From 3c4f4127b4649f47c00d4234c64147a4183eeee6 Mon Sep 17 00:00:00 2001 From: Andrew Smith Date: Tue, 12 Jun 2018 12:00:26 -0400 Subject: [PATCH] Update to use oslo.messaging service for RPC and Notify This introduces oslo.messaging variables that define the RPC and Notify transports for the OpenStack services. These parameters replace the rabbitmq values and are used to generate the messaging transport_url for the service. The association of the messaging backend server to the oslo.messaging services will then be transparent to the trove service. This patch: * Add oslo.messaging variables for RPC and Notify to defaults * Update transport_url generation (add for notification) * Add oslo.messaging to tests inventory * Update tests * Update docs * Update extras * Add release note Change-Id: Ia01317343ae6fbc790d64b5ba282c8c069750d45 --- defaults/main.yml | 31 ++++++++++++++----- doc/source/configure-trove.rst | 24 +++++++------- ...o-messaging-backends-65287400dba86fce.yaml | 20 ++++++++++++ templates/trove-conductor.conf.j2 | 7 +++-- templates/trove-guestagent.conf.j2 | 7 +++-- templates/trove-taskmanager.conf.j2 | 7 +++-- templates/trove.conf.j2 | 7 +++-- tests/inventory | 6 ++++ tests/os_trove-overrides.yml | 21 ++++++++----- tests/test-install-trove.yml | 11 ++++--- 10 files changed, 102 insertions(+), 39 deletions(-) create mode 100644 releasenotes/notes/oslo-messaging-backends-65287400dba86fce.yaml diff --git a/defaults/main.yml b/defaults/main.yml index d5fabd8..ee1b025 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -119,14 +119,26 @@ trove_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" trove_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}" trove_galera_connection_string: "mysql+pymysql://{{ trove_galera_user}}:{{ trove_galera_password }}@{{ trove_galera_address }}/{{ trove_galera_database_name }}?charset=utf8{% if trove_galera_use_ssl | bool %}&ssl_ca={{ trove_galera_ssl_ca_cert }}{% endif %}" +## Oslo Messaging vars +# RPC +trove_oslomsg_rpc_transport: rabbit +trove_oslomsg_rpc_servers: "{{ rabbitmq_servers }}" +trove_oslomsg_rpc_port: 5672 +trove_oslomsg_rpc_use_ssl: False +trove_oslomsg_rpc_userid: trove +trove_oslomsg_rpc_vhost: /trove + +# Notify +trove_oslomsg_notify_transport: rabbit +trove_oslomsg_notify_servers: "{{ rabbitmq_servers }}" +trove_oslomsg_notify_port: 5672 +trove_oslomsg_notify_use_ssl: False +trove_oslomsg_notify_userid: trove +trove_oslomsg_notify_vhost: /trove + # Rabbit vars trove_control_exchange: trove trove_rabbit_notification_topic: notification -trove_rabbitmq_userid: trove -trove_rabbitmq_vhost: /trove -trove_rabbitmq_use_ssl: False -trove_rabbitmq_port: 5672 -trove_rabbitmq_servers: "{{ rabbitmq_servers }}" # The trove guest agent in the deployed DB VMs need access to OpenStack services (keystone, swift, etc) # and also to rabbitmq. The way it gets access (networking) these services may differ. @@ -141,8 +153,10 @@ trove_provider_network: "{{ provider_networks|map(attribute='network')|selectatt trove_provider_ip_from_q: "{{ trove_provider_network['ip_from_q'] }}" # The name of the network address pool trove_container_net_name: "{{ trove_provider_ip_from_q }}_address" -trove_guest_rabbitmq_servers: "{% for host in groups[rabbitmq_host_group] %}{{ hostvars[host]['container_networks'][trove_container_net_name]['address'] }}{% if not loop.last %},{% endif %}{% endfor %}" -trove_guest_rabbitmq_use_ssl: "{{ trove_rabbitmq_use_ssl }}" +trove_guest_oslomsg_rpc_servers: "{% for host in groups[oslomsg_rpc_host_group] %}{{ hostvars[host]['container_networks'][trove_container_net_name]['address'] }}{% if not loop.last %},{% endif %}{% endfor %}" +trove_guest_oslomsg_rpc_use_ssl: "{{ trove_oslomsg_rpc_use_ssl }}" +trove_guest_oslomsg_notify_servers: "{% for host in groups[oslomsg_notify_host_group] %}{{ hostvars[host]['container_networks'][trove_container_net_name]['address'] }}{% if not loop.last %},{% endif %}{% endfor %}" +trove_guest_oslomsg_notify_use_ssl: "{{ trove_oslomsg_notify_use_ssl }}" # For OpenStack services that have public, admin, and internal access, use the public ones for the guest VMs. trove_guest_auth_url: "{{ keystone_service_publicurl }}" trove_guest_swift_url: "{{ trove_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ swift_proxy_port }}/v1/AUTH_" @@ -168,7 +182,8 @@ trove_service_net_endpoint_type: internal trove_enable_secure_rpc_messaging: "True" trove_required_secrets: - trove_galera_password - - trove_rabbitmq_password + - trove_oslomsg_rpc_password + - trove_oslomsg_notify_password - trove_service_password - trove_admin_user_password - trove_taskmanager_rpc_encr_key diff --git a/doc/source/configure-trove.rst b/doc/source/configure-trove.rst index 9860fe8..ecddcde 100644 --- a/doc/source/configure-trove.rst +++ b/doc/source/configure-trove.rst @@ -10,15 +10,15 @@ Configuring Trove Trove provides DBaaS to an OpenStack deployment. It deploys guest VMs that provide the desired DB for use by the end consumer. The trove guest VMs need -connectivity back to the trove services via RPC (rabbitmq) and the OpenStack -services. The way these guest VM get access to those services could be via -internal networking (in the case of rabbitmq) or via public interfaces (in the -case of OpenStack services). For the example configuration, we'll designate -a provider network as the network for trove to provision on each guest VM. The -guest can then connect to rabbitmq via this network and to the OpenStack -services externally. Optionally, the guest VMs could use the internal network -to access OpenStack services, but that would require more containers being -bound to this network. +connectivity back to the trove services via RPC (oslo.messaging) and the +OpenStack services. The way these guest VM get access to those services could be +via internal networking (in the case of oslo.messaging) or via public interfaces +(in the case of OpenStack services). For the example configuration, we'll +designate a provider network as the network for trove to provision on each guest +VM. The guest can then connect to oslo.messaging via this network and to the +OpenStack services externally. Optionally, the guest VMs could use the internal +network to access OpenStack services, but that would require more containers +being bound to this network. The deployment configuration outlined below may not be appropriate for production environments. Review this very carefully with your own security @@ -45,14 +45,14 @@ An example entry into ``openstack_user_config.yml`` is shown below: net_name: "dbaas-mgmt" group_binds: - neutron_linuxbridge_agent - - rabbitmq + - oslomsg_rpc Make sure to modify the other entries in this file as well. The ``net_name`` will be the physical network that is specified when creating the neutron network. The default value of ``dbaas-mgmt`` is also used to -lookup the addresses of the rabbitmq container. If the default is not used then -some variables in ``defaults\main.yml`` will need to be overwritten. +lookup the addresses of the rpc messaging container. If the default is not used +then some variables in ``defaults\main.yml`` will need to be overwritten. By default this role will not create the neutron network automaticaly. However, the default values can be changed to create the neutron network. See the diff --git a/releasenotes/notes/oslo-messaging-backends-65287400dba86fce.yaml b/releasenotes/notes/oslo-messaging-backends-65287400dba86fce.yaml new file mode 100644 index 0000000..03c5cd2 --- /dev/null +++ b/releasenotes/notes/oslo-messaging-backends-65287400dba86fce.yaml @@ -0,0 +1,20 @@ +--- +features: + - Support separate oslo.messaging services for RPC and Notifications + to enable operation of separate and different messaging backend servers. +deprecations: + - | + The rabbitmq server parameters have been replaced by corresponding + oslo.messaging RPC and Notify parameters in order to abstract the + messaging service from the actual backend server deployment. + - trove_oslomsg_rpc_servers replaces trove_rabbitmq_servers + - trove_oslomsg_rpc_port replaces trove_rabbitmq_port + - trove_oslomsg_rpc_use_ssl replaces trove_rabbitmq_use_ssl + - trove_oslomsg_rpc_userid replaces trove_rabbitmq_userid + - trove_oslomsg_rpc_vhost replaces trove_rabbitmq_vhost + - added trove_oslomsg_notify_servers + - added trove_oslomsg_notify_port + - added trove_oslomsg_notify_use_ssl + - added trove_oslomsg_notify_userid + - added trove_oslomsg_notify_vhost + - added trove_oslomsg_notify_password diff --git a/templates/trove-conductor.conf.j2 b/templates/trove-conductor.conf.j2 index 7842df7..600059f 100644 --- a/templates/trove-conductor.conf.j2 +++ b/templates/trove-conductor.conf.j2 @@ -5,7 +5,7 @@ debug = {{ debug }} trove_auth_url = {{ trove_auth_url }} conductor_manager = trove.conductor.manager.Manager trove_conductor_workers={{ trove_conductor_workers }} -transport_url = rabbit://{% for host in trove_rabbitmq_servers.split(',') %}{{ trove_rabbitmq_userid }}:{{ trove_rabbitmq_password }}@{{ host }}:{{ trove_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ trove_rabbitmq_vhost }}{% endif %}{% endfor %} +transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} {# There must be a blank line above or the following line will be appended to the previous. #} control_exchange = {{ trove_control_exchange }} @@ -21,4 +21,7 @@ enabled = {{ trove_profiler_enabled }} connection = "{{ trove_galera_connection_string }}" [oslo_messaging_rabbit] -ssl={{ trove_rabbitmq_use_ssl }} +ssl={{ trove_oslomsg_rpc_use_ssl }} + +[oslo_messaging_notifications] +transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} diff --git a/templates/trove-guestagent.conf.j2 b/templates/trove-guestagent.conf.j2 index 3b1598d..9393f17 100644 --- a/templates/trove-guestagent.conf.j2 +++ b/templates/trove-guestagent.conf.j2 @@ -6,7 +6,7 @@ nova_proxy_admin_user = {{ trove_service_user_name }} nova_proxy_admin_pass = {{ trove_service_password }} nova_proxy_admin_tenant_name = {{ trove_service_project_name }} -transport_url = rabbit://{% for host in trove_rabbitmq_servers.split(',') %}{{ trove_rabbitmq_userid }}:{{ trove_rabbitmq_password }}@{{ host }}:{{ trove_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ trove_rabbitmq_vhost }}{% endif %}{% endfor %} +transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} {% if trove_swift_enabled is defined %} swift_url = {{ trove_guest_swift_url }} @@ -56,7 +56,10 @@ log_file = trove-guestagent.log [oslo_messaging_rabbit] # Connect over SSL for RabbitMQ. (boolean value) # Deprecated group/name - [DEFAULT]/rabbit_use_ssl -ssl = {{ trove_guest_rabbitmq_use_ssl }} +ssl = {{ trove_guest_oslomsg_rpc_use_ssl }} + +[oslo_messaging_notifications] +transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} # ========== Datastore Specific Configuration Options ========== diff --git a/templates/trove-taskmanager.conf.j2 b/templates/trove-taskmanager.conf.j2 index 5d821f4..b6a0b85 100644 --- a/templates/trove-taskmanager.conf.j2 +++ b/templates/trove-taskmanager.conf.j2 @@ -3,7 +3,7 @@ [DEFAULT] debug = {{ debug }} update_status_on_fail = True -transport_url = rabbit://{% for host in trove_rabbitmq_servers.split(',') %}{{ trove_rabbitmq_userid }}:{{ trove_rabbitmq_password }}@{{ host }}:{{ trove_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ trove_rabbitmq_vhost }}{% endif %}{% endfor %} +transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} {# There must be a blank line above or the following line will be appended to the previous. #} control_exchange = {{ trove_control_exchange }} @@ -100,6 +100,9 @@ enabled = {{ trove_profiler_enabled }} #trace_sqlalchemy = True [oslo_messaging_rabbit] -ssl={{ trove_rabbitmq_use_ssl }} +ssl={{ trove_oslomsg_rpc_use_ssl }} + +[oslo_messaging_notifications] +transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} {% include 'include_db.j2' %} diff --git a/templates/trove.conf.j2 b/templates/trove.conf.j2 index c12958f..cbb4f31 100644 --- a/templates/trove.conf.j2 +++ b/templates/trove.conf.j2 @@ -4,7 +4,7 @@ debug = {{ debug }} bind_host = {{ trove_service_host }} bind_port = {{ trove_service_port }} trove_api_workers={{ trove_api_workers }} -transport_url = rabbit://{% for host in trove_rabbitmq_servers.split(',') %}{{ trove_rabbitmq_userid }}:{{ trove_rabbitmq_password }}@{{ host }}:{{ trove_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ trove_rabbitmq_vhost }}{% endif %}{% endfor %} +transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} {# There must be a blank line above or the following line will be appended to the previous. #} control_exchange = {{ trove_control_exchange }} @@ -116,6 +116,9 @@ enabled = {{ trove_profiler_enabled }} #ca_file = /path/to/ca_file [oslo_messaging_rabbit] -ssl = {{ trove_rabbitmq_use_ssl }} +ssl = {{ trove_oslomsg_rpc_use_ssl }} + +[oslo_messaging_notifications] +transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} {% include 'include_db.j2' %} diff --git a/tests/inventory b/tests/inventory index d837455..39c6ade 100644 --- a/tests/inventory +++ b/tests/inventory @@ -7,6 +7,12 @@ openstack1 infra1 openstack1 +[oslomsg_rpc_all] +infra1 + +[oslomsg_notify_all] +infra1 + [rabbitmq_all] infra1 diff --git a/tests/os_trove-overrides.yml b/tests/os_trove-overrides.yml index 6adf29c..85bbfb1 100644 --- a/tests/os_trove-overrides.yml +++ b/tests/os_trove-overrides.yml @@ -18,13 +18,20 @@ trove_developer_mode: True trove_galera_password: "secrete" -trove_rabbitmq_port: "{{ rabbitmq_port }}" -trove_rabbitmq_servers: "{{ rabbitmq_servers }}" -trove_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -trove_rabbitmq_password: "secrete" -trove_rabbitmq_userid: trove -trove_rabbitmq_vhost: /trove -trove_guest_rabbitmq_servers: "{{ trove_rabbitmq_servers }}" +trove_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" +trove_oslomsg_rpc_servers: "{ oslomsg_rpc_servers }}" +trove_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" +trove_oslomsg_rpc_password: "secrete" +trove_oslomsg_rpc_userid: trove +trove_oslomsg_rpc_vhost: /trove +trove_guest_oslomsg_rpc_servers: "{{ trove_oslomsg_rpc_servers }}" +trove_oslomsg_notify_port: "{{ oslomsg_notify_port }}" +trove_oslomsg_notify_servers: "{ oslomsg_notify_servers }}" +trove_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" +trove_oslomsg_notify_password: "secrete" +trove_oslomsg_notify_userid: trove +trove_oslomsg_notify_vhost: /trove +trove_guest_oslomsg_notify_servers: "{{ trove_oslomsg_notify_servers }}" trove_guest_auth_url: "{{ trove_auth_url }}" trove_requirements_git_install_branch: master trove_service_password: "secrete" diff --git a/tests/test-install-trove.yml b/tests/test-install-trove.yml index cfa9292..a8d0c1c 100644 --- a/tests/test-install-trove.yml +++ b/tests/test-install-trove.yml @@ -21,10 +21,13 @@ user: root gather_facts: true pre_tasks: - - include: common/ensure-rabbitmq.yml - vhost_name: "{{ trove_rabbitmq_vhost }}" - user_name: "{{ trove_rabbitmq_userid }}" - user_password: "{{ trove_rabbitmq_password }}" + - include: common/ensure-oslomsg.yml + rpc_vhost: "{{ trove_oslomsg_rpc_vhost }}" + rpc_user: "{{ trove_oslomsg_rpc_userid }}" + rpc_password: "{{ trove_oslomsg_rpc_password }}" + notify_vhost: "{{ trove_oslomsg_notify_vhost }}" + notify_user: "{{ trove_oslomsg_notify_userid }}" + notify_password: "{{ trove_oslomsg_notify_password }}" roles: - role: "os_trove" vars_files: