devgateway.pacemaker
Pacemaker Role for Ansible
This role sets up a Pacemaker cluster by saving the configuration (CIB), modifying the XML, and reloading it. It is designed to be idempotent, meaning running it multiple times won’t change the result after the first application. It also supports check mode to preview changes.
The role has been updated to manage individual components (like cluster defaults, resources, groups, constraints, etc.) instead of configuring the entire cluster and all services at once. This lets you concentrate on specific resources without affecting everything else.
Requirements
This role is intended for Scientific Linux 7, but it might work on other Linux distributions too; please share any experiences you have.
Tasks
Use the tasks_from Ansible directive to indicate what you want to set up.
In properties, Boolean values interpreted by Pacemaker don’t need quotes. However, resource agents may require these Boolean-like values in formats like integers or strings, and they must be quoted.
tasks_from: main
Set up nodes, configure cluster properties, and resource defaults.
pcmk_cluster_name
Name of the cluster (optional).
Default: hacluster.
pcmk_password
Plaintext password for the cluster user (optional). If not provided, it will be generated from ansible_machine_id of the first host in the play batch. This password is used only for the initial node authentication.
Default: ansible_machine_id | to_uuid
pcmk_user
System user to authenticate PCS nodes (optional). PCS will handle authentication among all nodes.
Default: hacluster
pcmk_cluster_options
A dictionary of cluster-wide options (optional).
pcmk_votequorum
A dictionary of votequorum options (optional). See votequorum(5). Boolean values are accepted.
pcmk_resource_defaults
A dictionary specifying resource defaults (optional).
tasks_from: resource
Set up a simple resource.
pcmk_resource
A dictionary describing a simple (primitive) resource, containing:
id: mandatory resource identifier for simple resources;class,provider, andtype: resource agent details;providercan be omitted (e.g., whentypeisservice);options: optional dictionary for resource-specific attributes (e.g., address for IPaddr2);op: optional list of operations; each operation is a dictionary with requirednameandinterval, plus other optional fields;meta: optional dictionary for meta-attributes.
tasks_from: group
Set up a resource group.
pcmk_group
Dictionary with two members:
id: group identifier;resources: a dictionary where keys are resource IDs, and values have formats likepcmk_resource(except the resourceidis optional).
tasks_from: constraint
Set up a constraint.
pcmk_constraint
A dictionary defining a single constraint, requiring:
type: one of:location,colocation, ororder;score: constraint score (a signed integer,INFINITY, or-INFINITY).
Depending on type, additional required fields are:
locationneedsrscandnode;colocationneedsrscandwith-rsc;orderneedsfirstandthen.
The dictionary may include other fields, like symmetrical.
Example Playbooks
Active-active chrooted BIND DNS Server
---
- name: Configure DNS cluster
hosts: dns-servers
tasks:
- name: Set up cluster
include_role:
name: devgateway.pacemaker
vars:
pcmk_password: hunter2
pcmk_cluster_name: named
pcmk_cluster_options:
stonith-enabled: false
- name: Configure IP address resource
include_role:
name: devgateway.pacemaker
tasks_from: resource
vars:
pcmk_resource:
id: dns-ip
class: ocf
provider: heartbeat
type: IPaddr2
options:
ip: 10.0.0.1
cidr_netmask: 8
op:
- name: monitor
interval: 5s
- name: Configure cloned BIND resource
include_role:
name: devgateway.pacemaker
tasks_from: advanced-resource
vars:
pcmk_resource:
type: clone
id: dns-clone
resources:
named:
class: service
type: named-chroot
op:
- name: monitor
interval: 5s
- name: Set up constraints
include_role:
name: devgateway.pacemaker
tasks_from: constraint
vars:
pcmk_constraint:
type: order
first: dns-ip
then: dns-clone
Active-active Squid Proxy
---
- name: Configure Squid cluster
hosts: proxy-servers
tasks:
- name: Set up cluster
include_role:
name: devgateway.pacemaker
vars:
pcmk_password: hunter2
pcmk_cluster_name: squid
pcmk_cluster_options:
stonith-enabled: false
- name: Configure IP address resource
include_role:
name: devgateway.pacemaker
tasks_from: resource
vars:
pcmk_resource:
id: squid-ip
class: ocf
provider: heartbeat
type: IPaddr2
options:
ip: 192.168.0.200
cidr_netmask: 24
op:
- name: monitor
interval: 5s
- name: Configure cloned Squid resource
include_role:
name: devgateway.pacemaker
tasks_from: advanced-resource
vars:
pcmk_resource:
id: squid
type: clone
resources:
squid-service:
class: service
type: squid
op:
- name: monitor
interval: 5s
- name: Set up constraints
include_role:
name: devgateway.pacemaker
tasks_from: constraint
vars:
pcmk_constraint:
type: order
first: squid-ip
then: squid
Nginx, Web Application, and Master-Slave Postgres
This cluster runs two Postgres nodes with synchronous replication. A virtual IP address follows the master node, and Nginx with a web application run on the same node, conserving resources. This is based on a Clusterlabs wiki example.
---
- hosts:
- alpha
- bravo
tasks:
- name: Set up Pacemaker with Postgres master/slave
include_role:
name: devgateway.pacemaker
vars:
pcmk_pretty_xml: true
pcmk_cluster_name: example
pcmk_password: hunter2
pcmk_cluster_options:
no-quorum-policy: ignore
stonith-enabled: false
pcmk_resource_defaults:
resource-stickiness: INFINITY
migration-threshold: 1
- name: Configure simple resources
include_role:
name: devgateway.pacemaker
tasks_from: resource
loop_control:
loop_var: pcmk_resource
loop:
- id: coolapp
class: service
type: coolapp
- id: nginx
class: service
type: nginx
- id: virtual-ip
class: ocf
provider: heartbeat
type: IPaddr2
options:
ip: 10.0.0.23
meta:
migration-threshold: 0
op:
- name: start
timeout: 60s
interval: 0s
on-fail: restart
- name: monitor
timeout: 60s
interval: 10s
on-fail: restart
- name: stop
timeout: 60s
interval: 0s
on-fail: restart
- name: Configure master-slave Postgres
include_role:
name: devgateway.pacemaker
tasks_from: advanced-resource
vars:
pcmk_resource:
id: postgres
type: master
meta:
master-max: 1
master-node-max: 1
clone-max: 2
clone-node-max: 1
notify: true
resources:
postgres-replica-set:
class: ocf
provider: heartbeat
type: pgsql
options:
pgctl: /usr/pgsql-9.4/bin/pg_ctl
psql: /usr/pgsql-9.4/bin/psql
pgdata: /var/lib/pgsql/9.4/data
rep_mode: sync
node_list: "{{ ansible_play_batch | join(' ') }}"
restore_command: cp /var/lib/pgsql/9.4/archive/%f %p
master_ip: 10.0.0.23
restart_on_promote: "true"
repuser: replication
op:
- name: start
timeout: 60s
interval: 0s
on-fail: restart
- name: monitor
timeout: 60s
interval: 4s
on-fail: restart
- name: promote
timeout: 60s
interval: 0s
on-fail: restart
- name: Set up constraints
include_role:
name: devgateway.pacemaker
tasks_from: constraint
loop_control:
loop_var: pcmk_constraint
loop:
- type: colocation
rsc: virtual-ip
with-rsc: postgres
with-rsc-role: Master
score: INFINITY
- type: colocation
rsc: nginx
with-rsc: virtual-ip
score: INFINITY
- type: colocation
rsc: coolapp
with-rsc: virtual-ip
score: INFINITY
- type: order
first: postgres
first-action: promote
then: virtual-ip
then-action: start
symmetrical: false
score: INFINITY
- type: order
first: postgres
first-action: demote
then: virtual-ip
then-action: stop
symmetrical: false
score: 0
See Also
Copyright
Copyright 2015-2019, Development Gateway. Licensed under GPL v3+.
Configure Pacemaker cluster
ansible-galaxy install devgateway.pacemaker