Puppet Class: corosync::qdevice

Defined in:
manifests/qdevice.pp

Summary

Performs basic initial configuration of the qdevice daemon on a node.

Overview

This class performs the configuration of the qdevice daemon on a target node. Note that this requires corosync 2.x and must never be deployed on a node which is actually part of a cluster. Additionally, you will need to open the correct firewall ports for both pcs, and the actual quorum device as shown in the included example.

Examples:

Quorum node with default password & configuring the firewall

include firewalld

class { 'corosync::qdevice':
  sensitive_hacluster_hash => $sensitive_hacluster_hash,
}
contain 'corosync::qdevice'

# Open the corosync-qnetd port
firewalld::custom_service { 'corosync-qdevice-net':
  description => 'Corosync Quorum Net Device Port',
  port        => [
    {
      port     => '5403',
      protocol => 'tcp',
    },
  ],
}
firewalld_service { 'corosync-qdevice-net':
  ensure  => 'present',
  service => 'corosync-qdevice-net',
  zone    => 'public',
}

# Configure general PCS firewall rules
firewalld_service { 'high-availability':
  ensure  => 'present',
  service => 'high-availability',
  zone    => 'public',
}

Parameters:

  • sensitive_hacluster_hash (Sensitive[String]) (defaults to: undef)

    The password hash for the hacluster user on this quorum device node. This is currently a mandatory parameter because pcsd must be used to perform the quorum node configuration.

  • package_pcs (String[1]) (defaults to: 'pcs')

    Name of the PCS package on this system.

  • package_corosync_qnetd (String[1]) (defaults to: 'corosync-qnetd')

    Name of the corosync qnetd package for this system.

See Also:



52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'manifests/qdevice.pp', line 52

class corosync::qdevice (
  String[1] $package_pcs                      = 'pcs',
  String[1] $package_corosync_qnetd           = 'corosync-qnetd',
  Sensitive[String] $sensitive_hacluster_hash = undef,
) {
  $cluster_group = 'haclient'
  $cluster_user = 'hacluster'

  # Install the required packages
  [$package_pcs, $package_corosync_qnetd].each |$package| {
    package { $package:
      ensure => present,
      before => Group[$cluster_group],
    }
  }

  # Cluster control group
  group { $cluster_group:
    ensure  => 'present',
  }

  # Cluster admin credentials
  user { $cluster_user:
    ensure   => 'present',
    password => $sensitive_hacluster_hash,
    gid      => $cluster_group,
  }

  # Enable the PCS service
  service { 'pcsd':
    ensure  => 'running',
    enable  => true,
    require => [
      Package[$package_pcs],
      Package[$package_corosync_qnetd],
    ],
  }

  $exec_path = '/sbin:/bin:/usr/sbin:/usr/bin'

  # Configure the quorum device
  exec { 'pcs qdevice setup model net --enable --start':
    path    => $exec_path,
    onlyif  => [
      'test ! -f /etc/corosync/qnetd/nssdb/qnetd-cacert.crt',
    ],
    require => Service['pcsd'],
  }

  # Ensure the net device is running
  exec { 'pcs qdevice start net':
    path    => $exec_path,
    onlyif  => [
      'test -f /etc/corosync/qnetd/nssdb/qnetd-cacert.crt',
      'test 0 -ne $(pcs qdevice status net >/dev/null 2>&1; echo $?)',
    ],
    require => [
      Package['pcs'],
      Package['corosync-qnetd'],
    ],
  }
}