puppet/services/pacemaker.yaml

   1 heat_template_version: 2016-10-14
   2
   3 description: >
   4   Pacemaker service configured with Puppet
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   DefaultPasswords:
  14     default: {}
  15     type: json
  16   EndpointMap:
  17     default: {}
  18     description: Mapping of service endpoint -> protocol. Typically set
  19                  via parameter_defaults in the resource registry.
  20     type: json
  21   MonitoringSubscriptionPacemaker:
  22     default: 'overcloud-pacemaker'
  23     type: string
  24   CorosyncIPv6:
  25     default: false
  26     description: Enable IPv6 in Corosync
  27     type: boolean
  28   EnableFencing:
  29     default: false
  30     description: Whether to enable fencing in Pacemaker or not.
  31     type: boolean
  32   PcsdPassword:
  33     type: string
  34     description: The password for the 'pcsd' user for pacemaker.
  35     hidden: true
  36     default: ''
  37   FencingConfig:
  38     default: {}
  39     description: |
  40       Pacemaker fencing configuration. The JSON should have
  41       the following structure:
  42         {
  43           "devices": [
  44             {
  45               "agent": "AGENT_NAME",
  46               "host_mac": "HOST_MAC_ADDRESS",
  47               "params": {"PARAM_NAME": "PARAM_VALUE"}
  48             }
  49           ]
  50         }
  51       For instance:
  52         {
  53           "devices": [
  54             {
  55               "agent": "fence_xvm",
  56               "host_mac": "52:54:00:aa:bb:cc",
  57               "params": {
  58                 "multicast_address": "225.0.0.12",
  59                 "port": "baremetal_0",
  60                 "manage_fw": true,
  61                 "manage_key_file": true,
  62                 "key_file": "/etc/fence_xvm.key",
  63                 "key_file_password": "abcdef"
  64               }
  65             }
  66           ]
  67         }
  68     type: json
  69   PacemakerLoggingSource:
  70     type: json
  71     default:
  72       tag: system.pacemaker
  73       path: /var/log/pacemaker.log,/var/log/cluster/corosync.log
  74       format: >-
  75         /^(?<time>[^ ]*\s*[^ ]* [^ ]*)
  76         \[(?<pid>[^ ]*)\]
  77         (?<host>[^ ]*)
  78         (?<message>.*)$/
  79
  80 outputs:
  81   role_data:
  82     description: Role data for the Pacemaker role.
  83     value:
  84       service_name: pacemaker
  85       monitoring_subscription: {get_param: MonitoringSubscriptionPacemaker}
  86       logging_groups:
  87         - haclient
  88       logging_source: {get_param: PacemakerLoggingSource}
  89       config_settings:
  90         pacemaker::corosync::cluster_name: 'tripleo_cluster'
  91         pacemaker::corosync::manage_fw: false
  92         pacemaker::resource_defaults::defaults:
  93           resource-stickiness: { value: INFINITY }
  94         corosync_token_timeout: 10000
  95         tripleo.pacemaker.firewall_rules:
  96           '130 pacemaker tcp':
  97             proto: 'tcp'
  98             dport:
  99               - 2224
 100               - 3121
 101               - 21064
 102           '131 pacemaker udp':
 103             proto: 'udp'
 104             dport: 5405
 105         corosync_ipv6: {get_param: CorosyncIPv6}
 106         tripleo::fencing::config: {get_param: FencingConfig}
 107         enable_fencing: {get_param: EnableFencing}
 108         hacluster_pwd:
 109           yaql:
 110             expression: $.data.passwords.where($ != '').first()
 111             data:
 112               passwords:
 113                 - {get_param: PcsdPassword}
 114                 - {get_param: [DefaultPasswords, pcsd_password]}
 115       step_config: |
 116         include ::tripleo::profile::base::pacemaker