Allow rabbit mq kombu ssl configuration
Add the rest of the kombu ssl configuration options. Change-Id: I3a26cc05456de06fbfc6ea6c4959e41bf5825b11 Partial-Bug: 1464706
This commit is contained in:
Mark Vanderwiel
parent
b2dc2318e7
commit
04121f81ad
|
|
@ -15,6 +15,6 @@ recipe 'openstack-image::image_upload', 'Upload image using glance image-create
|
|||
supports os
|
||||
end
|
||||
|
||||
depends 'openstack-common', '>= 11.2.0'
|
||||
depends 'openstack-common', '>= 11.4.0'
|
||||
depends 'openstack-identity', '>= 11.0.0'
|
||||
depends 'ceph', '~> 0.8.0'
|
||||
|
|
|
|||
|
|
@ -265,7 +265,7 @@ shared_examples 'messaging' do
|
|||
.and_return('rabbit_password_value')
|
||||
end
|
||||
|
||||
%w(host port userid use_ssl).each do |attr|
|
||||
%w(host port userid).each do |attr|
|
||||
it "sets the rabbitmq #{attr} attribute" do
|
||||
node.set['openstack']['mq']['image']['rabbit'][attr] = "rabbit_#{attr}_value"
|
||||
expect(chef_run).to render_config_file(file_name).with_section_content('oslo_messaging_rabbit', /^rabbit_#{attr} = rabbit_#{attr}_value$/)
|
||||
|
|
@ -305,15 +305,35 @@ shared_examples 'messaging' do
|
|||
expect(chef_run).to render_config_file(file_name).with_section_content('oslo_messaging_rabbit', /^notification_topics = helloworld$/)
|
||||
end
|
||||
|
||||
it 'does not have kombu ssl version set' do
|
||||
expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^kombu_ssl_version=TLSv1.2$/)
|
||||
it 'does not have ssl config set' do
|
||||
[/^rabbit_use_ssl=/,
|
||||
/^kombu_ssl_version=/,
|
||||
/^kombu_ssl_keyfile=/,
|
||||
/^kombu_ssl_certfile=/,
|
||||
/^kombu_ssl_ca_certs=/,
|
||||
/^kombu_reconnect_delay=/,
|
||||
/^kombu_reconnect_timeout=/].each do |line|
|
||||
expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'sets kombu ssl version' do
|
||||
it 'sets ssl config' do
|
||||
node.set['openstack']['mq']['image']['rabbit']['use_ssl'] = true
|
||||
node.set['openstack']['mq']['image']['rabbit']['kombu_ssl_version'] = 'TLSv1.2'
|
||||
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^kombu_ssl_version=TLSv1.2$/)
|
||||
node.set['openstack']['mq']['image']['rabbit']['kombu_ssl_keyfile'] = 'keyfile'
|
||||
node.set['openstack']['mq']['image']['rabbit']['kombu_ssl_certfile'] = 'certfile'
|
||||
node.set['openstack']['mq']['image']['rabbit']['kombu_ssl_ca_certs'] = 'certsfile'
|
||||
node.set['openstack']['mq']['image']['rabbit']['kombu_reconnect_delay'] = 123.123
|
||||
node.set['openstack']['mq']['image']['rabbit']['kombu_reconnect_timeout'] = 123
|
||||
[/^rabbit_use_ssl=true/,
|
||||
/^kombu_ssl_version=TLSv1.2$/,
|
||||
/^kombu_ssl_keyfile=keyfile$/,
|
||||
/^kombu_ssl_certfile=certfile$/,
|
||||
/^kombu_ssl_ca_certs=certsfile$/,
|
||||
/^kombu_reconnect_delay=123.123$/,
|
||||
/^kombu_reconnect_timeout=123$/].each do |line|
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'has the default rabbit_retry_interval set' do
|
||||
|
|
|
|||
|
|
@ -801,9 +801,36 @@ amqp_auto_delete=<%= node["openstack"]["mq"]["image"]["auto_delete"] %>
|
|||
#rpc_conn_pool_size=30
|
||||
rpc_conn_pool_size=<%= node["openstack"]["image"]["rpc_conn_pool_size"] %>
|
||||
|
||||
<% if node["openstack"]["mq"]["image"]["rabbit"]["use_ssl"] && node["openstack"]["mq"]["image"]["rabbit"]["kombu_ssl_version"] %>
|
||||
kombu_ssl_version=<%= node["openstack"]["mq"]["image"]["rabbit"]["kombu_ssl_version"] %>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['use_ssl'] -%>
|
||||
|
||||
# Connect over SSL for RabbitMQ. (boolean value)
|
||||
rabbit_use_ssl=true
|
||||
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_version'] -%>
|
||||
# SSL version to use (valid only if SSL enabled). valid values
|
||||
# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on
|
||||
# some distributions. (string value)
|
||||
kombu_ssl_version=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_version'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_keyfile'] -%>
|
||||
# SSL key file (valid only if SSL enabled)
|
||||
kombu_ssl_keyfile=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_keyfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_certfile'] -%>
|
||||
# SSL cert file (valid only if SSL enabled)
|
||||
kombu_ssl_certfile=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_certfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_ca_certs'] -%>
|
||||
# SSL certification authority file (valid only if SSL enabled)
|
||||
kombu_ssl_ca_certs=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_ca_certs'] %>
|
||||
<% end -%>
|
||||
# How long to wait before reconnecting in response to an AMQP consumer cancel notification
|
||||
kombu_reconnect_delay=<%= node['openstack']['mq']['image']['rabbit']['kombu_reconnect_delay'] %>
|
||||
# How long to wait before considering a reconnect attempt to have failed.
|
||||
# This value should not be longer than rpc_response_timeout
|
||||
kombu_reconnect_timeout=<%= node['openstack']['mq']['image']['rabbit']['kombu_reconnect_timeout'] %>
|
||||
<% end -%>
|
||||
|
||||
# Configuration options if sending notifications via rabbitmq (these are
|
||||
# the defaults)
|
||||
transport_url = rabbit://
|
||||
|
|
@ -816,7 +843,6 @@ rabbit_host = <%= node["openstack"]["mq"]["image"]["rabbit"]["host"] %>
|
|||
rabbit_port = <%= node["openstack"]["mq"]["image"]["rabbit"]["port"] %>
|
||||
<% end -%>
|
||||
|
||||
rabbit_use_ssl = <%= node["openstack"]["mq"]["image"]["rabbit"]["use_ssl"] %>
|
||||
rabbit_userid = <%= node["openstack"]["mq"]["image"]["rabbit"]["userid"] %>
|
||||
rabbit_password = <%= @mq_password %>
|
||||
rabbit_virtual_host = <%= node["openstack"]["mq"]["image"]["rabbit"]["vhost"] %>
|
||||
|
|
|
|||
|
|
@ -334,9 +334,36 @@ amqp_auto_delete=<%= node["openstack"]["mq"]["image"]["auto_delete"] %>
|
|||
#rpc_conn_pool_size=30
|
||||
rpc_conn_pool_size=<%= node["openstack"]["image"]["rpc_conn_pool_size"] %>
|
||||
|
||||
<% if node["openstack"]["mq"]["image"]["rabbit"]["use_ssl"] && node["openstack"]["mq"]["image"]["rabbit"]["kombu_ssl_version"] %>
|
||||
kombu_ssl_version=<%= node["openstack"]["mq"]["image"]["rabbit"]["kombu_ssl_version"] %>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['use_ssl'] -%>
|
||||
|
||||
# Connect over SSL for RabbitMQ. (boolean value)
|
||||
rabbit_use_ssl=true
|
||||
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_version'] -%>
|
||||
# SSL version to use (valid only if SSL enabled). valid values
|
||||
# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on
|
||||
# some distributions. (string value)
|
||||
kombu_ssl_version=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_version'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_keyfile'] -%>
|
||||
# SSL key file (valid only if SSL enabled)
|
||||
kombu_ssl_keyfile=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_keyfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_certfile'] -%>
|
||||
# SSL cert file (valid only if SSL enabled)
|
||||
kombu_ssl_certfile=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_certfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['image']['rabbit']['kombu_ssl_ca_certs'] -%>
|
||||
# SSL certification authority file (valid only if SSL enabled)
|
||||
kombu_ssl_ca_certs=<%= node['openstack']['mq']['image']['rabbit']['kombu_ssl_ca_certs'] %>
|
||||
<% end -%>
|
||||
# How long to wait before reconnecting in response to an AMQP consumer cancel notification
|
||||
kombu_reconnect_delay=<%= node['openstack']['mq']['image']['rabbit']['kombu_reconnect_delay'] %>
|
||||
# How long to wait before considering a reconnect attempt to have failed.
|
||||
# This value should not be longer than rpc_response_timeout
|
||||
kombu_reconnect_timeout=<%= node['openstack']['mq']['image']['rabbit']['kombu_reconnect_timeout'] %>
|
||||
<% end -%>
|
||||
|
||||
# Configuration options if sending notifications via rabbitmq (these are
|
||||
# the defaults)
|
||||
transport_url = rabbit://
|
||||
|
|
@ -349,7 +376,6 @@ rabbit_host = <%= node["openstack"]["mq"]["image"]["rabbit"]["host"] %>
|
|||
rabbit_port = <%= node["openstack"]["mq"]["image"]["rabbit"]["port"] %>
|
||||
<% end -%>
|
||||
|
||||
rabbit_use_ssl = <%= node["openstack"]["mq"]["image"]["rabbit"]["use_ssl"] %>
|
||||
rabbit_userid = <%= node["openstack"]["mq"]["image"]["rabbit"]["userid"] %>
|
||||
rabbit_password = <%= @mq_password %>
|
||||
rabbit_virtual_host = <%= node["openstack"]["mq"]["image"]["rabbit"]["vhost"] %>
|
||||
|
|
|
|||
Loading…
Reference in New Issue