diff --git a/manifests/network/metadata.pp b/manifests/network/metadata.pp index 2ca0a155..4f0c22d3 100644 --- a/manifests/network/metadata.pp +++ b/manifests/network/metadata.pp @@ -15,8 +15,7 @@ # # == Class: cloud::network::metadata # -# Network Metadata node (need to be run once) -# Could be managed by spof_node manifest +# Network Metadata node # # === Parameters: # diff --git a/manifests/orchestration/engine.pp b/manifests/orchestration/engine.pp index d79723b0..6420cbd9 100644 --- a/manifests/orchestration/engine.pp +++ b/manifests/orchestration/engine.pp @@ -15,8 +15,7 @@ # # == Class: cloud::orchestration::engine # -# Orchestration engine node (should be run once) -# Could be managed by spof node as Active / Passive. +# Orchestration engine node # # === Parameters: # diff --git a/manifests/spof.pp b/manifests/spof.pp deleted file mode 100644 index 7ac21760..00000000 --- a/manifests/spof.pp +++ /dev/null @@ -1,109 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: cloud::spof -# -# Install all SPOF services in active / passive with Pacemaker / Corosync -# -# === Parameters: -# -# [*cluster_ip*] -# (optional) Interface used by Corosync to send multicast traffic -# Defaults to '127.0.0.1' -# [*cluster_members*] -# (required on Red Hat) A space-separted list of cluster IP's or names -# Defaults to false -# -# [*multicast_address*] -# (optionnal) IP address used to send multicast traffic -# Defaults to '239.1.1.2' -# -# [*firewall_settings*] -# (optional) Allow to add custom parameters to firewall rules -# Should be an hash. -# Default to {} -# -# [*cluster_password*] -# (optionnal) Password of the pacemaker cluster -# Defaults to 'secrete' -# -class cloud::spof( - $cluster_ip = '127.0.0.1', - $cluster_members = false, - $multicast_address = '239.1.1.2', - $cluster_password = 'secrete', - $firewall_settings = {}, -) { - - if $::osfamily == 'RedHat' { - if ! $cluster_members { - fail('cluster_members is a required parameter.') - } - - class { 'pacemaker': - hacluster_pwd => $cluster_password - } - class { 'pacemaker::corosync': - cluster_name => 'openstack', - cluster_members => $cluster_members, - settle_timeout => 10, - settle_tries => 2, - settle_try_sleep => 5, - manage_fw => false - } - class {'pacemaker::stonith': - disable => true - } - } else { - - class { 'corosync': - enable_secauth => false, - authkey => '/var/lib/puppet/ssl/certs/ca.pem', - bind_address => $cluster_ip, - multicast_address => $multicast_address - } - - corosync::service { 'pacemaker': - version => '0', - } - - Package['corosync'] -> - cs_property { - 'no-quorum-policy': value => 'ignore'; - 'stonith-enabled': value => 'false'; - 'pe-warn-series-max': value => 1000; - 'pe-input-series-max': value => 1000; - 'cluster-recheck-interval': value => '5min'; - } - } - - if $::cloud::manage_firewall { - cloud::firewall::rule{ '100 allow vrrp access': - port => undef, - proto => 'vrrp', - extras => $firewall_settings, - } - cloud::firewall::rule{ '100 allow corosync tcp access': - port => ['2224','3121','21064'], - extras => $firewall_settings, - } - cloud::firewall::rule{ '100 allow corosync udp access': - port => ['5404','5405'], - proto => 'udp', - extras => $firewall_settings, - } - } - -} diff --git a/spec/classes/cloud_spof_spec.rb b/spec/classes/cloud_spof_spec.rb deleted file mode 100644 index 6831633f..00000000 --- a/spec/classes/cloud_spof_spec.rb +++ /dev/null @@ -1,147 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for cloud::spof class -# - -require 'spec_helper' - -describe 'cloud::spof' do - - shared_examples_for 'cloud spof' do - - let :params do - { :cluster_ip => '10.0.0.1', - :multicast_address => '239.1.1.2', - :cluster_members => false, - :cluster_password => 'verysecrete' } - end - - context 'with Pacemaker on Debian' do - before :each do - facts.merge!( :osfamily => 'Debian' ) - end - - it 'configure pacemaker/corosync' do - is_expected.to contain_class('corosync').with( - :enable_secauth => false, - :authkey => '/var/lib/puppet/ssl/certs/ca.pem', - :bind_address => '10.0.0.1', - :multicast_address => '239.1.1.2', - ) - end - end - - context 'with Pacemaker on Red-Hat' do - before :each do - facts.merge!( :osfamily => 'RedHat' ) - params.merge!( :cluster_members => 'srv1 srv2 srv3') - end - - it 'configure pacemaker/corosync' do - is_expected.to contain_class('pacemaker').with(:hacluster_pwd => 'verysecrete') - is_expected.to contain_class('pacemaker::stonith').with(:disable => true) - is_expected.to contain_class('pacemaker::corosync').with( - :cluster_name => 'openstack', - :settle_timeout => 10, - :settle_tries => 2, - :settle_try_sleep => 5, - :manage_fw => false, - :cluster_members => 'srv1 srv2 srv3') - end - end - - context 'with Pacemaker on Red-Hat with missing parameters' do - before :each do - facts.merge!( :osfamily => 'RedHat' ) - params.merge!( :cluster_members => false) - end - it { is_expected.to compile.and_raise_error(/cluster_members is a required parameter./) } - end - - context 'with default firewall enabled' do - let :pre_condition do - "class { 'cloud': manage_firewall => true }" - end - before :each do - params.merge!( :cluster_members => 'srv1 srv2 srv3') - end - it 'configure pacemaker firewall rules' do - is_expected.to contain_firewall('100 allow vrrp access').with( - :port => nil, - :proto => 'vrrp', - :action => 'accept', - ) - is_expected.to contain_firewall('100 allow corosync tcp access').with( - :port => ['2224','3121','21064'], - :action => 'accept', - ) - is_expected.to contain_firewall('100 allow corosync udp access').with( - :port => ['5404','5405'], - :proto => 'udp', - :action => 'accept', - ) - end - end - - context 'with custom firewall enabled' do - let :pre_condition do - "class { 'cloud': manage_firewall => true }" - end - before :each do - params.merge!( - :firewall_settings => { 'limit' => '50/sec' }, - :cluster_members => 'srv1 srv2 srv3' - ) - end - it 'configure pacemaker firewall rules with custom parameter' do - is_expected.to contain_firewall('100 allow vrrp access').with( - :port => nil, - :proto => 'vrrp', - :action => 'accept', - :limit => '50/sec', - ) - is_expected.to contain_firewall('100 allow corosync tcp access').with( - :port => ['2224','3121','21064'], - :action => 'accept', - :limit => '50/sec', - ) - is_expected.to contain_firewall('100 allow corosync udp access').with( - :port => ['5404','5405'], - :proto => 'udp', - :action => 'accept', - :limit => '50/sec', - ) - end - end - - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian' } - end - - it_configures 'cloud spof' - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - it_configures 'cloud spof' - end - -end