Allow rabbit mq kombu ssl configuration
Add the rest of the kombu ssl configuration options. Change-Id: I3196cbfaf25c8647974afddc6f2180257c2a0c89 Partial-Bug: 1464706
This commit is contained in:
parent
e115ab2d78
commit
34d60dbc2c
|
@ -12,5 +12,5 @@ recipe 'openstack-bare-metal::default', 'Temp workaround to create ironic db wit
|
|||
recipe 'openstack-bare-metal::identity_registration', 'Registers ironic service/user/endpoints in keystone'
|
||||
recipe 'openstack-bare-metal::ironic-common', 'Defines the common pieces of repeated code from the other recipes'
|
||||
|
||||
depends 'openstack-common', '>= 11.2.0'
|
||||
depends 'openstack-common', '>= 11.4.0'
|
||||
depends 'openstack-identity', '>= 11.0.0'
|
||||
|
|
|
@ -184,15 +184,35 @@ describe 'openstack-bare-metal::ironic-common' do
|
|||
end
|
||||
end
|
||||
|
||||
it 'does not have kombu ssl version set' do
|
||||
expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^kombu_ssl_version=TLSv1.2$/)
|
||||
it 'does not have ssl config set' do
|
||||
[/^rabbit_use_ssl=/,
|
||||
/^kombu_ssl_version=/,
|
||||
/^kombu_ssl_keyfile=/,
|
||||
/^kombu_ssl_certfile=/,
|
||||
/^kombu_ssl_ca_certs=/,
|
||||
/^kombu_reconnect_delay=/,
|
||||
/^kombu_reconnect_timeout=/].each do |line|
|
||||
expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'sets kombu ssl version' do
|
||||
it 'sets ssl config' do
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['use_ssl'] = true
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_version'] = 'TLSv1.2'
|
||||
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^kombu_ssl_version=TLSv1.2$/)
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_keyfile'] = 'keyfile'
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_certfile'] = 'certfile'
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_ca_certs'] = 'certsfile'
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_delay'] = 123.123
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_timeout'] = 123
|
||||
[/^rabbit_use_ssl=true/,
|
||||
/^kombu_ssl_version=TLSv1.2$/,
|
||||
/^kombu_ssl_keyfile=keyfile$/,
|
||||
/^kombu_ssl_certfile=certfile$/,
|
||||
/^kombu_ssl_ca_certs=certsfile$/,
|
||||
/^kombu_reconnect_delay=123.123$/,
|
||||
/^kombu_reconnect_timeout=123$/].each do |line|
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
|
||||
context 'ha attributes' do
|
||||
|
@ -231,11 +251,9 @@ describe 'openstack-bare-metal::ironic-common' do
|
|||
end
|
||||
end
|
||||
|
||||
%w(use_ssl userid).each do |attr|
|
||||
it "has rabbit_#{attr}" do
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit'][attr] = "rabbit_#{attr}_value"
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_#{attr}=rabbit_#{attr}_value$/)
|
||||
end
|
||||
it 'has rabbit_userid' do
|
||||
node.set['openstack']['mq']['bare-metal']['rabbit']['userid'] = 'rabbit_userid_value'
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_userid=rabbit_userid_value$/)
|
||||
end
|
||||
|
||||
it 'has rabbit_password' do
|
||||
|
|
|
@ -2,20 +2,6 @@
|
|||
|
||||
[DEFAULT]
|
||||
|
||||
# SSL key file (valid only if SSL enabled). (string value)
|
||||
#kombu_ssl_keyfile=
|
||||
|
||||
# SSL cert file (valid only if SSL enabled). (string value)
|
||||
#kombu_ssl_certfile=
|
||||
|
||||
# SSL certification authority file (valid only if SSL
|
||||
# enabled). (string value)
|
||||
#kombu_ssl_ca_certs=
|
||||
|
||||
# How long to wait before reconnecting in response to an AMQP
|
||||
# consumer cancel notification. (floating point value)
|
||||
#kombu_reconnect_delay=1.0
|
||||
|
||||
# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake
|
||||
# (boolean value)
|
||||
#fake_rabbit=false
|
||||
|
@ -1142,11 +1128,34 @@ amqp_auto_delete=<%= node['openstack']['mq']['bare-metal']['auto_delete'] %>
|
|||
# Size of RPC connection pool. (integer value)
|
||||
rpc_conn_pool_size=<%= node['openstack']['bare-metal']['rpc_conn_pool_size'] %>
|
||||
|
||||
<% if node['openstack']['mq']['bare-metal']['rabbit']['use_ssl'] && node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_version'] %>
|
||||
<% if node['openstack']['mq']['bare-metal']['rabbit']['use_ssl'] -%>
|
||||
|
||||
# Connect over SSL for RabbitMQ. (boolean value)
|
||||
rabbit_use_ssl=true
|
||||
|
||||
<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_version'] -%>
|
||||
# SSL version to use (valid only if SSL enabled). valid values
|
||||
# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on
|
||||
# some distributions. (string value)
|
||||
kombu_ssl_version=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_version'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_keyfile'] -%>
|
||||
# SSL key file (valid only if SSL enabled)
|
||||
kombu_ssl_keyfile=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_keyfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_certfile'] -%>
|
||||
# SSL cert file (valid only if SSL enabled)
|
||||
kombu_ssl_certfile=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_certfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_ca_certs'] -%>
|
||||
# SSL certification authority file (valid only if SSL enabled)
|
||||
kombu_ssl_ca_certs=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_ca_certs'] %>
|
||||
<% end -%>
|
||||
# How long to wait before reconnecting in response to an AMQP consumer cancel notification
|
||||
kombu_reconnect_delay=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_delay'] %>
|
||||
# How long to wait before considering a reconnect attempt to have failed.
|
||||
# This value should not be longer than rpc_response_timeout
|
||||
kombu_reconnect_timeout=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_timeout'] %>
|
||||
<% end -%>
|
||||
|
||||
##### RABBITMQ #####
|
||||
|
@ -1167,7 +1176,6 @@ rabbit_hosts=<%= @rabbit_hosts %>
|
|||
# value)
|
||||
rabbit_ha_queues=True
|
||||
|
||||
rabbit_use_ssl=<%= node['openstack']['mq']['bare-metal']['rabbit']['use_ssl'] %>
|
||||
<% else -%>
|
||||
# The RabbitMQ broker address where a single node is used.
|
||||
# (string value)
|
||||
|
@ -1176,15 +1184,11 @@ rabbit_host=<%= node['openstack']['mq']['bare-metal']['rabbit']['host'] %>
|
|||
# The RabbitMQ broker port where a single node is used.
|
||||
# (integer value)
|
||||
rabbit_port=<%= node['openstack']['mq']['bare-metal']['rabbit']['port'] %>
|
||||
|
||||
# Connect over SSL for RabbitMQ. (boolean value)
|
||||
rabbit_use_ssl=<%= node['openstack']['mq']['bare-metal']['rabbit']['use_ssl'] %>
|
||||
<% end -%>
|
||||
|
||||
# The RabbitMQ login method. (string value)
|
||||
#rabbit_login_method=AMQPLAIN
|
||||
|
||||
|
||||
# How frequently to retry connecting with RabbitMQ. (integer
|
||||
# value)
|
||||
rabbit_retry_interval=<%= node['openstack']['mq']['bare-metal']['rabbit']['rabbit_retry_interval'] %>
|
||||
|
@ -1198,7 +1202,6 @@ rabbit_retry_interval=<%= node['openstack']['mq']['bare-metal']['rabbit']['rabbi
|
|||
rabbit_max_retries=<%= node['openstack']['mq']['bare-metal']['rabbit']['rabbit_max_retries'] %>
|
||||
<% end -%>
|
||||
|
||||
|
||||
[pxe]
|
||||
|
||||
#
|
||||
|
|
Loading…
Reference in New Issue