Allow rabbit mq kombu ssl configuration
Add the rest of the kombu ssl configuration options. Change-Id: I94465c970041f54357771af090a2a4cb9e0f0ae3 Partial-Bug: 1464706
This commit is contained in:
parent
2ec1e093f8
commit
0a59088d43
|
@ -28,7 +28,7 @@ end
|
|||
|
||||
depends 'ceph', '~> 0.8.0'
|
||||
depends 'openstack-bare-metal', '>= 11.0.0'
|
||||
depends 'openstack-common', '>= 11.0.0'
|
||||
depends 'openstack-common', '>= 11.4.0'
|
||||
depends 'openstack-identity', '>= 11.0.0'
|
||||
depends 'openstack-image', '>= 11.0.0'
|
||||
depends 'openstack-network', '>= 11.0.0'
|
||||
|
|
|
@ -428,7 +428,7 @@ describe 'openstack-compute::nova-common' do
|
|||
/^rabbit_userid=guest$/, /^rabbit_password=mq-pass$/,
|
||||
/^rabbit_virtual_host=\/$/, /^rabbit_host=127.0.0.1$/,
|
||||
/^rabbit_max_retries=0$/, /^rabbit_retry_interval=1$/,
|
||||
/^rabbit_port=5672$/, /^rabbit_use_ssl=false$/].each do |line|
|
||||
/^rabbit_port=5672$/].each do |line|
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
|
@ -451,8 +451,7 @@ describe 'openstack-compute::nova-common' do
|
|||
it 'sets ha rabbit options correctly' do
|
||||
[
|
||||
/^rabbit_hosts=1.1.1.1:5672,2.2.2.2:5672$/,
|
||||
/^rabbit_ha_queues=True$/,
|
||||
/^rabbit_use_ssl=false$/
|
||||
/^rabbit_ha_queues=True$/
|
||||
].each do |line|
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
|
@ -465,15 +464,35 @@ describe 'openstack-compute::nova-common' do
|
|||
end
|
||||
end
|
||||
|
||||
it 'does not have kombu ssl version set' do
|
||||
expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^kombu_ssl_version=TLSv1.2$/)
|
||||
it 'does not have ssl config set' do
|
||||
[/^rabbit_use_ssl=/,
|
||||
/^kombu_ssl_version=/,
|
||||
/^kombu_ssl_keyfile=/,
|
||||
/^kombu_ssl_certfile=/,
|
||||
/^kombu_ssl_ca_certs=/,
|
||||
/^kombu_reconnect_delay=/,
|
||||
/^kombu_reconnect_timeout=/].each do |line|
|
||||
expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'sets kombu ssl version' do
|
||||
it 'sets ssl config' do
|
||||
node.override['openstack']['mq']['compute']['rabbit']['use_ssl'] = true
|
||||
node.override['openstack']['mq']['compute']['rabbit']['kombu_ssl_version'] = 'TLSv1.2'
|
||||
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^kombu_ssl_version=TLSv1.2$/)
|
||||
node.override['openstack']['mq']['compute']['rabbit']['kombu_ssl_keyfile'] = 'keyfile'
|
||||
node.override['openstack']['mq']['compute']['rabbit']['kombu_ssl_certfile'] = 'certfile'
|
||||
node.override['openstack']['mq']['compute']['rabbit']['kombu_ssl_ca_certs'] = 'certsfile'
|
||||
node.override['openstack']['mq']['compute']['rabbit']['kombu_reconnect_delay'] = 123.123
|
||||
node.override['openstack']['mq']['compute']['rabbit']['kombu_reconnect_timeout'] = 123
|
||||
[/^rabbit_use_ssl=true/,
|
||||
/^kombu_ssl_version=TLSv1.2$/,
|
||||
/^kombu_ssl_keyfile=keyfile$/,
|
||||
/^kombu_ssl_certfile=certfile$/,
|
||||
/^kombu_ssl_ca_certs=certsfile$/,
|
||||
/^kombu_reconnect_delay=123.123$/,
|
||||
/^kombu_reconnect_timeout=123$/].each do |line|
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -856,9 +856,36 @@ amqp_durable_queues=<%= node['openstack']['mq']['compute']['durable_queues'] %>
|
|||
# Auto-delete queues in AMQP. (boolean value)
|
||||
amqp_auto_delete=<%= node['openstack']['mq']['compute']['auto_delete'] %>
|
||||
|
||||
<% if node["openstack"]["mq"]["compute"]["rabbit"]["use_ssl"] && node["openstack"]["mq"]["compute"]["rabbit"]["kombu_ssl_version"] %>
|
||||
kombu_ssl_version=<%= node["openstack"]["mq"]["compute"]["rabbit"]["kombu_ssl_version"] %>
|
||||
<% if node['openstack']['mq']['compute']['rabbit']['use_ssl'] -%>
|
||||
|
||||
# Connect over SSL for RabbitMQ. (boolean value)
|
||||
rabbit_use_ssl=true
|
||||
|
||||
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_version'] -%>
|
||||
# SSL version to use (valid only if SSL enabled). valid values
|
||||
# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on
|
||||
# some distributions. (string value)
|
||||
kombu_ssl_version=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_version'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_keyfile'] -%>
|
||||
# SSL key file (valid only if SSL enabled)
|
||||
kombu_ssl_keyfile=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_keyfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_certfile'] -%>
|
||||
# SSL cert file (valid only if SSL enabled)
|
||||
kombu_ssl_certfile=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_certfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_ca_certs'] -%>
|
||||
# SSL certification authority file (valid only if SSL enabled)
|
||||
kombu_ssl_ca_certs=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_ca_certs'] %>
|
||||
<% end -%>
|
||||
# How long to wait before reconnecting in response to an AMQP consumer cancel notification
|
||||
kombu_reconnect_delay=<%= node['openstack']['mq']['compute']['rabbit']['kombu_reconnect_delay'] %>
|
||||
# How long to wait before considering a reconnect attempt to have failed.
|
||||
# This value should not be longer than rpc_response_timeout
|
||||
kombu_reconnect_timeout=<%= node['openstack']['mq']['compute']['rabbit']['kombu_reconnect_timeout'] %>
|
||||
<% end -%>
|
||||
|
||||
##### RABBITMQ #####
|
||||
rabbit_userid=<%= node["openstack"]["mq"]["compute"]["rabbit"]["userid"] %>
|
||||
rabbit_password=<%= @mq_password %>
|
||||
|
@ -872,11 +899,9 @@ rabbit_retry_interval=<%= node["openstack"]["mq"]["compute"]["rabbit"]["rabbit_r
|
|||
<% if node["openstack"]["mq"]["compute"]["rabbit"]["ha"] -%>
|
||||
rabbit_hosts=<%= @rabbit_hosts %>
|
||||
rabbit_ha_queues=True
|
||||
rabbit_use_ssl=<%= node["openstack"]["mq"]["compute"]["rabbit"]["use_ssl"] %>
|
||||
<% else -%>
|
||||
rabbit_host=<%= node["openstack"]["mq"]["compute"]["rabbit"]["host"] %>
|
||||
rabbit_port=<%= node["openstack"]["mq"]["compute"]["rabbit"]["port"] %>
|
||||
rabbit_use_ssl=<%= node["openstack"]["mq"]["compute"]["rabbit"]["use_ssl"] %>
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
|
||||
|
|
Loading…
Reference in New Issue