1 # Copyright 2015 Red Hat, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
21 include tripleo::packages
23 if $::hostname == downcase(hiera('bootstrap_nodeid')) {
24 $pacemaker_master = true
27 $pacemaker_master = false
31 $enable_fencing = str2bool(hiera('enable_fencing', 'false')) and hiera('step') >= 5
33 # When to start and enable services which haven't been Pacemakerized
34 # FIXME: remove when we start all OpenStack services using Pacemaker
35 # (occurences of this variable will be gradually replaced with false)
36 $non_pcmk_start = hiera('step') >= 4
38 if hiera('step') >= 1 {
40 create_resources(sysctl::value, hiera('sysctl_settings'), {})
42 if count(hiera('ntp::servers')) > 0 {
46 $controller_node_ips = split(hiera('controller_node_ips'), ',')
47 $controller_node_names = split(downcase(hiera('controller_node_names')), ',')
48 class { '::tripleo::loadbalancer' :
49 controller_hosts => $controller_node_ips,
50 controller_hosts_names => $controller_node_names,
52 mysql_clustercheck => true,
53 haproxy_service_manage => false,
56 $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G'))
60 class { '::pacemaker':
61 hacluster_pwd => hiera('hacluster_pwd'),
63 class { '::pacemaker::corosync':
64 cluster_members => $pacemaker_cluster_members,
65 setup_cluster => $pacemaker_master,
67 class { '::pacemaker::stonith':
68 disable => !$enable_fencing,
71 include tripleo::fencing
73 # enable stonith after all fencing devices have been created
74 Class['tripleo::fencing'] -> Class['pacemaker::stonith']
77 # FIXME(gfidente): sets 90secs as default start timeout op
78 # param; until we can use pcmk global defaults we'll still
79 # need to add it to every resource which redefines op params
80 Pacemaker::Resource::Service {
81 op_params => 'start timeout=90s',
84 # Only configure RabbitMQ in this step, don't start it yet to
85 # avoid races where non-master nodes attempt to start without
86 # config (eg. binding on 0.0.0.0)
87 # The module ignores erlang_cookie if cluster_config is false
89 service_manage => false,
90 tcp_keepalive => false,
91 config_kernel_variables => hiera('rabbitmq_kernel_variables'),
92 config_variables => hiera('rabbitmq_config_variables'),
93 environment_variables => hiera('rabbitmq_environment'),
95 file { '/var/lib/rabbitmq/.erlang.cookie':
100 content => hiera('rabbitmq::erlang_cookie'),
104 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
105 include ::mongodb::globals
106 class { '::mongodb::server' :
107 service_manage => false,
112 class {'::memcached' :
113 service_manage => false,
118 service_manage => false,
119 notify_service => false,
123 if str2bool(hiera('enable_galera', 'true')) {
124 $mysql_config_file = '/etc/my.cnf.d/galera.cnf'
126 $mysql_config_file = '/etc/my.cnf.d/server.cnf'
128 $galera_nodes = downcase(hiera('galera_node_names', $::hostname))
129 $galera_nodes_count = count(split($galera_nodes, ','))
133 'skip-name-resolve' => '1',
134 'binlog_format' => 'ROW',
135 'default-storage-engine' => 'innodb',
136 'innodb_autoinc_lock_mode' => '2',
137 'innodb_locks_unsafe_for_binlog'=> '1',
138 'query_cache_size' => '0',
139 'query_cache_type' => '0',
140 'bind-address' => hiera('mysql_bind_host'),
141 'max_connections' => hiera('mysql_max_connections'),
142 'open_files_limit' => '-1',
143 'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so',
144 'wsrep_cluster_name' => 'galera_cluster',
145 'wsrep_slave_threads' => '1',
146 'wsrep_certify_nonPK' => '1',
147 'wsrep_max_ws_rows' => '131072',
148 'wsrep_max_ws_size' => '1073741824',
149 'wsrep_debug' => '0',
150 'wsrep_convert_LOCK_to_trx' => '0',
151 'wsrep_retry_autocommit' => '1',
152 'wsrep_auto_increment_control' => '1',
153 'wsrep_drupal_282555_workaround'=> '0',
154 'wsrep_causal_reads' => '0',
155 'wsrep_notify_cmd' => '',
156 'wsrep_sst_method' => 'rsync',
160 class { '::mysql::server':
161 create_root_user => false,
162 create_root_my_cnf => false,
163 config_file => $mysql_config_file,
164 override_options => $mysqld_options,
165 remove_default_accounts => $pacemaker_master,
166 service_manage => false,
167 service_enabled => false,
172 if hiera('step') >= 2 {
174 # NOTE(gfidente): the following vars are needed on all nodes so they
175 # need to stay out of pacemaker_master conditional
176 $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
177 $mongodb_replset = hiera('mongodb::server::replset')
179 if $pacemaker_master {
181 include pacemaker::resource_defaults
183 # FIXME: we should not have to access tripleo::loadbalancer class
184 # parameters here to configure pacemaker VIPs. The configuration
185 # of pacemaker VIPs could move into puppet-tripleo or we should
186 # make use of less specific hiera parameters here for the settings.
187 pacemaker::resource::service { 'haproxy':
188 clone_params => true,
191 $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip')
192 pacemaker::resource::ip { 'control_vip':
193 ip_address => $control_vip,
195 pacemaker::constraint::base { 'control_vip-then-haproxy':
196 constraint_type => 'order',
197 first_resource => "ip-${control_vip}",
198 second_resource => 'haproxy-clone',
199 first_action => 'start',
200 second_action => 'start',
201 constraint_params => 'kind=Optional',
202 require => [Pacemaker::Resource::Service['haproxy'],
203 Pacemaker::Resource::Ip['control_vip']],
205 pacemaker::constraint::colocation { 'control_vip-with-haproxy':
206 source => "ip-${control_vip}",
207 target => 'haproxy-clone',
209 require => [Pacemaker::Resource::Service['haproxy'],
210 Pacemaker::Resource::Ip['control_vip']],
213 $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip')
214 if $public_vip and $public_vip != $control_vip {
215 pacemaker::resource::ip { 'public_vip':
216 ip_address => $public_vip,
218 pacemaker::constraint::base { 'public_vip-then-haproxy':
219 constraint_type => 'order',
220 first_resource => "ip-${public_vip}",
221 second_resource => 'haproxy-clone',
222 first_action => 'start',
223 second_action => 'start',
224 constraint_params => 'kind=Optional',
225 require => [Pacemaker::Resource::Service['haproxy'],
226 Pacemaker::Resource::Ip['public_vip']],
228 pacemaker::constraint::colocation { 'public_vip-with-haproxy':
229 source => "ip-${public_vip}",
230 target => 'haproxy-clone',
232 require => [Pacemaker::Resource::Service['haproxy'],
233 Pacemaker::Resource::Ip['public_vip']],
237 $redis_vip = hiera('redis_vip')
238 if $redis_vip and $redis_vip != $control_vip {
239 pacemaker::resource::ip { 'redis_vip':
240 ip_address => $redis_vip,
242 pacemaker::constraint::base { 'redis_vip-then-haproxy':
243 constraint_type => 'order',
244 first_resource => "ip-${redis_vip}",
245 second_resource => 'haproxy-clone',
246 first_action => 'start',
247 second_action => 'start',
248 constraint_params => 'kind=Optional',
249 require => [Pacemaker::Resource::Service['haproxy'],
250 Pacemaker::Resource::Ip['redis_vip']],
252 pacemaker::constraint::colocation { 'redis_vip-with-haproxy':
253 source => "ip-${redis_vip}",
254 target => 'haproxy-clone',
256 require => [Pacemaker::Resource::Service['haproxy'],
257 Pacemaker::Resource::Ip['redis_vip']],
261 $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip')
262 if $internal_api_vip and $internal_api_vip != $control_vip {
263 pacemaker::resource::ip { 'internal_api_vip':
264 ip_address => $internal_api_vip,
266 pacemaker::constraint::base { 'internal_api_vip-then-haproxy':
267 constraint_type => 'order',
268 first_resource => "ip-${internal_api_vip}",
269 second_resource => 'haproxy-clone',
270 first_action => 'start',
271 second_action => 'start',
272 constraint_params => 'kind=Optional',
273 require => [Pacemaker::Resource::Service['haproxy'],
274 Pacemaker::Resource::Ip['internal_api_vip']],
276 pacemaker::constraint::colocation { 'internal_api_vip-with-haproxy':
277 source => "ip-${internal_api_vip}",
278 target => 'haproxy-clone',
280 require => [Pacemaker::Resource::Service['haproxy'],
281 Pacemaker::Resource::Ip['internal_api_vip']],
285 $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip')
286 if $storage_vip and $storage_vip != $control_vip {
287 pacemaker::resource::ip { 'storage_vip':
288 ip_address => $storage_vip,
290 pacemaker::constraint::base { 'storage_vip-then-haproxy':
291 constraint_type => 'order',
292 first_resource => "ip-${storage_vip}",
293 second_resource => 'haproxy-clone',
294 first_action => 'start',
295 second_action => 'start',
296 constraint_params => 'kind=Optional',
297 require => [Pacemaker::Resource::Service['haproxy'],
298 Pacemaker::Resource::Ip['storage_vip']],
300 pacemaker::constraint::colocation { 'storage_vip-with-haproxy':
301 source => "ip-${storage_vip}",
302 target => 'haproxy-clone',
304 require => [Pacemaker::Resource::Service['haproxy'],
305 Pacemaker::Resource::Ip['storage_vip']],
309 $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip')
310 if $storage_mgmt_vip and $storage_mgmt_vip != $control_vip {
311 pacemaker::resource::ip { 'storage_mgmt_vip':
312 ip_address => $storage_mgmt_vip,
314 pacemaker::constraint::base { 'storage_mgmt_vip-then-haproxy':
315 constraint_type => 'order',
316 first_resource => "ip-${storage_mgmt_vip}",
317 second_resource => 'haproxy-clone',
318 first_action => 'start',
319 second_action => 'start',
320 constraint_params => 'kind=Optional',
321 require => [Pacemaker::Resource::Service['haproxy'],
322 Pacemaker::Resource::Ip['storage_mgmt_vip']],
324 pacemaker::constraint::colocation { 'storage_mgmt_vip-with-haproxy':
325 source => "ip-${storage_mgmt_vip}",
326 target => 'haproxy-clone',
328 require => [Pacemaker::Resource::Service['haproxy'],
329 Pacemaker::Resource::Ip['storage_mgmt_vip']],
333 pacemaker::resource::service { $::memcached::params::service_name :
334 clone_params => "interleave=true",
335 require => Class['::memcached'],
338 pacemaker::resource::ocf { 'rabbitmq':
339 ocf_agent_name => 'heartbeat:rabbitmq-cluster',
340 resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'',
341 clone_params => 'ordered=true interleave=true',
342 require => Class['::rabbitmq'],
345 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
346 pacemaker::resource::service { $::mongodb::params::service_name :
347 op_params => 'start timeout=120s',
348 clone_params => true,
349 require => Class['::mongodb::server'],
351 # NOTE (spredzy) : The replset can only be run
352 # once all the nodes have joined the cluster.
353 mongodb_conn_validator { $mongo_node_ips_with_port :
355 require => Pacemaker::Resource::Service[$::mongodb::params::service_name],
356 before => Mongodb_replset[$mongodb_replset],
358 mongodb_replset { $mongodb_replset :
359 members => $mongo_node_ips_with_port,
363 pacemaker::resource::ocf { 'galera' :
364 ocf_agent_name => 'heartbeat:galera',
365 op_params => 'promote timeout=300s on-fail=block',
367 meta_params => "master-max=${galera_nodes_count} ordered=true",
368 resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'",
369 require => Class['::mysql::server'],
370 before => Exec['galera-ready'],
373 pacemaker::resource::ocf { 'redis':
374 ocf_agent_name => 'heartbeat:redis',
376 meta_params => 'notify=true ordered=true interleave=true',
377 resource_params => 'wait_last_known_master=true',
378 require => Class['::redis'],
383 exec { 'galera-ready' :
384 command => '/usr/bin/clustercheck >/dev/null',
388 environment => ["AVAILABLE_WHEN_READONLY=0"],
389 require => File['/etc/sysconfig/clustercheck'],
392 file { '/etc/sysconfig/clustercheck' :
394 content => "MYSQL_USERNAME=root\n
396 MYSQL_HOST=localhost\n",
399 xinetd::service { 'galera-monitor' :
401 server => '/usr/bin/clustercheck',
402 per_source => 'UNLIMITED',
403 log_on_success => '',
404 log_on_failure => 'HOST',
406 service_type => 'UNLISTED',
409 require => File['/etc/sysconfig/clustercheck'],
412 # Create all the database schemas
414 class { 'keystone::db::mysql':
415 require => Exec['galera-ready'],
417 class { 'glance::db::mysql':
418 require => Exec['galera-ready'],
420 class { 'nova::db::mysql':
421 require => Exec['galera-ready'],
423 class { 'neutron::db::mysql':
424 require => Exec['galera-ready'],
426 class { 'cinder::db::mysql':
427 require => Exec['galera-ready'],
429 class { 'heat::db::mysql':
430 require => Exec['galera-ready'],
433 if downcase(hiera('ceilometer_backend')) == 'mysql' {
434 class { 'ceilometer::db::mysql':
435 require => Exec['galera-ready'],
440 # pre-install swift here so we can build rings
444 $enable_ceph = hiera('ceph_storage_count', 0) > 0
447 class { 'ceph::profile::params':
448 mon_initial_members => downcase(hiera('ceph_mon_initial_members'))
450 include ::ceph::profile::mon
453 if str2bool(hiera('enable_ceph_storage', 'false')) {
454 if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
455 exec { 'set selinux to permissive on boot':
456 command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
457 onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
458 path => ["/usr/bin", "/usr/sbin"],
461 exec { 'set selinux to permissive':
462 command => "setenforce 0",
463 onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
464 path => ["/usr/bin", "/usr/sbin"],
465 } -> Class['ceph::profile::osd']
468 include ::ceph::profile::osd
471 if str2bool(hiera('enable_external_ceph', 'false')) {
472 include ::ceph::profile::client
478 if hiera('step') >= 3 {
480 class { '::keystone':
482 manage_service => false,
486 #TODO: need a cleanup-keystone-tokens.sh solution here
488 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2';
490 file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]:
491 ensure => 'directory',
494 require => Package['keystone'],
496 file { '/etc/keystone/ssl/certs/signing_cert.pem':
497 content => hiera('keystone_signing_certificate'),
500 notify => Service['keystone'],
501 require => File['/etc/keystone/ssl/certs'],
503 file { '/etc/keystone/ssl/private/signing_key.pem':
504 content => hiera('keystone_signing_key'),
507 notify => Service['keystone'],
508 require => File['/etc/keystone/ssl/private'],
510 file { '/etc/keystone/ssl/certs/ca.pem':
511 content => hiera('keystone_ca_certificate'),
514 notify => Service['keystone'],
515 require => File['/etc/keystone/ssl/certs'],
518 $glance_backend = downcase(hiera('glance_backend', 'swift'))
519 case $glance_backend {
520 swift: { $backend_store = 'glance.store.swift.Store' }
521 file: { $backend_store = 'glance.store.filesystem.Store' }
522 rbd: { $backend_store = 'glance.store.rbd.Store' }
523 default: { fail('Unrecognized glance_backend parameter.') }
525 $http_store = ['glance.store.http.Store']
526 $glance_store = concat($http_store, $backend_store)
528 if $glance_backend == 'file' and hiera('glance_file_pcmk_manage', false) {
529 pacemaker::resource::filesystem { "glance-fs":
530 device => hiera('glance_file_pcmk_device'),
531 directory => hiera('glance_file_pcmk_directory'),
532 fstype => hiera('glance_file_pcmk_fstype'),
533 fsoptions => hiera('glance_file_pcmk_options', ''),
538 # TODO: notifications, scrubber, etc.
540 class { 'glance::api':
541 known_stores => $glance_store,
542 manage_service => false,
545 class { '::glance::registry' :
547 manage_service => false,
550 include join(['::glance::backend::', $glance_backend])
553 memcached_servers => suffix(hiera('memcache_node_ips'), ':11211'),
556 include ::nova::config
558 class { '::nova::api' :
560 manage_service => false,
563 class { '::nova::cert' :
564 manage_service => false,
567 class { '::nova::conductor' :
568 manage_service => false,
571 class { '::nova::consoleauth' :
572 manage_service => false,
575 class { '::nova::vncproxy' :
576 manage_service => false,
579 include ::nova::scheduler::filter
580 class { '::nova::scheduler' :
581 manage_service => false,
584 include ::nova::network::neutron
586 # Neutron class definitions
588 class { '::neutron::server' :
590 manage_service => false,
593 class { '::neutron::agents::dhcp' :
594 manage_service => false,
597 class { '::neutron::agents::l3' :
598 manage_service => false,
601 class { 'neutron::agents::metadata':
602 manage_service => false,
605 file { '/etc/neutron/dnsmasq-neutron.conf':
606 content => hiera('neutron_dnsmasq_options'),
609 notify => Service['neutron-dhcp-service'],
610 require => Package['neutron'],
612 class { 'neutron::plugins::ml2':
613 flat_networks => split(hiera('neutron_flat_networks'), ','),
614 tenant_network_types => [hiera('neutron_tenant_network_type')],
615 mechanism_drivers => [hiera('neutron_mechanism_drivers')],
617 class { 'neutron::agents::ml2::ovs':
618 manage_service => false,
620 bridge_mappings => split(hiera('neutron_bridge_mappings'), ','),
621 tunnel_types => split(hiera('neutron_tunnel_types'), ','),
624 if 'cisco_ucsm' in hiera('neutron_mechanism_drivers') {
625 include ::neutron::plugins::ml2::cisco::ucsm
627 if 'cisco_nexus' in hiera('neutron_mechanism_drivers') {
628 include ::neutron::plugins::ml2::cisco::nexus
629 include ::neutron::plugins::ml2::cisco::type_nexus_vxlan
631 if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') {
632 include neutron::plugins::ml2::cisco::nexus1000v
634 class { 'neutron::agents::n1kv_vem':
635 n1kv_source => hiera('n1kv_vem_source', undef),
636 n1kv_version => hiera('n1kv_vem_version', undef),
640 n1kv_source => hiera('n1kv_vsm_source', undef),
641 n1kv_version => hiera('n1kv_vsm_version', undef),
645 if hiera('neutron_enable_bigswitch_ml2', false) {
646 include neutron::plugins::ml2::bigswitch::restproxy
648 neutron_l3_agent_config {
649 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
651 neutron_dhcp_agent_config {
652 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
656 class { '::cinder::api':
658 manage_service => false,
661 class { '::cinder::scheduler' :
662 manage_service => false,
665 class { '::cinder::volume' :
666 manage_service => false,
669 include ::cinder::glance
670 class {'cinder::setup_test_volume':
671 size => join([hiera('cinder_lvm_loop_device_size'), 'M']),
674 $cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true)
675 if $cinder_enable_iscsi {
676 $cinder_iscsi_backend = 'tripleo_iscsi'
678 cinder::backend::iscsi { $cinder_iscsi_backend :
679 iscsi_ip_address => hiera('cinder_iscsi_ip_address'),
680 iscsi_helper => hiera('cinder_iscsi_helper'),
687 pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
688 pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
689 size => hiera('ceph::profile::params::osd_pool_default_size'),
692 $ceph_pools = hiera('ceph_pools')
693 ceph::pool { $ceph_pools : }
695 $cinder_pool_requires = [Ceph::Pool['volumes']]
698 $cinder_pool_requires = []
701 if hiera('cinder_enable_rbd_backend', false) {
702 $cinder_rbd_backend = 'tripleo_ceph'
704 cinder::backend::rbd { $cinder_rbd_backend :
705 rbd_pool => 'volumes',
706 rbd_user => 'openstack',
707 rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
708 require => $cinder_pool_requires,
712 if hiera('cinder_enable_netapp_backend', false) {
713 $cinder_netapp_backend = hiera('cinder::backend::netapp::title')
716 "${cinder_netapp_backend}/host": value => 'hostgroup';
719 if hiera('cinder::backend::netapp::nfs_shares', undef) {
720 $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',')
723 cinder::backend::netapp { $cinder_netapp_backend :
724 netapp_login => hiera('cinder::backend::netapp::netapp_login', undef),
725 netapp_password => hiera('cinder::backend::netapp::netapp_password', undef),
726 netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef),
727 netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef),
728 netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef),
729 netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef),
730 netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef),
731 netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef),
732 netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef),
733 netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef),
734 netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef),
735 netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef),
736 nfs_shares => $cinder_netapp_nfs_shares,
737 nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef),
738 netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef),
739 netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef),
740 netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef),
741 netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef),
742 netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef),
743 netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef),
747 if hiera('cinder_enable_nfs_backend', false) {
748 $cinder_nfs_backend = 'tripleo_nfs'
750 if ($::selinux != "false") {
751 selboolean { 'virt_use_nfs':
754 } -> Package['nfs-utils']
757 package {'nfs-utils': } ->
758 cinder::backend::nfs { $cinder_nfs_backend:
759 nfs_servers => hiera('cinder_nfs_servers'),
760 nfs_mount_options => hiera('cinder_nfs_mount_options'),
761 nfs_shares_config => '/etc/cinder/shares-nfs.conf',
765 $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend, $cinder_nfs_backend])
766 class { '::cinder::backends' :
767 enabled_backends => $cinder_enabled_backends,
771 class { '::swift::proxy' :
772 manage_service => $non_pcmk_start,
773 enabled => $non_pcmk_start,
775 include ::swift::proxy::proxy_logging
776 include ::swift::proxy::healthcheck
777 include ::swift::proxy::cache
778 include ::swift::proxy::keystone
779 include ::swift::proxy::authtoken
780 include ::swift::proxy::staticweb
781 include ::swift::proxy::ratelimit
782 include ::swift::proxy::catch_errors
783 include ::swift::proxy::tempurl
784 include ::swift::proxy::formpost
787 if str2bool(hiera('enable_swift_storage', 'true')) {
788 class {'::swift::storage::all':
789 mount_check => str2bool(hiera('swift_mount_check'))
791 class {'::swift::storage::account':
792 manage_service => $non_pcmk_start,
793 enabled => $non_pcmk_start,
795 class {'::swift::storage::container':
796 manage_service => $non_pcmk_start,
797 enabled => $non_pcmk_start,
799 class {'::swift::storage::object':
800 manage_service => $non_pcmk_start,
801 enabled => $non_pcmk_start,
803 if(!defined(File['/srv/node'])) {
808 require => Package['openstack-swift'],
811 $swift_components = ['account', 'container', 'object']
812 swift::storage::filter::recon { $swift_components : }
813 swift::storage::filter::healthcheck { $swift_components : }
817 case downcase(hiera('ceilometer_backend')) {
819 $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
822 $mongo_node_string = join($mongo_node_ips_with_port, ',')
823 $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
827 include ::ceilometer::config
828 class { '::ceilometer::api' :
829 manage_service => false,
832 class { '::ceilometer::agent::notification' :
833 manage_service => false,
836 class { '::ceilometer::agent::central' :
837 manage_service => false,
840 class { '::ceilometer::alarm::notifier' :
841 manage_service => false,
844 class { '::ceilometer::alarm::evaluator' :
845 manage_service => false,
848 class { '::ceilometer::collector' :
849 manage_service => false,
852 include ::ceilometer::expirer
853 class { '::ceilometer::db' :
854 database_connection => $ceilometer_database_connection,
857 include ceilometer::agent::auth
859 Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
865 class { '::heat::api' :
866 manage_service => false,
869 class { '::heat::api_cfn' :
870 manage_service => false,
873 class { '::heat::api_cloudwatch' :
874 manage_service => false,
877 class { '::heat::engine' :
878 manage_service => false,
882 # httpd/apache and horizon
883 # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent
885 service_enable => false,
886 # service_manage => false, # <-- not supported with horizon&apache mod_wsgi?
888 include ::apache::mod::status
889 if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') {
890 $_profile_support = 'cisco'
892 $_profile_support = 'None'
894 $neutron_options = {'profile_support' => $_profile_support }
896 cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'),
897 neutron_options => $neutron_options,
900 $snmpd_user = hiera('snmpd_readonly_user_name')
901 snmp::snmpv3_user { $snmpd_user:
903 authpass => hiera('snmpd_readonly_user_password'),
906 agentaddress => ['udp:161','udp6:[::1]:161'],
907 snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
910 hiera_include('controller_classes')
914 if hiera('step') >= 4 {
915 include ::keystone::cron::token_flush
917 if $pacemaker_master {
920 pacemaker::resource::service { $::keystone::params::service_name :
921 clone_params => "interleave=true",
922 verify_on_create => true,
923 require => [File['/etc/keystone/ssl/certs/ca.pem'],
924 File['/etc/keystone/ssl/private/signing_key.pem'],
925 File['/etc/keystone/ssl/certs/signing_cert.pem']],
928 pacemaker::constraint::base { 'haproxy-then-keystone-constraint':
929 constraint_type => 'order',
930 first_resource => "haproxy-clone",
931 second_resource => "${::keystone::params::service_name}-clone",
932 first_action => 'start',
933 second_action => 'start',
934 require => [Pacemaker::Resource::Service['haproxy'],
935 Pacemaker::Resource::Service[$::keystone::params::service_name]],
937 pacemaker::constraint::base { 'rabbitmq-then-keystone-constraint':
938 constraint_type => 'order',
939 first_resource => "rabbitmq-clone",
940 second_resource => "${::keystone::params::service_name}-clone",
941 first_action => 'start',
942 second_action => 'start',
943 require => [Pacemaker::Resource::Ocf['rabbitmq'],
944 Pacemaker::Resource::Service[$::keystone::params::service_name]],
946 pacemaker::constraint::base { 'memcached-then-keystone-constraint':
947 constraint_type => 'order',
948 first_resource => "memcached-clone",
949 second_resource => "${::keystone::params::service_name}-clone",
950 first_action => 'start',
951 second_action => 'start',
952 require => [Pacemaker::Resource::Service['memcached'],
953 Pacemaker::Resource::Service[$::keystone::params::service_name]],
955 pacemaker::constraint::base { 'galera-then-keystone-constraint':
956 constraint_type => 'order',
957 first_resource => "galera-master",
958 second_resource => "${::keystone::params::service_name}-clone",
959 first_action => 'promote',
960 second_action => 'start',
961 require => [Pacemaker::Resource::Ocf['galera'],
962 Pacemaker::Resource::Service[$::keystone::params::service_name]],
966 pacemaker::resource::service { $::cinder::params::api_service :
967 clone_params => "interleave=true",
968 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
970 pacemaker::resource::service { $::cinder::params::scheduler_service :
971 clone_params => "interleave=true",
973 pacemaker::resource::service { $::cinder::params::volume_service : }
975 pacemaker::constraint::base { 'keystone-then-cinder-api-constraint':
976 constraint_type => 'order',
977 first_resource => "${::keystone::params::service_name}-clone",
978 second_resource => "${::cinder::params::api_service}-clone",
979 first_action => 'start',
980 second_action => 'start',
981 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
982 Pacemaker::Resource::Service[$::keystone::params::service_name]],
984 pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint':
985 constraint_type => "order",
986 first_resource => "${::cinder::params::api_service}-clone",
987 second_resource => "${::cinder::params::scheduler_service}-clone",
988 first_action => "start",
989 second_action => "start",
990 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
991 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
993 pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation':
994 source => "${::cinder::params::scheduler_service}-clone",
995 target => "${::cinder::params::api_service}-clone",
997 require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
998 Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
1000 pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint':
1001 constraint_type => "order",
1002 first_resource => "${::cinder::params::scheduler_service}-clone",
1003 second_resource => "${::cinder::params::volume_service}",
1004 first_action => "start",
1005 second_action => "start",
1006 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
1007 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
1009 pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation':
1010 source => "${::cinder::params::volume_service}",
1011 target => "${::cinder::params::scheduler_service}-clone",
1012 score => "INFINITY",
1013 require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
1014 Pacemaker::Resource::Service[$::cinder::params::volume_service]],
1018 pacemaker::resource::service { $::glance::params::registry_service_name :
1019 clone_params => "interleave=true",
1020 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1022 pacemaker::resource::service { $::glance::params::api_service_name :
1023 clone_params => "interleave=true",
1026 pacemaker::constraint::base { 'keystone-then-glance-registry-constraint':
1027 constraint_type => 'order',
1028 first_resource => "${::keystone::params::service_name}-clone",
1029 second_resource => "${::glance::params::registry_service_name}-clone",
1030 first_action => 'start',
1031 second_action => 'start',
1032 require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name],
1033 Pacemaker::Resource::Service[$::keystone::params::service_name]],
1035 pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint':
1036 constraint_type => "order",
1037 first_resource => "${::glance::params::registry_service_name}-clone",
1038 second_resource => "${::glance::params::api_service_name}-clone",
1039 first_action => "start",
1040 second_action => "start",
1041 require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name],
1042 Pacemaker::Resource::Service[$::glance::params::api_service_name]],
1044 pacemaker::constraint::colocation { 'glance-api-with-glance-registry-colocation':
1045 source => "${::glance::params::api_service_name}-clone",
1046 target => "${::glance::params::registry_service_name}-clone",
1047 score => "INFINITY",
1048 require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name],
1049 Pacemaker::Resource::Service[$::glance::params::api_service_name]],
1053 # NOTE(gfidente): Neutron will try to populate the database with some data
1054 # as soon as neutron-server is started; to avoid races we want to make this
1055 # happen only on one node, before normal Pacemaker initialization
1056 # https://bugzilla.redhat.com/show_bug.cgi?id=1233061
1057 exec { '/usr/bin/systemctl start neutron-server && /usr/bin/sleep 5' : } ->
1058 pacemaker::resource::service { $::neutron::params::server_service:
1059 clone_params => "interleave=true",
1060 require => Pacemaker::Resource::Service[$::keystone::params::service_name]
1062 pacemaker::resource::service { $::neutron::params::l3_agent_service:
1063 clone_params => "interleave=true",
1065 pacemaker::resource::service { $::neutron::params::dhcp_agent_service:
1066 clone_params => "interleave=true",
1068 pacemaker::resource::service { $::neutron::params::ovs_agent_service:
1069 clone_params => "interleave=true",
1071 pacemaker::resource::service { $::neutron::params::metadata_agent_service:
1072 clone_params => "interleave=true",
1074 pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service:
1075 ocf_agent_name => "neutron:OVSCleanup",
1076 clone_params => "interleave=true",
1078 pacemaker::resource::ocf { 'neutron-netns-cleanup':
1079 ocf_agent_name => "neutron:NetnsCleanup",
1080 clone_params => "interleave=true",
1083 # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent
1084 pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint':
1085 constraint_type => "order",
1086 first_resource => "${::neutron::params::ovs_cleanup_service}-clone",
1087 second_resource => "neutron-netns-cleanup-clone",
1088 first_action => "start",
1089 second_action => "start",
1090 require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"],
1091 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1093 pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation':
1094 source => "neutron-netns-cleanup-clone",
1095 target => "${::neutron::params::ovs_cleanup_service}-clone",
1096 score => "INFINITY",
1097 require => [Pacemaker::Resource::Ocf["${::neutron::params::ovs_cleanup_service}"],
1098 Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
1100 pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint':
1101 constraint_type => "order",
1102 first_resource => "neutron-netns-cleanup-clone",
1103 second_resource => "${::neutron::params::ovs_agent_service}-clone",
1104 first_action => "start",
1105 second_action => "start",
1106 require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"],
1107 Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]],
1109 pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation':
1110 source => "${::neutron::params::ovs_agent_service}-clone",
1111 target => "neutron-netns-cleanup-clone",
1112 score => "INFINITY",
1113 require => [Pacemaker::Resource::Ocf["neutron-netns-cleanup"],
1114 Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"]],
1117 #another chain keystone-->neutron-server-->ovs-agent-->dhcp-->l3
1118 pacemaker::constraint::base { 'keystone-to-neutron-server-constraint':
1119 constraint_type => "order",
1120 first_resource => "${::keystone::params::service_name}-clone",
1121 second_resource => "${::neutron::params::server_service}-clone",
1122 first_action => "start",
1123 second_action => "start",
1124 require => [Pacemaker::Resource::Service[$::keystone::params::service_name],
1125 Pacemaker::Resource::Service[$::neutron::params::server_service]],
1127 pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint':
1128 constraint_type => "order",
1129 first_resource => "${::neutron::params::server_service}-clone",
1130 second_resource => "${::neutron::params::ovs_agent_service}-clone",
1131 first_action => "start",
1132 second_action => "start",
1133 require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
1134 Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
1136 pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint':
1137 constraint_type => "order",
1138 first_resource => "${::neutron::params::ovs_agent_service}-clone",
1139 second_resource => "${::neutron::params::dhcp_agent_service}-clone",
1140 first_action => "start",
1141 second_action => "start",
1142 require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"],
1143 Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]],
1146 pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation':
1147 source => "${::neutron::params::dhcp_agent_service}-clone",
1148 target => "${::neutron::params::ovs_agent_service}-clone",
1149 score => "INFINITY",
1150 require => [Pacemaker::Resource::Service["${::neutron::params::ovs_agent_service}"],
1151 Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"]],
1153 pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint':
1154 constraint_type => "order",
1155 first_resource => "${::neutron::params::dhcp_agent_service}-clone",
1156 second_resource => "${::neutron::params::l3_agent_service}-clone",
1157 first_action => "start",
1158 second_action => "start",
1159 require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"],
1160 Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]]
1162 pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation':
1163 source => "${::neutron::params::l3_agent_service}-clone",
1164 target => "${::neutron::params::dhcp_agent_service}-clone",
1165 score => "INFINITY",
1166 require => [Pacemaker::Resource::Service["${::neutron::params::dhcp_agent_service}"],
1167 Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"]]
1169 pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint':
1170 constraint_type => "order",
1171 first_resource => "${::neutron::params::l3_agent_service}-clone",
1172 second_resource => "${::neutron::params::metadata_agent_service}-clone",
1173 first_action => "start",
1174 second_action => "start",
1175 require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"],
1176 Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]]
1178 pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation':
1179 source => "${::neutron::params::metadata_agent_service}-clone",
1180 target => "${::neutron::params::l3_agent_service}-clone",
1181 score => "INFINITY",
1182 require => [Pacemaker::Resource::Service["${::neutron::params::l3_agent_service}"],
1183 Pacemaker::Resource::Service["${::neutron::params::metadata_agent_service}"]]
1187 pacemaker::resource::service { $::nova::params::api_service_name :
1188 clone_params => "interleave=true",
1189 op_params => "start timeout=90s monitor start-delay=10s",
1191 pacemaker::resource::service { $::nova::params::conductor_service_name :
1192 clone_params => "interleave=true",
1193 op_params => "start timeout=90s monitor start-delay=10s",
1195 pacemaker::resource::service { $::nova::params::consoleauth_service_name :
1196 clone_params => "interleave=true",
1197 op_params => "start timeout=90s monitor start-delay=10s",
1198 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1200 pacemaker::resource::service { $::nova::params::vncproxy_service_name :
1201 clone_params => "interleave=true",
1202 op_params => "start timeout=90s monitor start-delay=10s",
1204 pacemaker::resource::service { $::nova::params::scheduler_service_name :
1205 clone_params => "interleave=true",
1206 op_params => "start timeout=90s monitor start-delay=10s",
1209 pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':
1210 constraint_type => 'order',
1211 first_resource => "${::keystone::params::service_name}-clone",
1212 second_resource => "${::nova::params::consoleauth_service_name}-clone",
1213 first_action => 'start',
1214 second_action => 'start',
1215 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1216 Pacemaker::Resource::Service[$::keystone::params::service_name]],
1218 pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint':
1219 constraint_type => "order",
1220 first_resource => "${::nova::params::consoleauth_service_name}-clone",
1221 second_resource => "${::nova::params::vncproxy_service_name}-clone",
1222 first_action => "start",
1223 second_action => "start",
1224 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1225 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1227 pacemaker::constraint::colocation { 'nova-vncproxy-with-nova-consoleauth-colocation':
1228 source => "${::nova::params::vncproxy_service_name}-clone",
1229 target => "${::nova::params::consoleauth_service_name}-clone",
1230 score => "INFINITY",
1231 require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
1232 Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name]],
1234 pacemaker::constraint::base { 'nova-vncproxy-then-nova-api-constraint':
1235 constraint_type => "order",
1236 first_resource => "${::nova::params::vncproxy_service_name}-clone",
1237 second_resource => "${::nova::params::api_service_name}-clone",
1238 first_action => "start",
1239 second_action => "start",
1240 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1241 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1243 pacemaker::constraint::colocation { 'nova-api-with-nova-vncproxy-colocation':
1244 source => "${::nova::params::api_service_name}-clone",
1245 target => "${::nova::params::vncproxy_service_name}-clone",
1246 score => "INFINITY",
1247 require => [Pacemaker::Resource::Service[$::nova::params::vncproxy_service_name],
1248 Pacemaker::Resource::Service[$::nova::params::api_service_name]],
1250 pacemaker::constraint::base { 'nova-api-then-nova-scheduler-constraint':
1251 constraint_type => "order",
1252 first_resource => "${::nova::params::api_service_name}-clone",
1253 second_resource => "${::nova::params::scheduler_service_name}-clone",
1254 first_action => "start",
1255 second_action => "start",
1256 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1257 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1259 pacemaker::constraint::colocation { 'nova-scheduler-with-nova-api-colocation':
1260 source => "${::nova::params::scheduler_service_name}-clone",
1261 target => "${::nova::params::api_service_name}-clone",
1262 score => "INFINITY",
1263 require => [Pacemaker::Resource::Service[$::nova::params::api_service_name],
1264 Pacemaker::Resource::Service[$::nova::params::scheduler_service_name]],
1266 pacemaker::constraint::base { 'nova-scheduler-then-nova-conductor-constraint':
1267 constraint_type => "order",
1268 first_resource => "${::nova::params::scheduler_service_name}-clone",
1269 second_resource => "${::nova::params::conductor_service_name}-clone",
1270 first_action => "start",
1271 second_action => "start",
1272 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1273 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1275 pacemaker::constraint::colocation { 'nova-conductor-with-nova-scheduler-colocation':
1276 source => "${::nova::params::conductor_service_name}-clone",
1277 target => "${::nova::params::scheduler_service_name}-clone",
1278 score => "INFINITY",
1279 require => [Pacemaker::Resource::Service[$::nova::params::scheduler_service_name],
1280 Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
1284 case downcase(hiera('ceilometer_backend')) {
1286 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name :
1287 clone_params => 'interleave=true',
1288 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1292 pacemaker::resource::service { $::ceilometer::params::agent_central_service_name :
1293 clone_params => 'interleave=true',
1294 require => [Pacemaker::Resource::Service[$::keystone::params::service_name],
1295 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1299 pacemaker::resource::service { $::ceilometer::params::collector_service_name :
1300 clone_params => 'interleave=true',
1302 pacemaker::resource::service { $::ceilometer::params::api_service_name :
1303 clone_params => 'interleave=true',
1305 pacemaker::resource::service { $::ceilometer::params::alarm_evaluator_service_name :
1306 clone_params => 'interleave=true',
1308 pacemaker::resource::service { $::ceilometer::params::alarm_notifier_service_name :
1309 clone_params => 'interleave=true',
1311 pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
1312 clone_params => 'interleave=true',
1314 pacemaker::resource::ocf { 'delay' :
1315 ocf_agent_name => 'heartbeat:Delay',
1316 clone_params => 'interleave=true',
1317 resource_params => 'startdelay=10',
1319 # Fedora doesn't know `require-all` parameter for constraints yet
1320 if $::operatingsystem == 'Fedora' {
1321 $redis_ceilometer_constraint_params = undef
1323 $redis_ceilometer_constraint_params = 'require-all=false'
1325 pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint':
1326 constraint_type => 'order',
1327 first_resource => "redis-master",
1328 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1329 first_action => 'promote',
1330 second_action => 'start',
1331 constraint_params => $redis_ceilometer_constraint_params,
1332 require => [Pacemaker::Resource::Ocf['redis'],
1333 Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]],
1335 pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
1336 constraint_type => 'order',
1337 first_resource => "${::keystone::params::service_name}-clone",
1338 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1339 first_action => 'start',
1340 second_action => 'start',
1341 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1342 Pacemaker::Resource::Service[$::keystone::params::service_name]],
1344 pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
1345 constraint_type => 'order',
1346 first_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1347 second_resource => "${::ceilometer::params::collector_service_name}-clone",
1348 first_action => 'start',
1349 second_action => 'start',
1350 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1351 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1353 pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
1354 constraint_type => 'order',
1355 first_resource => "${::ceilometer::params::collector_service_name}-clone",
1356 second_resource => "${::ceilometer::params::api_service_name}-clone",
1357 first_action => 'start',
1358 second_action => 'start',
1359 require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
1360 Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
1362 pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
1363 source => "${::ceilometer::params::api_service_name}-clone",
1364 target => "${::ceilometer::params::collector_service_name}-clone",
1365 score => 'INFINITY',
1366 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1367 Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
1369 pacemaker::constraint::base { 'ceilometer-api-then-ceilometer-delay-constraint':
1370 constraint_type => 'order',
1371 first_resource => "${::ceilometer::params::api_service_name}-clone",
1372 second_resource => 'delay-clone',
1373 first_action => 'start',
1374 second_action => 'start',
1375 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1376 Pacemaker::Resource::Ocf['delay']],
1378 pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation':
1379 source => 'delay-clone',
1380 target => "${::ceilometer::params::api_service_name}-clone",
1381 score => 'INFINITY',
1382 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1383 Pacemaker::Resource::Ocf['delay']],
1385 pacemaker::constraint::base { 'ceilometer-delay-then-ceilometer-alarm-evaluator-constraint':
1386 constraint_type => 'order',
1387 first_resource => 'delay-clone',
1388 second_resource => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
1389 first_action => 'start',
1390 second_action => 'start',
1391 require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name],
1392 Pacemaker::Resource::Ocf['delay']],
1394 pacemaker::constraint::colocation { 'ceilometer-alarm-evaluator-with-ceilometer-delay-colocation':
1395 source => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
1396 target => 'delay-clone',
1397 score => 'INFINITY',
1398 require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
1399 Pacemaker::Resource::Ocf['delay']],
1401 pacemaker::constraint::base { 'ceilometer-alarm-evaluator-then-ceilometer-alarm-notifier-constraint':
1402 constraint_type => 'order',
1403 first_resource => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
1404 second_resource => "${::ceilometer::params::alarm_notifier_service_name}-clone",
1405 first_action => 'start',
1406 second_action => 'start',
1407 require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name],
1408 Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
1410 pacemaker::constraint::colocation { 'ceilometer-alarm-notifier-with-ceilometer-alarm-evaluator-colocation':
1411 source => "${::ceilometer::params::alarm_notifier_service_name}-clone",
1412 target => "${::ceilometer::params::alarm_evaluator_service_name}-clone",
1413 score => 'INFINITY',
1414 require => [Pacemaker::Resource::Service[$::ceilometer::params::alarm_evaluator_service_name],
1415 Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
1417 pacemaker::constraint::base { 'ceilometer-alarm-notifier-then-ceilometer-notification-constraint':
1418 constraint_type => 'order',
1419 first_resource => "${::ceilometer::params::alarm_notifier_service_name}-clone",
1420 second_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
1421 first_action => 'start',
1422 second_action => 'start',
1423 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name],
1424 Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
1426 pacemaker::constraint::colocation { 'ceilometer-notification-with-ceilometer-alarm-notifier-colocation':
1427 source => "${::ceilometer::params::agent_notification_service_name}-clone",
1428 target => "${::ceilometer::params::alarm_notifier_service_name}-clone",
1429 score => 'INFINITY',
1430 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name],
1431 Pacemaker::Resource::Service[$::ceilometer::params::alarm_notifier_service_name]],
1433 if downcase(hiera('ceilometer_backend')) == 'mongodb' {
1434 pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint':
1435 constraint_type => 'order',
1436 first_resource => "${::mongodb::params::service_name}-clone",
1437 second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
1438 first_action => 'start',
1439 second_action => 'start',
1440 require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
1441 Pacemaker::Resource::Service[$::mongodb::params::service_name]],
1446 pacemaker::resource::service { $::heat::params::api_service_name :
1447 clone_params => 'interleave=true',
1449 pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name :
1450 clone_params => 'interleave=true',
1452 pacemaker::resource::service { $::heat::params::api_cfn_service_name :
1453 clone_params => 'interleave=true',
1455 pacemaker::resource::service { $::heat::params::engine_service_name :
1456 clone_params => 'interleave=true',
1458 pacemaker::constraint::base { 'keystone-then-heat-api-constraint':
1459 constraint_type => 'order',
1460 first_resource => "${::keystone::params::service_name}-clone",
1461 second_resource => "${::heat::params::api_service_name}-clone",
1462 first_action => 'start',
1463 second_action => 'start',
1464 require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
1465 Pacemaker::Resource::Service[$::keystone::params::service_name]],
1467 pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint':
1468 constraint_type => 'order',
1469 first_resource => "${::heat::params::api_service_name}-clone",
1470 second_resource => "${::heat::params::api_cfn_service_name}-clone",
1471 first_action => 'start',
1472 second_action => 'start',
1473 require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
1474 Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
1476 pacemaker::constraint::colocation { 'heat-api-cfn-with-heat-api-colocation':
1477 source => "${::heat::params::api_cfn_service_name}-clone",
1478 target => "${::heat::params::api_service_name}-clone",
1479 score => 'INFINITY',
1480 require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
1481 Pacemaker::Resource::Service[$::heat::params::api_service_name]],
1483 pacemaker::constraint::base { 'heat-api-cfn-then-heat-api-cloudwatch-constraint':
1484 constraint_type => 'order',
1485 first_resource => "${::heat::params::api_cfn_service_name}-clone",
1486 second_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
1487 first_action => 'start',
1488 second_action => 'start',
1489 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1490 Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]],
1492 pacemaker::constraint::colocation { 'heat-api-cloudwatch-with-heat-api-cfn-colocation':
1493 source => "${::heat::params::api_cloudwatch_service_name}-clone",
1494 target => "${::heat::params::api_cfn_service_name}-clone",
1495 score => 'INFINITY',
1496 require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name],
1497 Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name]],
1499 pacemaker::constraint::base { 'heat-api-cloudwatch-then-heat-engine-constraint':
1500 constraint_type => 'order',
1501 first_resource => "${::heat::params::api_cloudwatch_service_name}-clone",
1502 second_resource => "${::heat::params::engine_service_name}-clone",
1503 first_action => 'start',
1504 second_action => 'start',
1505 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1506 Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
1508 pacemaker::constraint::colocation { 'heat-engine-with-heat-api-cloudwatch-colocation':
1509 source => "${::heat::params::engine_service_name}-clone",
1510 target => "${::heat::params::api_cloudwatch_service_name}-clone",
1511 score => 'INFINITY',
1512 require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name],
1513 Pacemaker::Resource::Service[$::heat::params::engine_service_name]],
1515 pacemaker::constraint::base { 'ceilometer-notification-then-heat-api-constraint':
1516 constraint_type => 'order',
1517 first_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
1518 second_resource => "${::heat::params::api_service_name}-clone",
1519 first_action => 'start',
1520 second_action => 'start',
1521 require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
1522 Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]],
1526 pacemaker::resource::service { $::horizon::params::http_service:
1527 clone_params => "interleave=true",
1531 if 'cisco_n1kv' in hiera('neutron_mechanism_drivers') {
1532 pacemaker::resource::ocf { 'vsm-p' :
1533 ocf_agent_name => 'heartbeat:VirtualDomain',
1534 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_primary_deploy.xml',
1535 require => Class['n1k_vsm'],
1536 meta_params => 'resource-stickiness=INFINITY',
1538 if str2bool(hiera('n1k_vsm::pacemaker_control', 'true')) {
1539 pacemaker::resource::ocf { 'vsm-s' :
1540 ocf_agent_name => 'heartbeat:VirtualDomain',
1541 resource_params => 'force_stop=true config=/var/spool/cisco/vsm/vsm_secondary_deploy.xml',
1542 require => Class['n1k_vsm'],
1543 meta_params => 'resource-stickiness=INFINITY',
1545 pacemaker::constraint::colocation { 'vsm-colocation-contraint':
1548 score => "-INFINITY",
1549 require => [Pacemaker::Resource::Ocf['vsm-p'],
1550 Pacemaker::Resource::Ocf['vsm-s']],
1559 if hiera('step') >= 5 {
1561 if $pacemaker_master {
1563 class {'::keystone::roles::admin' :
1564 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1566 class {'::keystone::endpoint' :
1567 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1569 class { '::ceilometer::keystone::auth' :
1570 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1572 class { '::cinder::keystone::auth' :
1573 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1575 class { '::glance::keystone::auth' :
1576 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1578 class { '::heat::keystone::auth' :
1579 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1581 class { '::neutron::keystone::auth' :
1582 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1584 class { '::nova::keystone::auth' :
1585 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1587 class { '::swift::keystone::auth' :
1588 require => Pacemaker::Resource::Service[$::keystone::params::service_name],
1595 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
1596 package_manifest{$package_manifest_name: ensure => present}
Code Review / apex-tripleo-heat-templates.git / blob