Update to use oslo.messaging service for RPC and Notify
This introduces oslo.messaging variables that define the RPC and Notify transports for the OpenStack services. These parameters replace the rabbitmq values and are used to generate the messaging transport_url for the service. The association of the messaging backend server to the oslo.messaging services will then be transparent to the barbican service. This patch: * Add oslo.messaging variables for RPC and Notify to defaults * Add transport_url generation to conf * Add oslo.messaging to tests inventory * Update tets * Update examples * Add release note Change-Id: I0657c88799e06987c6df90edd55fda859faf6035
This commit is contained in:
parent
e4b09bf175
commit
206f411451
|
@ -109,9 +109,24 @@ barbican_galera_user: barbican
|
|||
barbican_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
|
||||
barbican_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
|
||||
|
||||
# Rabbit vars
|
||||
barbican_rabbitmq_userid: barbican
|
||||
barbican_rabbitmq_vhost: /barbican
|
||||
## Oslo Messaging
|
||||
|
||||
# RPC
|
||||
barbican_oslomsg_rpc_transport: rabbit
|
||||
barbican_oslomsg_rpc_servers: 127.0.0.1
|
||||
barbican_oslomsg_rpc_port: 5672
|
||||
barbican_oslomsg_rpc_use_ssl: false
|
||||
barbican_oslomsg_rpc_userid: barbican
|
||||
barbican_oslomsg_rpc_vhost: /barbican
|
||||
|
||||
# Notify
|
||||
barbican_oslomsg_notify_transport: rabbit
|
||||
barbican_oslomsg_notify_servers: 127.0.0.1
|
||||
barbican_oslomsg_notify_port: 5672
|
||||
barbican_oslomsg_notify_use_ssl: false
|
||||
barbican_oslomsg_notify_userid: "{{ barbican_oslomsg_rpc_userid }}"
|
||||
barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}"
|
||||
barbican_oslomsg_notify_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
|
||||
|
||||
# Keystone AuthToken/Middleware
|
||||
barbican_keystone_auth_plugin: password
|
||||
|
|
|
@ -25,7 +25,7 @@ This role requires the following variables to be defined:
|
|||
|
||||
barbican_galera_address
|
||||
barbican_galera_password
|
||||
barbican_rabbitmq_password
|
||||
barbican_oslomsg_rpc_password
|
||||
barbican_service_password
|
||||
keystone_admin_user_name
|
||||
keystone_auth_admin_password
|
||||
|
|
|
@ -9,9 +9,10 @@
|
|||
barbican_galera_address: "{{ internal_lb_vip_address }}"
|
||||
barbican_service_password: SuperSecretePassword1
|
||||
barbican_galera_password: SuperSecretePassword2
|
||||
barbican_rabbitmq_password: SuperSecretePassword3
|
||||
barbican_oslomsg_rpc_password: SuperSecretePassword3
|
||||
barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}" # if using the same user, please use the same password
|
||||
keystone_admin_user_name: admin
|
||||
keystone_auth_admin_password: SuperSecretePassword4
|
||||
keystone_auth_admin_password: SuperSecretePassword5
|
||||
keystone_admin_tenant_name: admin
|
||||
galera_root_user: root
|
||||
vars_prompt:
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
features:
|
||||
- Support separate oslo.messaging services for RPC and Notifications
|
||||
to enable operation of separate and different messaging backend servers.
|
||||
deprecations:
|
||||
- |
|
||||
The rabbitmq server parameters have been replaced by corresponding
|
||||
oslo.messaging RPC and Notify parameters in order to abstract the
|
||||
messaging service from the actual backend server deployment.
|
||||
- barbican_oslomsg_rpc_servers replaces rabbitmq_servers
|
||||
- barbican_oslomsg_rpc_port replaces rabbitmq_port
|
||||
- barbican_oslomsg_rpc_userid replaces barbican_rabbitmq_userid
|
||||
- barbican_oslomsg_rpc_vhost replaces barbican_rabbitmq_vhost
|
||||
- added barbican_oslomsg_rpc_use_ssl
|
||||
- added barbican_oslomsg_notify_servers
|
||||
- added barbican_oslomsg_notify_port
|
||||
- added barbican_oslomsg_notify_use_ssl
|
||||
- added barbican_oslomsg_notify_userid
|
||||
- added barbican_oslomsg_notify_vhost
|
||||
- added barbican_oslomsg_notify_password
|
|
@ -118,19 +118,13 @@ max_limit_paging = 100
|
|||
|
||||
# Rabbit and HA configuration:
|
||||
ampq_durable_queues = True
|
||||
rabbit_userid = {{ barbican_rabbitmq_userid }}
|
||||
rabbit_password = {{ barbican_rabbitmq_password }}
|
||||
rabbit_ha_queues = True
|
||||
rabbit_port = {{ rabbitmq_port }}
|
||||
|
||||
# For HA, specify queue nodes in cluster, comma delimited:
|
||||
# For example: rabbit_hosts=192.168.50.8:5672, 192.168.50.9:5672
|
||||
rabbit_hosts={{ rabbitmq_servers }}
|
||||
|
||||
# For HA, specify queue nodes in cluster as 'user@host:5672', comma delimited, ending with '/offset':
|
||||
# For example: transport_url = rabbit://guest@192.168.50.8:5672,guest@192.168.50.9:5672/
|
||||
# DO NOT USE THIS, due to '# FIXME(markmc): support multiple hosts' in oslo/messaging/_drivers/amqpdriver.py
|
||||
# transport_url = rabbit://guest@localhost:5672/
|
||||
transport_url = {{ barbican_oslomsg_rpc_transport }}://{% for host in barbican_oslomsg_rpc_servers.split(',') %}{{ barbican_oslomsg_rpc_userid }}:{{ barbican_oslomsg_rpc_password }}@{{ host }}:{{ barbican_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ barbican_oslomsg_rpc_vhost }}{% if (barbican_oslomsg_rpc_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
|
||||
|
||||
# oslo notification driver for sending audit events via audit middleware.
|
||||
# Meaningful only when middleware is enabled in barbican paste ini file.
|
||||
|
@ -138,6 +132,11 @@ rabbit_hosts={{ rabbitmq_servers }}
|
|||
# there is need to route audit event to messaging as well as log.
|
||||
# notification_driver = messagingv2
|
||||
# notification_driver = log
|
||||
[oslo_messaging_notifications]
|
||||
transport_url = {{ barbican_oslomsg_notify_transport }}://{% for host in barbican_oslomsg_notify_servers.split(',') %}{{ barbican_oslomsg_notify_userid }}:{{ barbican_oslomsg_notify_password }}@{{ host }}:{{ barbican_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ barbican_oslomsg_notify_vhost }}{% if (barbican_oslomsg_notify_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
|
||||
|
||||
[oslo_messaging_rabbit]
|
||||
ssl = {{ barbican_oslomsg_notify_use_ssl | bool }}
|
||||
|
||||
{% if barbican_keystone_auth | bool %}
|
||||
[keystone_authtoken]
|
||||
|
|
|
@ -9,6 +9,12 @@ infra1
|
|||
keystone1
|
||||
barbican1
|
||||
|
||||
[oslomsg_rpc_all]
|
||||
infra1
|
||||
|
||||
[oslomsg_notify_all]
|
||||
infra1
|
||||
|
||||
[rabbitmq_all]
|
||||
infra1
|
||||
|
||||
|
|
|
@ -18,9 +18,12 @@ barbican_developer_mode: true
|
|||
barbican_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
|
||||
barbican_galera_database: barbican
|
||||
barbican_keystone_auth: yes
|
||||
barbican_rabbitmq_password: secrete
|
||||
barbican_rabbitmq_userid: barbican
|
||||
barbican_rabbitmq_vhost: /barbican
|
||||
barbican_oslomsg_rpc_vhost: /barbican
|
||||
barbican_oslomsg_rpc_userid: barbican
|
||||
barbican_oslomsg_rpc_password: secrete
|
||||
barbican_oslomsg_notify_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
|
||||
barbican_oslomsg_notify_userid: "{{ barbican_oslomsg_rpc_userid }}"
|
||||
barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}"
|
||||
barbican_service_password: secrete
|
||||
barbican_venv_tag: testing
|
||||
|
||||
|
|
|
@ -18,25 +18,13 @@
|
|||
user: root
|
||||
gather_facts: true
|
||||
pre_tasks:
|
||||
- name: Ensure rabbitmq vhost
|
||||
rabbitmq_vhost:
|
||||
name: "{{ barbican_rabbitmq_vhost }}"
|
||||
state: "present"
|
||||
delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
|
||||
when: inventory_hostname == groups['barbican_all'][0]
|
||||
|
||||
- name: Ensure rabbitmq user
|
||||
rabbitmq_user:
|
||||
user: "{{ barbican_rabbitmq_userid }}"
|
||||
password: "{{ barbican_rabbitmq_password }}"
|
||||
vhost: "{{ barbican_rabbitmq_vhost }}"
|
||||
configure_priv: ".*"
|
||||
read_priv: ".*"
|
||||
write_priv: ".*"
|
||||
state: "present"
|
||||
delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
|
||||
when: inventory_hostname == groups['barbican_all'][0]
|
||||
no_log: true
|
||||
- include: common/ensure-oslomsg.yml
|
||||
rpc_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
|
||||
rpc_user: "{{ barbican_oslomsg_rpc_userid }}"
|
||||
rpc_password: "{{ barbican_oslomsg_rpc_password }}"
|
||||
notify_vhost: "{{ barbican_oslomsg_notify_vhost }}"
|
||||
notify_user: "{{ barbican_oslomsg_notify_userid }}"
|
||||
notify_password: "{{ barbican_oslomsg_notify_password }}"
|
||||
|
||||
roles:
|
||||
- role: "os_barbican"
|
||||
|
|
Loading…
Reference in New Issue