Metadata Valid
No translation
Adds support for SUSE Linux Enterprise Server to the puppetlabs-corosync module.
No special care is given to ensure only supported clusters are used, that's for either a profile or a separate module.
n/a
The acceptance tests are failing in a not yet diagnosed fashion, this PR will solve that.
<!--
Thank you for contributing to this project!
-->
Update the command used to check config file for corosync v3+
RedHat/CentOS 8 support
modulesync 4.0.0
This pull request allows to define a watchdog_device resource for corosync.
In early corosync versions, watchdog usage had to be explicitly turned off via the "off" keyword, while in recent versions its usage needs to be explicitly turned on via the device name e.g. "/dev/watchdog". Hence an Optional[String] seems a better choice than a Boolean.
Related to https://github.com/voxpupuli/puppet-corosync/pull/451
I didn't spot an open PR on this, but there is open issue #485
It seems that the release of pacemaker 2.0.3 (in RHEL8) removes the option of supplying the superfluous score parameter.
Here is the documentation for pacemaker 2.0 which makes no mention of a score property:
https://clusterlabs.org/pacemaker/doc/en-US/Pacemaker/2.0/html/Pacemaker_Explained/s-resource-ordering.html
Removes the score parameter from cs_order type as it is no longer valid and causes errors.
Fixes #485
In init.pp, user creation can be skipped by not providing sensitivehaclusterhash. This change allows to use the same mechanism, when you need to manage the user/group by yourself.
Fixes #494
Fixed a bug, for ubuntu 20.04 (corosync v3), with the secauth parameter enabled, we get a configuration error: "parsing error in the configuration: cryptocipher and cryptohash are valid only for Knet transport"
puppetserver: 5.3.7
puppet agent: 5.5.17
Distribution: Ubuntu 20.04 (focal)
this module: 7.0.0
puppet
class { 'corosync':
cluster_name => 'name',
unicast_addresses => ['192.168.1.2', '192.168.1.3', '192.168.1.3'],
set_votequorum => true,
quorum_members => ['192.168.1.2', '192.168.1.3', '192.168.1.3'],
enable_secauth => true,
authkey => "/etc/puppetlabs/puppet/ssl/certs/ca.pem"
}
I am getting this error when starting the service:
Nov 26 14:36:38 lb18-1 systemd[1]: Starting Corosync Cluster Engine...
Nov 26 14:36:38 lb18-1 corosync[47175]: [MAIN ] Corosync Cluster Engine 3.0.3 starting up
Nov 26 14:36:38 lb18-1 corosync[47175]: [MAIN ] Corosync built-in features: dbus monitoring watchdog augeas systemd xmlconf vqsim nozzle snmp pie relro bi>
Nov 26 14:36:38 lb18-1 corosync[47175]: [MAIN ] parse error in config: crypto_cipher & crypto_hash are only valid for the Knet transport.
Nov 26 14:36:38 lb18-1 corosync[47175]: [MAIN ] Corosync Cluster Engine exiting with status 8 at main.c:1386.
Nov 26 14:36:38 lb18-1 systemd[1]: corosync.service: Main process exited, code=exited, status=8/n/a
Nov 26 14:36:38 lb18-1 systemd[1]: corosync.service: Failed with result 'exit-code'.
Error: parse error in config: crypto_cipher & crypto_hash are only valid for the Knet transport.
In the third version of corosync, the parameters cryptohash and cryptocipher cannot be used with the transport parameter:
```
crypto_hash
This specifies which HMAC authentication should be used to authenticate all messages. Valid values are none (no authentication), md5, sha1,
sha256, sha384 and sha512. Encrypted transmission is only supported for the knet transport.
The default is none.
cryptocipher
This specifies which cipher should be used to encrypt all messages. Valid values are none (no encryption), aes256, aes192 and aes128. En‐
abling cryptocipher, requires also enabling of crypto_hash. Encrypted transmission is only supported for the knet transport.
The default is none.
secauth
This implies cryptocipher=aes256 and cryptohash=sha256, unless those options are explicitly set. Encrypted transmission is only supported
for the knet transport.
```
I fixed this, for version 3 corosync is now using knet_transport (Ubuntu >=19.10 and Debian >=10)