From 1bff76c624d92543621ee3b46b351edd0719b0e4 Mon Sep 17 00:00:00 2001 From: Jesse Pretorius Date: Thu, 26 Jul 2018 09:09:50 +0100 Subject: [PATCH] Default MQ RPC/Notify credentials/vhosts to match When the RPC and Notify service are the same, the credentials must match - otherwise the tasks to create the user/password will overwrite with each other. If the two clusters are different, then the matching credentials and vhost will not be a problem. However, if the deployer really wishes to make sure they're different, then the vars can be overridden. Also, to ensure that the SSL value is consistently set in the conf file, we apply the bool filter. We also use the 'notify' SSL setting as the messaging system for Notifications is more likely to remain rabbitmq in our default deployment with qrouterd becoming the default for RPC messaging. Change-Id: If95706a85c68767936e7e9d3618e95f5658f5200 --- defaults/main.yml | 5 +++-- templates/glance-api.conf.j2 | 2 +- templates/glance-registry.conf.j2 | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 372a8bd5..efda0b1b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -114,8 +114,9 @@ glance_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit' glance_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}" glance_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}" glance_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}" -glance_oslomsg_notify_userid: glance -glance_oslomsg_notify_vhost: /glance +glance_oslomsg_notify_userid: "{{ glance_oslomsg_rpc_userid }}" +glance_oslomsg_notify_password: "{{ glance_oslomsg_rpc_password }}" +glance_oslomsg_notify_vhost: "{{ glance_oslomsg_rpc_vhost }}" ## Database info glance_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}" diff --git a/templates/glance-api.conf.j2 b/templates/glance-api.conf.j2 index 0971aa21..f66d6c73 100644 --- a/templates/glance-api.conf.j2 +++ b/templates/glance-api.conf.j2 @@ -68,7 +68,7 @@ policy_default_rule = {{ glance_policy_default_rule }} policy_dirs = {{ glance_policy_dirs }} [oslo_messaging_rabbit] -ssl = {{ glance_oslomsg_rpc_use_ssl }} +ssl = {{ glance_oslomsg_notify_use_ssl | bool }} rabbit_notification_exchange = glance rabbit_notification_topic = notifications diff --git a/templates/glance-registry.conf.j2 b/templates/glance-registry.conf.j2 index 592fad25..955e243a 100644 --- a/templates/glance-registry.conf.j2 +++ b/templates/glance-registry.conf.j2 @@ -45,7 +45,7 @@ memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcached_encryption_key }} [oslo_messaging_rabbit] -ssl = {{ glance_oslomsg_rpc_use_ssl }} +ssl = {{ glance_oslomsg_notify_use_ssl | bool }} rabbit_notification_exchange = glance rabbit_notification_topic = notifications