Add two new parameters: EnableFencing and FencingConfig.
FencingConfig is a json with an expected structure documented in the
templates. It gets passed further to puppet-tripleo, which configures
the fencing devices.
Fencing is configured and enabled in the last step after all pacemaker
resources and constraints have been created, which should be a more
stable approach than the other way round.
Change-Id: Ifd432bfd2443b6d13e7efa006d4120bb0eaa2554
Depends-On: I819fc8c126ec47cd207c59b3dcf92ff699649c5a
Depends-On: I8b7adff6f05f864115071c51810b41efad887584
default: ''
description: Set to True to enable debugging on all services.
type: string
+ EnableFencing:
+ default: false
+ description: Whether to enable fencing in Pacemaker or not.
+ type: boolean
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
}
}
type: json
+ FencingConfig:
+ default: {}
+ description: |
+ Pacemaker fencing configuration. The JSON should have
+ the following structure:
+ {
+ "devices": [
+ {
+ "agent": "AGENT_NAME",
+ "host_mac": "HOST_MAC_ADDRESS",
+ "params": {"PARAM_NAME": "PARAM_VALUE"}
+ }
+ ]
+ }
+ For instance:
+ {
+ "devices": [
+ {
+ "agent": "fence_xvm",
+ "host_mac": "52:54:00:aa:bb:cc",
+ "params": {
+ "multicast_address": "225.0.0.12",
+ "port": "baremetal_0",
+ "manage_fw": true,
+ "manage_key_file": true,
+ "key_file": "/etc/fence_xvm.key",
+ "key_file_password": "abcdef"
+ }
+ }
+ ]
+ }
+ type: json
Flavor:
description: Flavor for control nodes to request when deploying.
type: string
default: 'br-ex'
description: Interface where virtual ip will be assigned.
type: string
+ EnableFencing:
+ default: false
+ description: Whether to enable fencing in Pacemaker or not.
+ type: boolean
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
}
}
type: json
+ FencingConfig:
+ default: {}
+ description: |
+ Pacemaker fencing configuration. The JSON should have
+ the following structure:
+ {
+ "devices": [
+ {
+ "agent": "AGENT_NAME",
+ "host_mac": "HOST_MAC_ADDRESS",
+ "params": {"PARAM_NAME": "PARAM_VALUE"}
+ }
+ ]
+ }
+ For instance:
+ {
+ "devices": [
+ {
+ "agent": "fence_xvm",
+ "host_mac": "52:54:00:aa:bb:cc",
+ "params": {
+ "multicast_address": "225.0.0.12",
+ "port": "baremetal_0",
+ "manage_fw": true,
+ "manage_key_file": true,
+ "key_file": "/etc/fence_xvm.key",
+ "key_file_password": "abcdef"
+ }
+ }
+ ]
+ }
+ type: json
GlanceLogFile:
description: The filepath of the file to use for logging messages from Glance.
type: string
ControlVirtualInterface: {get_param: ControlVirtualInterface}
ControllerExtraConfig: {get_param: controllerExtraConfig}
Debug: {get_param: Debug}
+ EnableFencing: {get_param: EnableFencing}
EnableGalera: {get_param: EnableGalera}
EnableCephStorage: {get_param: ControllerEnableCephStorage}
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
ExtraConfig: {get_param: ExtraConfig}
+ FencingConfig: {get_param: FencingConfig}
Flavor: {get_param: OvercloudControlFlavor}
GlancePort: {get_param: GlancePort}
GlanceProtocol: {get_param: GlanceProtocol}
step: 4
update_identifier: {get_param: NodeConfigIdentifiers}
+ ControllerOvercloudServicesDeployment_Step6:
+ type: OS::Heat::StructuredDeployments
+ depends_on: ControllerOvercloudServicesDeployment_Step5
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: ControllerPuppetConfig}
+ input_values:
+ step: 5
+ update_identifier: {get_param: NodeConfigIdentifiers}
+
# Note, this should come last, so use depends_on to ensure
# this is created after any other resources.
ExtraConfig:
default: ''
description: Set to True to enable debugging on all services.
type: string
+ EnableFencing:
+ default: false
+ description: Whether to enable fencing in Pacemaker or not.
+ type: boolean
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
}
}
type: json
+ FencingConfig:
+ default: {}
+ description: |
+ Pacemaker fencing configuration. The JSON should have
+ the following structure:
+ {
+ "devices": [
+ {
+ "agent": "AGENT_NAME",
+ "host_mac": "HOST_MAC_ADDRESS",
+ "params": {"PARAM_NAME": "PARAM_VALUE"}
+ }
+ ]
+ }
+ For instance:
+ {
+ "devices": [
+ {
+ "agent": "fence_xvm",
+ "host_mac": "52:54:00:aa:bb:cc",
+ "params": {
+ "multicast_address": "225.0.0.12",
+ "port": "baremetal_0",
+ "manage_fw": true,
+ "manage_key_file": true,
+ "key_file": "/etc/fence_xvm.key",
+ "key_file_password": "abcdef"
+ }
+ }
+ ]
+ }
+ type: json
Flavor:
description: Flavor for control nodes to request when deploying.
type: string
- - 'http://'
- {get_param: KeystonePublicApiVirtualIP}
- ':5000/v2.0/'
+ enable_fencing: {get_param: EnableFencing}
enable_galera: {get_param: EnableGalera}
enable_ceph_storage: {get_param: EnableCephStorage}
enable_swift_storage: {get_param: EnableSwiftStorage}
- '@'
- {get_param: MysqlVirtualIP}
- '/nova'
+ fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName}
rabbit_password: {get_param: RabbitPassword}
bootstack_nodeid: {get_input: bootstack_nodeid}
# Pacemaker
+ enable_fencing: {get_input: enable_fencing}
hacluster_pwd: {get_input: pcsd_password}
+ tripleo::fencing::config: {get_input: fencing_config}
# Swift
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
$sync_db = false
}
+$enable_fencing = str2bool(hiera('enable_fencing', 'false')) and hiera('step') >= 5
+
# When to start and enable services which haven't been Pacemakerized
# FIXME: remove when we start all OpenStack services using Pacemaker
# (occurences of this variable will be gradually replaced with false)
setup_cluster => $pacemaker_master,
}
class { '::pacemaker::stonith':
- disable => true,
+ disable => !$enable_fencing,
+ }
+ if $enable_fencing {
+ include tripleo::fencing
+
+ # enable stonith after all fencing devices have been created
+ Class['tripleo::fencing'] -> Class['pacemaker::stonith']
}
# Only configure RabbitMQ in this step, don't start it yet to