From 928cdd0513e5f2015c52f0c938782feedd2fba33 Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 08:35:17 +0200 Subject: [PATCH 01/12] Add EL8 & EL9 support and claim compatibility copy of #527 --- data/os/RedHat/8.yaml | 2 ++ data/os/RedHat/9.yaml | 2 ++ metadata.json | 8 ++++++-- spec/classes/corosync_spec.rb | 27 +++++++++++++++++++++------ 4 files changed, 31 insertions(+), 8 deletions(-) create mode 100644 data/os/RedHat/8.yaml create mode 100644 data/os/RedHat/9.yaml diff --git a/data/os/RedHat/8.yaml b/data/os/RedHat/8.yaml new file mode 100644 index 00000000..1b83a5bc --- /dev/null +++ b/data/os/RedHat/8.yaml @@ -0,0 +1,2 @@ +--- +corosync::config_validate_cmd: "/usr/sbin/corosync -c % -t" \ No newline at end of file diff --git a/data/os/RedHat/9.yaml b/data/os/RedHat/9.yaml new file mode 100644 index 00000000..1b83a5bc --- /dev/null +++ b/data/os/RedHat/9.yaml @@ -0,0 +1,2 @@ +--- +corosync::config_validate_cmd: "/usr/sbin/corosync -c % -t" \ No newline at end of file diff --git a/metadata.json b/metadata.json index c849c456..e1e8b8c4 100644 --- a/metadata.json +++ b/metadata.json @@ -11,13 +11,17 @@ { "operatingsystem": "RedHat", "operatingsystemrelease": [ - "7" + "7", + "8", + "9" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ - "7" + "7", + "8", + "9" ] }, { diff --git a/spec/classes/corosync_spec.rb b/spec/classes/corosync_spec.rb index ec970c27..f5640b58 100644 --- a/spec/classes/corosync_spec.rb +++ b/spec/classes/corosync_spec.rb @@ -17,12 +17,6 @@ ) end - it 'validates the corosync configuration' do - is_expected.to contain_file('/etc/corosync/corosync.conf').with_validate_cmd( - '/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t' - ) - end - context 'validates the corosncy configuration when config_validate_cmd is set' do let(:params) do super().merge( @@ -730,6 +724,27 @@ it_configures 'corosync' + # Check the correct validation command is used for each OS + it 'validates the corosync configuration' do + case os_facts[:os]['family'] + when 'RedHat' + case os_facts[:os]['release']['major'].to_i + when 0..7 + is_expected.to contain_file('/etc/corosync/corosync.conf').with_validate_cmd( + '/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t' + ) + else + is_expected.to contain_file('/etc/corosync/corosync.conf').with_validate_cmd( + '/usr/sbin/corosync -c % -t' + ) + end + else + is_expected.to contain_file('/etc/corosync/corosync.conf').with_validate_cmd( + '/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t' + ) + end + end + # Check default package installations per platform case os_facts[:os]['family'] when 'RedHat' From ad603972b438a488e4d8a9005adcd0f31e44924f Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 08:47:28 +0200 Subject: [PATCH 02/12] fix space indentation --- spec/classes/corosync_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/classes/corosync_spec.rb b/spec/classes/corosync_spec.rb index f5640b58..f37a3316 100644 --- a/spec/classes/corosync_spec.rb +++ b/spec/classes/corosync_spec.rb @@ -731,7 +731,7 @@ case os_facts[:os]['release']['major'].to_i when 0..7 is_expected.to contain_file('/etc/corosync/corosync.conf').with_validate_cmd( - '/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t' + '/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t' ) else is_expected.to contain_file('/etc/corosync/corosync.conf').with_validate_cmd( From 252ddfda4a3e2db1c5329136f399ea003c3e9f25 Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 15:30:21 +0200 Subject: [PATCH 03/12] rspec ./spec/unit/puppet/provider/cs_clone_pcs_spec.rb:243 Puppet::Type::Cs_clone::ProviderPcs when changing clone id each instance calls cibadmin with the correct parameters --- lib/puppet/provider/cs_clone/pcs.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/cs_clone/pcs.rb b/lib/puppet/provider/cs_clone/pcs.rb index 814f5d21..8387a4e9 100644 --- a/lib/puppet/provider/cs_clone/pcs.rb +++ b/lib/puppet/provider/cs_clone/pcs.rb @@ -28,7 +28,7 @@ def change_clone_id(type, primitive, id, cib) return unless doc.root.attributes['id'] != id doc.root.attributes['id'] = id - cmd = [command(:cibadmin), '--replace', '--xpath', xpath, '--xml-text', doc.to_s.chop] + cmd = [command(:cibadmin), '--replace', '--xpath', xpath, '--xml-text', doc.to_s] self.class.run_command_in_cib(cmd, cib) end From 5ee3bfe46fa1cf74006b584409fba7c988d9744b Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 16:41:22 +0200 Subject: [PATCH 04/12] support for RH subscription repo e CentOS9 --- data/os/CentOS/9.yaml | 3 +++ data/os/RedHat/8.yaml | 3 ++- data/os/RedHat/9.yaml | 3 ++- manifests/init.pp | 27 +++++++++++++++++++++++++++ metadata.json | 1 - 5 files changed, 34 insertions(+), 3 deletions(-) create mode 100644 data/os/CentOS/9.yaml diff --git a/data/os/CentOS/9.yaml b/data/os/CentOS/9.yaml new file mode 100644 index 00000000..e030534c --- /dev/null +++ b/data/os/CentOS/9.yaml @@ -0,0 +1,3 @@ +--- +corosync::config_validate_cmd: "/usr/sbin/corosync -c % -t" +corosync::highavailability_repo: "highavailability" \ No newline at end of file diff --git a/data/os/RedHat/8.yaml b/data/os/RedHat/8.yaml index 1b83a5bc..9866b96c 100644 --- a/data/os/RedHat/8.yaml +++ b/data/os/RedHat/8.yaml @@ -1,2 +1,3 @@ --- -corosync::config_validate_cmd: "/usr/sbin/corosync -c % -t" \ No newline at end of file +corosync::config_validate_cmd: "/usr/sbin/corosync -c % -t" +corosync::highavailability_repo: "rhel-8-for-x86_64-highavailability-rpms" \ No newline at end of file diff --git a/data/os/RedHat/9.yaml b/data/os/RedHat/9.yaml index 1b83a5bc..cdba3b7e 100644 --- a/data/os/RedHat/9.yaml +++ b/data/os/RedHat/9.yaml @@ -1,2 +1,3 @@ --- -corosync::config_validate_cmd: "/usr/sbin/corosync -c % -t" \ No newline at end of file +corosync::config_validate_cmd: "/usr/sbin/corosync -c % -t" +corosync::highavailability_repo: "rhel-9-for-x86_64-highavailability-rpms" \ No newline at end of file diff --git a/manifests/init.pp b/manifests/init.pp index 3b5ba773..8767a864 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -136,6 +136,9 @@ # Additional install-options for the pcs package resource. # Default: undef # +# @param #highavailability_repo +# Whether the module should enable the corosync service. +# # @param ensure_corosync # Define what version of the corosync package should be installed. # Default: 'present' @@ -404,6 +407,7 @@ Optional[Variant[Stdlib::Absolutepath, Enum['off']]] $watchdog_device = undef, Enum['pcs', 'crm'] $provider = 'pcs', String $pcs_version = '', # lint:ignore:params_empty_string_assignment + String[1] $highavailability_repo = unfed ) inherits corosync::params { if $set_votequorum and (empty($quorum_members) and empty($multicast_address) and !$cluster_name) { fail('set_votequorum is true, so you must set either quorum_members, or one of multicast_address or cluster_name.') @@ -417,6 +421,29 @@ fail('quorum_members_ids may not be used without the quorum_members.') } + # Enable High Availability repository + case $facts['os']['name'] { + 'RedHat': { + if $facts['os']['release']['major'] > 7 { + exec { 'enable_highavailability_repo': + command => "subscription-manager repos --enable=${highavailability_repo}", + path => '/usr/bin:/usr/sbin:/bin:/sbin', + unless => "yum repolist enabled | grep -q ${highavailability_repo}", + } + } + } + 'CentOS': { + if $facts['os']['release']['major'] == 9 { + exec { 'enable_highavailability_repo': + command => "yum config-manager --set-enabled ${highavailability_repo}", + path => '/usr/bin:/usr/sbin:/bin:/sbin', + unless => "yum repolist enabled | grep -q ${highavailability_repo}", + } + } + } + default: {} + } + if $package_corosync { package { 'corosync': ensure => $ensure_corosync, diff --git a/metadata.json b/metadata.json index e1e8b8c4..9cb851f5 100644 --- a/metadata.json +++ b/metadata.json @@ -20,7 +20,6 @@ "operatingsystem": "CentOS", "operatingsystemrelease": [ "7", - "8", "9" ] }, From ef7935b07bceb8e431ef1b9338c8a4ed3cb5ea98 Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 16:43:43 +0200 Subject: [PATCH 05/12] removed hash mark --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 8767a864..5a87303c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -136,7 +136,7 @@ # Additional install-options for the pcs package resource. # Default: undef # -# @param #highavailability_repo +# @param highavailability_repo # Whether the module should enable the corosync service. # # @param ensure_corosync From 11e8560299836cf197cf89b916add3ca8c30d7c3 Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 16:52:23 +0200 Subject: [PATCH 06/12] reference missing --- REFERENCE.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/REFERENCE.md b/REFERENCE.md index 2a616b36..70f227d4 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -141,6 +141,10 @@ The following parameters are available in the `corosync` class: * [`test_corosync_config`](#-corosync--test_corosync_config) * [`watchdog_device`](#-corosync--watchdog_device) * [`provider`](#-corosync--provider) +* [`highavailability_repo`](#-corosync--highavailability_repo) + + + ##### `enable_secauth` @@ -190,9 +194,13 @@ Default value: `'aes256'` Data type: `String[1]` +Default value: `'/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t'` + +##### `highavailability_repo` +Data type: `String[1]` -Default value: `'/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t'` +Default value: `undef` ##### `threads` From 7b03c04c1029a04782a8806bb6c00ddeed9e4a8c Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 17:45:34 +0200 Subject: [PATCH 07/12] fix typo --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 5a87303c..92c4c331 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -407,7 +407,7 @@ Optional[Variant[Stdlib::Absolutepath, Enum['off']]] $watchdog_device = undef, Enum['pcs', 'crm'] $provider = 'pcs', String $pcs_version = '', # lint:ignore:params_empty_string_assignment - String[1] $highavailability_repo = unfed + String[1] $highavailability_repo = undef, ) inherits corosync::params { if $set_votequorum and (empty($quorum_members) and empty($multicast_address) and !$cluster_name) { fail('set_votequorum is true, so you must set either quorum_members, or one of multicast_address or cluster_name.') From ea5056045f5edbe8d72664343cdcbfc09dea02ee Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 18:04:19 +0200 Subject: [PATCH 08/12] regenerate REFERENCE.md --- REFERENCE.md | 3757 +++++++++++++++++++++++++------------------------- 1 file changed, 1879 insertions(+), 1878 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 70f227d4..d3a7fa17 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1,1878 +1,1879 @@ -# Reference - - - -## Table of Contents - -### Classes - -* [`corosync`](#corosync): Configures the Pacemaker+Corosync stack to provide high-availability. -* [`corosync::params`](#corosync--params): Configures sane defaults based on the operating system. -* [`corosync::qdevice`](#corosync--qdevice): Performs basic initial configuration of the qdevice daemon on a node. -* [`corosync::reprobe`](#corosync--reprobe): Triggers re-probe for changes any of the native cs_* types. - -### Defined types - -* [`corosync::service`](#corosync--service): Declare services within /etc/corosync/service.d/ (Corosync 1.x) - -### Resource types - -* [`cs_clone`](#cs_clone): Type for manipulating corosync/pacemaker resource clone. More information on Corosync/Pacemaker colocation can be found here: * http://www.c -* [`cs_colocation`](#cs_colocation): Type for manipulating corosync/pacemaker colocation. Colocation is the grouping together of a set of primitives so that they travel together -* [`cs_commit`](#cs_commit): Final commit statement which triggers the synchronous application of all primitive changes which reference this CIB. Do not generate more tha -* [`cs_group`](#cs_group): Type for manipulating Corosync/Pacemaker group entries. Groups are a set or resources (primitives) that need to be grouped together. More in -* [`cs_location`](#cs_location): Type for manipulating corosync/pacemaker resource location. More information on Corosync/Pacemaker colocation can be found here: * http://ww -* [`cs_order`](#cs_order): Type for manipulating Corosync/Pacemaker ordering entries. Order entries are another type of constraint that can be put on sets of primitive -* [`cs_primitive`](#cs_primitive): Type for manipulating Corosync/Pacemaker primitives. Primitives are probably the most important building block when creating highly availabl -* [`cs_property`](#cs_property): Type for manipulating corosync/pacemaker configuration properties. Besides the configuration file that is managed by the module the contains -* [`cs_rsc_defaults`](#cs_rsc_defaults): Type for manipulating corosync/pacemaker global defaults for resource options. The type is pretty simple interface for setting key/value pair -* [`cs_shadow`](#cs_shadow): cs_shadow resources represent a Corosync shadow CIB. Any corosync resources defined with 'cib' set to the title of a cs_shadow resource will - -### Data types - -* [`Corosync::ArrayRing`](#Corosync--ArrayRing): Custom type for infinitely nestable arrays -* [`Corosync::CryptoCipher`](#Corosync--CryptoCipher): Defines the allowed cipher types for secure corosync communication -* [`Corosync::CryptoHash`](#Corosync--CryptoHash): Custom type for possible crypto hashes -* [`Corosync::IpStringIp`](#Corosync--IpStringIp): Custom type for string <-> array of string variants -* [`Corosync::QuorumAlgorithm`](#Corosync--QuorumAlgorithm): Custom type for quorumalgorithm enum -* [`Corosync::Syslogpriority`](#Corosync--Syslogpriority): Custom type for syslog priority enum - -## Classes - -### `corosync` - -This class will set up corosync for use by the Puppet Enterprise console to -facilitate an active/standby configuration for high availability. It is -assumed that this module has been initially ran on a Puppet master with the -capabilities of signing certificates to do the initial key generation. - -=== Authors - -Cody Herriges - -=== Copyright - -Copyright 2012, Puppet Labs, LLC. - -#### Examples - -##### Simple configuration without secauth - -```puppet - -class { 'corosync': - enable_secauth => false, - bind_address => '192.168.2.10', - multicast_address => '239.1.1.2', -} -``` - -#### Parameters - -The following parameters are available in the `corosync` class: - -* [`enable_secauth`](#-corosync--enable_secauth) -* [`authkey_source`](#-corosync--authkey_source) -* [`authkey`](#-corosync--authkey) -* [`crypto_hash`](#-corosync--crypto_hash) -* [`crypto_cipher`](#-corosync--crypto_cipher) -* [`config_validate_cmd`](#-corosync--config_validate_cmd) -* [`threads`](#-corosync--threads) -* [`bind_address`](#-corosync--bind_address) -* [`pcs_version`](#-corosync--pcs_version) -* [`port`](#-corosync--port) -* [`multicast_address`](#-corosync--multicast_address) -* [`unicast_addresses`](#-corosync--unicast_addresses) -* [`force_online`](#-corosync--force_online) -* [`check_standby`](#-corosync--check_standby) -* [`log_timestamp`](#-corosync--log_timestamp) -* [`log_file`](#-corosync--log_file) -* [`log_file_name`](#-corosync--log_file_name) -* [`debug`](#-corosync--debug) -* [`log_stderr`](#-corosync--log_stderr) -* [`syslog_priority`](#-corosync--syslog_priority) -* [`log_function_name`](#-corosync--log_function_name) -* [`rrp_mode`](#-corosync--rrp_mode) -* [`netmtu`](#-corosync--netmtu) -* [`ttl`](#-corosync--ttl) -* [`vsftype`](#-corosync--vsftype) -* [`package_corosync`](#-corosync--package_corosync) -* [`package_pacemaker`](#-corosync--package_pacemaker) -* [`package_fence_agents`](#-corosync--package_fence_agents) -* [`packageopts_corosync`](#-corosync--packageopts_corosync) -* [`packageopts_crmsh`](#-corosync--packageopts_crmsh) -* [`packageopts_pacemaker`](#-corosync--packageopts_pacemaker) -* [`packageopts_pcs`](#-corosync--packageopts_pcs) -* [`packageopts_fence_agents`](#-corosync--packageopts_fence_agents) -* [`ensure_corosync`](#-corosync--ensure_corosync) -* [`ensure_crmsh`](#-corosync--ensure_crmsh) -* [`ensure_pacemaker`](#-corosync--ensure_pacemaker) -* [`ensure_pcs`](#-corosync--ensure_pcs) -* [`ensure_fence_agents`](#-corosync--ensure_fence_agents) -* [`set_votequorum`](#-corosync--set_votequorum) -* [`votequorum_expected_votes`](#-corosync--votequorum_expected_votes) -* [`quorum_members`](#-corosync--quorum_members) -* [`quorum_members_ids`](#-corosync--quorum_members_ids) -* [`quorum_members_names`](#-corosync--quorum_members_names) -* [`token`](#-corosync--token) -* [`token_retransmits_before_loss_const`](#-corosync--token_retransmits_before_loss_const) -* [`compatibility`](#-corosync--compatibility) -* [`enable_corosync_service`](#-corosync--enable_corosync_service) -* [`manage_corosync_service`](#-corosync--manage_corosync_service) -* [`enable_pacemaker_service`](#-corosync--enable_pacemaker_service) -* [`manage_pacemaker_service`](#-corosync--manage_pacemaker_service) -* [`enable_pcsd_service`](#-corosync--enable_pcsd_service) -* [`manage_pcsd_service`](#-corosync--manage_pcsd_service) -* [`manage_pcsd_auth`](#-corosync--manage_pcsd_auth) -* [`manage_pcsd_auth_node`](#-corosync--manage_pcsd_auth_node) -* [`sensitive_hacluster_password`](#-corosync--sensitive_hacluster_password) -* [`sensitive_hacluster_hash`](#-corosync--sensitive_hacluster_hash) -* [`manage_quorum_device`](#-corosync--manage_quorum_device) -* [`quorum_device_host`](#-corosync--quorum_device_host) -* [`quorum_device_algorithm`](#-corosync--quorum_device_algorithm) -* [`package_quorum_device`](#-corosync--package_quorum_device) -* [`sensitive_quorum_device_password`](#-corosync--sensitive_quorum_device_password) -* [`cluster_name`](#-corosync--cluster_name) -* [`join`](#-corosync--join) -* [`consensus`](#-corosync--consensus) -* [`ip_version`](#-corosync--ip_version) -* [`clear_node_high_bit`](#-corosync--clear_node_high_bit) -* [`max_messages`](#-corosync--max_messages) -* [`test_corosync_config`](#-corosync--test_corosync_config) -* [`watchdog_device`](#-corosync--watchdog_device) -* [`provider`](#-corosync--provider) -* [`highavailability_repo`](#-corosync--highavailability_repo) - - - - -##### `enable_secauth` - -Data type: `Boolean` - -Controls corosync's ability to authenticate and encrypt multicast messages. - -Default value: `$corosync::params::enable_secauth` - -##### `authkey_source` - -Data type: `Enum['file', 'string']` - -Allows to use either a file or a string as a authkey. - -Default value: `$corosync::params::authkey_source` - -##### `authkey` - -Data type: `Variant[Stdlib::Filesource,Stdlib::Base64]` - -Specifies the path to the CA which is used to sign Corosync's certificate if -authkey_source is 'file' or a base64 encoded version of the actual authkey -if 'string' is used instead. - -Default value: `$corosync::params::authkey` - -##### `crypto_hash` - -Data type: `Corosync::CryptoHash` - -Hashing algorithm used by corosync for intra-cluster communication. Valid -values are none, md5, sha1, sha256, sha384, and sha512 - -Default value: `'sha1'` - -##### `crypto_cipher` - -Data type: `Corosync::CryptoCipher` - -Encryption cipher used by corosync for intra-cluster communication. Valid -values are none, aes256, aes192, aes128, and 3des - -Default value: `'aes256'` - -##### `config_validate_cmd` - -Data type: `String[1]` - -Default value: `'/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t'` - -##### `highavailability_repo` - -Data type: `String[1]` - -Default value: `undef` - -##### `threads` - -Data type: `Optional[Integer]` - -How many threads you are going to let corosync use to encode and decode -multicast messages. If you turn off secauth then corosync will ignore -threads. - -Default value: `undef` - -##### `bind_address` - -Data type: `Corosync::IpStringIp` - -The ip address we are going to bind the corosync daemon too. -Can be specified as an array to have multiple rings. - -Default value: `$corosync::params::bind_address` - -##### `pcs_version` - -Data type: `String` - - - -Default value: `''` - -##### `port` - -Data type: `Optional[Variant[Stdlib::Port, Array[Stdlib::Port]]]` - -The UDP port that corosync will use to do its multicast communication. Be -aware that corosync used this defined port plus minus one. -Can be specified as an array to have multiple rings. - -Default value: `$corosync::params::port` - -##### `multicast_address` - -Data type: `Optional[Corosync::IpStringIp]` - -An IP address that has been reserved for multicast traffic. This is the -default way that Corosync accomplishes communication across the cluster. -Use 'broadcast' to have broadcast instead -Can be specified as an array to have multiple rings (multicast only). - -Default value: `undef` - -##### `unicast_addresses` - -Data type: `Optional[Array]` - -An array of IP addresses that make up the cluster's members. These are -used if you are not able to use multicast on your network and instead opt -for the udpu transport. You need a relatively recent version of Corosync to -make this possible. -You can also have an array of arrays to have multiple rings. In that case, -each subarray matches a host IP addresses. -As of Corosync 3 knet is the new default which also does not use multicast. - -Default value: `undef` - -##### `force_online` - -Data type: `Boolean` - -Boolean parameter specifying whether to force nodes that have been put -in standby back online. - -Default value: `$corosync::params::force_online` - -##### `check_standby` - -Data type: `Boolean` - -Boolean parameter specifying whether puppet should return an error log -message if a node is in standby. Useful for monitoring node state. - -Default value: `$corosync::params::check_standby` - -##### `log_timestamp` - -Data type: `Boolean` - -Boolean parameter specifying whether a timestamp should be placed on all -log messages. - -Default value: `$corosync::params::log_timestamp` - -##### `log_file` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should produce debug -output in a logfile. - -Default value: `$corosync::params::log_file` - -##### `log_file_name` - -Data type: `Optional[Stdlib::Absolutepath]` - -Absolute path to the logfile Corosync should use when `$log_file` (see -above) is true. - -Default value: `undef` - -##### `debug` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should produce debug -output in its logs. - -Default value: `$corosync::params::debug` - -##### `log_stderr` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should log errors to -stderr. - -Default value: `$corosync::params::log_stderr` - -##### `syslog_priority` - -Data type: `Corosync::SyslogPriority` - -String parameter specifying the minimal log level for Corosync syslog -messages. Allowed values: debug|info|notice|warning|err|emerg. - -Default value: `$corosync::params::syslog_priority` - -##### `log_function_name` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should log called function -names to. - -Default value: `$corosync::params::log_function_name` - -##### `rrp_mode` - -Data type: `Optional[Enum['none', 'active', 'passive']]` - -Mode of redundant ring. May be none, active, or passive. - -Default value: `undef` - -##### `netmtu` - -Data type: `Optional[Integer]` - -This specifies the network maximum transmit unit. - -Default value: `undef` - -##### `ttl` - -Data type: `Optional[Integer[0,255]]` - -Time To Live. - -Default value: `undef` - -##### `vsftype` - -Data type: `Optional[Enum['ykd', 'none']]` - -Virtual synchrony filter type. - -Default value: `undef` - -##### `package_corosync` - -Data type: `Boolean` - -Define if package corosync should be managed. - -Default value: `$corosync::params::package_corosync` - -##### `package_pacemaker` - -Data type: `Boolean` - -Define if package pacemaker should be managed. - -Default value: `$corosync::params::package_pacemaker` - -##### `package_fence_agents` - -Data type: `Boolean` - -Define if package fence-agents should be managed. -Default (Red Hat based): true -Default (otherwise): false - -Default value: `false` - -##### `packageopts_corosync` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the corosync package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_crmsh` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the crmsh package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_pacemaker` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the pacemaker package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_pcs` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the pcs package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_fence_agents` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the pcs package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `ensure_corosync` - -Data type: `String[1]` - -Define what version of the corosync package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_corosync` - -##### `ensure_crmsh` - -Data type: `String[1]` - -Define what version of the crmsh package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_crmsh` - -##### `ensure_pacemaker` - -Data type: `String[1]` - -Define what version of the pacemaker package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_pacemaker` - -##### `ensure_pcs` - -Data type: `String[1]` - -Define what version of the pcs package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_pcs` - -##### `ensure_fence_agents` - -Data type: `String[1]` - -Define what version of the fence-agents-all package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_fence_agents` - -##### `set_votequorum` - -Data type: `Boolean` - -Set to true if corosync_votequorum should be used as quorum provider. -Default (Red Hat based): true -Default (Ubuntu >= 14.04): true -Default (otherwise): false - -Default value: `$corosync::params::set_votequorum` - -##### `votequorum_expected_votes` - -Data type: `Optional[Integer]` - -Overrides the automatic calculation of expected votes which is normally -derived from the number of nodes. - -Default value: `undef` - -##### `quorum_members` - -Data type: `Array` - -Array of quorum member hostname. This is required if set_votequorum -is set to true. -You can also have an array of arrays to have multiple rings. In that case, -each subarray matches a member IP addresses. - -Default value: `['localhost']` - -##### `quorum_members_ids` - -Data type: `Optional[Array]` - -Array of quorum member IDs. Persistent IDs are required for the dynamic -config of a corosync cluster and when_set_votequorum is set to true. -Should be used only with the quorum_members parameter. - -Default value: `undef` - -##### `quorum_members_names` - -Data type: `Optional[Array]` - -Array of quorum member names. Persistent names are required when you -define IP addresses in quorum_members. - -Default value: `undef` - -##### `token` - -Data type: `Optional[Integer]` - -Time (in ms) to wait for a token - -Default value: `undef` - -##### `token_retransmits_before_loss_const` - -Data type: `Optional[Integer]` - -How many token retransmits before forming a new configuration. - -Default value: `undef` - -##### `compatibility` - -Data type: `Optional[String]` - -Older versions of corosync allowed a config-file directive to indicate -backward compatibility. This sets that. - -Default value: `undef` - -##### `enable_corosync_service` - -Data type: `Boolean` - -Whether the module should enable the corosync service. - -Default value: `$corosync::params::enable_corosync_service` - -##### `manage_corosync_service` - -Data type: `Boolean` - -Whether the module should try to manage the corosync service. If set to -false, the service will need to be specified in the catalog elsewhere. - -Default value: `$corosync::params::manage_corosync_service` - -##### `enable_pacemaker_service` - -Data type: `Boolean` - -Whether the module should enable the pacemaker service. - -Default value: `$corosync::params::enable_pacemaker_service` - -##### `manage_pacemaker_service` - -Data type: `Boolean` - -Whether the module should try to manage the pacemaker service. -Default (Red Hat based >= 7): true -Default (Ubuntu >= 14.04): true -Default (otherwise): false - -Default value: `$corosync::params::manage_pacemaker_service` - -##### `enable_pcsd_service` - -Data type: `Boolean` - -Whether the module should enable the pcsd service. - -Default value: `$corosync::params::enable_pcsd_service` - -##### `manage_pcsd_service` - -Data type: `Boolean` - -Whether the module should try to manage the pcsd service in addition to the -corosync service. pcsd service is the GUI and the remote configuration -interface. - -Default value: `false` - -##### `manage_pcsd_auth` - -Data type: `Boolean` - -This only has an effect when $manage_pcsd_service is enabled. If set, an -attempt will be made to authorize pcs on the cluster node determined by -manage_pcsd_auth_node. Note that this determination can only be made when -the entries in quorum_members match the trusted certnames of the nodes in -the environment or the IP addresses of the primary adapters. -$sensitive_hacluster_password is mandatory if this parameter is set. - -Default value: `false` - -##### `manage_pcsd_auth_node` - -Data type: `Enum['first','last']` - -When managing authorization for PCS this determines which node does the -work. Note that only one node 'should' do the work and nodes are chosen by -matching local facts to the contents of quorum_members. When -manage_pcsd_auth is disabled this parameter has no effect. - -Default value: `'first'` - -##### `sensitive_hacluster_password` - -Data type: `Optional[Sensitive[String]]` - -When PCS is configured on a RHEL system this directive is used to set the -password for the hacluster user. If both $manage_pcsd_service and -$manage_pcsd_auth are both set to true the cluster will use this credential -to authorize all nodes. - -Default value: `undef` - -##### `sensitive_hacluster_hash` - -Data type: `Optional[Sensitive[String]]` - -This parameter expects a valid password hash of -sensitive_hacluster_password. If provided, the hash provided the hash will -be used to set the password for the hacluster user on each node. - -Default value: `undef` - -##### `manage_quorum_device` - -Data type: `Boolean` - -Enable or disable the addition of a quorum device external to the cluster. -This device is used avoid cluster splits typically in conjunction with -fencing by providing an external network vote. Additionally, this allows -symmentric clusters to continue operation in the event that 50% of their -nodes have failed. - -Default value: `false` - -##### `quorum_device_host` - -Data type: `Optional[Stdlib::Fqdn]` - -The fully qualified hostname of the quorum device. This parameter is -mandatory when manage_quorum_device is true. - -Default value: `undef` - -##### `quorum_device_algorithm` - -Data type: `Corosync::QuorumAlgorithm` - -There are currently two algorithms the quorum device can utilize to -determine how its vote should be allocated; Fifty-fifty split and -last-man-standing. See the -[corosync-qdevice man page](https://www.systutorials.com/docs/linux/man/8-corosync-qdevice/) -for details. - -Default value: `'ffsplit'` - -##### `package_quorum_device` - -Data type: `Optional[String]` - -The name of the package providing the quorum device functionality. This -parameter is mandatory if manage_quorum_device is true. - -Default value: `$corosync::params::package_quorum_device` - -##### `sensitive_quorum_device_password` - -Data type: `Optional[Sensitive[String]]` - -The plain text password for the hacluster user on the quorum_device_host. -This parameter is mandatory if manage_quorum_device is true. - -Default value: `undef` - -##### `cluster_name` - -Data type: `Optional[String[1]]` - -This specifies the name of cluster and it's used for automatic -generating of multicast address. - -Default value: `undef` - -##### `join` - -Data type: `Optional[Integer]` - -This timeout specifies in milliseconds how long to wait for join messages -in the membership protocol. - -Default value: `undef` - -##### `consensus` - -Data type: `Optional[Integer]` - -This timeout specifies in milliseconds how long to wait for consensus to be -achieved before starting a new round of membership configuration. -The minimum value for consensus must be 1.2 * token. This value will be -automatically calculated at 1.2 * token if the user doesn't specify a -consensus value. - -Default value: `undef` - -##### `ip_version` - -Data type: `Optional[String[1]]` - -This specifies version of IP to ask DNS resolver for. The value can be -one of ipv4 (look only for an IPv4 address) , ipv6 (check only IPv6 address), -ipv4-6 (look for all address families and use first IPv4 address found in the -list if there is such address, otherwise use first IPv6 address) and -ipv6-4 (look for all address families and use first IPv6 address found in the -list if there is such address, otherwise use first IPv4 address). - -Default (if unspecified) is ipv6-4 for knet and udpu transports and ipv4 for udp. - -Default value: `undef` - -##### `clear_node_high_bit` - -Data type: `Optional[Enum['yes', 'no']]` - -This configuration option is optional and is only relevant when no nodeid -is specified. Some openais clients require a signed 32 bit nodeid that is -greater than zero however by default openais uses all 32 bits of the IPv4 -address space when generating a nodeid. Set this option to yes to force -the high bit to be zero and therefor ensure the nodeid is a positive signed -32 bit integer. -WARNING: The clusters behavior is undefined if this option is enabled on -only a subset of the cluster (for example during a rolling upgrade). - -Default value: `undef` - -##### `max_messages` - -Data type: `Optional[Integer]` - -This constant specifies the maximum number of messages that may be sent by -one processor on receipt of the token. The max_messages parameter is limited -to 256000 / netmtu to prevent overflow of the kernel transmit buffers. - -Default value: `undef` - -##### `test_corosync_config` - -Data type: `Boolean` - -Whether we should test new configuration files with `corosync -t`. -(requires corosync 2.3.4) - -Default value: `$corosync::params::test_corosync_config` - -##### `watchdog_device` - -Data type: `Optional[Variant[Stdlib::Absolutepath, Enum['off']]]` - -Watchdog device to use, for example '/dev/watchdog' or 'off'. -Its presence (or lack thereof) shifted with corosync versions. - -Default value: `undef` - -##### `provider` - -Data type: `Enum['pcs', 'crm']` - -What command line utility provides corosync configuration capabilities. - -Default value: `'pcs'` - -### `corosync::params` - -Configures sane defaults based on the operating system. - -### `corosync::qdevice` - -This class performs the configuration of the qdevice daemon on a target node. -Note that this requires corosync 2.x and must never be deployed on a node -which is actually part of a cluster. Additionally, you will need to open the -correct firewall ports for both pcs, and the actual quorum device as shown in -the included example. - -* **See also** - * https://www.systutorials.com/docs/linux/man/8-corosync-qnetd/ - -#### Examples - -##### Quorum node with default password & configuring the firewall - -```puppet -include firewalld - -class { 'corosync::qdevice': - sensitive_hacluster_hash => $sensitive_hacluster_hash, -} -contain 'corosync::qdevice' - -# Open the corosync-qnetd port -firewalld::custom_service { 'corosync-qdevice-net': - description => 'Corosync Quorum Net Device Port', - port => [ - { - port => '5403', - protocol => 'tcp', - }, - ], -} -firewalld_service { 'corosync-qdevice-net': - ensure => 'present', - service => 'corosync-qdevice-net', - zone => 'public', -} - -# Configure general PCS firewall rules -firewalld_service { 'high-availability': - ensure => 'present', - service => 'high-availability', - zone => 'public', -} -``` - -#### Parameters - -The following parameters are available in the `corosync::qdevice` class: - -* [`sensitive_hacluster_hash`](#-corosync--qdevice--sensitive_hacluster_hash) -* [`package_pcs`](#-corosync--qdevice--package_pcs) -* [`package_corosync_qnetd`](#-corosync--qdevice--package_corosync_qnetd) -* [`provider`](#-corosync--qdevice--provider) - -##### `sensitive_hacluster_hash` - -Data type: `Optional[Sensitive[String]]` - -The password hash for the hacluster user on this quorum device node. If -omitted, you must create the hacluster user and haclient group yourself. -This user is required because pcsd must be used to perform the -quorum node configuration. - -Default value: `undef` - -##### `package_pcs` - -Data type: `String[1]` - -Name of the PCS package on this system. - -Default value: `'pcs'` - -##### `package_corosync_qnetd` - -Data type: `String[1]` - -Name of the corosync qnetd package for this system. - -Default value: `'corosync-qnetd'` - -##### `provider` - -Data type: `String` - -What command line utility provides corosync configuration capabilities. - -### `corosync::reprobe` - -Include this class to reprobe the corosync cluster when there are changes in -any of the native cs_* types. Useful for multi-node provisioning when the -nodes are not always in a stable state after provisioning. - -Copyright 2012 Puppet Labs, LLC. - -#### Examples - -##### Reprobe corosync after making cluster configuration changes - -```puppet - -include corosync::reprobe -``` - -## Defined types - -### `corosync::service` - -Models a Corosync service. Corosync services are plugins that provide -functionality for monitoring cluster resources. One of the most common -of these plugins being Pacemaker. This is for corosync 1.x! - -=== Authors - -Cody Herriges - -=== Copyright - -Copyright 2012 Puppet Labs, LLC. - -#### Examples - -##### Simple configuration of a service with version '0'. - -```puppet - -corosync::service { 'pacemaker': - version => '0', -} -``` - -#### Parameters - -The following parameters are available in the `corosync::service` defined type: - -* [`name`](#-corosync--service--name) -* [`version`](#-corosync--service--version) - -##### `name` - -Data type: `String` - -The namevar in this type is the title you give it when you define a resource -instance. It is used for a handful of purposes; defining the name of the -config file and the name defined inside the file itself. - -##### `version` - -Data type: `String[1]` - -Version of the protocol used by this service. This is currently unused. - -## Resource types - -### `cs_clone` - -Type for manipulating corosync/pacemaker resource clone. -More information on Corosync/Pacemaker colocation can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html - -#### Properties - -The following properties are available in the `cs_clone` type. - -##### `clone_max` - -Valid values: `%r{\d+}`, `absent` - -How many copies of the resource to start. -Defaults to the number of nodes in the cluster. - -Default value: `absent` - -##### `clone_node_max` - -Valid values: `%r{\d+}`, `absent` - -How many copies of the resource can be started on a single node. -Defaults to 1. - -Default value: `absent` - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `globally_unique` - -Valid values: `true`, `false`, `absent` - -Does each copy of the clone perform a different function? -Allowed values: true, false - -Default value: `absent` - -##### `group` - -The corosync resource group to be cloned. - -##### `interleave` - -Valid values: `true`, `false`, `absent` - -Changes the behavior of ordering constraints (between clones/masters) so that instances can start/stop -as soon as their peer instance has (rather than waiting for every instance of the other clone has). -Allowed values: true, false - -Default value: `absent` - -##### `notify_clones` - -Valid values: `true`, `false`, `absent` - -When stopping or starting a copy of the clone, tell all the other copies beforehand -and when the action was successful. -Allowed values: true, false - -Default value: `absent` - -##### `ordered` - -Valid values: `true`, `false`, `absent` - -Should the copies be started in series (instead of in parallel). Allowed values: true, false - -Default value: `absent` - -##### `primitive` - -The corosync resource primitive to be cloned. - -##### `promotable` - -Valid values: `true`, `false`, `absent` - -If true, clone instances can perform a special role that Pacemaker will manage via the resource agent’s -promote and demote actions. The resource agent must support these actions. Allowed values: false, true - -Default value: `absent` - -##### `promoted_max` - -Valid values: `%r{\d+}`, `absent` - -If promotable is true, the number of instances that can be promoted at one time across the entire cluster - -Default value: `absent` - -##### `promoted_node_max` - -Valid values: `%r{\d+}`, `absent` - -If promotable is true and globally-unique is false, the number of clone instances can be promoted at one time on a single node - -Default value: `absent` - -#### Parameters - -The following parameters are available in the `cs_clone` type. - -* [`cib`](#-cs_clone--cib) -* [`name`](#-cs_clone--name) -* [`provider`](#-cs_clone--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this colocation should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Identifier of the clone entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_clone` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_colocation` - -Type for manipulating corosync/pacemaker colocation. Colocation -is the grouping together of a set of primitives so that they travel -together when one of them fails. For instance, if a web server vhost -is colocated with a specific ip address and the web server software -crashes, the ip address with migrate to the new host with the vhost. - -More information on Corosync/Pacemaker colocation can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html - -#### Properties - -The following properties are available in the `cs_colocation` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `primitives` - -At least two Pacemaker primitives to be located together. Order of primitives -in colocation groups is important. In Pacemaker, a colocation of 2 primitives -behaves different than a colocation between more than 2 primitives. Here the -behavior is altered to be more consistent. -Examples on how to define colocations here: -- 2 primitives: [A, B] will cause A to be located first, and B will be located - with A. This is different than how crm configure colocation works, because - there [A, B] would mean colocate A with B, thus B should be located first. -- multiple primitives: [A, B, C] will cause A to be located first, B next, and - finally C. This is identical to how crm configure colocation works with - multiple resources, it will add a colocated set. -Property will raise an error if you do not provide an array containing at least -two values. Values can be either the name of the primitive, or primitive:role. -Notice, we can only interpret colocations of single sets, not multiple sets -combined. In Pacemaker speak, this means we can support 'A B C' but not e.g. -'A B (C D) E'. Feel free to contribute a patch for this. - -##### `score` - -The priority of this colocation. Primitives can be a part of -multiple colocation groups and so there is a way to control which -primitives get priority when forcing the move of other primitives. -This value can be an integer but is often defined as the string -INFINITY. - -Default value: `INFINITY` - -#### Parameters - -The following parameters are available in the `cs_colocation` type. - -* [`cib`](#-cs_colocation--cib) -* [`name`](#-cs_colocation--name) -* [`provider`](#-cs_colocation--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This paramater sets the CIB this colocation should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Identifier of the colocation entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_colocation` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -### `cs_commit` - -Final commit statement which triggers the synchronous application of -all primitive changes which reference this CIB. Do not generate more -than one cs_commit referencing the same CIB for a given cluster! - -#### Parameters - -The following parameters are available in the `cs_commit` type. - -* [`cib`](#-cs_commit--cib) -* [`name`](#-cs_commit--name) -* [`provider`](#-cs_commit--provider) - -##### `cib` - -Name of the CIB to commit. This value defaults to the name of -the cs_commit resource. - -##### `name` - -namevar - -Name of the CIB to commit. See the cib parameter for more detail. - -##### `provider` - -The specific backend to use for this `cs_commit` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_group` - -Type for manipulating Corosync/Pacemaker group entries. -Groups are a set or resources (primitives) that need to be -grouped together. - -More information can be found at the following link: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch-advanced-resources.html#group-resources - -#### Properties - -The following properties are available in the `cs_group` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `primitives` - -An array of primitives to have in this group. Must be listed in the -order that you wish them to start. - -#### Parameters - -The following parameters are available in the `cs_group` type. - -* [`cib`](#-cs_group--cib) -* [`name`](#-cs_group--name) -* [`provider`](#-cs_group--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this order should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this group entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_group` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_location` - -Type for manipulating corosync/pacemaker resource location. -More information on Corosync/Pacemaker colocation can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html - -#### Properties - -The following properties are available in the `cs_location` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `node_name` - -The corosync node_name where the resource should be located. - -##### `primitive` - -The corosync resource primitive to have a location applied. - -##### `resource_discovery` - -Whether Pacemaker should perform resource discovery on this -node for the specified resource. It matches the resource-discovery -location property in pacemaker - -##### `rules` - -The rules of this location. This is an array of hashes where -each hash contains an array of one or more expressions. - -Example: - - cs_location { 'vip-ping-connected': - primitive => 'vip', - rules => [ - 'vip-ping-exclude-rule' => { - 'score' => '-INFINITY', - 'expression' => [ - { 'attribute' => 'pingd', - 'operation' => 'lt', - 'value' => '100', - }, - ], - }, - 'vip-ping-prefer-rule' => { - 'score-attribute' => 'pingd', - 'expression' => [ - { 'attribute' => 'pingd', - 'operation' => 'defined', - }, - ], - }, - ], - } - -##### `score` - -The priority of this location. Primitives can be a part of -multiple location groups and so there is a way to control which -primitives get priority when forcing the move of other primitives. -This value can be an integer but is often defined as the string -INFINITY. - -Default value: `INFINITY` - -#### Parameters - -The following parameters are available in the `cs_location` type. - -* [`cib`](#-cs_location--cib) -* [`name`](#-cs_location--name) -* [`provider`](#-cs_location--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This paramater sets the CIB this colocation should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Identifier of the location entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_location` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -### `cs_order` - -Type for manipulating Corosync/Pacemaker ordering entries. Order -entries are another type of constraint that can be put on sets of -primitives but unlike colocation, order does matter. These designate -the order at which you need specific primitives to come into a desired -state before starting up a related primitive. - -More information can be found at the following link: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_controlling_resource_start_stop_ordering.html - -#### Properties - -The following properties are available in the `cs_order` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `first` - -First Corosync primitive. Just like colocation, our primitives for -ordering come in pairs but this time order matters so we need to define -which primitive starts the desired state change chain. - -##### `kind` - -How to enforce the constraint. - -Allowed values: -- Optional: Just a suggestion. Only applies if both resources are executing -the specified actions. Any change in state by the first resource will have -no effect on the then resource. -- Mandatory: Always. If first does not perform first-action, then will not -be allowed to performed then-action. If first is restarted, then -(if running) will be stopped beforehand and started afterward. -- Serialize: Ensure that no two stop/start actions occur concurrently for -the resources. First and then can start in either order, but one must -complete starting before the other can be started. A typical use case is -when resource start-up puts a high load on the host. - -Default value: `Mandatory` - -##### `score` - -The priority of the this ordered grouping. Primitives can be a part -of multiple order groups and so there is a way to control which -primitives get priority when forcing the order of state changes on -other primitives. This value can be an integer but is often defined -as the string INFINITY. -When using pcs as provider this value is not used. -It is generally preferred to use the `kind` parameter. - -##### `second` - -Second Corosync primitive. Our second primitive will move to the -desired state after the first primitive. - -##### `symmetrical` - -Boolean specifying if the resources should stop in reverse order. -Default value: true. - -Default value: `true` - -#### Parameters - -The following parameters are available in the `cs_order` type. - -* [`cib`](#-cs_order--cib) -* [`name`](#-cs_order--name) -* [`provider`](#-cs_order--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this order should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this ordering entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_order` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_primitive` - -Type for manipulating Corosync/Pacemaker primitives. Primitives -are probably the most important building block when creating highly -available clusters using Corosync and Pacemaker. Each primitive defines -an application, ip address, or similar to monitor and maintain. These -managed primitives are maintained using what is called a resource agent. -These resource agents have a concept of class, type, and subsystem that -provides the functionality. Regrettably these pieces of vocabulary -clash with those used in Puppet so to overcome the name clashing the -property and parameter names have been qualified a bit for clarity. - -More information on primitive definitions can be found at the following -link: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_adding_a_resource.html - -#### Properties - -The following properties are available in the `cs_primitive` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `metadata` - -A hash of metadata for the primitive. A primitive can have a set of -metadata that doesn't affect the underlying Corosync type/provider but -affect that concept of a resource. This metadata is similar to Puppet's -resources resource and some meta-parameters, they change resource -behavior but have no affect of the data that is synced or manipulated. - -Default value: `Hash.new` - -##### `operations` - -A hash of operations for the primitive. Operations defined in a -primitive are little more predictable as they are commonly things like -monitor or start and their values are in seconds. Since each resource -agent can define its own set of operations we are going to defer again -and just accept a hash. There maybe room to model this one but it -would require a review of all resource agents to see if each operation -is valid. - -Default value: `Hash.new` - -##### `parameters` - -A hash of params for the primitive. Parameters in a primitive are -used by the underlying resource agent, each class using them slightly -differently. In ocf scripts they are exported and pulled into the -script as variables to be used. Since the list of these parameters -are completely arbitrary and validity not enforced we simply defer -defining a model and just accept a hash. - -Default value: `Hash.new` - -##### `utilization` - -A hash of utilization attributes for the primitive. If nodes are -also configured with available resources, and Pacemaker's placement -strategy is set appropriately, then Pacemaker can place primitives on -nodes only where resources are available. - -See the Pacemaker documentation: - -http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch11.html - -Default value: `Hash.new` - -#### Parameters - -The following parameters are available in the `cs_primitive` type. - -* [`cib`](#-cs_primitive--cib) -* [`name`](#-cs_primitive--name) -* [`primitive_class`](#-cs_primitive--primitive_class) -* [`primitive_type`](#-cs_primitive--primitive_type) -* [`provided_by`](#-cs_primitive--provided_by) -* [`provider`](#-cs_primitive--provider) -* [`unmanaged_metadata`](#-cs_primitive--unmanaged_metadata) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this primitive should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of primitive. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `primitive_class` - -Corosync class of the primitive. Examples of classes are lsb or ocf. -Lsb functions a lot like the init provider in Puppet for services, an init -script is ran periodically on each host to identify status, or to start -and stop a particular application. Ocf of the other hand is a script with -meta-data and structure that is specific to Corosync and Pacemaker. - -##### `primitive_type` - -Corosync primitive type. Type generally matches to the specific -'thing' your managing, i.e. ip address or vhost. Though, they can be -completely arbitrarily named and manage any number of underlying -applications or resources. - -##### `provided_by` - -Corosync primitive provider. All resource agents used in a primitive -have something that provides them to the system, be it the Pacemaker or -redhat plugins...they're not always obvious though so currently you're -left to understand Corosync enough to figure it out. Usually, if it isn't -obvious it is because there is only one provider for the resource agent. - -To find the list of providers for a resource agent run the following -from the command line has Corosync installed: - -* `crm configure ra providers ` - -##### `provider` - -The specific backend to use for this `cs_primitive` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -##### `unmanaged_metadata` - -Metadata options that should not be managed by Puppet. -Examples: ['target-role', 'is-managed'] - -Default value: `Array.new` - -### `cs_property` - -Type for manipulating corosync/pacemaker configuration properties. -Besides the configuration file that is managed by the module the contains -all these related Corosync types and providers, there is a set of cluster -properties that can be set and saved inside the CIB (A CIB being a set of -configuration that is synced across the cluster, it can be exported as XML -for processing and backup). The type is pretty simple interface for -setting key/value pairs or removing them completely. Removing them will -result in them taking on their default value. - -More information on cluster properties can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/_cluster_options.html - -P.S Looked at generating a type dynamically from the cluster's property -meta-data that would result in a single type with puppet type properties -of every cluster property...may still do so in a later iteration. - -#### Properties - -The following properties are available in the `cs_property` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `value` - -Value of the property. It is expected that this will be a single -value but we aren't validating string vs. integer vs. boolean because -cluster properties can range the gambit. - -#### Parameters - -The following parameters are available in the `cs_property` type. - -* [`cib`](#-cs_property--cib) -* [`name`](#-cs_property--name) -* [`provider`](#-cs_property--provider) -* [`replace`](#-cs_property--replace) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this parameter should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this property. Simply the name of the cluster -property. Happily most of these are unique. - -##### `provider` - -The specific backend to use for this `cs_property` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -##### `replace` - -Valid values: `true`, `false`, `yes`, `no` - -Whether to replace a property that already exists on the cluster -whose value doesn't match what the `value` attribute specifies. Setting -this to false allows cs_property resources to initialize properties without -overwriting future changes. Defaults to `true`. - -Default value: `true` - -### `cs_rsc_defaults` - -Type for manipulating corosync/pacemaker global defaults for -resource options. The type is pretty simple interface for setting -key/value pairs or removing them completely. Removing them will result -in them taking on their default value. - -More information on resource defaults can be found here: - -* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-defaults.html -* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-options.html - -#### Properties - -The following properties are available in the `cs_rsc_defaults` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `value` - -Value of the property. It is expected that this will be a single -value but we aren't validating string vs. integer vs. boolean because -resource options can range the gambit. - -#### Parameters - -The following parameters are available in the `cs_rsc_defaults` type. - -* [`cib`](#-cs_rsc_defaults--cib) -* [`name`](#-cs_rsc_defaults--name) -* [`provider`](#-cs_rsc_defaults--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this rsc_defaults should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this property. Simply the name of the resource -option. Happily most of these are unique. - -##### `provider` - -The specific backend to use for this `cs_rsc_defaults` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -### `cs_shadow` - -cs_shadow resources represent a Corosync shadow CIB. Any corosync -resources defined with 'cib' set to the title of a cs_shadow resource -will not become active until all other resources with the same cib -value have also been applied. - -#### Properties - -The following properties are available in the `cs_shadow` type. - -##### `epoch` - -Implementation detail. DO NOT SET DIRECTLY. - -Default value: `latest` - -#### Parameters - -The following parameters are available in the `cs_shadow` type. - -* [`autocommit`](#-cs_shadow--autocommit) -* [`cib`](#-cs_shadow--cib) -* [`provider`](#-cs_shadow--provider) - -##### `autocommit` - -Valid values: `true`, `false`, `yes`, `no` - -Whether to generate a cs_commit or not. Can be used to create shadow -CIB without committing them. - -Default value: `true` - -##### `cib` - -namevar - -Name of the CIB to begin tracking changes against. - -##### `provider` - -The specific backend to use for this `cs_shadow` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -## Data types - -### `Corosync::ArrayRing` - -Custom type for infinitely nestable arrays - -Alias of - -```puppet -Variant[Array[Stdlib::IP::Address], Array[ - Array[Stdlib::IP::Address] - ]] -``` - -### `Corosync::CryptoCipher` - -Defines the allowed cipher types for secure corosync communication - -Alias of `Enum['aes256', 'aes192', 'aes128', '3des']` - -### `Corosync::CryptoHash` - -Custom type for possible crypto hashes - -Alias of `Enum['md5', 'sha1', 'sha256', 'sha384', 'sha512']` - -### `Corosync::IpStringIp` - -Custom type for string <-> array of string variants - -Alias of - -```puppet -Variant[Stdlib::IP::Address, Array[ - Stdlib::IP::Address - ]] -``` - -### `Corosync::QuorumAlgorithm` - -Custom type for quorumalgorithm enum - -Alias of `Enum['ffsplit', 'lms']` - -### `Corosync::Syslogpriority` - -Custom type for syslog priority enum - -Alias of `Enum['debug', 'info', 'notice', 'warning', 'err', 'alert', 'emerg', 'crit']` - +# Reference + + + +## Table of Contents + +### Classes + +* [`corosync`](#corosync): Configures the Pacemaker+Corosync stack to provide high-availability. +* [`corosync::params`](#corosync--params): Configures sane defaults based on the operating system. +* [`corosync::qdevice`](#corosync--qdevice): Performs basic initial configuration of the qdevice daemon on a node. +* [`corosync::reprobe`](#corosync--reprobe): Triggers re-probe for changes any of the native cs_* types. + +### Defined types + +* [`corosync::service`](#corosync--service): Declare services within /etc/corosync/service.d/ (Corosync 1.x) + +### Resource types + +* [`cs_clone`](#cs_clone): Type for manipulating corosync/pacemaker resource clone. More information on Corosync/Pacemaker colocation can be found here: * http://www.c +* [`cs_colocation`](#cs_colocation): Type for manipulating corosync/pacemaker colocation. Colocation is the grouping together of a set of primitives so that they travel together +* [`cs_commit`](#cs_commit): Final commit statement which triggers the synchronous application of all primitive changes which reference this CIB. Do not generate more tha +* [`cs_group`](#cs_group): Type for manipulating Corosync/Pacemaker group entries. Groups are a set or resources (primitives) that need to be grouped together. More in +* [`cs_location`](#cs_location): Type for manipulating corosync/pacemaker resource location. More information on Corosync/Pacemaker colocation can be found here: * http://ww +* [`cs_order`](#cs_order): Type for manipulating Corosync/Pacemaker ordering entries. Order entries are another type of constraint that can be put on sets of primitive +* [`cs_primitive`](#cs_primitive): Type for manipulating Corosync/Pacemaker primitives. Primitives are probably the most important building block when creating highly availabl +* [`cs_property`](#cs_property): Type for manipulating corosync/pacemaker configuration properties. Besides the configuration file that is managed by the module the contains +* [`cs_rsc_defaults`](#cs_rsc_defaults): Type for manipulating corosync/pacemaker global defaults for resource options. The type is pretty simple interface for setting key/value pair +* [`cs_shadow`](#cs_shadow): cs_shadow resources represent a Corosync shadow CIB. Any corosync resources defined with 'cib' set to the title of a cs_shadow resource will + +### Data types + +* [`Corosync::ArrayRing`](#Corosync--ArrayRing): Custom type for infinitely nestable arrays +* [`Corosync::CryptoCipher`](#Corosync--CryptoCipher): Defines the allowed cipher types for secure corosync communication +* [`Corosync::CryptoHash`](#Corosync--CryptoHash): Custom type for possible crypto hashes +* [`Corosync::IpStringIp`](#Corosync--IpStringIp): Custom type for string <-> array of string variants +* [`Corosync::QuorumAlgorithm`](#Corosync--QuorumAlgorithm): Custom type for quorumalgorithm enum +* [`Corosync::Syslogpriority`](#Corosync--Syslogpriority): Custom type for syslog priority enum + +## Classes + +### `corosync` + +This class will set up corosync for use by the Puppet Enterprise console to +facilitate an active/standby configuration for high availability. It is +assumed that this module has been initially ran on a Puppet master with the +capabilities of signing certificates to do the initial key generation. + +=== Authors + +Cody Herriges + +=== Copyright + +Copyright 2012, Puppet Labs, LLC. + +#### Examples + +##### Simple configuration without secauth + +```puppet + +class { 'corosync': + enable_secauth => false, + bind_address => '192.168.2.10', + multicast_address => '239.1.1.2', +} +``` + +#### Parameters + +The following parameters are available in the `corosync` class: + +* [`enable_secauth`](#-corosync--enable_secauth) +* [`authkey_source`](#-corosync--authkey_source) +* [`authkey`](#-corosync--authkey) +* [`crypto_hash`](#-corosync--crypto_hash) +* [`crypto_cipher`](#-corosync--crypto_cipher) +* [`config_validate_cmd`](#-corosync--config_validate_cmd) +* [`threads`](#-corosync--threads) +* [`bind_address`](#-corosync--bind_address) +* [`pcs_version`](#-corosync--pcs_version) +* [`port`](#-corosync--port) +* [`multicast_address`](#-corosync--multicast_address) +* [`unicast_addresses`](#-corosync--unicast_addresses) +* [`force_online`](#-corosync--force_online) +* [`check_standby`](#-corosync--check_standby) +* [`log_timestamp`](#-corosync--log_timestamp) +* [`log_file`](#-corosync--log_file) +* [`log_file_name`](#-corosync--log_file_name) +* [`debug`](#-corosync--debug) +* [`log_stderr`](#-corosync--log_stderr) +* [`syslog_priority`](#-corosync--syslog_priority) +* [`log_function_name`](#-corosync--log_function_name) +* [`rrp_mode`](#-corosync--rrp_mode) +* [`netmtu`](#-corosync--netmtu) +* [`ttl`](#-corosync--ttl) +* [`vsftype`](#-corosync--vsftype) +* [`package_corosync`](#-corosync--package_corosync) +* [`package_pacemaker`](#-corosync--package_pacemaker) +* [`package_fence_agents`](#-corosync--package_fence_agents) +* [`packageopts_corosync`](#-corosync--packageopts_corosync) +* [`packageopts_crmsh`](#-corosync--packageopts_crmsh) +* [`packageopts_pacemaker`](#-corosync--packageopts_pacemaker) +* [`packageopts_pcs`](#-corosync--packageopts_pcs) +* [`packageopts_fence_agents`](#-corosync--packageopts_fence_agents) +* [`highavailability_repo`](#-corosync--highavailability_repo) +* [`ensure_corosync`](#-corosync--ensure_corosync) +* [`ensure_crmsh`](#-corosync--ensure_crmsh) +* [`ensure_pacemaker`](#-corosync--ensure_pacemaker) +* [`ensure_pcs`](#-corosync--ensure_pcs) +* [`ensure_fence_agents`](#-corosync--ensure_fence_agents) +* [`set_votequorum`](#-corosync--set_votequorum) +* [`votequorum_expected_votes`](#-corosync--votequorum_expected_votes) +* [`quorum_members`](#-corosync--quorum_members) +* [`quorum_members_ids`](#-corosync--quorum_members_ids) +* [`quorum_members_names`](#-corosync--quorum_members_names) +* [`token`](#-corosync--token) +* [`token_retransmits_before_loss_const`](#-corosync--token_retransmits_before_loss_const) +* [`compatibility`](#-corosync--compatibility) +* [`enable_corosync_service`](#-corosync--enable_corosync_service) +* [`manage_corosync_service`](#-corosync--manage_corosync_service) +* [`enable_pacemaker_service`](#-corosync--enable_pacemaker_service) +* [`manage_pacemaker_service`](#-corosync--manage_pacemaker_service) +* [`enable_pcsd_service`](#-corosync--enable_pcsd_service) +* [`manage_pcsd_service`](#-corosync--manage_pcsd_service) +* [`manage_pcsd_auth`](#-corosync--manage_pcsd_auth) +* [`manage_pcsd_auth_node`](#-corosync--manage_pcsd_auth_node) +* [`sensitive_hacluster_password`](#-corosync--sensitive_hacluster_password) +* [`sensitive_hacluster_hash`](#-corosync--sensitive_hacluster_hash) +* [`manage_quorum_device`](#-corosync--manage_quorum_device) +* [`quorum_device_host`](#-corosync--quorum_device_host) +* [`quorum_device_algorithm`](#-corosync--quorum_device_algorithm) +* [`package_quorum_device`](#-corosync--package_quorum_device) +* [`sensitive_quorum_device_password`](#-corosync--sensitive_quorum_device_password) +* [`cluster_name`](#-corosync--cluster_name) +* [`join`](#-corosync--join) +* [`consensus`](#-corosync--consensus) +* [`ip_version`](#-corosync--ip_version) +* [`clear_node_high_bit`](#-corosync--clear_node_high_bit) +* [`max_messages`](#-corosync--max_messages) +* [`test_corosync_config`](#-corosync--test_corosync_config) +* [`watchdog_device`](#-corosync--watchdog_device) +* [`provider`](#-corosync--provider) + +##### `enable_secauth` + +Data type: `Boolean` + +Controls corosync's ability to authenticate and encrypt multicast messages. + +Default value: `$corosync::params::enable_secauth` + +##### `authkey_source` + +Data type: `Enum['file', 'string']` + +Allows to use either a file or a string as a authkey. + +Default value: `$corosync::params::authkey_source` + +##### `authkey` + +Data type: `Variant[Stdlib::Filesource,Stdlib::Base64]` + +Specifies the path to the CA which is used to sign Corosync's certificate if +authkey_source is 'file' or a base64 encoded version of the actual authkey +if 'string' is used instead. + +Default value: `$corosync::params::authkey` + +##### `crypto_hash` + +Data type: `Corosync::CryptoHash` + +Hashing algorithm used by corosync for intra-cluster communication. Valid +values are none, md5, sha1, sha256, sha384, and sha512 + +Default value: `'sha1'` + +##### `crypto_cipher` + +Data type: `Corosync::CryptoCipher` + +Encryption cipher used by corosync for intra-cluster communication. Valid +values are none, aes256, aes192, aes128, and 3des + +Default value: `'aes256'` + +##### `config_validate_cmd` + +Data type: `String[1]` + + + +Default value: `'/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t'` + +##### `threads` + +Data type: `Optional[Integer]` + +How many threads you are going to let corosync use to encode and decode +multicast messages. If you turn off secauth then corosync will ignore +threads. + +Default value: `undef` + +##### `bind_address` + +Data type: `Corosync::IpStringIp` + +The ip address we are going to bind the corosync daemon too. +Can be specified as an array to have multiple rings. + +Default value: `$corosync::params::bind_address` + +##### `pcs_version` + +Data type: `String` + + + +Default value: `''` + +##### `port` + +Data type: `Optional[Variant[Stdlib::Port, Array[Stdlib::Port]]]` + +The UDP port that corosync will use to do its multicast communication. Be +aware that corosync used this defined port plus minus one. +Can be specified as an array to have multiple rings. + +Default value: `$corosync::params::port` + +##### `multicast_address` + +Data type: `Optional[Corosync::IpStringIp]` + +An IP address that has been reserved for multicast traffic. This is the +default way that Corosync accomplishes communication across the cluster. +Use 'broadcast' to have broadcast instead +Can be specified as an array to have multiple rings (multicast only). + +Default value: `undef` + +##### `unicast_addresses` + +Data type: `Optional[Array]` + +An array of IP addresses that make up the cluster's members. These are +used if you are not able to use multicast on your network and instead opt +for the udpu transport. You need a relatively recent version of Corosync to +make this possible. +You can also have an array of arrays to have multiple rings. In that case, +each subarray matches a host IP addresses. +As of Corosync 3 knet is the new default which also does not use multicast. + +Default value: `undef` + +##### `force_online` + +Data type: `Boolean` + +Boolean parameter specifying whether to force nodes that have been put +in standby back online. + +Default value: `$corosync::params::force_online` + +##### `check_standby` + +Data type: `Boolean` + +Boolean parameter specifying whether puppet should return an error log +message if a node is in standby. Useful for monitoring node state. + +Default value: `$corosync::params::check_standby` + +##### `log_timestamp` + +Data type: `Boolean` + +Boolean parameter specifying whether a timestamp should be placed on all +log messages. + +Default value: `$corosync::params::log_timestamp` + +##### `log_file` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should produce debug +output in a logfile. + +Default value: `$corosync::params::log_file` + +##### `log_file_name` + +Data type: `Optional[Stdlib::Absolutepath]` + +Absolute path to the logfile Corosync should use when `$log_file` (see +above) is true. + +Default value: `undef` + +##### `debug` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should produce debug +output in its logs. + +Default value: `$corosync::params::debug` + +##### `log_stderr` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should log errors to +stderr. + +Default value: `$corosync::params::log_stderr` + +##### `syslog_priority` + +Data type: `Corosync::SyslogPriority` + +String parameter specifying the minimal log level for Corosync syslog +messages. Allowed values: debug|info|notice|warning|err|emerg. + +Default value: `$corosync::params::syslog_priority` + +##### `log_function_name` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should log called function +names to. + +Default value: `$corosync::params::log_function_name` + +##### `rrp_mode` + +Data type: `Optional[Enum['none', 'active', 'passive']]` + +Mode of redundant ring. May be none, active, or passive. + +Default value: `undef` + +##### `netmtu` + +Data type: `Optional[Integer]` + +This specifies the network maximum transmit unit. + +Default value: `undef` + +##### `ttl` + +Data type: `Optional[Integer[0,255]]` + +Time To Live. + +Default value: `undef` + +##### `vsftype` + +Data type: `Optional[Enum['ykd', 'none']]` + +Virtual synchrony filter type. + +Default value: `undef` + +##### `package_corosync` + +Data type: `Boolean` + +Define if package corosync should be managed. + +Default value: `$corosync::params::package_corosync` + +##### `package_pacemaker` + +Data type: `Boolean` + +Define if package pacemaker should be managed. + +Default value: `$corosync::params::package_pacemaker` + +##### `package_fence_agents` + +Data type: `Boolean` + +Define if package fence-agents should be managed. +Default (Red Hat based): true +Default (otherwise): false + +Default value: `false` + +##### `packageopts_corosync` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the corosync package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_crmsh` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the crmsh package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_pacemaker` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the pacemaker package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_pcs` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the pcs package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_fence_agents` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the pcs package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `highavailability_repo` + +Data type: `String[1]` + +Whether the module should enable the corosync service. + +Default value: `undef` + +##### `ensure_corosync` + +Data type: `String[1]` + +Define what version of the corosync package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_corosync` + +##### `ensure_crmsh` + +Data type: `String[1]` + +Define what version of the crmsh package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_crmsh` + +##### `ensure_pacemaker` + +Data type: `String[1]` + +Define what version of the pacemaker package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_pacemaker` + +##### `ensure_pcs` + +Data type: `String[1]` + +Define what version of the pcs package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_pcs` + +##### `ensure_fence_agents` + +Data type: `String[1]` + +Define what version of the fence-agents-all package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_fence_agents` + +##### `set_votequorum` + +Data type: `Boolean` + +Set to true if corosync_votequorum should be used as quorum provider. +Default (Red Hat based): true +Default (Ubuntu >= 14.04): true +Default (otherwise): false + +Default value: `$corosync::params::set_votequorum` + +##### `votequorum_expected_votes` + +Data type: `Optional[Integer]` + +Overrides the automatic calculation of expected votes which is normally +derived from the number of nodes. + +Default value: `undef` + +##### `quorum_members` + +Data type: `Array` + +Array of quorum member hostname. This is required if set_votequorum +is set to true. +You can also have an array of arrays to have multiple rings. In that case, +each subarray matches a member IP addresses. + +Default value: `['localhost']` + +##### `quorum_members_ids` + +Data type: `Optional[Array]` + +Array of quorum member IDs. Persistent IDs are required for the dynamic +config of a corosync cluster and when_set_votequorum is set to true. +Should be used only with the quorum_members parameter. + +Default value: `undef` + +##### `quorum_members_names` + +Data type: `Optional[Array]` + +Array of quorum member names. Persistent names are required when you +define IP addresses in quorum_members. + +Default value: `undef` + +##### `token` + +Data type: `Optional[Integer]` + +Time (in ms) to wait for a token + +Default value: `undef` + +##### `token_retransmits_before_loss_const` + +Data type: `Optional[Integer]` + +How many token retransmits before forming a new configuration. + +Default value: `undef` + +##### `compatibility` + +Data type: `Optional[String]` + +Older versions of corosync allowed a config-file directive to indicate +backward compatibility. This sets that. + +Default value: `undef` + +##### `enable_corosync_service` + +Data type: `Boolean` + +Whether the module should enable the corosync service. + +Default value: `$corosync::params::enable_corosync_service` + +##### `manage_corosync_service` + +Data type: `Boolean` + +Whether the module should try to manage the corosync service. If set to +false, the service will need to be specified in the catalog elsewhere. + +Default value: `$corosync::params::manage_corosync_service` + +##### `enable_pacemaker_service` + +Data type: `Boolean` + +Whether the module should enable the pacemaker service. + +Default value: `$corosync::params::enable_pacemaker_service` + +##### `manage_pacemaker_service` + +Data type: `Boolean` + +Whether the module should try to manage the pacemaker service. +Default (Red Hat based >= 7): true +Default (Ubuntu >= 14.04): true +Default (otherwise): false + +Default value: `$corosync::params::manage_pacemaker_service` + +##### `enable_pcsd_service` + +Data type: `Boolean` + +Whether the module should enable the pcsd service. + +Default value: `$corosync::params::enable_pcsd_service` + +##### `manage_pcsd_service` + +Data type: `Boolean` + +Whether the module should try to manage the pcsd service in addition to the +corosync service. pcsd service is the GUI and the remote configuration +interface. + +Default value: `false` + +##### `manage_pcsd_auth` + +Data type: `Boolean` + +This only has an effect when $manage_pcsd_service is enabled. If set, an +attempt will be made to authorize pcs on the cluster node determined by +manage_pcsd_auth_node. Note that this determination can only be made when +the entries in quorum_members match the trusted certnames of the nodes in +the environment or the IP addresses of the primary adapters. +$sensitive_hacluster_password is mandatory if this parameter is set. + +Default value: `false` + +##### `manage_pcsd_auth_node` + +Data type: `Enum['first','last']` + +When managing authorization for PCS this determines which node does the +work. Note that only one node 'should' do the work and nodes are chosen by +matching local facts to the contents of quorum_members. When +manage_pcsd_auth is disabled this parameter has no effect. + +Default value: `'first'` + +##### `sensitive_hacluster_password` + +Data type: `Optional[Sensitive[String]]` + +When PCS is configured on a RHEL system this directive is used to set the +password for the hacluster user. If both $manage_pcsd_service and +$manage_pcsd_auth are both set to true the cluster will use this credential +to authorize all nodes. + +Default value: `undef` + +##### `sensitive_hacluster_hash` + +Data type: `Optional[Sensitive[String]]` + +This parameter expects a valid password hash of +sensitive_hacluster_password. If provided, the hash provided the hash will +be used to set the password for the hacluster user on each node. + +Default value: `undef` + +##### `manage_quorum_device` + +Data type: `Boolean` + +Enable or disable the addition of a quorum device external to the cluster. +This device is used avoid cluster splits typically in conjunction with +fencing by providing an external network vote. Additionally, this allows +symmentric clusters to continue operation in the event that 50% of their +nodes have failed. + +Default value: `false` + +##### `quorum_device_host` + +Data type: `Optional[Stdlib::Fqdn]` + +The fully qualified hostname of the quorum device. This parameter is +mandatory when manage_quorum_device is true. + +Default value: `undef` + +##### `quorum_device_algorithm` + +Data type: `Corosync::QuorumAlgorithm` + +There are currently two algorithms the quorum device can utilize to +determine how its vote should be allocated; Fifty-fifty split and +last-man-standing. See the +[corosync-qdevice man page](https://www.systutorials.com/docs/linux/man/8-corosync-qdevice/) +for details. + +Default value: `'ffsplit'` + +##### `package_quorum_device` + +Data type: `Optional[String]` + +The name of the package providing the quorum device functionality. This +parameter is mandatory if manage_quorum_device is true. + +Default value: `$corosync::params::package_quorum_device` + +##### `sensitive_quorum_device_password` + +Data type: `Optional[Sensitive[String]]` + +The plain text password for the hacluster user on the quorum_device_host. +This parameter is mandatory if manage_quorum_device is true. + +Default value: `undef` + +##### `cluster_name` + +Data type: `Optional[String[1]]` + +This specifies the name of cluster and it's used for automatic +generating of multicast address. + +Default value: `undef` + +##### `join` + +Data type: `Optional[Integer]` + +This timeout specifies in milliseconds how long to wait for join messages +in the membership protocol. + +Default value: `undef` + +##### `consensus` + +Data type: `Optional[Integer]` + +This timeout specifies in milliseconds how long to wait for consensus to be +achieved before starting a new round of membership configuration. +The minimum value for consensus must be 1.2 * token. This value will be +automatically calculated at 1.2 * token if the user doesn't specify a +consensus value. + +Default value: `undef` + +##### `ip_version` + +Data type: `Optional[String[1]]` + +This specifies version of IP to ask DNS resolver for. The value can be +one of ipv4 (look only for an IPv4 address) , ipv6 (check only IPv6 address), +ipv4-6 (look for all address families and use first IPv4 address found in the +list if there is such address, otherwise use first IPv6 address) and +ipv6-4 (look for all address families and use first IPv6 address found in the +list if there is such address, otherwise use first IPv4 address). + +Default (if unspecified) is ipv6-4 for knet and udpu transports and ipv4 for udp. + +Default value: `undef` + +##### `clear_node_high_bit` + +Data type: `Optional[Enum['yes', 'no']]` + +This configuration option is optional and is only relevant when no nodeid +is specified. Some openais clients require a signed 32 bit nodeid that is +greater than zero however by default openais uses all 32 bits of the IPv4 +address space when generating a nodeid. Set this option to yes to force +the high bit to be zero and therefor ensure the nodeid is a positive signed +32 bit integer. +WARNING: The clusters behavior is undefined if this option is enabled on +only a subset of the cluster (for example during a rolling upgrade). + +Default value: `undef` + +##### `max_messages` + +Data type: `Optional[Integer]` + +This constant specifies the maximum number of messages that may be sent by +one processor on receipt of the token. The max_messages parameter is limited +to 256000 / netmtu to prevent overflow of the kernel transmit buffers. + +Default value: `undef` + +##### `test_corosync_config` + +Data type: `Boolean` + +Whether we should test new configuration files with `corosync -t`. +(requires corosync 2.3.4) + +Default value: `$corosync::params::test_corosync_config` + +##### `watchdog_device` + +Data type: `Optional[Variant[Stdlib::Absolutepath, Enum['off']]]` + +Watchdog device to use, for example '/dev/watchdog' or 'off'. +Its presence (or lack thereof) shifted with corosync versions. + +Default value: `undef` + +##### `provider` + +Data type: `Enum['pcs', 'crm']` + +What command line utility provides corosync configuration capabilities. + +Default value: `'pcs'` + +### `corosync::params` + +Configures sane defaults based on the operating system. + +### `corosync::qdevice` + +This class performs the configuration of the qdevice daemon on a target node. +Note that this requires corosync 2.x and must never be deployed on a node +which is actually part of a cluster. Additionally, you will need to open the +correct firewall ports for both pcs, and the actual quorum device as shown in +the included example. + +* **See also** + * https://www.systutorials.com/docs/linux/man/8-corosync-qnetd/ + +#### Examples + +##### Quorum node with default password & configuring the firewall + +```puppet +include firewalld + +class { 'corosync::qdevice': + sensitive_hacluster_hash => $sensitive_hacluster_hash, +} +contain 'corosync::qdevice' + +# Open the corosync-qnetd port +firewalld::custom_service { 'corosync-qdevice-net': + description => 'Corosync Quorum Net Device Port', + port => [ + { + port => '5403', + protocol => 'tcp', + }, + ], +} +firewalld_service { 'corosync-qdevice-net': + ensure => 'present', + service => 'corosync-qdevice-net', + zone => 'public', +} + +# Configure general PCS firewall rules +firewalld_service { 'high-availability': + ensure => 'present', + service => 'high-availability', + zone => 'public', +} +``` + +#### Parameters + +The following parameters are available in the `corosync::qdevice` class: + +* [`sensitive_hacluster_hash`](#-corosync--qdevice--sensitive_hacluster_hash) +* [`package_pcs`](#-corosync--qdevice--package_pcs) +* [`package_corosync_qnetd`](#-corosync--qdevice--package_corosync_qnetd) +* [`provider`](#-corosync--qdevice--provider) + +##### `sensitive_hacluster_hash` + +Data type: `Optional[Sensitive[String]]` + +The password hash for the hacluster user on this quorum device node. If +omitted, you must create the hacluster user and haclient group yourself. +This user is required because pcsd must be used to perform the +quorum node configuration. + +Default value: `undef` + +##### `package_pcs` + +Data type: `String[1]` + +Name of the PCS package on this system. + +Default value: `'pcs'` + +##### `package_corosync_qnetd` + +Data type: `String[1]` + +Name of the corosync qnetd package for this system. + +Default value: `'corosync-qnetd'` + +##### `provider` + +Data type: `String` + +What command line utility provides corosync configuration capabilities. + +### `corosync::reprobe` + +Include this class to reprobe the corosync cluster when there are changes in +any of the native cs_* types. Useful for multi-node provisioning when the +nodes are not always in a stable state after provisioning. + +Copyright 2012 Puppet Labs, LLC. + +#### Examples + +##### Reprobe corosync after making cluster configuration changes + +```puppet + +include corosync::reprobe +``` + +## Defined types + +### `corosync::service` + +Models a Corosync service. Corosync services are plugins that provide +functionality for monitoring cluster resources. One of the most common +of these plugins being Pacemaker. This is for corosync 1.x! + +=== Authors + +Cody Herriges + +=== Copyright + +Copyright 2012 Puppet Labs, LLC. + +#### Examples + +##### Simple configuration of a service with version '0'. + +```puppet + +corosync::service { 'pacemaker': + version => '0', +} +``` + +#### Parameters + +The following parameters are available in the `corosync::service` defined type: + +* [`name`](#-corosync--service--name) +* [`version`](#-corosync--service--version) + +##### `name` + +Data type: `String` + +The namevar in this type is the title you give it when you define a resource +instance. It is used for a handful of purposes; defining the name of the +config file and the name defined inside the file itself. + +##### `version` + +Data type: `String[1]` + +Version of the protocol used by this service. This is currently unused. + +## Resource types + +### `cs_clone` + +Type for manipulating corosync/pacemaker resource clone. +More information on Corosync/Pacemaker colocation can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html + +#### Properties + +The following properties are available in the `cs_clone` type. + +##### `clone_max` + +Valid values: `%r{\d+}`, `absent` + +How many copies of the resource to start. +Defaults to the number of nodes in the cluster. + +Default value: `absent` + +##### `clone_node_max` + +Valid values: `%r{\d+}`, `absent` + +How many copies of the resource can be started on a single node. +Defaults to 1. + +Default value: `absent` + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `globally_unique` + +Valid values: `true`, `false`, `absent` + +Does each copy of the clone perform a different function? +Allowed values: true, false + +Default value: `absent` + +##### `group` + +The corosync resource group to be cloned. + +##### `interleave` + +Valid values: `true`, `false`, `absent` + +Changes the behavior of ordering constraints (between clones/masters) so that instances can start/stop +as soon as their peer instance has (rather than waiting for every instance of the other clone has). +Allowed values: true, false + +Default value: `absent` + +##### `notify_clones` + +Valid values: `true`, `false`, `absent` + +When stopping or starting a copy of the clone, tell all the other copies beforehand +and when the action was successful. +Allowed values: true, false + +Default value: `absent` + +##### `ordered` + +Valid values: `true`, `false`, `absent` + +Should the copies be started in series (instead of in parallel). Allowed values: true, false + +Default value: `absent` + +##### `primitive` + +The corosync resource primitive to be cloned. + +##### `promotable` + +Valid values: `true`, `false`, `absent` + +If true, clone instances can perform a special role that Pacemaker will manage via the resource agent’s +promote and demote actions. The resource agent must support these actions. Allowed values: false, true + +Default value: `absent` + +##### `promoted_max` + +Valid values: `%r{\d+}`, `absent` + +If promotable is true, the number of instances that can be promoted at one time across the entire cluster + +Default value: `absent` + +##### `promoted_node_max` + +Valid values: `%r{\d+}`, `absent` + +If promotable is true and globally-unique is false, the number of clone instances can be promoted at one time on a single node + +Default value: `absent` + +#### Parameters + +The following parameters are available in the `cs_clone` type. + +* [`cib`](#-cs_clone--cib) +* [`name`](#-cs_clone--name) +* [`provider`](#-cs_clone--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this colocation should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Identifier of the clone entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_clone` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_colocation` + +Type for manipulating corosync/pacemaker colocation. Colocation +is the grouping together of a set of primitives so that they travel +together when one of them fails. For instance, if a web server vhost +is colocated with a specific ip address and the web server software +crashes, the ip address with migrate to the new host with the vhost. + +More information on Corosync/Pacemaker colocation can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html + +#### Properties + +The following properties are available in the `cs_colocation` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `primitives` + +At least two Pacemaker primitives to be located together. Order of primitives +in colocation groups is important. In Pacemaker, a colocation of 2 primitives +behaves different than a colocation between more than 2 primitives. Here the +behavior is altered to be more consistent. +Examples on how to define colocations here: +- 2 primitives: [A, B] will cause A to be located first, and B will be located + with A. This is different than how crm configure colocation works, because + there [A, B] would mean colocate A with B, thus B should be located first. +- multiple primitives: [A, B, C] will cause A to be located first, B next, and + finally C. This is identical to how crm configure colocation works with + multiple resources, it will add a colocated set. +Property will raise an error if you do not provide an array containing at least +two values. Values can be either the name of the primitive, or primitive:role. +Notice, we can only interpret colocations of single sets, not multiple sets +combined. In Pacemaker speak, this means we can support 'A B C' but not e.g. +'A B (C D) E'. Feel free to contribute a patch for this. + +##### `score` + +The priority of this colocation. Primitives can be a part of +multiple colocation groups and so there is a way to control which +primitives get priority when forcing the move of other primitives. +This value can be an integer but is often defined as the string +INFINITY. + +Default value: `INFINITY` + +#### Parameters + +The following parameters are available in the `cs_colocation` type. + +* [`cib`](#-cs_colocation--cib) +* [`name`](#-cs_colocation--name) +* [`provider`](#-cs_colocation--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This paramater sets the CIB this colocation should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Identifier of the colocation entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_colocation` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `cs_commit` + +Final commit statement which triggers the synchronous application of +all primitive changes which reference this CIB. Do not generate more +than one cs_commit referencing the same CIB for a given cluster! + +#### Parameters + +The following parameters are available in the `cs_commit` type. + +* [`cib`](#-cs_commit--cib) +* [`name`](#-cs_commit--name) +* [`provider`](#-cs_commit--provider) + +##### `cib` + +Name of the CIB to commit. This value defaults to the name of +the cs_commit resource. + +##### `name` + +namevar + +Name of the CIB to commit. See the cib parameter for more detail. + +##### `provider` + +The specific backend to use for this `cs_commit` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_group` + +Type for manipulating Corosync/Pacemaker group entries. +Groups are a set or resources (primitives) that need to be +grouped together. + +More information can be found at the following link: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch-advanced-resources.html#group-resources + +#### Properties + +The following properties are available in the `cs_group` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `primitives` + +An array of primitives to have in this group. Must be listed in the +order that you wish them to start. + +#### Parameters + +The following parameters are available in the `cs_group` type. + +* [`cib`](#-cs_group--cib) +* [`name`](#-cs_group--name) +* [`provider`](#-cs_group--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this order should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this group entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_group` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_location` + +Type for manipulating corosync/pacemaker resource location. +More information on Corosync/Pacemaker colocation can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html + +#### Properties + +The following properties are available in the `cs_location` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `node_name` + +The corosync node_name where the resource should be located. + +##### `primitive` + +The corosync resource primitive to have a location applied. + +##### `resource_discovery` + +Whether Pacemaker should perform resource discovery on this +node for the specified resource. It matches the resource-discovery +location property in pacemaker + +##### `rules` + +The rules of this location. This is an array of hashes where +each hash contains an array of one or more expressions. + +Example: + + cs_location { 'vip-ping-connected': + primitive => 'vip', + rules => [ + 'vip-ping-exclude-rule' => { + 'score' => '-INFINITY', + 'expression' => [ + { 'attribute' => 'pingd', + 'operation' => 'lt', + 'value' => '100', + }, + ], + }, + 'vip-ping-prefer-rule' => { + 'score-attribute' => 'pingd', + 'expression' => [ + { 'attribute' => 'pingd', + 'operation' => 'defined', + }, + ], + }, + ], + } + +##### `score` + +The priority of this location. Primitives can be a part of +multiple location groups and so there is a way to control which +primitives get priority when forcing the move of other primitives. +This value can be an integer but is often defined as the string +INFINITY. + +Default value: `INFINITY` + +#### Parameters + +The following parameters are available in the `cs_location` type. + +* [`cib`](#-cs_location--cib) +* [`name`](#-cs_location--name) +* [`provider`](#-cs_location--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This paramater sets the CIB this colocation should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Identifier of the location entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_location` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `cs_order` + +Type for manipulating Corosync/Pacemaker ordering entries. Order +entries are another type of constraint that can be put on sets of +primitives but unlike colocation, order does matter. These designate +the order at which you need specific primitives to come into a desired +state before starting up a related primitive. + +More information can be found at the following link: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_controlling_resource_start_stop_ordering.html + +#### Properties + +The following properties are available in the `cs_order` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `first` + +First Corosync primitive. Just like colocation, our primitives for +ordering come in pairs but this time order matters so we need to define +which primitive starts the desired state change chain. + +##### `kind` + +How to enforce the constraint. + +Allowed values: +- Optional: Just a suggestion. Only applies if both resources are executing +the specified actions. Any change in state by the first resource will have +no effect on the then resource. +- Mandatory: Always. If first does not perform first-action, then will not +be allowed to performed then-action. If first is restarted, then +(if running) will be stopped beforehand and started afterward. +- Serialize: Ensure that no two stop/start actions occur concurrently for +the resources. First and then can start in either order, but one must +complete starting before the other can be started. A typical use case is +when resource start-up puts a high load on the host. + +Default value: `Mandatory` + +##### `score` + +The priority of the this ordered grouping. Primitives can be a part +of multiple order groups and so there is a way to control which +primitives get priority when forcing the order of state changes on +other primitives. This value can be an integer but is often defined +as the string INFINITY. +When using pcs as provider this value is not used. +It is generally preferred to use the `kind` parameter. + +##### `second` + +Second Corosync primitive. Our second primitive will move to the +desired state after the first primitive. + +##### `symmetrical` + +Boolean specifying if the resources should stop in reverse order. +Default value: true. + +Default value: `true` + +#### Parameters + +The following parameters are available in the `cs_order` type. + +* [`cib`](#-cs_order--cib) +* [`name`](#-cs_order--name) +* [`provider`](#-cs_order--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this order should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this ordering entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_order` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_primitive` + +Type for manipulating Corosync/Pacemaker primitives. Primitives +are probably the most important building block when creating highly +available clusters using Corosync and Pacemaker. Each primitive defines +an application, ip address, or similar to monitor and maintain. These +managed primitives are maintained using what is called a resource agent. +These resource agents have a concept of class, type, and subsystem that +provides the functionality. Regrettably these pieces of vocabulary +clash with those used in Puppet so to overcome the name clashing the +property and parameter names have been qualified a bit for clarity. + +More information on primitive definitions can be found at the following +link: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_adding_a_resource.html + +#### Properties + +The following properties are available in the `cs_primitive` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `metadata` + +A hash of metadata for the primitive. A primitive can have a set of +metadata that doesn't affect the underlying Corosync type/provider but +affect that concept of a resource. This metadata is similar to Puppet's +resources resource and some meta-parameters, they change resource +behavior but have no affect of the data that is synced or manipulated. + +Default value: `Hash.new` + +##### `operations` + +A hash of operations for the primitive. Operations defined in a +primitive are little more predictable as they are commonly things like +monitor or start and their values are in seconds. Since each resource +agent can define its own set of operations we are going to defer again +and just accept a hash. There maybe room to model this one but it +would require a review of all resource agents to see if each operation +is valid. + +Default value: `Hash.new` + +##### `parameters` + +A hash of params for the primitive. Parameters in a primitive are +used by the underlying resource agent, each class using them slightly +differently. In ocf scripts they are exported and pulled into the +script as variables to be used. Since the list of these parameters +are completely arbitrary and validity not enforced we simply defer +defining a model and just accept a hash. + +Default value: `Hash.new` + +##### `utilization` + +A hash of utilization attributes for the primitive. If nodes are +also configured with available resources, and Pacemaker's placement +strategy is set appropriately, then Pacemaker can place primitives on +nodes only where resources are available. + +See the Pacemaker documentation: + +http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch11.html + +Default value: `Hash.new` + +#### Parameters + +The following parameters are available in the `cs_primitive` type. + +* [`cib`](#-cs_primitive--cib) +* [`name`](#-cs_primitive--name) +* [`primitive_class`](#-cs_primitive--primitive_class) +* [`primitive_type`](#-cs_primitive--primitive_type) +* [`provided_by`](#-cs_primitive--provided_by) +* [`provider`](#-cs_primitive--provider) +* [`unmanaged_metadata`](#-cs_primitive--unmanaged_metadata) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this primitive should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of primitive. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `primitive_class` + +Corosync class of the primitive. Examples of classes are lsb or ocf. +Lsb functions a lot like the init provider in Puppet for services, an init +script is ran periodically on each host to identify status, or to start +and stop a particular application. Ocf of the other hand is a script with +meta-data and structure that is specific to Corosync and Pacemaker. + +##### `primitive_type` + +Corosync primitive type. Type generally matches to the specific +'thing' your managing, i.e. ip address or vhost. Though, they can be +completely arbitrarily named and manage any number of underlying +applications or resources. + +##### `provided_by` + +Corosync primitive provider. All resource agents used in a primitive +have something that provides them to the system, be it the Pacemaker or +redhat plugins...they're not always obvious though so currently you're +left to understand Corosync enough to figure it out. Usually, if it isn't +obvious it is because there is only one provider for the resource agent. + +To find the list of providers for a resource agent run the following +from the command line has Corosync installed: + +* `crm configure ra providers ` + +##### `provider` + +The specific backend to use for this `cs_primitive` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +##### `unmanaged_metadata` + +Metadata options that should not be managed by Puppet. +Examples: ['target-role', 'is-managed'] + +Default value: `Array.new` + +### `cs_property` + +Type for manipulating corosync/pacemaker configuration properties. +Besides the configuration file that is managed by the module the contains +all these related Corosync types and providers, there is a set of cluster +properties that can be set and saved inside the CIB (A CIB being a set of +configuration that is synced across the cluster, it can be exported as XML +for processing and backup). The type is pretty simple interface for +setting key/value pairs or removing them completely. Removing them will +result in them taking on their default value. + +More information on cluster properties can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/_cluster_options.html + +P.S Looked at generating a type dynamically from the cluster's property +meta-data that would result in a single type with puppet type properties +of every cluster property...may still do so in a later iteration. + +#### Properties + +The following properties are available in the `cs_property` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `value` + +Value of the property. It is expected that this will be a single +value but we aren't validating string vs. integer vs. boolean because +cluster properties can range the gambit. + +#### Parameters + +The following parameters are available in the `cs_property` type. + +* [`cib`](#-cs_property--cib) +* [`name`](#-cs_property--name) +* [`provider`](#-cs_property--provider) +* [`replace`](#-cs_property--replace) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this parameter should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this property. Simply the name of the cluster +property. Happily most of these are unique. + +##### `provider` + +The specific backend to use for this `cs_property` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +##### `replace` + +Valid values: `true`, `false`, `yes`, `no` + +Whether to replace a property that already exists on the cluster +whose value doesn't match what the `value` attribute specifies. Setting +this to false allows cs_property resources to initialize properties without +overwriting future changes. Defaults to `true`. + +Default value: `true` + +### `cs_rsc_defaults` + +Type for manipulating corosync/pacemaker global defaults for +resource options. The type is pretty simple interface for setting +key/value pairs or removing them completely. Removing them will result +in them taking on their default value. + +More information on resource defaults can be found here: + +* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-defaults.html +* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-options.html + +#### Properties + +The following properties are available in the `cs_rsc_defaults` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `value` + +Value of the property. It is expected that this will be a single +value but we aren't validating string vs. integer vs. boolean because +resource options can range the gambit. + +#### Parameters + +The following parameters are available in the `cs_rsc_defaults` type. + +* [`cib`](#-cs_rsc_defaults--cib) +* [`name`](#-cs_rsc_defaults--name) +* [`provider`](#-cs_rsc_defaults--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this rsc_defaults should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this property. Simply the name of the resource +option. Happily most of these are unique. + +##### `provider` + +The specific backend to use for this `cs_rsc_defaults` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `cs_shadow` + +cs_shadow resources represent a Corosync shadow CIB. Any corosync +resources defined with 'cib' set to the title of a cs_shadow resource +will not become active until all other resources with the same cib +value have also been applied. + +#### Properties + +The following properties are available in the `cs_shadow` type. + +##### `epoch` + +Implementation detail. DO NOT SET DIRECTLY. + +Default value: `latest` + +#### Parameters + +The following parameters are available in the `cs_shadow` type. + +* [`autocommit`](#-cs_shadow--autocommit) +* [`cib`](#-cs_shadow--cib) +* [`provider`](#-cs_shadow--provider) + +##### `autocommit` + +Valid values: `true`, `false`, `yes`, `no` + +Whether to generate a cs_commit or not. Can be used to create shadow +CIB without committing them. + +Default value: `true` + +##### `cib` + +namevar + +Name of the CIB to begin tracking changes against. + +##### `provider` + +The specific backend to use for this `cs_shadow` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +## Data types + +### `Corosync::ArrayRing` + +Custom type for infinitely nestable arrays + +Alias of + +```puppet +Variant[Array[Stdlib::IP::Address], Array[ + Array[Stdlib::IP::Address] + ]] +``` + +### `Corosync::CryptoCipher` + +Defines the allowed cipher types for secure corosync communication + +Alias of `Enum['aes256', 'aes192', 'aes128', '3des']` + +### `Corosync::CryptoHash` + +Custom type for possible crypto hashes + +Alias of `Enum['md5', 'sha1', 'sha256', 'sha384', 'sha512']` + +### `Corosync::IpStringIp` + +Custom type for string <-> array of string variants + +Alias of + +```puppet +Variant[Stdlib::IP::Address, Array[ + Stdlib::IP::Address + ]] +``` + +### `Corosync::QuorumAlgorithm` + +Custom type for quorumalgorithm enum + +Alias of `Enum['ffsplit', 'lms']` + +### `Corosync::Syslogpriority` + +Custom type for syslog priority enum + +Alias of `Enum['debug', 'info', 'notice', 'warning', 'err', 'alert', 'emerg', 'crit']` + From dd9cb5d927f67d2a19f5e66d02652175de1e4b32 Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Tue, 8 Oct 2024 18:25:27 +0200 Subject: [PATCH 09/12] set optional highavailability_repo param --- REFERENCE.md | 2 +- manifests/init.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index d3a7fa17..92632ae7 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -443,7 +443,7 @@ Default value: `$corosync::params::package_install_options` ##### `highavailability_repo` -Data type: `String[1]` +Data type: `Optional[String]` Whether the module should enable the corosync service. diff --git a/manifests/init.pp b/manifests/init.pp index 92c4c331..9697f1bd 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -407,7 +407,7 @@ Optional[Variant[Stdlib::Absolutepath, Enum['off']]] $watchdog_device = undef, Enum['pcs', 'crm'] $provider = 'pcs', String $pcs_version = '', # lint:ignore:params_empty_string_assignment - String[1] $highavailability_repo = undef, + Optional[String] $highavailability_repo = undef, ) inherits corosync::params { if $set_votequorum and (empty($quorum_members) and empty($multicast_address) and !$cluster_name) { fail('set_votequorum is true, so you must set either quorum_members, or one of multicast_address or cluster_name.') From ab9299e8a77fe13ad388484248e3275c6dcebcde Mon Sep 17 00:00:00 2001 From: Christoph Maser Date: Tue, 8 Oct 2024 19:25:12 +0200 Subject: [PATCH 10/12] update REFERENCE.md --- REFERENCE.md | 3758 +++++++++++++++++++++++++------------------------- 1 file changed, 1879 insertions(+), 1879 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 92632ae7..131e70b0 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1,1879 +1,1879 @@ -# Reference - - - -## Table of Contents - -### Classes - -* [`corosync`](#corosync): Configures the Pacemaker+Corosync stack to provide high-availability. -* [`corosync::params`](#corosync--params): Configures sane defaults based on the operating system. -* [`corosync::qdevice`](#corosync--qdevice): Performs basic initial configuration of the qdevice daemon on a node. -* [`corosync::reprobe`](#corosync--reprobe): Triggers re-probe for changes any of the native cs_* types. - -### Defined types - -* [`corosync::service`](#corosync--service): Declare services within /etc/corosync/service.d/ (Corosync 1.x) - -### Resource types - -* [`cs_clone`](#cs_clone): Type for manipulating corosync/pacemaker resource clone. More information on Corosync/Pacemaker colocation can be found here: * http://www.c -* [`cs_colocation`](#cs_colocation): Type for manipulating corosync/pacemaker colocation. Colocation is the grouping together of a set of primitives so that they travel together -* [`cs_commit`](#cs_commit): Final commit statement which triggers the synchronous application of all primitive changes which reference this CIB. Do not generate more tha -* [`cs_group`](#cs_group): Type for manipulating Corosync/Pacemaker group entries. Groups are a set or resources (primitives) that need to be grouped together. More in -* [`cs_location`](#cs_location): Type for manipulating corosync/pacemaker resource location. More information on Corosync/Pacemaker colocation can be found here: * http://ww -* [`cs_order`](#cs_order): Type for manipulating Corosync/Pacemaker ordering entries. Order entries are another type of constraint that can be put on sets of primitive -* [`cs_primitive`](#cs_primitive): Type for manipulating Corosync/Pacemaker primitives. Primitives are probably the most important building block when creating highly availabl -* [`cs_property`](#cs_property): Type for manipulating corosync/pacemaker configuration properties. Besides the configuration file that is managed by the module the contains -* [`cs_rsc_defaults`](#cs_rsc_defaults): Type for manipulating corosync/pacemaker global defaults for resource options. The type is pretty simple interface for setting key/value pair -* [`cs_shadow`](#cs_shadow): cs_shadow resources represent a Corosync shadow CIB. Any corosync resources defined with 'cib' set to the title of a cs_shadow resource will - -### Data types - -* [`Corosync::ArrayRing`](#Corosync--ArrayRing): Custom type for infinitely nestable arrays -* [`Corosync::CryptoCipher`](#Corosync--CryptoCipher): Defines the allowed cipher types for secure corosync communication -* [`Corosync::CryptoHash`](#Corosync--CryptoHash): Custom type for possible crypto hashes -* [`Corosync::IpStringIp`](#Corosync--IpStringIp): Custom type for string <-> array of string variants -* [`Corosync::QuorumAlgorithm`](#Corosync--QuorumAlgorithm): Custom type for quorumalgorithm enum -* [`Corosync::Syslogpriority`](#Corosync--Syslogpriority): Custom type for syslog priority enum - -## Classes - -### `corosync` - -This class will set up corosync for use by the Puppet Enterprise console to -facilitate an active/standby configuration for high availability. It is -assumed that this module has been initially ran on a Puppet master with the -capabilities of signing certificates to do the initial key generation. - -=== Authors - -Cody Herriges - -=== Copyright - -Copyright 2012, Puppet Labs, LLC. - -#### Examples - -##### Simple configuration without secauth - -```puppet - -class { 'corosync': - enable_secauth => false, - bind_address => '192.168.2.10', - multicast_address => '239.1.1.2', -} -``` - -#### Parameters - -The following parameters are available in the `corosync` class: - -* [`enable_secauth`](#-corosync--enable_secauth) -* [`authkey_source`](#-corosync--authkey_source) -* [`authkey`](#-corosync--authkey) -* [`crypto_hash`](#-corosync--crypto_hash) -* [`crypto_cipher`](#-corosync--crypto_cipher) -* [`config_validate_cmd`](#-corosync--config_validate_cmd) -* [`threads`](#-corosync--threads) -* [`bind_address`](#-corosync--bind_address) -* [`pcs_version`](#-corosync--pcs_version) -* [`port`](#-corosync--port) -* [`multicast_address`](#-corosync--multicast_address) -* [`unicast_addresses`](#-corosync--unicast_addresses) -* [`force_online`](#-corosync--force_online) -* [`check_standby`](#-corosync--check_standby) -* [`log_timestamp`](#-corosync--log_timestamp) -* [`log_file`](#-corosync--log_file) -* [`log_file_name`](#-corosync--log_file_name) -* [`debug`](#-corosync--debug) -* [`log_stderr`](#-corosync--log_stderr) -* [`syslog_priority`](#-corosync--syslog_priority) -* [`log_function_name`](#-corosync--log_function_name) -* [`rrp_mode`](#-corosync--rrp_mode) -* [`netmtu`](#-corosync--netmtu) -* [`ttl`](#-corosync--ttl) -* [`vsftype`](#-corosync--vsftype) -* [`package_corosync`](#-corosync--package_corosync) -* [`package_pacemaker`](#-corosync--package_pacemaker) -* [`package_fence_agents`](#-corosync--package_fence_agents) -* [`packageopts_corosync`](#-corosync--packageopts_corosync) -* [`packageopts_crmsh`](#-corosync--packageopts_crmsh) -* [`packageopts_pacemaker`](#-corosync--packageopts_pacemaker) -* [`packageopts_pcs`](#-corosync--packageopts_pcs) -* [`packageopts_fence_agents`](#-corosync--packageopts_fence_agents) -* [`highavailability_repo`](#-corosync--highavailability_repo) -* [`ensure_corosync`](#-corosync--ensure_corosync) -* [`ensure_crmsh`](#-corosync--ensure_crmsh) -* [`ensure_pacemaker`](#-corosync--ensure_pacemaker) -* [`ensure_pcs`](#-corosync--ensure_pcs) -* [`ensure_fence_agents`](#-corosync--ensure_fence_agents) -* [`set_votequorum`](#-corosync--set_votequorum) -* [`votequorum_expected_votes`](#-corosync--votequorum_expected_votes) -* [`quorum_members`](#-corosync--quorum_members) -* [`quorum_members_ids`](#-corosync--quorum_members_ids) -* [`quorum_members_names`](#-corosync--quorum_members_names) -* [`token`](#-corosync--token) -* [`token_retransmits_before_loss_const`](#-corosync--token_retransmits_before_loss_const) -* [`compatibility`](#-corosync--compatibility) -* [`enable_corosync_service`](#-corosync--enable_corosync_service) -* [`manage_corosync_service`](#-corosync--manage_corosync_service) -* [`enable_pacemaker_service`](#-corosync--enable_pacemaker_service) -* [`manage_pacemaker_service`](#-corosync--manage_pacemaker_service) -* [`enable_pcsd_service`](#-corosync--enable_pcsd_service) -* [`manage_pcsd_service`](#-corosync--manage_pcsd_service) -* [`manage_pcsd_auth`](#-corosync--manage_pcsd_auth) -* [`manage_pcsd_auth_node`](#-corosync--manage_pcsd_auth_node) -* [`sensitive_hacluster_password`](#-corosync--sensitive_hacluster_password) -* [`sensitive_hacluster_hash`](#-corosync--sensitive_hacluster_hash) -* [`manage_quorum_device`](#-corosync--manage_quorum_device) -* [`quorum_device_host`](#-corosync--quorum_device_host) -* [`quorum_device_algorithm`](#-corosync--quorum_device_algorithm) -* [`package_quorum_device`](#-corosync--package_quorum_device) -* [`sensitive_quorum_device_password`](#-corosync--sensitive_quorum_device_password) -* [`cluster_name`](#-corosync--cluster_name) -* [`join`](#-corosync--join) -* [`consensus`](#-corosync--consensus) -* [`ip_version`](#-corosync--ip_version) -* [`clear_node_high_bit`](#-corosync--clear_node_high_bit) -* [`max_messages`](#-corosync--max_messages) -* [`test_corosync_config`](#-corosync--test_corosync_config) -* [`watchdog_device`](#-corosync--watchdog_device) -* [`provider`](#-corosync--provider) - -##### `enable_secauth` - -Data type: `Boolean` - -Controls corosync's ability to authenticate and encrypt multicast messages. - -Default value: `$corosync::params::enable_secauth` - -##### `authkey_source` - -Data type: `Enum['file', 'string']` - -Allows to use either a file or a string as a authkey. - -Default value: `$corosync::params::authkey_source` - -##### `authkey` - -Data type: `Variant[Stdlib::Filesource,Stdlib::Base64]` - -Specifies the path to the CA which is used to sign Corosync's certificate if -authkey_source is 'file' or a base64 encoded version of the actual authkey -if 'string' is used instead. - -Default value: `$corosync::params::authkey` - -##### `crypto_hash` - -Data type: `Corosync::CryptoHash` - -Hashing algorithm used by corosync for intra-cluster communication. Valid -values are none, md5, sha1, sha256, sha384, and sha512 - -Default value: `'sha1'` - -##### `crypto_cipher` - -Data type: `Corosync::CryptoCipher` - -Encryption cipher used by corosync for intra-cluster communication. Valid -values are none, aes256, aes192, aes128, and 3des - -Default value: `'aes256'` - -##### `config_validate_cmd` - -Data type: `String[1]` - - - -Default value: `'/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t'` - -##### `threads` - -Data type: `Optional[Integer]` - -How many threads you are going to let corosync use to encode and decode -multicast messages. If you turn off secauth then corosync will ignore -threads. - -Default value: `undef` - -##### `bind_address` - -Data type: `Corosync::IpStringIp` - -The ip address we are going to bind the corosync daemon too. -Can be specified as an array to have multiple rings. - -Default value: `$corosync::params::bind_address` - -##### `pcs_version` - -Data type: `String` - - - -Default value: `''` - -##### `port` - -Data type: `Optional[Variant[Stdlib::Port, Array[Stdlib::Port]]]` - -The UDP port that corosync will use to do its multicast communication. Be -aware that corosync used this defined port plus minus one. -Can be specified as an array to have multiple rings. - -Default value: `$corosync::params::port` - -##### `multicast_address` - -Data type: `Optional[Corosync::IpStringIp]` - -An IP address that has been reserved for multicast traffic. This is the -default way that Corosync accomplishes communication across the cluster. -Use 'broadcast' to have broadcast instead -Can be specified as an array to have multiple rings (multicast only). - -Default value: `undef` - -##### `unicast_addresses` - -Data type: `Optional[Array]` - -An array of IP addresses that make up the cluster's members. These are -used if you are not able to use multicast on your network and instead opt -for the udpu transport. You need a relatively recent version of Corosync to -make this possible. -You can also have an array of arrays to have multiple rings. In that case, -each subarray matches a host IP addresses. -As of Corosync 3 knet is the new default which also does not use multicast. - -Default value: `undef` - -##### `force_online` - -Data type: `Boolean` - -Boolean parameter specifying whether to force nodes that have been put -in standby back online. - -Default value: `$corosync::params::force_online` - -##### `check_standby` - -Data type: `Boolean` - -Boolean parameter specifying whether puppet should return an error log -message if a node is in standby. Useful for monitoring node state. - -Default value: `$corosync::params::check_standby` - -##### `log_timestamp` - -Data type: `Boolean` - -Boolean parameter specifying whether a timestamp should be placed on all -log messages. - -Default value: `$corosync::params::log_timestamp` - -##### `log_file` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should produce debug -output in a logfile. - -Default value: `$corosync::params::log_file` - -##### `log_file_name` - -Data type: `Optional[Stdlib::Absolutepath]` - -Absolute path to the logfile Corosync should use when `$log_file` (see -above) is true. - -Default value: `undef` - -##### `debug` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should produce debug -output in its logs. - -Default value: `$corosync::params::debug` - -##### `log_stderr` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should log errors to -stderr. - -Default value: `$corosync::params::log_stderr` - -##### `syslog_priority` - -Data type: `Corosync::SyslogPriority` - -String parameter specifying the minimal log level for Corosync syslog -messages. Allowed values: debug|info|notice|warning|err|emerg. - -Default value: `$corosync::params::syslog_priority` - -##### `log_function_name` - -Data type: `Boolean` - -Boolean parameter specifying whether Corosync should log called function -names to. - -Default value: `$corosync::params::log_function_name` - -##### `rrp_mode` - -Data type: `Optional[Enum['none', 'active', 'passive']]` - -Mode of redundant ring. May be none, active, or passive. - -Default value: `undef` - -##### `netmtu` - -Data type: `Optional[Integer]` - -This specifies the network maximum transmit unit. - -Default value: `undef` - -##### `ttl` - -Data type: `Optional[Integer[0,255]]` - -Time To Live. - -Default value: `undef` - -##### `vsftype` - -Data type: `Optional[Enum['ykd', 'none']]` - -Virtual synchrony filter type. - -Default value: `undef` - -##### `package_corosync` - -Data type: `Boolean` - -Define if package corosync should be managed. - -Default value: `$corosync::params::package_corosync` - -##### `package_pacemaker` - -Data type: `Boolean` - -Define if package pacemaker should be managed. - -Default value: `$corosync::params::package_pacemaker` - -##### `package_fence_agents` - -Data type: `Boolean` - -Define if package fence-agents should be managed. -Default (Red Hat based): true -Default (otherwise): false - -Default value: `false` - -##### `packageopts_corosync` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the corosync package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_crmsh` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the crmsh package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_pacemaker` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the pacemaker package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_pcs` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the pcs package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `packageopts_fence_agents` - -Data type: `Optional[Array[String[1]]]` - -Additional install-options for the pcs package resource. -Default: undef - -Default value: `$corosync::params::package_install_options` - -##### `highavailability_repo` - -Data type: `Optional[String]` - -Whether the module should enable the corosync service. - -Default value: `undef` - -##### `ensure_corosync` - -Data type: `String[1]` - -Define what version of the corosync package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_corosync` - -##### `ensure_crmsh` - -Data type: `String[1]` - -Define what version of the crmsh package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_crmsh` - -##### `ensure_pacemaker` - -Data type: `String[1]` - -Define what version of the pacemaker package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_pacemaker` - -##### `ensure_pcs` - -Data type: `String[1]` - -Define what version of the pcs package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_pcs` - -##### `ensure_fence_agents` - -Data type: `String[1]` - -Define what version of the fence-agents-all package should be installed. -Default: 'present' - -Default value: `$corosync::params::ensure_fence_agents` - -##### `set_votequorum` - -Data type: `Boolean` - -Set to true if corosync_votequorum should be used as quorum provider. -Default (Red Hat based): true -Default (Ubuntu >= 14.04): true -Default (otherwise): false - -Default value: `$corosync::params::set_votequorum` - -##### `votequorum_expected_votes` - -Data type: `Optional[Integer]` - -Overrides the automatic calculation of expected votes which is normally -derived from the number of nodes. - -Default value: `undef` - -##### `quorum_members` - -Data type: `Array` - -Array of quorum member hostname. This is required if set_votequorum -is set to true. -You can also have an array of arrays to have multiple rings. In that case, -each subarray matches a member IP addresses. - -Default value: `['localhost']` - -##### `quorum_members_ids` - -Data type: `Optional[Array]` - -Array of quorum member IDs. Persistent IDs are required for the dynamic -config of a corosync cluster and when_set_votequorum is set to true. -Should be used only with the quorum_members parameter. - -Default value: `undef` - -##### `quorum_members_names` - -Data type: `Optional[Array]` - -Array of quorum member names. Persistent names are required when you -define IP addresses in quorum_members. - -Default value: `undef` - -##### `token` - -Data type: `Optional[Integer]` - -Time (in ms) to wait for a token - -Default value: `undef` - -##### `token_retransmits_before_loss_const` - -Data type: `Optional[Integer]` - -How many token retransmits before forming a new configuration. - -Default value: `undef` - -##### `compatibility` - -Data type: `Optional[String]` - -Older versions of corosync allowed a config-file directive to indicate -backward compatibility. This sets that. - -Default value: `undef` - -##### `enable_corosync_service` - -Data type: `Boolean` - -Whether the module should enable the corosync service. - -Default value: `$corosync::params::enable_corosync_service` - -##### `manage_corosync_service` - -Data type: `Boolean` - -Whether the module should try to manage the corosync service. If set to -false, the service will need to be specified in the catalog elsewhere. - -Default value: `$corosync::params::manage_corosync_service` - -##### `enable_pacemaker_service` - -Data type: `Boolean` - -Whether the module should enable the pacemaker service. - -Default value: `$corosync::params::enable_pacemaker_service` - -##### `manage_pacemaker_service` - -Data type: `Boolean` - -Whether the module should try to manage the pacemaker service. -Default (Red Hat based >= 7): true -Default (Ubuntu >= 14.04): true -Default (otherwise): false - -Default value: `$corosync::params::manage_pacemaker_service` - -##### `enable_pcsd_service` - -Data type: `Boolean` - -Whether the module should enable the pcsd service. - -Default value: `$corosync::params::enable_pcsd_service` - -##### `manage_pcsd_service` - -Data type: `Boolean` - -Whether the module should try to manage the pcsd service in addition to the -corosync service. pcsd service is the GUI and the remote configuration -interface. - -Default value: `false` - -##### `manage_pcsd_auth` - -Data type: `Boolean` - -This only has an effect when $manage_pcsd_service is enabled. If set, an -attempt will be made to authorize pcs on the cluster node determined by -manage_pcsd_auth_node. Note that this determination can only be made when -the entries in quorum_members match the trusted certnames of the nodes in -the environment or the IP addresses of the primary adapters. -$sensitive_hacluster_password is mandatory if this parameter is set. - -Default value: `false` - -##### `manage_pcsd_auth_node` - -Data type: `Enum['first','last']` - -When managing authorization for PCS this determines which node does the -work. Note that only one node 'should' do the work and nodes are chosen by -matching local facts to the contents of quorum_members. When -manage_pcsd_auth is disabled this parameter has no effect. - -Default value: `'first'` - -##### `sensitive_hacluster_password` - -Data type: `Optional[Sensitive[String]]` - -When PCS is configured on a RHEL system this directive is used to set the -password for the hacluster user. If both $manage_pcsd_service and -$manage_pcsd_auth are both set to true the cluster will use this credential -to authorize all nodes. - -Default value: `undef` - -##### `sensitive_hacluster_hash` - -Data type: `Optional[Sensitive[String]]` - -This parameter expects a valid password hash of -sensitive_hacluster_password. If provided, the hash provided the hash will -be used to set the password for the hacluster user on each node. - -Default value: `undef` - -##### `manage_quorum_device` - -Data type: `Boolean` - -Enable or disable the addition of a quorum device external to the cluster. -This device is used avoid cluster splits typically in conjunction with -fencing by providing an external network vote. Additionally, this allows -symmentric clusters to continue operation in the event that 50% of their -nodes have failed. - -Default value: `false` - -##### `quorum_device_host` - -Data type: `Optional[Stdlib::Fqdn]` - -The fully qualified hostname of the quorum device. This parameter is -mandatory when manage_quorum_device is true. - -Default value: `undef` - -##### `quorum_device_algorithm` - -Data type: `Corosync::QuorumAlgorithm` - -There are currently two algorithms the quorum device can utilize to -determine how its vote should be allocated; Fifty-fifty split and -last-man-standing. See the -[corosync-qdevice man page](https://www.systutorials.com/docs/linux/man/8-corosync-qdevice/) -for details. - -Default value: `'ffsplit'` - -##### `package_quorum_device` - -Data type: `Optional[String]` - -The name of the package providing the quorum device functionality. This -parameter is mandatory if manage_quorum_device is true. - -Default value: `$corosync::params::package_quorum_device` - -##### `sensitive_quorum_device_password` - -Data type: `Optional[Sensitive[String]]` - -The plain text password for the hacluster user on the quorum_device_host. -This parameter is mandatory if manage_quorum_device is true. - -Default value: `undef` - -##### `cluster_name` - -Data type: `Optional[String[1]]` - -This specifies the name of cluster and it's used for automatic -generating of multicast address. - -Default value: `undef` - -##### `join` - -Data type: `Optional[Integer]` - -This timeout specifies in milliseconds how long to wait for join messages -in the membership protocol. - -Default value: `undef` - -##### `consensus` - -Data type: `Optional[Integer]` - -This timeout specifies in milliseconds how long to wait for consensus to be -achieved before starting a new round of membership configuration. -The minimum value for consensus must be 1.2 * token. This value will be -automatically calculated at 1.2 * token if the user doesn't specify a -consensus value. - -Default value: `undef` - -##### `ip_version` - -Data type: `Optional[String[1]]` - -This specifies version of IP to ask DNS resolver for. The value can be -one of ipv4 (look only for an IPv4 address) , ipv6 (check only IPv6 address), -ipv4-6 (look for all address families and use first IPv4 address found in the -list if there is such address, otherwise use first IPv6 address) and -ipv6-4 (look for all address families and use first IPv6 address found in the -list if there is such address, otherwise use first IPv4 address). - -Default (if unspecified) is ipv6-4 for knet and udpu transports and ipv4 for udp. - -Default value: `undef` - -##### `clear_node_high_bit` - -Data type: `Optional[Enum['yes', 'no']]` - -This configuration option is optional and is only relevant when no nodeid -is specified. Some openais clients require a signed 32 bit nodeid that is -greater than zero however by default openais uses all 32 bits of the IPv4 -address space when generating a nodeid. Set this option to yes to force -the high bit to be zero and therefor ensure the nodeid is a positive signed -32 bit integer. -WARNING: The clusters behavior is undefined if this option is enabled on -only a subset of the cluster (for example during a rolling upgrade). - -Default value: `undef` - -##### `max_messages` - -Data type: `Optional[Integer]` - -This constant specifies the maximum number of messages that may be sent by -one processor on receipt of the token. The max_messages parameter is limited -to 256000 / netmtu to prevent overflow of the kernel transmit buffers. - -Default value: `undef` - -##### `test_corosync_config` - -Data type: `Boolean` - -Whether we should test new configuration files with `corosync -t`. -(requires corosync 2.3.4) - -Default value: `$corosync::params::test_corosync_config` - -##### `watchdog_device` - -Data type: `Optional[Variant[Stdlib::Absolutepath, Enum['off']]]` - -Watchdog device to use, for example '/dev/watchdog' or 'off'. -Its presence (or lack thereof) shifted with corosync versions. - -Default value: `undef` - -##### `provider` - -Data type: `Enum['pcs', 'crm']` - -What command line utility provides corosync configuration capabilities. - -Default value: `'pcs'` - -### `corosync::params` - -Configures sane defaults based on the operating system. - -### `corosync::qdevice` - -This class performs the configuration of the qdevice daemon on a target node. -Note that this requires corosync 2.x and must never be deployed on a node -which is actually part of a cluster. Additionally, you will need to open the -correct firewall ports for both pcs, and the actual quorum device as shown in -the included example. - -* **See also** - * https://www.systutorials.com/docs/linux/man/8-corosync-qnetd/ - -#### Examples - -##### Quorum node with default password & configuring the firewall - -```puppet -include firewalld - -class { 'corosync::qdevice': - sensitive_hacluster_hash => $sensitive_hacluster_hash, -} -contain 'corosync::qdevice' - -# Open the corosync-qnetd port -firewalld::custom_service { 'corosync-qdevice-net': - description => 'Corosync Quorum Net Device Port', - port => [ - { - port => '5403', - protocol => 'tcp', - }, - ], -} -firewalld_service { 'corosync-qdevice-net': - ensure => 'present', - service => 'corosync-qdevice-net', - zone => 'public', -} - -# Configure general PCS firewall rules -firewalld_service { 'high-availability': - ensure => 'present', - service => 'high-availability', - zone => 'public', -} -``` - -#### Parameters - -The following parameters are available in the `corosync::qdevice` class: - -* [`sensitive_hacluster_hash`](#-corosync--qdevice--sensitive_hacluster_hash) -* [`package_pcs`](#-corosync--qdevice--package_pcs) -* [`package_corosync_qnetd`](#-corosync--qdevice--package_corosync_qnetd) -* [`provider`](#-corosync--qdevice--provider) - -##### `sensitive_hacluster_hash` - -Data type: `Optional[Sensitive[String]]` - -The password hash for the hacluster user on this quorum device node. If -omitted, you must create the hacluster user and haclient group yourself. -This user is required because pcsd must be used to perform the -quorum node configuration. - -Default value: `undef` - -##### `package_pcs` - -Data type: `String[1]` - -Name of the PCS package on this system. - -Default value: `'pcs'` - -##### `package_corosync_qnetd` - -Data type: `String[1]` - -Name of the corosync qnetd package for this system. - -Default value: `'corosync-qnetd'` - -##### `provider` - -Data type: `String` - -What command line utility provides corosync configuration capabilities. - -### `corosync::reprobe` - -Include this class to reprobe the corosync cluster when there are changes in -any of the native cs_* types. Useful for multi-node provisioning when the -nodes are not always in a stable state after provisioning. - -Copyright 2012 Puppet Labs, LLC. - -#### Examples - -##### Reprobe corosync after making cluster configuration changes - -```puppet - -include corosync::reprobe -``` - -## Defined types - -### `corosync::service` - -Models a Corosync service. Corosync services are plugins that provide -functionality for monitoring cluster resources. One of the most common -of these plugins being Pacemaker. This is for corosync 1.x! - -=== Authors - -Cody Herriges - -=== Copyright - -Copyright 2012 Puppet Labs, LLC. - -#### Examples - -##### Simple configuration of a service with version '0'. - -```puppet - -corosync::service { 'pacemaker': - version => '0', -} -``` - -#### Parameters - -The following parameters are available in the `corosync::service` defined type: - -* [`name`](#-corosync--service--name) -* [`version`](#-corosync--service--version) - -##### `name` - -Data type: `String` - -The namevar in this type is the title you give it when you define a resource -instance. It is used for a handful of purposes; defining the name of the -config file and the name defined inside the file itself. - -##### `version` - -Data type: `String[1]` - -Version of the protocol used by this service. This is currently unused. - -## Resource types - -### `cs_clone` - -Type for manipulating corosync/pacemaker resource clone. -More information on Corosync/Pacemaker colocation can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html - -#### Properties - -The following properties are available in the `cs_clone` type. - -##### `clone_max` - -Valid values: `%r{\d+}`, `absent` - -How many copies of the resource to start. -Defaults to the number of nodes in the cluster. - -Default value: `absent` - -##### `clone_node_max` - -Valid values: `%r{\d+}`, `absent` - -How many copies of the resource can be started on a single node. -Defaults to 1. - -Default value: `absent` - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `globally_unique` - -Valid values: `true`, `false`, `absent` - -Does each copy of the clone perform a different function? -Allowed values: true, false - -Default value: `absent` - -##### `group` - -The corosync resource group to be cloned. - -##### `interleave` - -Valid values: `true`, `false`, `absent` - -Changes the behavior of ordering constraints (between clones/masters) so that instances can start/stop -as soon as their peer instance has (rather than waiting for every instance of the other clone has). -Allowed values: true, false - -Default value: `absent` - -##### `notify_clones` - -Valid values: `true`, `false`, `absent` - -When stopping or starting a copy of the clone, tell all the other copies beforehand -and when the action was successful. -Allowed values: true, false - -Default value: `absent` - -##### `ordered` - -Valid values: `true`, `false`, `absent` - -Should the copies be started in series (instead of in parallel). Allowed values: true, false - -Default value: `absent` - -##### `primitive` - -The corosync resource primitive to be cloned. - -##### `promotable` - -Valid values: `true`, `false`, `absent` - -If true, clone instances can perform a special role that Pacemaker will manage via the resource agent’s -promote and demote actions. The resource agent must support these actions. Allowed values: false, true - -Default value: `absent` - -##### `promoted_max` - -Valid values: `%r{\d+}`, `absent` - -If promotable is true, the number of instances that can be promoted at one time across the entire cluster - -Default value: `absent` - -##### `promoted_node_max` - -Valid values: `%r{\d+}`, `absent` - -If promotable is true and globally-unique is false, the number of clone instances can be promoted at one time on a single node - -Default value: `absent` - -#### Parameters - -The following parameters are available in the `cs_clone` type. - -* [`cib`](#-cs_clone--cib) -* [`name`](#-cs_clone--name) -* [`provider`](#-cs_clone--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this colocation should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Identifier of the clone entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_clone` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_colocation` - -Type for manipulating corosync/pacemaker colocation. Colocation -is the grouping together of a set of primitives so that they travel -together when one of them fails. For instance, if a web server vhost -is colocated with a specific ip address and the web server software -crashes, the ip address with migrate to the new host with the vhost. - -More information on Corosync/Pacemaker colocation can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html - -#### Properties - -The following properties are available in the `cs_colocation` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `primitives` - -At least two Pacemaker primitives to be located together. Order of primitives -in colocation groups is important. In Pacemaker, a colocation of 2 primitives -behaves different than a colocation between more than 2 primitives. Here the -behavior is altered to be more consistent. -Examples on how to define colocations here: -- 2 primitives: [A, B] will cause A to be located first, and B will be located - with A. This is different than how crm configure colocation works, because - there [A, B] would mean colocate A with B, thus B should be located first. -- multiple primitives: [A, B, C] will cause A to be located first, B next, and - finally C. This is identical to how crm configure colocation works with - multiple resources, it will add a colocated set. -Property will raise an error if you do not provide an array containing at least -two values. Values can be either the name of the primitive, or primitive:role. -Notice, we can only interpret colocations of single sets, not multiple sets -combined. In Pacemaker speak, this means we can support 'A B C' but not e.g. -'A B (C D) E'. Feel free to contribute a patch for this. - -##### `score` - -The priority of this colocation. Primitives can be a part of -multiple colocation groups and so there is a way to control which -primitives get priority when forcing the move of other primitives. -This value can be an integer but is often defined as the string -INFINITY. - -Default value: `INFINITY` - -#### Parameters - -The following parameters are available in the `cs_colocation` type. - -* [`cib`](#-cs_colocation--cib) -* [`name`](#-cs_colocation--name) -* [`provider`](#-cs_colocation--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This paramater sets the CIB this colocation should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Identifier of the colocation entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_colocation` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -### `cs_commit` - -Final commit statement which triggers the synchronous application of -all primitive changes which reference this CIB. Do not generate more -than one cs_commit referencing the same CIB for a given cluster! - -#### Parameters - -The following parameters are available in the `cs_commit` type. - -* [`cib`](#-cs_commit--cib) -* [`name`](#-cs_commit--name) -* [`provider`](#-cs_commit--provider) - -##### `cib` - -Name of the CIB to commit. This value defaults to the name of -the cs_commit resource. - -##### `name` - -namevar - -Name of the CIB to commit. See the cib parameter for more detail. - -##### `provider` - -The specific backend to use for this `cs_commit` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_group` - -Type for manipulating Corosync/Pacemaker group entries. -Groups are a set or resources (primitives) that need to be -grouped together. - -More information can be found at the following link: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch-advanced-resources.html#group-resources - -#### Properties - -The following properties are available in the `cs_group` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `primitives` - -An array of primitives to have in this group. Must be listed in the -order that you wish them to start. - -#### Parameters - -The following parameters are available in the `cs_group` type. - -* [`cib`](#-cs_group--cib) -* [`name`](#-cs_group--name) -* [`provider`](#-cs_group--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this order should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this group entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_group` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_location` - -Type for manipulating corosync/pacemaker resource location. -More information on Corosync/Pacemaker colocation can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html - -#### Properties - -The following properties are available in the `cs_location` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `node_name` - -The corosync node_name where the resource should be located. - -##### `primitive` - -The corosync resource primitive to have a location applied. - -##### `resource_discovery` - -Whether Pacemaker should perform resource discovery on this -node for the specified resource. It matches the resource-discovery -location property in pacemaker - -##### `rules` - -The rules of this location. This is an array of hashes where -each hash contains an array of one or more expressions. - -Example: - - cs_location { 'vip-ping-connected': - primitive => 'vip', - rules => [ - 'vip-ping-exclude-rule' => { - 'score' => '-INFINITY', - 'expression' => [ - { 'attribute' => 'pingd', - 'operation' => 'lt', - 'value' => '100', - }, - ], - }, - 'vip-ping-prefer-rule' => { - 'score-attribute' => 'pingd', - 'expression' => [ - { 'attribute' => 'pingd', - 'operation' => 'defined', - }, - ], - }, - ], - } - -##### `score` - -The priority of this location. Primitives can be a part of -multiple location groups and so there is a way to control which -primitives get priority when forcing the move of other primitives. -This value can be an integer but is often defined as the string -INFINITY. - -Default value: `INFINITY` - -#### Parameters - -The following parameters are available in the `cs_location` type. - -* [`cib`](#-cs_location--cib) -* [`name`](#-cs_location--name) -* [`provider`](#-cs_location--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This paramater sets the CIB this colocation should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Identifier of the location entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_location` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -### `cs_order` - -Type for manipulating Corosync/Pacemaker ordering entries. Order -entries are another type of constraint that can be put on sets of -primitives but unlike colocation, order does matter. These designate -the order at which you need specific primitives to come into a desired -state before starting up a related primitive. - -More information can be found at the following link: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_controlling_resource_start_stop_ordering.html - -#### Properties - -The following properties are available in the `cs_order` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `first` - -First Corosync primitive. Just like colocation, our primitives for -ordering come in pairs but this time order matters so we need to define -which primitive starts the desired state change chain. - -##### `kind` - -How to enforce the constraint. - -Allowed values: -- Optional: Just a suggestion. Only applies if both resources are executing -the specified actions. Any change in state by the first resource will have -no effect on the then resource. -- Mandatory: Always. If first does not perform first-action, then will not -be allowed to performed then-action. If first is restarted, then -(if running) will be stopped beforehand and started afterward. -- Serialize: Ensure that no two stop/start actions occur concurrently for -the resources. First and then can start in either order, but one must -complete starting before the other can be started. A typical use case is -when resource start-up puts a high load on the host. - -Default value: `Mandatory` - -##### `score` - -The priority of the this ordered grouping. Primitives can be a part -of multiple order groups and so there is a way to control which -primitives get priority when forcing the order of state changes on -other primitives. This value can be an integer but is often defined -as the string INFINITY. -When using pcs as provider this value is not used. -It is generally preferred to use the `kind` parameter. - -##### `second` - -Second Corosync primitive. Our second primitive will move to the -desired state after the first primitive. - -##### `symmetrical` - -Boolean specifying if the resources should stop in reverse order. -Default value: true. - -Default value: `true` - -#### Parameters - -The following parameters are available in the `cs_order` type. - -* [`cib`](#-cs_order--cib) -* [`name`](#-cs_order--name) -* [`provider`](#-cs_order--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this order should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this ordering entry. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `provider` - -The specific backend to use for this `cs_order` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -### `cs_primitive` - -Type for manipulating Corosync/Pacemaker primitives. Primitives -are probably the most important building block when creating highly -available clusters using Corosync and Pacemaker. Each primitive defines -an application, ip address, or similar to monitor and maintain. These -managed primitives are maintained using what is called a resource agent. -These resource agents have a concept of class, type, and subsystem that -provides the functionality. Regrettably these pieces of vocabulary -clash with those used in Puppet so to overcome the name clashing the -property and parameter names have been qualified a bit for clarity. - -More information on primitive definitions can be found at the following -link: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_adding_a_resource.html - -#### Properties - -The following properties are available in the `cs_primitive` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `metadata` - -A hash of metadata for the primitive. A primitive can have a set of -metadata that doesn't affect the underlying Corosync type/provider but -affect that concept of a resource. This metadata is similar to Puppet's -resources resource and some meta-parameters, they change resource -behavior but have no affect of the data that is synced or manipulated. - -Default value: `Hash.new` - -##### `operations` - -A hash of operations for the primitive. Operations defined in a -primitive are little more predictable as they are commonly things like -monitor or start and their values are in seconds. Since each resource -agent can define its own set of operations we are going to defer again -and just accept a hash. There maybe room to model this one but it -would require a review of all resource agents to see if each operation -is valid. - -Default value: `Hash.new` - -##### `parameters` - -A hash of params for the primitive. Parameters in a primitive are -used by the underlying resource agent, each class using them slightly -differently. In ocf scripts they are exported and pulled into the -script as variables to be used. Since the list of these parameters -are completely arbitrary and validity not enforced we simply defer -defining a model and just accept a hash. - -Default value: `Hash.new` - -##### `utilization` - -A hash of utilization attributes for the primitive. If nodes are -also configured with available resources, and Pacemaker's placement -strategy is set appropriately, then Pacemaker can place primitives on -nodes only where resources are available. - -See the Pacemaker documentation: - -http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch11.html - -Default value: `Hash.new` - -#### Parameters - -The following parameters are available in the `cs_primitive` type. - -* [`cib`](#-cs_primitive--cib) -* [`name`](#-cs_primitive--name) -* [`primitive_class`](#-cs_primitive--primitive_class) -* [`primitive_type`](#-cs_primitive--primitive_type) -* [`provided_by`](#-cs_primitive--provided_by) -* [`provider`](#-cs_primitive--provider) -* [`unmanaged_metadata`](#-cs_primitive--unmanaged_metadata) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this primitive should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of primitive. This value needs to be unique -across the entire Corosync/Pacemaker configuration since it doesn't have -the concept of name spaces per type. - -##### `primitive_class` - -Corosync class of the primitive. Examples of classes are lsb or ocf. -Lsb functions a lot like the init provider in Puppet for services, an init -script is ran periodically on each host to identify status, or to start -and stop a particular application. Ocf of the other hand is a script with -meta-data and structure that is specific to Corosync and Pacemaker. - -##### `primitive_type` - -Corosync primitive type. Type generally matches to the specific -'thing' your managing, i.e. ip address or vhost. Though, they can be -completely arbitrarily named and manage any number of underlying -applications or resources. - -##### `provided_by` - -Corosync primitive provider. All resource agents used in a primitive -have something that provides them to the system, be it the Pacemaker or -redhat plugins...they're not always obvious though so currently you're -left to understand Corosync enough to figure it out. Usually, if it isn't -obvious it is because there is only one provider for the resource agent. - -To find the list of providers for a resource agent run the following -from the command line has Corosync installed: - -* `crm configure ra providers ` - -##### `provider` - -The specific backend to use for this `cs_primitive` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -##### `unmanaged_metadata` - -Metadata options that should not be managed by Puppet. -Examples: ['target-role', 'is-managed'] - -Default value: `Array.new` - -### `cs_property` - -Type for manipulating corosync/pacemaker configuration properties. -Besides the configuration file that is managed by the module the contains -all these related Corosync types and providers, there is a set of cluster -properties that can be set and saved inside the CIB (A CIB being a set of -configuration that is synced across the cluster, it can be exported as XML -for processing and backup). The type is pretty simple interface for -setting key/value pairs or removing them completely. Removing them will -result in them taking on their default value. - -More information on cluster properties can be found here: - -* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/_cluster_options.html - -P.S Looked at generating a type dynamically from the cluster's property -meta-data that would result in a single type with puppet type properties -of every cluster property...may still do so in a later iteration. - -#### Properties - -The following properties are available in the `cs_property` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `value` - -Value of the property. It is expected that this will be a single -value but we aren't validating string vs. integer vs. boolean because -cluster properties can range the gambit. - -#### Parameters - -The following parameters are available in the `cs_property` type. - -* [`cib`](#-cs_property--cib) -* [`name`](#-cs_property--name) -* [`provider`](#-cs_property--provider) -* [`replace`](#-cs_property--replace) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this parameter should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this property. Simply the name of the cluster -property. Happily most of these are unique. - -##### `provider` - -The specific backend to use for this `cs_property` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -##### `replace` - -Valid values: `true`, `false`, `yes`, `no` - -Whether to replace a property that already exists on the cluster -whose value doesn't match what the `value` attribute specifies. Setting -this to false allows cs_property resources to initialize properties without -overwriting future changes. Defaults to `true`. - -Default value: `true` - -### `cs_rsc_defaults` - -Type for manipulating corosync/pacemaker global defaults for -resource options. The type is pretty simple interface for setting -key/value pairs or removing them completely. Removing them will result -in them taking on their default value. - -More information on resource defaults can be found here: - -* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-defaults.html -* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-options.html - -#### Properties - -The following properties are available in the `cs_rsc_defaults` type. - -##### `ensure` - -Valid values: `present`, `absent` - -The basic property that the resource should be in. - -Default value: `present` - -##### `value` - -Value of the property. It is expected that this will be a single -value but we aren't validating string vs. integer vs. boolean because -resource options can range the gambit. - -#### Parameters - -The following parameters are available in the `cs_rsc_defaults` type. - -* [`cib`](#-cs_rsc_defaults--cib) -* [`name`](#-cs_rsc_defaults--name) -* [`provider`](#-cs_rsc_defaults--provider) - -##### `cib` - -Corosync applies its configuration immediately. Using a CIB allows -you to group multiple primitives and relationships to be applied at -once. This can be necessary to insert complex configurations into -Corosync correctly. - -This parameter sets the CIB this rsc_defaults should be created in. A -cs_shadow resource with a title of the same name as this value should -also be added to your manifest. - -##### `name` - -namevar - -Name identifier of this property. Simply the name of the resource -option. Happily most of these are unique. - -##### `provider` - -The specific backend to use for this `cs_rsc_defaults` resource. You will seldom need to specify this --- Puppet will -usually discover the appropriate provider for your platform. - -### `cs_shadow` - -cs_shadow resources represent a Corosync shadow CIB. Any corosync -resources defined with 'cib' set to the title of a cs_shadow resource -will not become active until all other resources with the same cib -value have also been applied. - -#### Properties - -The following properties are available in the `cs_shadow` type. - -##### `epoch` - -Implementation detail. DO NOT SET DIRECTLY. - -Default value: `latest` - -#### Parameters - -The following parameters are available in the `cs_shadow` type. - -* [`autocommit`](#-cs_shadow--autocommit) -* [`cib`](#-cs_shadow--cib) -* [`provider`](#-cs_shadow--provider) - -##### `autocommit` - -Valid values: `true`, `false`, `yes`, `no` - -Whether to generate a cs_commit or not. Can be used to create shadow -CIB without committing them. - -Default value: `true` - -##### `cib` - -namevar - -Name of the CIB to begin tracking changes against. - -##### `provider` - -The specific backend to use for this `cs_shadow` resource. You will seldom need to specify this --- Puppet will usually -discover the appropriate provider for your platform. - -## Data types - -### `Corosync::ArrayRing` - -Custom type for infinitely nestable arrays - -Alias of - -```puppet -Variant[Array[Stdlib::IP::Address], Array[ - Array[Stdlib::IP::Address] - ]] -``` - -### `Corosync::CryptoCipher` - -Defines the allowed cipher types for secure corosync communication - -Alias of `Enum['aes256', 'aes192', 'aes128', '3des']` - -### `Corosync::CryptoHash` - -Custom type for possible crypto hashes - -Alias of `Enum['md5', 'sha1', 'sha256', 'sha384', 'sha512']` - -### `Corosync::IpStringIp` - -Custom type for string <-> array of string variants - -Alias of - -```puppet -Variant[Stdlib::IP::Address, Array[ - Stdlib::IP::Address - ]] -``` - -### `Corosync::QuorumAlgorithm` - -Custom type for quorumalgorithm enum - -Alias of `Enum['ffsplit', 'lms']` - -### `Corosync::Syslogpriority` - -Custom type for syslog priority enum - -Alias of `Enum['debug', 'info', 'notice', 'warning', 'err', 'alert', 'emerg', 'crit']` - +# Reference + + + +## Table of Contents + +### Classes + +* [`corosync`](#corosync): Configures the Pacemaker+Corosync stack to provide high-availability. +* [`corosync::params`](#corosync--params): Configures sane defaults based on the operating system. +* [`corosync::qdevice`](#corosync--qdevice): Performs basic initial configuration of the qdevice daemon on a node. +* [`corosync::reprobe`](#corosync--reprobe): Triggers re-probe for changes any of the native cs_* types. + +### Defined types + +* [`corosync::service`](#corosync--service): Declare services within /etc/corosync/service.d/ (Corosync 1.x) + +### Resource types + +* [`cs_clone`](#cs_clone): Type for manipulating corosync/pacemaker resource clone. More information on Corosync/Pacemaker colocation can be found here: * http://www.c +* [`cs_colocation`](#cs_colocation): Type for manipulating corosync/pacemaker colocation. Colocation is the grouping together of a set of primitives so that they travel together +* [`cs_commit`](#cs_commit): Final commit statement which triggers the synchronous application of all primitive changes which reference this CIB. Do not generate more tha +* [`cs_group`](#cs_group): Type for manipulating Corosync/Pacemaker group entries. Groups are a set or resources (primitives) that need to be grouped together. More in +* [`cs_location`](#cs_location): Type for manipulating corosync/pacemaker resource location. More information on Corosync/Pacemaker colocation can be found here: * http://ww +* [`cs_order`](#cs_order): Type for manipulating Corosync/Pacemaker ordering entries. Order entries are another type of constraint that can be put on sets of primitive +* [`cs_primitive`](#cs_primitive): Type for manipulating Corosync/Pacemaker primitives. Primitives are probably the most important building block when creating highly availabl +* [`cs_property`](#cs_property): Type for manipulating corosync/pacemaker configuration properties. Besides the configuration file that is managed by the module the contains +* [`cs_rsc_defaults`](#cs_rsc_defaults): Type for manipulating corosync/pacemaker global defaults for resource options. The type is pretty simple interface for setting key/value pair +* [`cs_shadow`](#cs_shadow): cs_shadow resources represent a Corosync shadow CIB. Any corosync resources defined with 'cib' set to the title of a cs_shadow resource will + +### Data types + +* [`Corosync::ArrayRing`](#Corosync--ArrayRing): Custom type for infinitely nestable arrays +* [`Corosync::CryptoCipher`](#Corosync--CryptoCipher): Defines the allowed cipher types for secure corosync communication +* [`Corosync::CryptoHash`](#Corosync--CryptoHash): Custom type for possible crypto hashes +* [`Corosync::IpStringIp`](#Corosync--IpStringIp): Custom type for string <-> array of string variants +* [`Corosync::QuorumAlgorithm`](#Corosync--QuorumAlgorithm): Custom type for quorumalgorithm enum +* [`Corosync::Syslogpriority`](#Corosync--Syslogpriority): Custom type for syslog priority enum + +## Classes + +### `corosync` + +This class will set up corosync for use by the Puppet Enterprise console to +facilitate an active/standby configuration for high availability. It is +assumed that this module has been initially ran on a Puppet master with the +capabilities of signing certificates to do the initial key generation. + +=== Authors + +Cody Herriges + +=== Copyright + +Copyright 2012, Puppet Labs, LLC. + +#### Examples + +##### Simple configuration without secauth + +```puppet + +class { 'corosync': + enable_secauth => false, + bind_address => '192.168.2.10', + multicast_address => '239.1.1.2', +} +``` + +#### Parameters + +The following parameters are available in the `corosync` class: + +* [`enable_secauth`](#-corosync--enable_secauth) +* [`authkey_source`](#-corosync--authkey_source) +* [`authkey`](#-corosync--authkey) +* [`crypto_hash`](#-corosync--crypto_hash) +* [`crypto_cipher`](#-corosync--crypto_cipher) +* [`config_validate_cmd`](#-corosync--config_validate_cmd) +* [`threads`](#-corosync--threads) +* [`bind_address`](#-corosync--bind_address) +* [`pcs_version`](#-corosync--pcs_version) +* [`port`](#-corosync--port) +* [`multicast_address`](#-corosync--multicast_address) +* [`unicast_addresses`](#-corosync--unicast_addresses) +* [`force_online`](#-corosync--force_online) +* [`check_standby`](#-corosync--check_standby) +* [`log_timestamp`](#-corosync--log_timestamp) +* [`log_file`](#-corosync--log_file) +* [`log_file_name`](#-corosync--log_file_name) +* [`debug`](#-corosync--debug) +* [`log_stderr`](#-corosync--log_stderr) +* [`syslog_priority`](#-corosync--syslog_priority) +* [`log_function_name`](#-corosync--log_function_name) +* [`rrp_mode`](#-corosync--rrp_mode) +* [`netmtu`](#-corosync--netmtu) +* [`ttl`](#-corosync--ttl) +* [`vsftype`](#-corosync--vsftype) +* [`package_corosync`](#-corosync--package_corosync) +* [`package_pacemaker`](#-corosync--package_pacemaker) +* [`package_fence_agents`](#-corosync--package_fence_agents) +* [`packageopts_corosync`](#-corosync--packageopts_corosync) +* [`packageopts_crmsh`](#-corosync--packageopts_crmsh) +* [`packageopts_pacemaker`](#-corosync--packageopts_pacemaker) +* [`packageopts_pcs`](#-corosync--packageopts_pcs) +* [`packageopts_fence_agents`](#-corosync--packageopts_fence_agents) +* [`highavailability_repo`](#-corosync--highavailability_repo) +* [`ensure_corosync`](#-corosync--ensure_corosync) +* [`ensure_crmsh`](#-corosync--ensure_crmsh) +* [`ensure_pacemaker`](#-corosync--ensure_pacemaker) +* [`ensure_pcs`](#-corosync--ensure_pcs) +* [`ensure_fence_agents`](#-corosync--ensure_fence_agents) +* [`set_votequorum`](#-corosync--set_votequorum) +* [`votequorum_expected_votes`](#-corosync--votequorum_expected_votes) +* [`quorum_members`](#-corosync--quorum_members) +* [`quorum_members_ids`](#-corosync--quorum_members_ids) +* [`quorum_members_names`](#-corosync--quorum_members_names) +* [`token`](#-corosync--token) +* [`token_retransmits_before_loss_const`](#-corosync--token_retransmits_before_loss_const) +* [`compatibility`](#-corosync--compatibility) +* [`enable_corosync_service`](#-corosync--enable_corosync_service) +* [`manage_corosync_service`](#-corosync--manage_corosync_service) +* [`enable_pacemaker_service`](#-corosync--enable_pacemaker_service) +* [`manage_pacemaker_service`](#-corosync--manage_pacemaker_service) +* [`enable_pcsd_service`](#-corosync--enable_pcsd_service) +* [`manage_pcsd_service`](#-corosync--manage_pcsd_service) +* [`manage_pcsd_auth`](#-corosync--manage_pcsd_auth) +* [`manage_pcsd_auth_node`](#-corosync--manage_pcsd_auth_node) +* [`sensitive_hacluster_password`](#-corosync--sensitive_hacluster_password) +* [`sensitive_hacluster_hash`](#-corosync--sensitive_hacluster_hash) +* [`manage_quorum_device`](#-corosync--manage_quorum_device) +* [`quorum_device_host`](#-corosync--quorum_device_host) +* [`quorum_device_algorithm`](#-corosync--quorum_device_algorithm) +* [`package_quorum_device`](#-corosync--package_quorum_device) +* [`sensitive_quorum_device_password`](#-corosync--sensitive_quorum_device_password) +* [`cluster_name`](#-corosync--cluster_name) +* [`join`](#-corosync--join) +* [`consensus`](#-corosync--consensus) +* [`ip_version`](#-corosync--ip_version) +* [`clear_node_high_bit`](#-corosync--clear_node_high_bit) +* [`max_messages`](#-corosync--max_messages) +* [`test_corosync_config`](#-corosync--test_corosync_config) +* [`watchdog_device`](#-corosync--watchdog_device) +* [`provider`](#-corosync--provider) + +##### `enable_secauth` + +Data type: `Boolean` + +Controls corosync's ability to authenticate and encrypt multicast messages. + +Default value: `$corosync::params::enable_secauth` + +##### `authkey_source` + +Data type: `Enum['file', 'string']` + +Allows to use either a file or a string as a authkey. + +Default value: `$corosync::params::authkey_source` + +##### `authkey` + +Data type: `Variant[Stdlib::Filesource,Stdlib::Base64]` + +Specifies the path to the CA which is used to sign Corosync's certificate if +authkey_source is 'file' or a base64 encoded version of the actual authkey +if 'string' is used instead. + +Default value: `$corosync::params::authkey` + +##### `crypto_hash` + +Data type: `Corosync::CryptoHash` + +Hashing algorithm used by corosync for intra-cluster communication. Valid +values are none, md5, sha1, sha256, sha384, and sha512 + +Default value: `'sha1'` + +##### `crypto_cipher` + +Data type: `Corosync::CryptoCipher` + +Encryption cipher used by corosync for intra-cluster communication. Valid +values are none, aes256, aes192, aes128, and 3des + +Default value: `'aes256'` + +##### `config_validate_cmd` + +Data type: `String[1]` + + + +Default value: `'/usr/bin/env COROSYNC_MAIN_CONFIG_FILE=% /usr/sbin/corosync -t'` + +##### `threads` + +Data type: `Optional[Integer]` + +How many threads you are going to let corosync use to encode and decode +multicast messages. If you turn off secauth then corosync will ignore +threads. + +Default value: `undef` + +##### `bind_address` + +Data type: `Corosync::IpStringIp` + +The ip address we are going to bind the corosync daemon too. +Can be specified as an array to have multiple rings. + +Default value: `$corosync::params::bind_address` + +##### `pcs_version` + +Data type: `String` + + + +Default value: `''` + +##### `port` + +Data type: `Optional[Variant[Stdlib::Port, Array[Stdlib::Port]]]` + +The UDP port that corosync will use to do its multicast communication. Be +aware that corosync used this defined port plus minus one. +Can be specified as an array to have multiple rings. + +Default value: `$corosync::params::port` + +##### `multicast_address` + +Data type: `Optional[Corosync::IpStringIp]` + +An IP address that has been reserved for multicast traffic. This is the +default way that Corosync accomplishes communication across the cluster. +Use 'broadcast' to have broadcast instead +Can be specified as an array to have multiple rings (multicast only). + +Default value: `undef` + +##### `unicast_addresses` + +Data type: `Optional[Array]` + +An array of IP addresses that make up the cluster's members. These are +used if you are not able to use multicast on your network and instead opt +for the udpu transport. You need a relatively recent version of Corosync to +make this possible. +You can also have an array of arrays to have multiple rings. In that case, +each subarray matches a host IP addresses. +As of Corosync 3 knet is the new default which also does not use multicast. + +Default value: `undef` + +##### `force_online` + +Data type: `Boolean` + +Boolean parameter specifying whether to force nodes that have been put +in standby back online. + +Default value: `$corosync::params::force_online` + +##### `check_standby` + +Data type: `Boolean` + +Boolean parameter specifying whether puppet should return an error log +message if a node is in standby. Useful for monitoring node state. + +Default value: `$corosync::params::check_standby` + +##### `log_timestamp` + +Data type: `Boolean` + +Boolean parameter specifying whether a timestamp should be placed on all +log messages. + +Default value: `$corosync::params::log_timestamp` + +##### `log_file` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should produce debug +output in a logfile. + +Default value: `$corosync::params::log_file` + +##### `log_file_name` + +Data type: `Optional[Stdlib::Absolutepath]` + +Absolute path to the logfile Corosync should use when `$log_file` (see +above) is true. + +Default value: `undef` + +##### `debug` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should produce debug +output in its logs. + +Default value: `$corosync::params::debug` + +##### `log_stderr` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should log errors to +stderr. + +Default value: `$corosync::params::log_stderr` + +##### `syslog_priority` + +Data type: `Corosync::SyslogPriority` + +String parameter specifying the minimal log level for Corosync syslog +messages. Allowed values: debug|info|notice|warning|err|emerg. + +Default value: `$corosync::params::syslog_priority` + +##### `log_function_name` + +Data type: `Boolean` + +Boolean parameter specifying whether Corosync should log called function +names to. + +Default value: `$corosync::params::log_function_name` + +##### `rrp_mode` + +Data type: `Optional[Enum['none', 'active', 'passive']]` + +Mode of redundant ring. May be none, active, or passive. + +Default value: `undef` + +##### `netmtu` + +Data type: `Optional[Integer]` + +This specifies the network maximum transmit unit. + +Default value: `undef` + +##### `ttl` + +Data type: `Optional[Integer[0,255]]` + +Time To Live. + +Default value: `undef` + +##### `vsftype` + +Data type: `Optional[Enum['ykd', 'none']]` + +Virtual synchrony filter type. + +Default value: `undef` + +##### `package_corosync` + +Data type: `Boolean` + +Define if package corosync should be managed. + +Default value: `$corosync::params::package_corosync` + +##### `package_pacemaker` + +Data type: `Boolean` + +Define if package pacemaker should be managed. + +Default value: `$corosync::params::package_pacemaker` + +##### `package_fence_agents` + +Data type: `Boolean` + +Define if package fence-agents should be managed. +Default (Red Hat based): true +Default (otherwise): false + +Default value: `false` + +##### `packageopts_corosync` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the corosync package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_crmsh` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the crmsh package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_pacemaker` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the pacemaker package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_pcs` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the pcs package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `packageopts_fence_agents` + +Data type: `Optional[Array[String[1]]]` + +Additional install-options for the pcs package resource. +Default: undef + +Default value: `$corosync::params::package_install_options` + +##### `highavailability_repo` + +Data type: `Optional[String]` + +Whether the module should enable the corosync service. + +Default value: `undef` + +##### `ensure_corosync` + +Data type: `String[1]` + +Define what version of the corosync package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_corosync` + +##### `ensure_crmsh` + +Data type: `String[1]` + +Define what version of the crmsh package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_crmsh` + +##### `ensure_pacemaker` + +Data type: `String[1]` + +Define what version of the pacemaker package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_pacemaker` + +##### `ensure_pcs` + +Data type: `String[1]` + +Define what version of the pcs package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_pcs` + +##### `ensure_fence_agents` + +Data type: `String[1]` + +Define what version of the fence-agents-all package should be installed. +Default: 'present' + +Default value: `$corosync::params::ensure_fence_agents` + +##### `set_votequorum` + +Data type: `Boolean` + +Set to true if corosync_votequorum should be used as quorum provider. +Default (Red Hat based): true +Default (Ubuntu >= 14.04): true +Default (otherwise): false + +Default value: `$corosync::params::set_votequorum` + +##### `votequorum_expected_votes` + +Data type: `Optional[Integer]` + +Overrides the automatic calculation of expected votes which is normally +derived from the number of nodes. + +Default value: `undef` + +##### `quorum_members` + +Data type: `Array` + +Array of quorum member hostname. This is required if set_votequorum +is set to true. +You can also have an array of arrays to have multiple rings. In that case, +each subarray matches a member IP addresses. + +Default value: `['localhost']` + +##### `quorum_members_ids` + +Data type: `Optional[Array]` + +Array of quorum member IDs. Persistent IDs are required for the dynamic +config of a corosync cluster and when_set_votequorum is set to true. +Should be used only with the quorum_members parameter. + +Default value: `undef` + +##### `quorum_members_names` + +Data type: `Optional[Array]` + +Array of quorum member names. Persistent names are required when you +define IP addresses in quorum_members. + +Default value: `undef` + +##### `token` + +Data type: `Optional[Integer]` + +Time (in ms) to wait for a token + +Default value: `undef` + +##### `token_retransmits_before_loss_const` + +Data type: `Optional[Integer]` + +How many token retransmits before forming a new configuration. + +Default value: `undef` + +##### `compatibility` + +Data type: `Optional[String]` + +Older versions of corosync allowed a config-file directive to indicate +backward compatibility. This sets that. + +Default value: `undef` + +##### `enable_corosync_service` + +Data type: `Boolean` + +Whether the module should enable the corosync service. + +Default value: `$corosync::params::enable_corosync_service` + +##### `manage_corosync_service` + +Data type: `Boolean` + +Whether the module should try to manage the corosync service. If set to +false, the service will need to be specified in the catalog elsewhere. + +Default value: `$corosync::params::manage_corosync_service` + +##### `enable_pacemaker_service` + +Data type: `Boolean` + +Whether the module should enable the pacemaker service. + +Default value: `$corosync::params::enable_pacemaker_service` + +##### `manage_pacemaker_service` + +Data type: `Boolean` + +Whether the module should try to manage the pacemaker service. +Default (Red Hat based >= 7): true +Default (Ubuntu >= 14.04): true +Default (otherwise): false + +Default value: `$corosync::params::manage_pacemaker_service` + +##### `enable_pcsd_service` + +Data type: `Boolean` + +Whether the module should enable the pcsd service. + +Default value: `$corosync::params::enable_pcsd_service` + +##### `manage_pcsd_service` + +Data type: `Boolean` + +Whether the module should try to manage the pcsd service in addition to the +corosync service. pcsd service is the GUI and the remote configuration +interface. + +Default value: `false` + +##### `manage_pcsd_auth` + +Data type: `Boolean` + +This only has an effect when $manage_pcsd_service is enabled. If set, an +attempt will be made to authorize pcs on the cluster node determined by +manage_pcsd_auth_node. Note that this determination can only be made when +the entries in quorum_members match the trusted certnames of the nodes in +the environment or the IP addresses of the primary adapters. +$sensitive_hacluster_password is mandatory if this parameter is set. + +Default value: `false` + +##### `manage_pcsd_auth_node` + +Data type: `Enum['first','last']` + +When managing authorization for PCS this determines which node does the +work. Note that only one node 'should' do the work and nodes are chosen by +matching local facts to the contents of quorum_members. When +manage_pcsd_auth is disabled this parameter has no effect. + +Default value: `'first'` + +##### `sensitive_hacluster_password` + +Data type: `Optional[Sensitive[String]]` + +When PCS is configured on a RHEL system this directive is used to set the +password for the hacluster user. If both $manage_pcsd_service and +$manage_pcsd_auth are both set to true the cluster will use this credential +to authorize all nodes. + +Default value: `undef` + +##### `sensitive_hacluster_hash` + +Data type: `Optional[Sensitive[String]]` + +This parameter expects a valid password hash of +sensitive_hacluster_password. If provided, the hash provided the hash will +be used to set the password for the hacluster user on each node. + +Default value: `undef` + +##### `manage_quorum_device` + +Data type: `Boolean` + +Enable or disable the addition of a quorum device external to the cluster. +This device is used avoid cluster splits typically in conjunction with +fencing by providing an external network vote. Additionally, this allows +symmentric clusters to continue operation in the event that 50% of their +nodes have failed. + +Default value: `false` + +##### `quorum_device_host` + +Data type: `Optional[Stdlib::Fqdn]` + +The fully qualified hostname of the quorum device. This parameter is +mandatory when manage_quorum_device is true. + +Default value: `undef` + +##### `quorum_device_algorithm` + +Data type: `Corosync::QuorumAlgorithm` + +There are currently two algorithms the quorum device can utilize to +determine how its vote should be allocated; Fifty-fifty split and +last-man-standing. See the +[corosync-qdevice man page](https://www.systutorials.com/docs/linux/man/8-corosync-qdevice/) +for details. + +Default value: `'ffsplit'` + +##### `package_quorum_device` + +Data type: `Optional[String]` + +The name of the package providing the quorum device functionality. This +parameter is mandatory if manage_quorum_device is true. + +Default value: `$corosync::params::package_quorum_device` + +##### `sensitive_quorum_device_password` + +Data type: `Optional[Sensitive[String]]` + +The plain text password for the hacluster user on the quorum_device_host. +This parameter is mandatory if manage_quorum_device is true. + +Default value: `undef` + +##### `cluster_name` + +Data type: `Optional[String[1]]` + +This specifies the name of cluster and it's used for automatic +generating of multicast address. + +Default value: `undef` + +##### `join` + +Data type: `Optional[Integer]` + +This timeout specifies in milliseconds how long to wait for join messages +in the membership protocol. + +Default value: `undef` + +##### `consensus` + +Data type: `Optional[Integer]` + +This timeout specifies in milliseconds how long to wait for consensus to be +achieved before starting a new round of membership configuration. +The minimum value for consensus must be 1.2 * token. This value will be +automatically calculated at 1.2 * token if the user doesn't specify a +consensus value. + +Default value: `undef` + +##### `ip_version` + +Data type: `Optional[String[1]]` + +This specifies version of IP to ask DNS resolver for. The value can be +one of ipv4 (look only for an IPv4 address) , ipv6 (check only IPv6 address), +ipv4-6 (look for all address families and use first IPv4 address found in the +list if there is such address, otherwise use first IPv6 address) and +ipv6-4 (look for all address families and use first IPv6 address found in the +list if there is such address, otherwise use first IPv4 address). + +Default (if unspecified) is ipv6-4 for knet and udpu transports and ipv4 for udp. + +Default value: `undef` + +##### `clear_node_high_bit` + +Data type: `Optional[Enum['yes', 'no']]` + +This configuration option is optional and is only relevant when no nodeid +is specified. Some openais clients require a signed 32 bit nodeid that is +greater than zero however by default openais uses all 32 bits of the IPv4 +address space when generating a nodeid. Set this option to yes to force +the high bit to be zero and therefor ensure the nodeid is a positive signed +32 bit integer. +WARNING: The clusters behavior is undefined if this option is enabled on +only a subset of the cluster (for example during a rolling upgrade). + +Default value: `undef` + +##### `max_messages` + +Data type: `Optional[Integer]` + +This constant specifies the maximum number of messages that may be sent by +one processor on receipt of the token. The max_messages parameter is limited +to 256000 / netmtu to prevent overflow of the kernel transmit buffers. + +Default value: `undef` + +##### `test_corosync_config` + +Data type: `Boolean` + +Whether we should test new configuration files with `corosync -t`. +(requires corosync 2.3.4) + +Default value: `$corosync::params::test_corosync_config` + +##### `watchdog_device` + +Data type: `Optional[Variant[Stdlib::Absolutepath, Enum['off']]]` + +Watchdog device to use, for example '/dev/watchdog' or 'off'. +Its presence (or lack thereof) shifted with corosync versions. + +Default value: `undef` + +##### `provider` + +Data type: `Enum['pcs', 'crm']` + +What command line utility provides corosync configuration capabilities. + +Default value: `'pcs'` + +### `corosync::params` + +Configures sane defaults based on the operating system. + +### `corosync::qdevice` + +This class performs the configuration of the qdevice daemon on a target node. +Note that this requires corosync 2.x and must never be deployed on a node +which is actually part of a cluster. Additionally, you will need to open the +correct firewall ports for both pcs, and the actual quorum device as shown in +the included example. + +* **See also** + * https://www.systutorials.com/docs/linux/man/8-corosync-qnetd/ + +#### Examples + +##### Quorum node with default password & configuring the firewall + +```puppet +include firewalld + +class { 'corosync::qdevice': + sensitive_hacluster_hash => $sensitive_hacluster_hash, +} +contain 'corosync::qdevice' + +# Open the corosync-qnetd port +firewalld::custom_service { 'corosync-qdevice-net': + description => 'Corosync Quorum Net Device Port', + port => [ + { + port => '5403', + protocol => 'tcp', + }, + ], +} +firewalld_service { 'corosync-qdevice-net': + ensure => 'present', + service => 'corosync-qdevice-net', + zone => 'public', +} + +# Configure general PCS firewall rules +firewalld_service { 'high-availability': + ensure => 'present', + service => 'high-availability', + zone => 'public', +} +``` + +#### Parameters + +The following parameters are available in the `corosync::qdevice` class: + +* [`sensitive_hacluster_hash`](#-corosync--qdevice--sensitive_hacluster_hash) +* [`package_pcs`](#-corosync--qdevice--package_pcs) +* [`package_corosync_qnetd`](#-corosync--qdevice--package_corosync_qnetd) +* [`provider`](#-corosync--qdevice--provider) + +##### `sensitive_hacluster_hash` + +Data type: `Optional[Sensitive[String]]` + +The password hash for the hacluster user on this quorum device node. If +omitted, you must create the hacluster user and haclient group yourself. +This user is required because pcsd must be used to perform the +quorum node configuration. + +Default value: `undef` + +##### `package_pcs` + +Data type: `String[1]` + +Name of the PCS package on this system. + +Default value: `'pcs'` + +##### `package_corosync_qnetd` + +Data type: `String[1]` + +Name of the corosync qnetd package for this system. + +Default value: `'corosync-qnetd'` + +##### `provider` + +Data type: `String` + +What command line utility provides corosync configuration capabilities. + +### `corosync::reprobe` + +Include this class to reprobe the corosync cluster when there are changes in +any of the native cs_* types. Useful for multi-node provisioning when the +nodes are not always in a stable state after provisioning. + +Copyright 2012 Puppet Labs, LLC. + +#### Examples + +##### Reprobe corosync after making cluster configuration changes + +```puppet + +include corosync::reprobe +``` + +## Defined types + +### `corosync::service` + +Models a Corosync service. Corosync services are plugins that provide +functionality for monitoring cluster resources. One of the most common +of these plugins being Pacemaker. This is for corosync 1.x! + +=== Authors + +Cody Herriges + +=== Copyright + +Copyright 2012 Puppet Labs, LLC. + +#### Examples + +##### Simple configuration of a service with version '0'. + +```puppet + +corosync::service { 'pacemaker': + version => '0', +} +``` + +#### Parameters + +The following parameters are available in the `corosync::service` defined type: + +* [`name`](#-corosync--service--name) +* [`version`](#-corosync--service--version) + +##### `name` + +Data type: `String` + +The namevar in this type is the title you give it when you define a resource +instance. It is used for a handful of purposes; defining the name of the +config file and the name defined inside the file itself. + +##### `version` + +Data type: `String[1]` + +Version of the protocol used by this service. This is currently unused. + +## Resource types + +### `cs_clone` + +Type for manipulating corosync/pacemaker resource clone. +More information on Corosync/Pacemaker colocation can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html + +#### Properties + +The following properties are available in the `cs_clone` type. + +##### `clone_max` + +Valid values: `%r{\d+}`, `absent` + +How many copies of the resource to start. +Defaults to the number of nodes in the cluster. + +Default value: `absent` + +##### `clone_node_max` + +Valid values: `%r{\d+}`, `absent` + +How many copies of the resource can be started on a single node. +Defaults to 1. + +Default value: `absent` + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `globally_unique` + +Valid values: `true`, `false`, `absent` + +Does each copy of the clone perform a different function? +Allowed values: true, false + +Default value: `absent` + +##### `group` + +The corosync resource group to be cloned. + +##### `interleave` + +Valid values: `true`, `false`, `absent` + +Changes the behavior of ordering constraints (between clones/masters) so that instances can start/stop +as soon as their peer instance has (rather than waiting for every instance of the other clone has). +Allowed values: true, false + +Default value: `absent` + +##### `notify_clones` + +Valid values: `true`, `false`, `absent` + +When stopping or starting a copy of the clone, tell all the other copies beforehand +and when the action was successful. +Allowed values: true, false + +Default value: `absent` + +##### `ordered` + +Valid values: `true`, `false`, `absent` + +Should the copies be started in series (instead of in parallel). Allowed values: true, false + +Default value: `absent` + +##### `primitive` + +The corosync resource primitive to be cloned. + +##### `promotable` + +Valid values: `true`, `false`, `absent` + +If true, clone instances can perform a special role that Pacemaker will manage via the resource agent’s +promote and demote actions. The resource agent must support these actions. Allowed values: false, true + +Default value: `absent` + +##### `promoted_max` + +Valid values: `%r{\d+}`, `absent` + +If promotable is true, the number of instances that can be promoted at one time across the entire cluster + +Default value: `absent` + +##### `promoted_node_max` + +Valid values: `%r{\d+}`, `absent` + +If promotable is true and globally-unique is false, the number of clone instances can be promoted at one time on a single node + +Default value: `absent` + +#### Parameters + +The following parameters are available in the `cs_clone` type. + +* [`cib`](#-cs_clone--cib) +* [`name`](#-cs_clone--name) +* [`provider`](#-cs_clone--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this colocation should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Identifier of the clone entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_clone` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_colocation` + +Type for manipulating corosync/pacemaker colocation. Colocation +is the grouping together of a set of primitives so that they travel +together when one of them fails. For instance, if a web server vhost +is colocated with a specific ip address and the web server software +crashes, the ip address with migrate to the new host with the vhost. + +More information on Corosync/Pacemaker colocation can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html + +#### Properties + +The following properties are available in the `cs_colocation` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `primitives` + +At least two Pacemaker primitives to be located together. Order of primitives +in colocation groups is important. In Pacemaker, a colocation of 2 primitives +behaves different than a colocation between more than 2 primitives. Here the +behavior is altered to be more consistent. +Examples on how to define colocations here: +- 2 primitives: [A, B] will cause A to be located first, and B will be located + with A. This is different than how crm configure colocation works, because + there [A, B] would mean colocate A with B, thus B should be located first. +- multiple primitives: [A, B, C] will cause A to be located first, B next, and + finally C. This is identical to how crm configure colocation works with + multiple resources, it will add a colocated set. +Property will raise an error if you do not provide an array containing at least +two values. Values can be either the name of the primitive, or primitive:role. +Notice, we can only interpret colocations of single sets, not multiple sets +combined. In Pacemaker speak, this means we can support 'A B C' but not e.g. +'A B (C D) E'. Feel free to contribute a patch for this. + +##### `score` + +The priority of this colocation. Primitives can be a part of +multiple colocation groups and so there is a way to control which +primitives get priority when forcing the move of other primitives. +This value can be an integer but is often defined as the string +INFINITY. + +Default value: `INFINITY` + +#### Parameters + +The following parameters are available in the `cs_colocation` type. + +* [`cib`](#-cs_colocation--cib) +* [`name`](#-cs_colocation--name) +* [`provider`](#-cs_colocation--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This paramater sets the CIB this colocation should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Identifier of the colocation entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_colocation` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `cs_commit` + +Final commit statement which triggers the synchronous application of +all primitive changes which reference this CIB. Do not generate more +than one cs_commit referencing the same CIB for a given cluster! + +#### Parameters + +The following parameters are available in the `cs_commit` type. + +* [`cib`](#-cs_commit--cib) +* [`name`](#-cs_commit--name) +* [`provider`](#-cs_commit--provider) + +##### `cib` + +Name of the CIB to commit. This value defaults to the name of +the cs_commit resource. + +##### `name` + +namevar + +Name of the CIB to commit. See the cib parameter for more detail. + +##### `provider` + +The specific backend to use for this `cs_commit` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_group` + +Type for manipulating Corosync/Pacemaker group entries. +Groups are a set or resources (primitives) that need to be +grouped together. + +More information can be found at the following link: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch-advanced-resources.html#group-resources + +#### Properties + +The following properties are available in the `cs_group` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `primitives` + +An array of primitives to have in this group. Must be listed in the +order that you wish them to start. + +#### Parameters + +The following parameters are available in the `cs_group` type. + +* [`cib`](#-cs_group--cib) +* [`name`](#-cs_group--name) +* [`provider`](#-cs_group--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this order should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this group entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_group` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_location` + +Type for manipulating corosync/pacemaker resource location. +More information on Corosync/Pacemaker colocation can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html + +#### Properties + +The following properties are available in the `cs_location` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `node_name` + +The corosync node_name where the resource should be located. + +##### `primitive` + +The corosync resource primitive to have a location applied. + +##### `resource_discovery` + +Whether Pacemaker should perform resource discovery on this +node for the specified resource. It matches the resource-discovery +location property in pacemaker + +##### `rules` + +The rules of this location. This is an array of hashes where +each hash contains an array of one or more expressions. + +Example: + + cs_location { 'vip-ping-connected': + primitive => 'vip', + rules => [ + 'vip-ping-exclude-rule' => { + 'score' => '-INFINITY', + 'expression' => [ + { 'attribute' => 'pingd', + 'operation' => 'lt', + 'value' => '100', + }, + ], + }, + 'vip-ping-prefer-rule' => { + 'score-attribute' => 'pingd', + 'expression' => [ + { 'attribute' => 'pingd', + 'operation' => 'defined', + }, + ], + }, + ], + } + +##### `score` + +The priority of this location. Primitives can be a part of +multiple location groups and so there is a way to control which +primitives get priority when forcing the move of other primitives. +This value can be an integer but is often defined as the string +INFINITY. + +Default value: `INFINITY` + +#### Parameters + +The following parameters are available in the `cs_location` type. + +* [`cib`](#-cs_location--cib) +* [`name`](#-cs_location--name) +* [`provider`](#-cs_location--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This paramater sets the CIB this colocation should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Identifier of the location entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_location` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `cs_order` + +Type for manipulating Corosync/Pacemaker ordering entries. Order +entries are another type of constraint that can be put on sets of +primitives but unlike colocation, order does matter. These designate +the order at which you need specific primitives to come into a desired +state before starting up a related primitive. + +More information can be found at the following link: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_controlling_resource_start_stop_ordering.html + +#### Properties + +The following properties are available in the `cs_order` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `first` + +First Corosync primitive. Just like colocation, our primitives for +ordering come in pairs but this time order matters so we need to define +which primitive starts the desired state change chain. + +##### `kind` + +How to enforce the constraint. + +Allowed values: +- Optional: Just a suggestion. Only applies if both resources are executing +the specified actions. Any change in state by the first resource will have +no effect on the then resource. +- Mandatory: Always. If first does not perform first-action, then will not +be allowed to performed then-action. If first is restarted, then +(if running) will be stopped beforehand and started afterward. +- Serialize: Ensure that no two stop/start actions occur concurrently for +the resources. First and then can start in either order, but one must +complete starting before the other can be started. A typical use case is +when resource start-up puts a high load on the host. + +Default value: `Mandatory` + +##### `score` + +The priority of the this ordered grouping. Primitives can be a part +of multiple order groups and so there is a way to control which +primitives get priority when forcing the order of state changes on +other primitives. This value can be an integer but is often defined +as the string INFINITY. +When using pcs as provider this value is not used. +It is generally preferred to use the `kind` parameter. + +##### `second` + +Second Corosync primitive. Our second primitive will move to the +desired state after the first primitive. + +##### `symmetrical` + +Boolean specifying if the resources should stop in reverse order. +Default value: true. + +Default value: `true` + +#### Parameters + +The following parameters are available in the `cs_order` type. + +* [`cib`](#-cs_order--cib) +* [`name`](#-cs_order--name) +* [`provider`](#-cs_order--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this order should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this ordering entry. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `provider` + +The specific backend to use for this `cs_order` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +### `cs_primitive` + +Type for manipulating Corosync/Pacemaker primitives. Primitives +are probably the most important building block when creating highly +available clusters using Corosync and Pacemaker. Each primitive defines +an application, ip address, or similar to monitor and maintain. These +managed primitives are maintained using what is called a resource agent. +These resource agents have a concept of class, type, and subsystem that +provides the functionality. Regrettably these pieces of vocabulary +clash with those used in Puppet so to overcome the name clashing the +property and parameter names have been qualified a bit for clarity. + +More information on primitive definitions can be found at the following +link: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_adding_a_resource.html + +#### Properties + +The following properties are available in the `cs_primitive` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `metadata` + +A hash of metadata for the primitive. A primitive can have a set of +metadata that doesn't affect the underlying Corosync type/provider but +affect that concept of a resource. This metadata is similar to Puppet's +resources resource and some meta-parameters, they change resource +behavior but have no affect of the data that is synced or manipulated. + +Default value: `Hash.new` + +##### `operations` + +A hash of operations for the primitive. Operations defined in a +primitive are little more predictable as they are commonly things like +monitor or start and their values are in seconds. Since each resource +agent can define its own set of operations we are going to defer again +and just accept a hash. There maybe room to model this one but it +would require a review of all resource agents to see if each operation +is valid. + +Default value: `Hash.new` + +##### `parameters` + +A hash of params for the primitive. Parameters in a primitive are +used by the underlying resource agent, each class using them slightly +differently. In ocf scripts they are exported and pulled into the +script as variables to be used. Since the list of these parameters +are completely arbitrary and validity not enforced we simply defer +defining a model and just accept a hash. + +Default value: `Hash.new` + +##### `utilization` + +A hash of utilization attributes for the primitive. If nodes are +also configured with available resources, and Pacemaker's placement +strategy is set appropriately, then Pacemaker can place primitives on +nodes only where resources are available. + +See the Pacemaker documentation: + +http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch11.html + +Default value: `Hash.new` + +#### Parameters + +The following parameters are available in the `cs_primitive` type. + +* [`cib`](#-cs_primitive--cib) +* [`name`](#-cs_primitive--name) +* [`primitive_class`](#-cs_primitive--primitive_class) +* [`primitive_type`](#-cs_primitive--primitive_type) +* [`provided_by`](#-cs_primitive--provided_by) +* [`provider`](#-cs_primitive--provider) +* [`unmanaged_metadata`](#-cs_primitive--unmanaged_metadata) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this primitive should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of primitive. This value needs to be unique +across the entire Corosync/Pacemaker configuration since it doesn't have +the concept of name spaces per type. + +##### `primitive_class` + +Corosync class of the primitive. Examples of classes are lsb or ocf. +Lsb functions a lot like the init provider in Puppet for services, an init +script is ran periodically on each host to identify status, or to start +and stop a particular application. Ocf of the other hand is a script with +meta-data and structure that is specific to Corosync and Pacemaker. + +##### `primitive_type` + +Corosync primitive type. Type generally matches to the specific +'thing' your managing, i.e. ip address or vhost. Though, they can be +completely arbitrarily named and manage any number of underlying +applications or resources. + +##### `provided_by` + +Corosync primitive provider. All resource agents used in a primitive +have something that provides them to the system, be it the Pacemaker or +redhat plugins...they're not always obvious though so currently you're +left to understand Corosync enough to figure it out. Usually, if it isn't +obvious it is because there is only one provider for the resource agent. + +To find the list of providers for a resource agent run the following +from the command line has Corosync installed: + +* `crm configure ra providers ` + +##### `provider` + +The specific backend to use for this `cs_primitive` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +##### `unmanaged_metadata` + +Metadata options that should not be managed by Puppet. +Examples: ['target-role', 'is-managed'] + +Default value: `Array.new` + +### `cs_property` + +Type for manipulating corosync/pacemaker configuration properties. +Besides the configuration file that is managed by the module the contains +all these related Corosync types and providers, there is a set of cluster +properties that can be set and saved inside the CIB (A CIB being a set of +configuration that is synced across the cluster, it can be exported as XML +for processing and backup). The type is pretty simple interface for +setting key/value pairs or removing them completely. Removing them will +result in them taking on their default value. + +More information on cluster properties can be found here: + +* http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/_cluster_options.html + +P.S Looked at generating a type dynamically from the cluster's property +meta-data that would result in a single type with puppet type properties +of every cluster property...may still do so in a later iteration. + +#### Properties + +The following properties are available in the `cs_property` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `value` + +Value of the property. It is expected that this will be a single +value but we aren't validating string vs. integer vs. boolean because +cluster properties can range the gambit. + +#### Parameters + +The following parameters are available in the `cs_property` type. + +* [`cib`](#-cs_property--cib) +* [`name`](#-cs_property--name) +* [`provider`](#-cs_property--provider) +* [`replace`](#-cs_property--replace) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this parameter should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this property. Simply the name of the cluster +property. Happily most of these are unique. + +##### `provider` + +The specific backend to use for this `cs_property` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +##### `replace` + +Valid values: `true`, `false`, `yes`, `no` + +Whether to replace a property that already exists on the cluster +whose value doesn't match what the `value` attribute specifies. Setting +this to false allows cs_property resources to initialize properties without +overwriting future changes. Defaults to `true`. + +Default value: `true` + +### `cs_rsc_defaults` + +Type for manipulating corosync/pacemaker global defaults for +resource options. The type is pretty simple interface for setting +key/value pairs or removing them completely. Removing them will result +in them taking on their default value. + +More information on resource defaults can be found here: + +* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-defaults.html +* http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-options.html + +#### Properties + +The following properties are available in the `cs_rsc_defaults` type. + +##### `ensure` + +Valid values: `present`, `absent` + +The basic property that the resource should be in. + +Default value: `present` + +##### `value` + +Value of the property. It is expected that this will be a single +value but we aren't validating string vs. integer vs. boolean because +resource options can range the gambit. + +#### Parameters + +The following parameters are available in the `cs_rsc_defaults` type. + +* [`cib`](#-cs_rsc_defaults--cib) +* [`name`](#-cs_rsc_defaults--name) +* [`provider`](#-cs_rsc_defaults--provider) + +##### `cib` + +Corosync applies its configuration immediately. Using a CIB allows +you to group multiple primitives and relationships to be applied at +once. This can be necessary to insert complex configurations into +Corosync correctly. + +This parameter sets the CIB this rsc_defaults should be created in. A +cs_shadow resource with a title of the same name as this value should +also be added to your manifest. + +##### `name` + +namevar + +Name identifier of this property. Simply the name of the resource +option. Happily most of these are unique. + +##### `provider` + +The specific backend to use for this `cs_rsc_defaults` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `cs_shadow` + +cs_shadow resources represent a Corosync shadow CIB. Any corosync +resources defined with 'cib' set to the title of a cs_shadow resource +will not become active until all other resources with the same cib +value have also been applied. + +#### Properties + +The following properties are available in the `cs_shadow` type. + +##### `epoch` + +Implementation detail. DO NOT SET DIRECTLY. + +Default value: `latest` + +#### Parameters + +The following parameters are available in the `cs_shadow` type. + +* [`autocommit`](#-cs_shadow--autocommit) +* [`cib`](#-cs_shadow--cib) +* [`provider`](#-cs_shadow--provider) + +##### `autocommit` + +Valid values: `true`, `false`, `yes`, `no` + +Whether to generate a cs_commit or not. Can be used to create shadow +CIB without committing them. + +Default value: `true` + +##### `cib` + +namevar + +Name of the CIB to begin tracking changes against. + +##### `provider` + +The specific backend to use for this `cs_shadow` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + +## Data types + +### `Corosync::ArrayRing` + +Custom type for infinitely nestable arrays + +Alias of + +```puppet +Variant[Array[Stdlib::IP::Address], Array[ + Array[Stdlib::IP::Address] + ]] +``` + +### `Corosync::CryptoCipher` + +Defines the allowed cipher types for secure corosync communication + +Alias of `Enum['aes256', 'aes192', 'aes128', '3des']` + +### `Corosync::CryptoHash` + +Custom type for possible crypto hashes + +Alias of `Enum['md5', 'sha1', 'sha256', 'sha384', 'sha512']` + +### `Corosync::IpStringIp` + +Custom type for string <-> array of string variants + +Alias of + +```puppet +Variant[Stdlib::IP::Address, Array[ + Stdlib::IP::Address + ]] +``` + +### `Corosync::QuorumAlgorithm` + +Custom type for quorumalgorithm enum + +Alias of `Enum['ffsplit', 'lms']` + +### `Corosync::Syslogpriority` + +Custom type for syslog priority enum + +Alias of `Enum['debug', 'info', 'notice', 'warning', 'err', 'alert', 'emerg', 'crit']` + From 44ff8630e86057f99eb14cf9963c32ce18af3128 Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Mon, 14 Oct 2024 13:46:38 +0200 Subject: [PATCH 11/12] test for RH automatic test --- manifests/init.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 9697f1bd..dc9ff2d5 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -424,7 +424,7 @@ # Enable High Availability repository case $facts['os']['name'] { 'RedHat': { - if $facts['os']['release']['major'] > 7 { + if $facts['os']['release']['major'] > '7' { exec { 'enable_highavailability_repo': command => "subscription-manager repos --enable=${highavailability_repo}", path => '/usr/bin:/usr/sbin:/bin:/sbin', @@ -433,7 +433,7 @@ } } 'CentOS': { - if $facts['os']['release']['major'] == 9 { + if $facts['os']['release']['major'] == '9' { exec { 'enable_highavailability_repo': command => "yum config-manager --set-enabled ${highavailability_repo}", path => '/usr/bin:/usr/sbin:/bin:/sbin', From 180c3b343baba1f5fbd8d76015d059b9c991d691 Mon Sep 17 00:00:00 2001 From: Doninelli Davide Date: Mon, 14 Oct 2024 13:47:57 +0200 Subject: [PATCH 12/12] automatic test for RH failing install repository --- lib/puppet/provider/cs_clone/pcs.rb | 2 +- metadata.json | 6 +- spec/classes/corosync_spec.rb | 111 +++++++++--------- .../unit/puppet/provider/cs_clone_pcs_spec.rb | 2 +- 4 files changed, 59 insertions(+), 62 deletions(-) diff --git a/lib/puppet/provider/cs_clone/pcs.rb b/lib/puppet/provider/cs_clone/pcs.rb index 8387a4e9..81d153d0 100644 --- a/lib/puppet/provider/cs_clone/pcs.rb +++ b/lib/puppet/provider/cs_clone/pcs.rb @@ -28,7 +28,7 @@ def change_clone_id(type, primitive, id, cib) return unless doc.root.attributes['id'] != id doc.root.attributes['id'] = id - cmd = [command(:cibadmin), '--replace', '--xpath', xpath, '--xml-text', doc.to_s] + cmd = [command(:cibadmin), '--replace', '--xpath', xpath, '--xml-text', doc.to_s.chomp] self.class.run_command_in_cib(cmd, cib) end diff --git a/metadata.json b/metadata.json index 9cb851f5..1008c04f 100644 --- a/metadata.json +++ b/metadata.json @@ -12,15 +12,13 @@ "operatingsystem": "RedHat", "operatingsystemrelease": [ "7", - "8", - "9" + "8" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ - "7", - "9" + "7" ] }, { diff --git a/spec/classes/corosync_spec.rb b/spec/classes/corosync_spec.rb index f37a3316..c3359b25 100644 --- a/spec/classes/corosync_spec.rb +++ b/spec/classes/corosync_spec.rb @@ -62,13 +62,13 @@ %r{nodelist} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node1\.test\.org\n\s*nodeid: 1} + %r{^\s*ring0_addr:\s*node1\.test\.org\s*(?:\r\n|\n)\s*nodeid:\s*1\s*} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node2\.test\.org\n\s*nodeid: 2} + %r{^\s*ring0_addr:\s*node2\.test\.org\s*(?:\r\n|\n)\s*nodeid:\s*2\s*} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end @@ -80,10 +80,10 @@ %r{nodelist} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node1\.test\.org\n\s*nodeid: 3} + %r{^\s*ring0_addr:\s*node1\.test\.org\s*(?:\r\n|\n)\s*nodeid:\s*3} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node2\.test\.org\n\s*nodeid: 11} + %r{^\s*ring0_addr:\s*node2\.test\.org\s*(?:\r\n|\n)\s*nodeid:\s*11} ) end end @@ -101,10 +101,10 @@ %r{nodelist} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: 192\.168\.0\.1\n\s*nodeid: 1\n\s*name: node1\.test\.org} + %r{^\s*ring0_addr:\s*192\.168\.0\.1(?:\r\n|\n)\s*nodeid:\s*1(?:\r\n|\n)\s*name:\s*node1\.test\.org} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: 192\.168\.0\.2\n\s*nodeid: 2\n\s*name: node2\.test\.org} + %r{^\s*ring0_addr:\s*192\.168\.0\.2(?:\r\n|\n)\s*nodeid:\s*2(?:\r\n|\n)\s*name:\s*node2\.test\.org} ) end end @@ -120,7 +120,7 @@ it 'does not configure two_nodes option' do is_expected.not_to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end end @@ -134,7 +134,7 @@ it 'configures two_node' do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end end @@ -152,13 +152,13 @@ %r{nodelist} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node1\.test\.org\n\s*nodeid: 1} + %r{^\s*ring0_addr:\s*node1\.test\.org(?:\r\n|\n)\s*nodeid:\s*1} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node2\.test\.org\n\s*nodeid: 2} + %r{^\s*ring0_addr:\s*node2\.test\.org(?:\r\n|\n)\s*nodeid:\s*2} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end end @@ -178,14 +178,14 @@ (1..4).each do |node_id| it "configures rings for host #{node_id} correctly" do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: 172.31.10.#{node_id}\n\s*ring1_addr: 172.31.11.#{node_id}\n\s*ring2_addr: 172.31.12.#{node_id}\n\s*nodeid: #{node_id}} + %r{ring0_addr: 172.31.10.#{node_id}(?:\r\n|\n)\s*ring1_addr: 172.31.11.#{node_id}(?:\r\n|\n)\s*ring2_addr: 172.31.12.#{node_id}(?:\r\n|\n)\s*nodeid: #{node_id}} ) end end it 'does not configure two_nodes option' do is_expected.not_to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end end @@ -203,14 +203,14 @@ (1..2).each do |node_id| it "configures rings for host #{node_id} correctly" do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: 172.31.10.#{node_id}\n\s*ring1_addr: 172.31.11.#{node_id}\n\s*ring2_addr: 172.31.12.#{node_id}\n\s*nodeid: #{node_id}} + %r{ring0_addr: 172.31.10.#{node_id}(?:\r\n|\n)\s*ring1_addr: 172.31.11.#{node_id}(?:\r\n|\n)\s*ring2_addr: 172.31.12.#{node_id}(?:\r\n|\n)\s*nodeid: #{node_id}} ) end end it 'configures two_node' do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end end @@ -237,13 +237,13 @@ %r{nodelist} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node1\.test\.org\n\s*nodeid: 1} + %r{^\s*ring0_addr: node1\.test\.org(?:\r\n|\n)\s*nodeid:\s*1} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node2\.test\.org\n\s*nodeid: 2} + %r{^\s*ring0_addr: node2\.test\.org(?:\r\n|\n)\s*nodeid:\s*2} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end @@ -253,10 +253,10 @@ %r{nodelist} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node1\.test\.org\n\s*nodeid: 3} + %r{^\s*ring0_addr:\s*node1\.test\.org(?:\r\n|\n)\s*nodeid:\s*3} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: node2\.test\.org\n\s*nodeid: 11} + %r{^\s*ring0_addr:\s*node2\.test\.org(?:\r\n|(?:\r\n|\n))\s*nodeid:\s*11} ) end @@ -267,10 +267,10 @@ %r{nodelist} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: 192\.168\.0\.1\n\s*nodeid: 1\n\s*name: node1\.test\.org} + %r{^\s*ring0_addr: 192\.168\.0\.1(?:\r\n|\n)\s*nodeid:\s*1(?:\r\n|\n)\s*name:\s*node1\.test\.org} ) is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{ring0_addr: 192\.168\.0\.2\n\s*nodeid: 2\n\s*name: node2\.test\.org} + %r{^\s*ring0_addr: 192\.168\.0\.2(?:\r\n|\n)\s*nodeid:\s*2(?:\r\n|\n)\s*name:\s*node2\.test\.org} ) end end @@ -331,7 +331,7 @@ it 'configures cluster_name' do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{cluster_name:\s*hacell$} + %r{^\s*cluster_name:\s*hacell} ) end end @@ -535,9 +535,7 @@ end it 'is set in corosync.conf' do - is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r{#{optional_parameter}:\s*#{possible_value}\n} - ) + is_expected.to contain_file('/etc/corosync/corosync.conf').with_content(%r{#{optional_parameter}:\s*#{Regexp.escape(possible_value.to_s)}\s*\n}) end end end @@ -957,9 +955,7 @@ it 'does not contain the quorum device config in corosync.conf' do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r!quorum { - provider: corosync_votequorum -}$!m + %r{quorum\s*\{\s*provider:\s*corosync_votequorum\s*\}\s*} ) end @@ -978,18 +974,20 @@ it 'contains the quorum configuration' do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r!quorum { - provider: corosync_votequorum - device { - model: net - votes: 1 - - net { - algorithm: ffsplit - host: quorum1[.]test[.]org - } - } -}!m + %r{ + quorum\s*\{ + \s*provider:\s*corosync_votequorum + \s*device\s*\{ + \s*model:\s*net + \s*votes:\s*1 + \s* + \s*net\s*\{ + \s*algorithm:\s*ffsplit + \s*host:\s*quorum1\.test\.org + \s*\} + \s*\} + \s*\} + }x ) end @@ -1065,18 +1063,19 @@ it 'contains the quorum configuration' do is_expected.to contain_file('/etc/corosync/corosync.conf').with_content( - %r!quorum { - provider: corosync_votequorum - device { - model: net - votes: 1 - - net { - algorithm: ffsplit - host: quorum1[.]test[.]org - } - } -}!m + %r{ + quorum\s*\{ + \s*provider:\s*corosync_votequorum # Match 'provider: corosync_votequorum' + \s*device\s*\{ + \s*model:\s*net + \s*votes:\s*1 + \s*net\s*\{ + \s*algorithm:\s*ffsplit + \s*host:\s*quorum1\.test\.org + \s*\} + \s*\} + \s*\} + }x ) end end @@ -1094,7 +1093,7 @@ it 'does not configure two node' do is_expected.not_to contain_file('/etc/corosync/corosync.conf').with_content( - %r{two_node: 1\n} + %r{^\s*two_node:\s*1} ) end # else - to implement @@ -1103,4 +1102,4 @@ end end end -end +end \ No newline at end of file diff --git a/spec/unit/puppet/provider/cs_clone_pcs_spec.rb b/spec/unit/puppet/provider/cs_clone_pcs_spec.rb index f4782389..290c8f9e 100644 --- a/spec/unit/puppet/provider/cs_clone_pcs_spec.rb +++ b/spec/unit/puppet/provider/cs_clone_pcs_spec.rb @@ -245,7 +245,7 @@ def clone_xml(name) Puppet::Util::Execution.expects(:execute).with(['cibadmin', '--query', '--xpath', xpath], failonfail: true, combine: true).at_least_once.returns( Puppet::Util::Execution::ProcessOutput.new(clone_xml('apache_service-clone'), 0) ) - Puppet::Util::Execution.expects(:execute).with(['cibadmin', '--replace', '--xpath', xpath, '--xml-text', clone_xml('apache_service-newclone').chop], failonfail: true, combine: true).at_least_once.returns( + Puppet::Util::Execution.expects(:execute).with(['cibadmin', '--replace', '--xpath', xpath, '--xml-text', clone_xml('apache_service-newclone').chomp], failonfail: true, combine: true).at_least_once.returns( Puppet::Util::Execution::ProcessOutput.new('', 0) ) instance.change_clone_id('primitive', 'apache_service', 'apache_service-newclone', nil)