puppet/services/pacemaker_remote.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   Pacemaker remote service configured with Puppet
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   DefaultPasswords:
  14     default: {}
  15     type: json
  16   RoleName:
  17     default: ''
  18     description: Role name on which the service is applied
  19     type: string
  20   RoleParameters:
  21     default: {}
  22     description: Parameters specific to the role
  23     type: json
  24   EndpointMap:
  25     default: {}
  26     description: Mapping of service endpoint -> protocol. Typically set
  27                  via parameter_defaults in the resource registry.
  28     type: json
  29   PacemakerRemoteAuthkey:
  30     type: string
  31     description: The authkey for the pacemaker remote service.
  32     hidden: true
  33     default: ''
  34   MonitoringSubscriptionPacemakerRemote:
  35     default: 'overcloud-pacemaker_remote'
  36     type: string
  37   EnableFencing:
  38     default: false
  39     description: Whether to enable fencing in Pacemaker or not.
  40     type: boolean
  41   FencingConfig:
  42     default: {}
  43     description: |
  44       Pacemaker fencing configuration. The JSON should have
  45       the following structure:
  46         {
  47           "devices": [
  48             {
  49               "agent": "AGENT_NAME",
  50               "host_mac": "HOST_MAC_ADDRESS",
  51               "params": {"PARAM_NAME": "PARAM_VALUE"}
  52             }
  53           ]
  54         }
  55       For instance:
  56         {
  57           "devices": [
  58             {
  59               "agent": "fence_xvm",
  60               "host_mac": "52:54:00:aa:bb:cc",
  61               "params": {
  62                 "multicast_address": "225.0.0.12",
  63                 "port": "baremetal_0",
  64                 "manage_fw": true,
  65                 "manage_key_file": true,
  66                 "key_file": "/etc/fence_xvm.key",
  67                 "key_file_password": "abcdef"
  68               }
  69             }
  70           ]
  71         }
  72     type: json
  73   PacemakerRemoteLoggingSource:
  74     type: json
  75     default:
  76       tag: system.pacemaker_remote
  77       path: /var/log/pacemaker.log
  78       format: >-
  79         /^(?<time>[^ ]*\s*[^ ]* [^ ]*)
  80         \[(?<pid>[^ ]*)\]
  81         (?<host>[^ ]*)
  82         (?<message>.*)$/
  83
  84 outputs:
  85   role_data:
  86     description: Role data for the Pacemaker remote role.
  87     value:
  88       service_name: pacemaker_remote
  89       monitoring_subscription: {get_param: MonitoringSubscriptionPacemakerRemote}
  90       logging_groups:
  91         - haclient
  92       logging_source: {get_param: PacemakerRemoteLoggingSource}
  93       config_settings:
  94         tripleo.pacemaker_remote.firewall_rules:
  95           '130 pacemaker_remote tcp':
  96             proto: 'tcp'
  97             dport:
  98               - 3121
  99         tripleo::fencing::config: {get_param: FencingConfig}
 100         enable_fencing: {get_param: EnableFencing}
 101         tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey}
 102       step_config: |
 103         include ::tripleo::profile::base::pacemaker_remote