# License for the specific language governing permissions and limitations
# under the License.
+Pcmk_resource <| |> {
+ tries => 10,
+ try_sleep => 3,
+}
+
if !str2bool(hiera('enable_package_install', 'false')) {
case $::osfamily {
'RedHat': {
if $::hostname == downcase(hiera('bootstrap_nodeid')) {
$pacemaker_master = true
+ $sync_db = true
} else {
$pacemaker_master = false
+ $sync_db = false
}
+# When to start and enable services which haven't been Pacemakerized
+# FIXME: remove when we start all OpenStack services using Pacemaker
+# (occurences of this variable will be gradually replaced with false)
+$non_pcmk_start = hiera('step') >= 4
+
if hiera('step') >= 1 {
+ create_resources(sysctl::value, hiera('sysctl_settings'), {})
+
+ if count(hiera('ntp::servers')) > 0 {
+ include ::ntp
+ }
+
$controller_node_ips = split(hiera('controller_node_ips'), ',')
$controller_node_names = split(downcase(hiera('controller_node_names')), ',')
class { '::tripleo::loadbalancer' :
controller_hosts => $controller_node_ips,
controller_hosts_names => $controller_node_names,
manage_vip => false,
+ haproxy_service_manage => false,
}
- $pacemaker_cluster_members = regsubst(hiera('controller_node_ips'), ',', ' ', 'G')
+ $pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G'))
user { 'hacluster':
ensure => present,
} ->
class { '::pacemaker::stonith':
disable => true,
}
- if $pacemaker_master {
- $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip')
- pacemaker::resource::ip { 'control_vip':
- ip_address => $control_vip,
- }
- $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip')
- pacemaker::resource::ip { 'public_vip':
- ip_address => $public_vip,
- }
- pacemaker::resource::systemd { 'haproxy':
- clone => true,
- }
- }
-
- Class['::pacemaker::corosync'] -> Pacemaker::Resource::Systemd <| |>
-
-}
-if hiera('step') >= 2 {
-
- if count(hiera('ntp::servers')) > 0 {
- include ::ntp
+ # Only configure RabbitMQ in this step, don't start it yet to
+ # avoid races where non-master nodes attempt to start without
+ # config (eg. binding on 0.0.0.0)
+ # The module ignores erlang_cookie if cluster_config is false
+ class { '::rabbitmq':
+ service_manage => false,
+ tcp_keepalive => false,
+ config_kernel_variables => hiera('rabbitmq_kernel_variables'),
+ config_variables => hiera('rabbitmq_config_variables'),
+ environment_variables => hiera('rabbitmq_environment'),
+ } ->
+ file { '/var/lib/rabbitmq/.erlang.cookie':
+ ensure => 'present',
+ owner => 'rabbitmq',
+ group => 'rabbitmq',
+ mode => '0400',
+ content => hiera('rabbitmq::erlang_cookie'),
+ replace => true,
}
# MongoDB
- if downcase(hiera('ceilometer_backend')) == 'mongodb' {
- include ::mongodb::globals
-
- class {'::mongodb::server' :
- service_ensure => undef
- }
- $mongo_node_ips = split(hiera('mongo_node_ips'), ',')
- $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017')
- $mongo_node_string = join($mongo_node_ips_with_port, ',')
-
- $mongodb_replset = hiera('mongodb::server::replset')
- $ceilometer_mongodb_conn_string = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
- if downcase(hiera('bootstrap_nodeid')) == $::hostname {
-
- pacemaker::resource::systemd { 'mongod' :
- options => "op start timeout=120s",
- clone => true,
- before => Exec['mongodb-ready'],
- }
- # NOTE (spredzy) : The replset can only be run
- # once all the nodes have joined the cluster.
- $mongodb_cluster_ready_command = join(suffix(prefix($mongo_node_ips, '/bin/nc -w1 '), ' 27017 < /dev/null'), ' && ')
- exec { 'mongodb-ready' :
- command => $mongodb_cluster_ready_command,
- timeout => 600,
- tries => 60,
- try_sleep => 10,
- before => Mongodb_replset[$mongodb_replset],
- }
-
- mongodb_replset { $mongodb_replset :
- members => $mongo_node_ips_with_port,
- }
- }
- }
-
- # Redis
- $redis_node_ips = split(hiera('redis_node_ips'), ',')
- $redis_master_hostname = downcase(hiera('bootstrap_nodeid'))
-
- if $redis_master_hostname == $::hostname {
- $slaveof = undef
- } else {
- $slaveof = "${redis_master_hostname} 6379"
- }
- class {'::redis' :
- slaveof => $slaveof,
- }
+ include ::mongodb::globals
- if count($redis_node_ips) > 1 {
- Class['::tripleo::redis_notification'] -> Service['redis-sentinel']
- include ::redis::sentinel
- class {'::tripleo::redis_notification' :
- haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'),
- }
+ # FIXME: replace with service_manage => false on ::mongodb::server
+ # when this is merged: https://github.com/puppetlabs/pupp etlabs-mongodb/pull/198
+ class { '::mongodb::server' :
+ service_ensure => undef,
+ service_enable => false,
}
+ # Galera
if str2bool(hiera('enable_galera', 'true')) {
$mysql_config_file = '/etc/my.cnf.d/galera.cnf'
} else {
}
$galera_nodes = downcase(hiera('galera_node_names', $::hostname))
$galera_nodes_count = count(split($galera_nodes, ','))
- $clustercheck_password = hiera('mysql_clustercheck_password')
- $mysql_root_password = hiera('mysql::server::root_password')
$mysqld_options = {
'mysqld' => {
'query_cache_size' => '0',
'query_cache_type' => '0',
'bind-address' => hiera('controller_host'),
+ 'max_connections' => '1024',
+ 'open_files_limit' => '-1',
'wsrep_provider' => '/usr/lib64/galera/libgalera_smm.so',
'wsrep_cluster_name' => 'galera_cluster',
'wsrep_slave_threads' => '1',
service_manage => false,
}
+}
+
+if hiera('step') >= 2 {
+
if $pacemaker_master {
- $sync_db = true
+ $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip')
+ pacemaker::resource::ip { 'control_vip':
+ ip_address => $control_vip,
+ }
+ $public_vip = hiera('tripleo::loadbalancer::public_virtual_ip')
+ pacemaker::resource::ip { 'public_vip':
+ ip_address => $public_vip,
+ }
+ pacemaker::resource::service { 'haproxy':
+ clone_params => true,
+ }
- pacemaker::resource::ocf { 'galera' :
- resource_name => 'heartbeat:galera',
- options => "enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}' meta master-max=${galera_nodes_count} ordered=true op promote timeout=300s on-fail=block --master",
- require => Class['::mysql::server'],
- before => Exec['galera-ready'],
+ pacemaker::resource::ocf { 'rabbitmq':
+ ocf_agent_name => 'heartbeat:rabbitmq-cluster',
+ resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'',
+ clone_params => 'ordered=true interleave=true',
+ require => Class['::rabbitmq'],
+ }
+
+ if downcase(hiera('ceilometer_backend')) == 'mongodb' {
+ pacemaker::resource::service { $::mongodb::params::service_name :
+ op_params => 'start timeout=120s',
+ clone_params => true,
+ require => Class['::mongodb::server'],
+ before => Exec['mongodb-ready'],
+ }
+ # NOTE (spredzy) : The replset can only be run
+ # once all the nodes have joined the cluster.
+ $mongo_node_ips = split(hiera('mongo_node_ips'), ',')
+ $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017')
+ $mongo_node_string = join($mongo_node_ips_with_port, ',')
+ $mongodb_replset = hiera('mongodb::server::replset')
+ $mongodb_cluster_ready_command = join(suffix(prefix($mongo_node_ips, '/bin/nc -w1 '), ' 27017 < /dev/null'), ' && ')
+ exec { 'mongodb-ready' :
+ command => $mongodb_cluster_ready_command,
+ timeout => 30,
+ tries => 180,
+ try_sleep => 10,
+ }
+ mongodb_replset { $mongodb_replset :
+ members => $mongo_node_ips_with_port,
+ require => Exec['mongodb-ready'],
+ }
}
+ pacemaker::resource::ocf { 'galera' :
+ ocf_agent_name => 'heartbeat:galera',
+ op_params => 'promote timeout=300s on-fail=block --master',
+ meta_params => "master-max=${galera_nodes_count} ordered=true",
+ resource_params => "additional_parameters='--open-files-limit=16384' enable_creation=true wsrep_cluster_address='gcomm://${galera_nodes}'",
+ require => Class['::mysql::server'],
+ before => Exec['galera-ready'],
+ }
mysql_user { 'clustercheckuser@localhost' :
password_hash => mysql_password($clustercheck_password),
require => Exec['galera-ready'],
}
+ }
+
+ # Redis
+ $redis_node_ips = split(hiera('redis_node_ips'), ',')
+ $redis_master_hostname = downcase(hiera('bootstrap_nodeid'))
+
+ if $redis_master_hostname == $::hostname {
+ $slaveof = undef
} else {
- $sync_db = false
+ $slaveof = "${redis_master_hostname} 6379"
+ }
+ class {'::redis' :
+ slaveof => $slaveof,
+ }
+
+ if count($redis_node_ips) > 1 {
+ Class['::tripleo::redis_notification'] -> Service['redis-sentinel']
+ include ::redis::sentinel
+ class {'::tripleo::redis_notification' :
+ haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'),
+ }
}
exec { 'galera-ready' :
- command => '/bin/mysql -e "SHOW GLOBAL VARIABLES LIKE \'read_only\'" | /bin/grep -i off',
- timeout => 3600,
- tries => 60,
- try_sleep => 60,
- environment => 'HOME=/root',
- require => Class['::mysql::server'],
+ command => '/usr/bin/clustercheck >/dev/null',
+ timeout => 30,
+ tries => 180,
+ try_sleep => 10,
+ environment => ["AVAILABLE_WHEN_READONLY=0"],
+ require => File['/etc/sysconfig/clustercheck'],
}
file { '/etc/sysconfig/clustercheck' :
ensure => file,
- content => "MYSQL_USERNAME=clustercheckuser\n
-MYSQL_PASSWORD=${clustercheck_password}\n
+ content => "MYSQL_USERNAME=root\n
+MYSQL_PASSWORD=''\n
MYSQL_HOST=localhost\n",
- require => Exec['galera-ready'],
}
xinetd::service { 'galera-monitor' :
require => File['/etc/sysconfig/clustercheck'],
}
- # FIXME: this should only occur on the bootstrap host (ditto for db syncs)
# Create all the database schemas
# Example DSN format: mysql://user:password@host/dbname
if $sync_db {
}
}
- # the module ignores erlang_cookie if cluster_config is false
- file { '/var/lib/rabbitmq/.erlang.cookie':
- ensure => 'present',
- owner => 'rabbitmq',
- group => 'rabbitmq',
- mode => '0400',
- content => hiera('rabbitmq::erlang_cookie'),
- replace => true,
- } ->
- class { '::rabbitmq':
- service_manage => false,
- tcp_keepalive => false,
- config_kernel_variables => hiera('rabbitmq_kernel_variables'),
- config_variables => hiera('rabbitmq_config_variables'),
- environment_variables => hiera('rabbitmq_environment'),
- }
- if $pacemaker_master {
- pacemaker::resource::ocf { 'rabbitmq':
- resource_name => 'heartbeat:rabbitmq-cluster',
- options => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'',
- clone => true,
- require => Class['::rabbitmq'],
- }
- }
-
# pre-install swift here so we can build rings
include ::swift
+ # Ceph
$cinder_enable_rbd_backend = hiera('cinder_enable_rbd_backend', false)
$enable_ceph = $cinder_enable_rbd_backend
include ::ceph::profile::osd
}
+ # Memcached
+ include ::memcached
+
} #END STEP 2
-if (hiera('step') >= 3 and $::hostname == downcase(hiera('bootstrap_nodeid')))
- or hiera('step') >= 4 {
+if hiera('step') >= 3 {
- include ::keystone
+ class { '::keystone':
+ sync_db => $sync_db,
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
#TODO: need a cleanup-keystone-tokens.sh solution here
keystone_config {
# TODO: notifications, scrubber, etc.
include ::glance
class { 'glance::api':
- known_stores => [$glance_store]
+ known_stores => [$glance_store],
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
}
class { '::glance::registry' :
sync_db => $sync_db,
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
}
include join(['::glance::backend::', $glance_backend])
class { '::nova::api' :
sync_db => $sync_db,
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::nova::cert' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::nova::conductor' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::nova::consoleauth' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::nova::vncproxy' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::nova::scheduler' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
}
- include ::nova::cert
- include ::nova::conductor
- include ::nova::consoleauth
include ::nova::network::neutron
- include ::nova::vncproxy
- include ::nova::scheduler
include ::neutron
class { '::neutron::server' :
sync_db => $sync_db,
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::neutron::agents::dhcp' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::neutron::agents::l3' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
}
- include ::neutron::agents::dhcp
- include ::neutron::agents::l3
file { '/etc/neutron/dnsmasq-neutron.conf':
content => hiera('neutron_dnsmasq_options'),
}
class { 'neutron::agents::ml2::ovs':
+ # manage_service => $non_pcmk_start, -- not implemented
+ enabled => $non_pcmk_start,
bridge_mappings => split(hiera('neutron_bridge_mappings'), ','),
tunnel_types => split(hiera('neutron_tunnel_types'), ','),
}
class { 'neutron::agents::metadata':
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']),
}
Service['neutron-server'] -> Service['neutron-metadata']
include ::cinder
- include ::cinder::api
+ class { '::cinder::api':
+ sync_db => $sync_db,
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::cinder::scheduler' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::cinder::volume' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
include ::cinder::glance
- include ::cinder::scheduler
- include ::cinder::volume
class {'cinder::setup_test_volume':
size => join([hiera('cinder_lvm_loop_device_size'), 'M']),
}
}
# swift proxy
- include ::memcached
- include ::swift::proxy
+ class { '::swift::proxy' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
include ::swift::proxy::proxy_logging
include ::swift::proxy::healthcheck
include ::swift::proxy::cache
# swift storage
if str2bool(hiera('enable_swift_storage', 'true')) {
- class {'swift::storage::all':
+ class {'::swift::storage::all':
mount_check => str2bool(hiera('swift_mount_check'))
}
+ class {'::swift::storage::account':
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class {'::swift::storage::container':
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class {'::swift::storage::object':
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
if(!defined(File['/srv/node'])) {
file { '/srv/node':
ensure => directory,
$ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
}
default : {
- $ceilometer_database_connection = $ceilometer_mongodb_conn_string
+ $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
}
}
include ::ceilometer
- include ::ceilometer::api
- include ::ceilometer::agent::notification
- include ::ceilometer::agent::central
- include ::ceilometer::alarm::notifier
- include ::ceilometer::alarm::evaluator
+ class { '::ceilometer::api' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::ceilometer::agent::notification' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::ceilometer::agent::central' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::ceilometer::alarm::notifier' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::ceilometer::alarm::evaluator' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::ceilometer::collector' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
include ::ceilometer::expirer
- include ::ceilometer::collector
class { '::ceilometer::db' :
database_connection => $ceilometer_database_connection,
sync_db => $sync_db,
class { '::heat' :
sync_db => $sync_db,
}
- include ::heat::api
- include ::heat::api_cfn
- include ::heat::api_cloudwatch
- include ::heat::engine
+ class { '::heat::api' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::heat::api_cfn' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::heat::api_cloudwatch' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
+ class { '::heat::engine' :
+ manage_service => $non_pcmk_start,
+ enabled => $non_pcmk_start,
+ }
# Horizon
$vhost_params = { add_listen => false }
}
} #END STEP 3
+
+if hiera('step') >= 4 {
+ # TODO: pacemaker::resource::service for OpenStack services go here
+} #END STEP 4
Code Review / apex-tripleo-heat-templates.git / blobdiff