delay']],
1596 pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint':
1597 constraint_type => 'order',
1598 first_resource => "${::aodh::params::evaluator_service_name}-clone",
1599 second_resource => "${::aodh::params::notifier_service_name}-clone",
1600 first_action => 'start',
1601 second_action => 'start',
1602 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1603 Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
1605 pacemaker::constraint::colocation { 'aodh-notifier-with-aodh-evaluator-colocation':
1606 source => "${::aodh::params::notifier_service_name}-clone",
1607 target => "${::aodh::params::evaluator_service_name}-clone",
1608 score => 'INFINITY',
1609 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1610 Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
1612 pacemaker::constraint::base { 'aodh-evaluator-then-aodh-listener-constraint':
1613 constraint_type => 'order',
1614 first_resource => "${::aodh::params::evaluator_service_name}-clone",
1615 second_resource => "${::aodh::params::listener_service_name}-clone",
1616 first_action => 'start',
1617 second_action => 'start',
1618 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1619 Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
1621 pacemaker::constraint::colocation { 'aodh-listener-with-aodh-evaluator-colocation':
1622 source => "${::aodh::params::listener_service_name}-clone",
1623 target => "${::aodh::params::evaluator_service_name}-clone",
1624 score => 'INFINITY',
1625 require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
1626 Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
1628 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
1629 pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint':
1630 constraint_type => 'order',
1631 first_resource => "${::mongodb::params::service_name}-clone",
1632 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1633 first_action => 'start',
1634 second_action => 'start',
1635 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1636 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1641 pacemaker::resource::service { $::gnocchi::params::metricd_service_name :
1642 clone_params => 'interleave=true',
1644 pacemaker::resource::service { $::gnocchi::params::statsd_service_name :
1645 clone_params => 'interleave=true',
1647 pacemaker::constraint::base { 'gnocchi-metricd-then-gnocchi-statsd-constraint':
1648 constraint_type => 'order',
1649 first_resource => "${::gnocchi::params::metricd_service_name}-clone",
1650 second_resource => "${::gnocchi::params::statsd_service_name}-clone",
1651 first_action => 'start',
1652 second_action => 'start',
1653 require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
1654 Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
1656 pacemaker::constraint::colocation { 'gnocchi-statsd-with-metricd-colocation':
1657 source => "${::gnocchi::params::statsd_service_name}-clone",
1658 target => "${::gnocchi::params::metricd_service_name}-clone",
1659 score => 'INFINITY',
1660 require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
1661 Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
1665 pacemaker::resource::service { $::heat::params::api_service_name :
1666 clone_params => 'interleave=true',
1668 pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name :
1669 clone_params => 'interleave=true',
1671 pacemaker::resource::service { $::heat::params::api_cfn_service_name :
1672 clone_params => 'interleave=true',
1674 pacemaker::resource::service { $::heat::params::engine_service_name :
1675 clone_params => 'interleave=true',
1677 pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint':
1678 constraint_type => 'order',
1679 first_resource => "${::heat::params::api_service_name}-clone",
1680 second_resource => "${::heat::params::api_cfn_service_name}-clone",
1681 first_action => 'start',
1682 second_action => 'start',
1683 require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
1684 Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
1686 pacemaker::constraint::colocation { 'heat-api-cfn-with-heat-api-colocation':
1687 source => "${::heat::params::api_cfn_service_name}-clone",
1688 target => "${::heat::params::api_service_name}-clone",
1689 score => 'INFINITY',
1690 require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
1691 Pacemaker::Resource::Service[$::heat::params::api_service_name]],
1693 pacemaker::constraint::base { 'heat-api-cfn-then-heat-api-cloudwatch-constraint':
1694 constraint_type => 'order',
1695 first_resource => "${::heat::params::api_cfn_service_name}-clone",
1696 second_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
1697 first_action => 'start',
1698 second_action => 'start',
1699 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1700 Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
1702 pacemaker::constraint::colocation { 'heat-api-cloudwatch-with-heat-api-cfn-colocation':
1703 source => "${::heat::params::api_cloudwatch_service_name}-clone",
1704 target => "${::heat::params::api_cfn_service_name}-clone",
1705 score => 'INFINITY',
1706 require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
1707 Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name]],
1709 pacemaker::constraint::base { 'heat-api-cloudwatch-then-heat-engine-constraint':
1710 constraint_type => 'order',
1711 first_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
1712 second_resource => "${::heat::params::engine_service_name}-clone",
1713 first_action => 'start',
1714 second_action => 'start',
1715 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1716 Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
1718 pacemaker::constraint::colocation { 'heat-engine-with-heat-api-cloudwatch-colocation':
1719 source => "${::heat::params::engine_service_name}-clone",
1720 target => "${::heat::params::api_cloudwatch_service_name}-clone",
1721 score => 'INFINITY',
1722 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1723 Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
1725 pacemaker::constraint::base { 'ceilometer-notification-then-heat-api-constraint':
1726 constraint_type => 'order',
1727 first_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
1728 second_resource => "${::heat::params::api_service_name}-clone",
1729 first_action => 'start',
1730 second_action => 'start',
1731 require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
1732 Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]],
1735 # Horizon and Keystone
1736 pacemaker::resource::service { $::apache::params::service_name:
1737 clone_params => 'interleave=true',
1738 verify_on_create => true,
1739 require => [File['/etc/keystone/ssl/certs/ca.pem'],
1740 File['/etc/keystone/ssl/private/signing_key.pem'],
1741 File['/etc/keystone/ssl/certs/signing_cert.pem']],
1745 if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
1746 pacemaker::resource::ocf { 'vsm-p' :
1747 ocf_agent_name => 'heartbeat:VirtualDomain',
1748 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_primary_deploy.xml',
1749 require => Class['n1k_vsm'],
1750 meta_params => 'resource-stickiness=INFINITY',
1752 if str2bool(hiera('n1k_vsm::pacemaker_control', true)) {
1753 pacemaker::resource::ocf { 'vsm-s' :
1754 ocf_agent_name => 'heartbeat:VirtualDomain',
1755 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_secondary_deploy.xml',
1756 require => Class['n1k_vsm'],
1757 meta_params => 'resource-stickiness=INFINITY',
1759 pacemaker::constraint::colocation { 'vsm-colocation-contraint':
1762 score => '-INFINITY',
1763 require => [Pacemaker::Resource::Ocf['vsm-p'],
1764 Pacemaker::Resource::Ocf['vsm-s']],
1773 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
1774 package_manifest{$package_manifest_name: ensure => present}
Code Review / apex-tripleo-heat-templates.git / blob