Puppet Class: profile::wmcs::nfs::secondary

Defined in:
modules/profile/manifests/wmcs/nfs/secondary.pp

Overview

Parameters:

  • observer_pass (Any) (defaults to: hiera('profile::openstack::eqiad1::observer_password'))
  • monitor_iface (Any) (defaults to: hiera('profile::wmcs::nfs::secondary::monitor_iface', 'eno0'))
  • scratch_active_server (Stdlib::Host) (defaults to: lookup('scratch_active_server'))
  • maps_active_server (Stdlib::Host) (defaults to: lookup('scratch_active_server'))
  • cluster_ip (Stdlib::IP::Address) (defaults to: lookup('profile::wmcs::nfs::secondary::cluster_ip'))
  • secondary_servers (Array[Stdlib::Host]) (defaults to: lookup('secondary_nfs_servers'))


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# File 'modules/profile/manifests/wmcs/nfs/secondary.pp', line 1

class profile::wmcs::nfs::secondary(
    $observer_pass = hiera('profile::openstack::eqiad1::observer_password'),
    $monitor_iface = hiera('profile::wmcs::nfs::secondary::monitor_iface', 'eno0'),
    Stdlib::Host $scratch_active_server = lookup('scratch_active_server'),
    # The following is intentionally using the same value as for scratch.  This may not always
    # be desireable, so a separate parameter is offered.
    Stdlib::Host $maps_active_server = lookup('scratch_active_server'),
    Stdlib::IP::Address $cluster_ip = lookup('profile::wmcs::nfs::secondary::cluster_ip'),
    Array[Stdlib::Host] $secondary_servers = lookup('secondary_nfs_servers'),
) {
    require ::profile::openstack::eqiad1::clientpackages
    require ::profile::openstack::eqiad1::observerenv

    class {'::labstore':
        nfsd_threads => '192',
    }

    package { [
            'python3-paramiko',
            'python3-pymysql',
        ]:
        ensure => present,
    }

    class {'::labstore::fileserver::exports':
        server_vols   => ['maps'],
    }

    # Enable RPS to balance IRQs over CPUs
    # This breaks the puppet compiler, so re-enable after testing compiles
    # interface::rps { 'monitor':
    #     interface => $monitor_iface,
    # }

    # The service should remain running always on this because there's no DRBD
    service { 'nfs-server':
        ensure  => 'running',
        require => Package['nfs-kernel-server'],
    }

    # Manage the cluster IP for maps from hiera
    $ipadd_command = "ip addr add ${cluster_ip}/27 dev ${monitor_iface}"
    $ipdel_command = "ip addr del ${cluster_ip}/27 dev ${monitor_iface}"

    # Because in this simple failover, we don't have STONITH, don't claim
    # the IP unless is doesn't work
    if $facts['fqdn'] == $maps_active_server {
        exec { $ipadd_command:
            path    => '/bin:/usr/bin',
            returns => [0, 2],
            unless  => "ping -n -c1 ${cluster_ip} > /dev/null",
        }

    } else {
        exec { $ipdel_command:
            path    => '/bin:/usr/bin',
            returns => [0, 2],
            onlyif  => "ip address show ${monitor_iface} | grep -q ${cluster_ip}/27",
        }
    }

    class {'labstore::monitoring::exports': }
    class {'labstore::monitoring::ldap': }

    class { 'labstore::monitoring::interfaces':
        monitor_iface       => 'eno1',
        int_throughput_warn => 937500000,  # 7500Mbps
        int_throughput_crit => 1062500000, # 8500Mbps
    }

    $secondary_servers_ferm = join($secondary_servers, ' ')
    ferm::service { 'labstore_nfs_portmapper_udp_monitor':
        proto  => 'udp',
        port   => '111',
        srange => "(@resolve((${secondary_servers_ferm})) @resolve((${secondary_servers_ferm}), AAAA))",
    }
    ferm::service { 'labstore_nfs_monitor':
        proto  => 'tcp',
        port   => '2049',
        srange => "(@resolve((${secondary_servers_ferm})) @resolve((${secondary_servers_ferm}), AAAA))",
    }
    ferm::service { 'labstore_nfs_cluster_rpc_mountd':
        proto  => 'tcp',
        port   => '38466',
        srange => "(@resolve((${secondary_servers_ferm})) @resolve((${secondary_servers_ferm}), AAAA))",
    }

    nrpe::monitor_service { 'check_nfs_status':
        description   => 'NFS port is open on cluster IP',
        nrpe_command  => "/usr/lib/nagios/plugins/check_tcp -H ${cluster_ip} -p 2049 --timeout=2",
        contact_group => 'wmcs-team',
        notes_url     => 'https://wikitech.wikimedia.org/wiki/Portal:Data_Services/Admin/Labstore',
    }
}