puppet/services/pacemaker.yaml

   1 heat_template_version: 2016-10-14
   2
   3 description: >
   4   Pacemaker service configured with Puppet
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   DefaultPasswords:
  14     default: {}
  15     type: json
  16   EndpointMap:
  17     default: {}
  18     description: Mapping of service endpoint -> protocol. Typically set
  19                  via parameter_defaults in the resource registry.
  20     type: json
  21   MonitoringSubscriptionPacemaker:
  22     default: 'overcloud-pacemaker'
  23     type: string
  24   CorosyncIPv6:
  25     default: false
  26     description: Enable IPv6 in Corosync
  27     type: boolean
  28   EnableFencing:
  29     default: false
  30     description: Whether to enable fencing in Pacemaker or not.
  31     type: boolean
  32   PcsdPassword:
  33     type: string
  34     description: The password for the 'pcsd' user for pacemaker.
  35     hidden: true
  36     default: ''
  37   FencingConfig:
  38     default: {}
  39     description: |
  40       Pacemaker fencing configuration. The JSON should have
  41       the following structure:
  42         {
  43           "devices": [
  44             {
  45               "agent": "AGENT_NAME",
  46               "host_mac": "HOST_MAC_ADDRESS",
  47               "params": {"PARAM_NAME": "PARAM_VALUE"}
  48             }
  49           ]
  50         }
  51       For instance:
  52         {
  53           "devices": [
  54             {
  55               "agent": "fence_xvm",
  56               "host_mac": "52:54:00:aa:bb:cc",
  57               "params": {
  58                 "multicast_address": "225.0.0.12",
  59                 "port": "baremetal_0",
  60                 "manage_fw": true,
  61                 "manage_key_file": true,
  62                 "key_file": "/etc/fence_xvm.key",
  63                 "key_file_password": "abcdef"
  64               }
  65             }
  66           ]
  67         }
  68     type: json
  69
  70 outputs:
  71   role_data:
  72     description: Role data for the Pacemaker role.
  73     value:
  74       service_name: pacemaker
  75       monitoring_subscription: {get_param: MonitoringSubscriptionPacemaker}
  76       config_settings:
  77         pacemaker::corosync::cluster_name: 'tripleo_cluster'
  78         pacemaker::corosync::manage_fw: false
  79         pacemaker::resource_defaults::defaults:
  80           resource-stickiness: { value: INFINITY }
  81         corosync_token_timeout: 10000
  82         tripleo.pacemaker.firewall_rules:
  83           '130 pacemaker tcp':
  84             proto: 'tcp'
  85             dport:
  86               - 2224
  87               - 3121
  88               - 21064
  89           '131 pacemaker udp':
  90             proto: 'udp'
  91             dport: 5405
  92         corosync_ipv6: {get_param: CorosyncIPv6}
  93         tripleo::fencing::config: {get_param: FencingConfig}
  94         enable_fencing: {get_param: EnableFencing}
  95         hacluster_pwd:
  96           yaql:
  97             expression: $.data.passwords.where($ != '').first()
  98             data:
  99               passwords:
 100                 - {get_param: PcsdPassword}
 101                 - {get_param: [DefaultPasswords, pcsd_password]}
 102       step_config: |
 103         include ::tripleo::profile::base::pacemaker