Merge "Update to use oslo.messaging service for RPC and Notify"

2018-07-27 10:28:13 +00:00 · 2018-07-27 10:28:13 +00:00 · 4b5c1467f8
parent e9773cddf2 206f411451
commit 4b5c1467f8
8 changed files with 67 additions and 35 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -109,9 +109,24 @@ barbican_galera_user: barbican
 barbican_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
 barbican_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"

-# Rabbit vars
-barbican_rabbitmq_userid: barbican
-barbican_rabbitmq_vhost: /barbican
+## Oslo Messaging
+
+# RPC
+barbican_oslomsg_rpc_transport: rabbit
+barbican_oslomsg_rpc_servers: 127.0.0.1
+barbican_oslomsg_rpc_port: 5672
+barbican_oslomsg_rpc_use_ssl: false
+barbican_oslomsg_rpc_userid: barbican
+barbican_oslomsg_rpc_vhost: /barbican
+
+# Notify
+barbican_oslomsg_notify_transport: rabbit
+barbican_oslomsg_notify_servers: 127.0.0.1
+barbican_oslomsg_notify_port: 5672
+barbican_oslomsg_notify_use_ssl: false
+barbican_oslomsg_notify_userid: "{{ barbican_oslomsg_rpc_userid }}"
+barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}"
+barbican_oslomsg_notify_vhost: "{{ barbican_oslomsg_rpc_vhost }}"

 # Keystone AuthToken/Middleware
 barbican_keystone_auth_plugin: password
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@ -25,7 +25,7 @@ This role requires the following variables to be defined:

    barbican_galera_address
    barbican_galera_password
-    barbican_rabbitmq_password
+    barbican_oslomsg_rpc_password
    barbican_service_password
    keystone_admin_user_name
    keystone_auth_admin_password
--- a/examples/playbook.yml
+++ b/examples/playbook.yml
@ -9,9 +9,10 @@
    barbican_galera_address: "{{ internal_lb_vip_address }}"
    barbican_service_password: SuperSecretePassword1
    barbican_galera_password: SuperSecretePassword2
-    barbican_rabbitmq_password: SuperSecretePassword3
+    barbican_oslomsg_rpc_password: SuperSecretePassword3
+    barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}" # if using the same user, please use the same password
    keystone_admin_user_name: admin
-    keystone_auth_admin_password: SuperSecretePassword4
+    keystone_auth_admin_password: SuperSecretePassword5
    keystone_admin_tenant_name: admin
    galera_root_user: root
  vars_prompt:
--- a/releasenotes/notes/oslo-messaging-separate-backends-401c97b4c48a9b31.yaml
+++ b/releasenotes/notes/oslo-messaging-separate-backends-401c97b4c48a9b31.yaml
@ -0,0 +1,20 @@
+---
+features:
+  - Support separate oslo.messaging services for RPC and Notifications
+    to enable operation of separate and different messaging backend servers.
+deprecations:
+  - |
+    The rabbitmq server parameters have been replaced by corresponding
+    oslo.messaging RPC and Notify parameters in order to abstract the
+    messaging service from the actual backend server deployment.
+    - barbican_oslomsg_rpc_servers replaces rabbitmq_servers
+    - barbican_oslomsg_rpc_port replaces rabbitmq_port
+    - barbican_oslomsg_rpc_userid replaces barbican_rabbitmq_userid
+    - barbican_oslomsg_rpc_vhost replaces barbican_rabbitmq_vhost
+    - added barbican_oslomsg_rpc_use_ssl
+    - added barbican_oslomsg_notify_servers
+    - added barbican_oslomsg_notify_port
+    - added barbican_oslomsg_notify_use_ssl
+    - added barbican_oslomsg_notify_userid
+    - added barbican_oslomsg_notify_vhost
+    - added barbican_oslomsg_notify_password
--- a/templates/barbican.conf.j2
+++ b/templates/barbican.conf.j2
@ -118,19 +118,13 @@ max_limit_paging = 100

 # Rabbit and HA configuration:
 ampq_durable_queues = True
-rabbit_userid = {{ barbican_rabbitmq_userid }}
-rabbit_password = {{ barbican_rabbitmq_password }}
 rabbit_ha_queues = True
-rabbit_port = {{ rabbitmq_port }}
-
-# For HA, specify queue nodes in cluster, comma delimited:
-#   For example: rabbit_hosts=192.168.50.8:5672, 192.168.50.9:5672
-rabbit_hosts={{ rabbitmq_servers }}

 # For HA, specify queue nodes in cluster as 'user@host:5672', comma delimited, ending with '/offset':
 #   For example: transport_url = rabbit://guest@192.168.50.8:5672,guest@192.168.50.9:5672/
 #   DO NOT USE THIS, due to '# FIXME(markmc): support multiple hosts' in oslo/messaging/_drivers/amqpdriver.py
 # transport_url = rabbit://guest@localhost:5672/
+transport_url = {{ barbican_oslomsg_rpc_transport }}://{% for host in barbican_oslomsg_rpc_servers.split(',') %}{{ barbican_oslomsg_rpc_userid }}:{{ barbican_oslomsg_rpc_password }}@{{ host }}:{{ barbican_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ barbican_oslomsg_rpc_vhost }}{% if (barbican_oslomsg_rpc_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}

 # oslo notification driver for sending audit events via audit middleware.
 # Meaningful only when middleware is enabled in barbican paste ini file.
@ -138,6 +132,11 @@ rabbit_hosts={{ rabbitmq_servers }}
 # there is need to route audit event to messaging as well as log.
 # notification_driver = messagingv2
 # notification_driver = log
+[oslo_messaging_notifications]
+transport_url = {{ barbican_oslomsg_notify_transport }}://{% for host in barbican_oslomsg_notify_servers.split(',') %}{{ barbican_oslomsg_notify_userid }}:{{ barbican_oslomsg_notify_password }}@{{ host }}:{{ barbican_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ barbican_oslomsg_notify_vhost }}{% if (barbican_oslomsg_notify_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
+
+[oslo_messaging_rabbit]
+ssl = {{ barbican_oslomsg_notify_use_ssl | bool }}

 {% if barbican_keystone_auth | bool %}
 [keystone_authtoken]
--- a/tests/inventory
+++ b/tests/inventory
@ -9,6 +9,12 @@ infra1
 keystone1
 barbican1

+[oslomsg_rpc_all]
+infra1
+
+[oslomsg_notify_all]
+infra1
+
 [rabbitmq_all]
 infra1

--- a/tests/os_barbican-overrides.yml
+++ b/tests/os_barbican-overrides.yml
@ -18,9 +18,12 @@ barbican_developer_mode: true
 barbican_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
 barbican_galera_database: barbican
 barbican_keystone_auth: yes
-barbican_rabbitmq_password: secrete
-barbican_rabbitmq_userid: barbican
-barbican_rabbitmq_vhost: /barbican
+barbican_oslomsg_rpc_vhost: /barbican
+barbican_oslomsg_rpc_userid: barbican
+barbican_oslomsg_rpc_password: secrete
+barbican_oslomsg_notify_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
+barbican_oslomsg_notify_userid: "{{ barbican_oslomsg_rpc_userid }}"
+barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}"
 barbican_service_password: secrete
 barbican_venv_tag: testing

--- a/tests/test-install-barbican.yml
+++ b/tests/test-install-barbican.yml
@ -18,25 +18,13 @@
  user: root
  gather_facts: true
  pre_tasks:
-    - name: Ensure rabbitmq vhost
-      rabbitmq_vhost:
-        name: "{{ barbican_rabbitmq_vhost }}"
-        state: "present"
-      delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
-      when: inventory_hostname == groups['barbican_all'][0]
-
-    - name: Ensure rabbitmq user
-      rabbitmq_user:
-        user: "{{ barbican_rabbitmq_userid }}"
-        password: "{{ barbican_rabbitmq_password }}"
-        vhost: "{{ barbican_rabbitmq_vhost }}"
-        configure_priv: ".*"
-        read_priv: ".*"
-        write_priv: ".*"
-        state: "present"
-      delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
-      when: inventory_hostname == groups['barbican_all'][0]
-      no_log: true
+    - include: common/ensure-oslomsg.yml
+      rpc_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
+      rpc_user: "{{ barbican_oslomsg_rpc_userid }}"
+      rpc_password: "{{ barbican_oslomsg_rpc_password }}"
+      notify_vhost: "{{ barbican_oslomsg_notify_vhost }}"
+      notify_user: "{{ barbican_oslomsg_notify_userid }}"
+      notify_password: "{{ barbican_oslomsg_notify_password }}"

  roles:
    - role: "os_barbican"