Make HA container bundle work on remote nodes
Right now when we deploy an HA bundle on a pacemaker remote node, the deploy will fail due to the fact that the bundle includes tripleo::profile::base::pacemaker which makes a call to hiera('hacluster_pwd') which will fail on pcmk remote nodes. While we could noop the profile on pcmk nodes, it's much simpler to just make sure this hiera key exists on pcmk remote nodes. Also make sure that pacemaker::corosync::manage_fw is set to false on remote nodes, otherwise the mere inclusion of the pacemaker profile will cause iptables-save to run in a container and thus failing. Change-Id: I09b3e54a470cc2d600a701d23463962501c5c9d6
This commit is contained in:
parent
5bf7d6582b
commit
96795a94da
|
@ -35,6 +35,11 @@ parameters:
|
|||
description: The authkey for the pacemaker remote service.
|
||||
hidden: true
|
||||
default: ''
|
||||
PcsdPassword:
|
||||
type: string
|
||||
description: The password for the 'pcsd' user for pacemaker.
|
||||
hidden: true
|
||||
default: ''
|
||||
MonitoringSubscriptionPacemakerRemote:
|
||||
default: 'overcloud-pacemaker_remote'
|
||||
type: string
|
||||
|
@ -103,5 +108,13 @@ outputs:
|
|||
tripleo::fencing::config: {get_param: FencingConfig}
|
||||
enable_fencing: {get_param: EnableFencing}
|
||||
tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey}
|
||||
pacemaker::corosync::manage_fw: false
|
||||
hacluster_pwd:
|
||||
yaql:
|
||||
expression: $.data.passwords.where($ != '').first()
|
||||
data:
|
||||
passwords:
|
||||
- {get_param: PcsdPassword}
|
||||
- {get_param: [DefaultPasswords, pcsd_password]}
|
||||
step_config: |
|
||||
include ::tripleo::profile::base::pacemaker_remote
|
||||
|
|
Loading…
Reference in New Issue