Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sap_ha_pacemaker_cluster: Stonith SBD enablement, stonith and repos dictionaries #829

Merged
merged 4 commits into from
Aug 2, 2024

Conversation

marcelmamula
Copy link
Contributor

New features:

  • Stonith SBD fence method added with all extra variables required for ha_cluster

  • Significant changes to Stonith task file, adding lot of extra validations to avoid execution if:

    • ha_cluster variables are provided, just skip them because you cannot override precedence anyway
    • variables are empty, not required list or string where list is expected (iterable check fails to differentiate between string and list)
  • New repository dictionaries:

    • __sap_ha_pacemaker_cluster_repos_dict defined inside OS vars
    • Each platform vars loads __sap_ha_pacemaker_cluster_repos from dictionary
    • Dictionary is empty for SUSE as it comes with subscription.
  • New fence agent dictionaries for each platform

    • __sap_ha_pacemaker_cluster_stonith_default_dict defined in each platform vars, then selected correct entry into __sap_ha_pacemaker_cluster_stonith_default
    • This serves as baseline for future if we have different fence agents like AWS, where RHEL and SLES have different agents.
    • There is potential for future to shift these dictionaries into new OS_stonith.yml var files if need arises for different OS parameters under same agents.
  • Variable sap_ha_pacemaker_cluster_aws_credentials_setup that can be enabled to store AWS credentials. It is undefined by default to use attached IAM Role/Instance Profile done by AP4S.

    • Keeping AWS Credentials together with attached IAM, results in credentials overriding IAM permissions, requiring API user inside of AWS credentials to have fencing permissions.
  • Default ha_cluster definition from AP4S moved inside of vars code, to create baseline nodes for ha_cluster

    • pcs_address is required only for pcs, but it does not harm crmsh
    __sap_ha_pacemaker_cluster_ha_cluster:
      node_name: "{{ ansible_hostname }}"
      pcs_address: "{{ ansible_default_ipv4.address }}"
  • Readme and argument_specs update with new variables and increased baseline version for required collections.

Tested on:

  • AWS
    • SLES4SAP 15: SBD and default fencing
    • RHEL4SAP 8.6: Several tests executed, currently running SBD and default fence agent testing again.

@marcelmamula marcelmamula added the enhancement New feature or request label Jul 30, 2024
@marcelmamula marcelmamula self-assigned this Jul 30, 2024
- separated pcmk_host_map into platform variables, except GCP
- Added support for Tech Debt stonith_custom dictionary
Copy link
Member

@sean-freeman sean-freeman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed all commits and discussed in-depth, happy with changes to internal logic and will regression test once merged to dev

👍 Awesome work

Copy link
Contributor

@ja9fuchs ja9fuchs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍
Very nice work, thank you!

@marcelmamula marcelmamula merged commit 9ea7d22 into sap-linuxlab:dev Aug 2, 2024
3 of 4 checks passed
@marcelmamula marcelmamula deleted the sbd branch August 9, 2024 09:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants