Update to use oslo.messaging service for RPC and Notify

This introduces oslo.messaging variables that define the RPC and
Notify transports for the OpenStack services. These parameters replace
the rabbitmq values and are used to generate the messaging
transport_url for the service. The association of the messaging
backend server to the oslo.messaging services will then be transparent
to the barbican service.

This patch:
* Add oslo.messaging variables for RPC and Notify to defaults
* Add transport_url generation to conf
* Add oslo.messaging to tests inventory
* Update tets
* Update examples
* Add release note

Change-Id: I0657c88799e06987c6df90edd55fda859faf6035
This commit is contained in:
Andrew Smith 2018-06-12 15:29:09 -04:00 committed by Jesse Pretorius (odyssey4me)
parent e4b09bf175
commit 206f411451
8 changed files with 67 additions and 35 deletions

View File

@ -109,9 +109,24 @@ barbican_galera_user: barbican
barbican_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
barbican_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
# Rabbit vars
barbican_rabbitmq_userid: barbican
barbican_rabbitmq_vhost: /barbican
## Oslo Messaging
# RPC
barbican_oslomsg_rpc_transport: rabbit
barbican_oslomsg_rpc_servers: 127.0.0.1
barbican_oslomsg_rpc_port: 5672
barbican_oslomsg_rpc_use_ssl: false
barbican_oslomsg_rpc_userid: barbican
barbican_oslomsg_rpc_vhost: /barbican
# Notify
barbican_oslomsg_notify_transport: rabbit
barbican_oslomsg_notify_servers: 127.0.0.1
barbican_oslomsg_notify_port: 5672
barbican_oslomsg_notify_use_ssl: false
barbican_oslomsg_notify_userid: "{{ barbican_oslomsg_rpc_userid }}"
barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}"
barbican_oslomsg_notify_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
# Keystone AuthToken/Middleware
barbican_keystone_auth_plugin: password

View File

@ -25,7 +25,7 @@ This role requires the following variables to be defined:
barbican_galera_address
barbican_galera_password
barbican_rabbitmq_password
barbican_oslomsg_rpc_password
barbican_service_password
keystone_admin_user_name
keystone_auth_admin_password

View File

@ -9,9 +9,10 @@
barbican_galera_address: "{{ internal_lb_vip_address }}"
barbican_service_password: SuperSecretePassword1
barbican_galera_password: SuperSecretePassword2
barbican_rabbitmq_password: SuperSecretePassword3
barbican_oslomsg_rpc_password: SuperSecretePassword3
barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}" # if using the same user, please use the same password
keystone_admin_user_name: admin
keystone_auth_admin_password: SuperSecretePassword4
keystone_auth_admin_password: SuperSecretePassword5
keystone_admin_tenant_name: admin
galera_root_user: root
vars_prompt:

View File

@ -0,0 +1,20 @@
---
features:
- Support separate oslo.messaging services for RPC and Notifications
to enable operation of separate and different messaging backend servers.
deprecations:
- |
The rabbitmq server parameters have been replaced by corresponding
oslo.messaging RPC and Notify parameters in order to abstract the
messaging service from the actual backend server deployment.
- barbican_oslomsg_rpc_servers replaces rabbitmq_servers
- barbican_oslomsg_rpc_port replaces rabbitmq_port
- barbican_oslomsg_rpc_userid replaces barbican_rabbitmq_userid
- barbican_oslomsg_rpc_vhost replaces barbican_rabbitmq_vhost
- added barbican_oslomsg_rpc_use_ssl
- added barbican_oslomsg_notify_servers
- added barbican_oslomsg_notify_port
- added barbican_oslomsg_notify_use_ssl
- added barbican_oslomsg_notify_userid
- added barbican_oslomsg_notify_vhost
- added barbican_oslomsg_notify_password

View File

@ -118,19 +118,13 @@ max_limit_paging = 100
# Rabbit and HA configuration:
ampq_durable_queues = True
rabbit_userid = {{ barbican_rabbitmq_userid }}
rabbit_password = {{ barbican_rabbitmq_password }}
rabbit_ha_queues = True
rabbit_port = {{ rabbitmq_port }}
# For HA, specify queue nodes in cluster, comma delimited:
# For example: rabbit_hosts=192.168.50.8:5672, 192.168.50.9:5672
rabbit_hosts={{ rabbitmq_servers }}
# For HA, specify queue nodes in cluster as 'user@host:5672', comma delimited, ending with '/offset':
# For example: transport_url = rabbit://guest@192.168.50.8:5672,guest@192.168.50.9:5672/
# DO NOT USE THIS, due to '# FIXME(markmc): support multiple hosts' in oslo/messaging/_drivers/amqpdriver.py
# transport_url = rabbit://guest@localhost:5672/
transport_url = {{ barbican_oslomsg_rpc_transport }}://{% for host in barbican_oslomsg_rpc_servers.split(',') %}{{ barbican_oslomsg_rpc_userid }}:{{ barbican_oslomsg_rpc_password }}@{{ host }}:{{ barbican_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ barbican_oslomsg_rpc_vhost }}{% if (barbican_oslomsg_rpc_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
# oslo notification driver for sending audit events via audit middleware.
# Meaningful only when middleware is enabled in barbican paste ini file.
@ -138,6 +132,11 @@ rabbit_hosts={{ rabbitmq_servers }}
# there is need to route audit event to messaging as well as log.
# notification_driver = messagingv2
# notification_driver = log
[oslo_messaging_notifications]
transport_url = {{ barbican_oslomsg_notify_transport }}://{% for host in barbican_oslomsg_notify_servers.split(',') %}{{ barbican_oslomsg_notify_userid }}:{{ barbican_oslomsg_notify_password }}@{{ host }}:{{ barbican_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ barbican_oslomsg_notify_vhost }}{% if (barbican_oslomsg_notify_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
[oslo_messaging_rabbit]
ssl = {{ barbican_oslomsg_notify_use_ssl | bool }}
{% if barbican_keystone_auth | bool %}
[keystone_authtoken]

View File

@ -9,6 +9,12 @@ infra1
keystone1
barbican1
[oslomsg_rpc_all]
infra1
[oslomsg_notify_all]
infra1
[rabbitmq_all]
infra1

View File

@ -18,9 +18,12 @@ barbican_developer_mode: true
barbican_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
barbican_galera_database: barbican
barbican_keystone_auth: yes
barbican_rabbitmq_password: secrete
barbican_rabbitmq_userid: barbican
barbican_rabbitmq_vhost: /barbican
barbican_oslomsg_rpc_vhost: /barbican
barbican_oslomsg_rpc_userid: barbican
barbican_oslomsg_rpc_password: secrete
barbican_oslomsg_notify_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
barbican_oslomsg_notify_userid: "{{ barbican_oslomsg_rpc_userid }}"
barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}"
barbican_service_password: secrete
barbican_venv_tag: testing

View File

@ -18,25 +18,13 @@
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ barbican_rabbitmq_vhost }}"
state: "present"
delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
when: inventory_hostname == groups['barbican_all'][0]
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ barbican_rabbitmq_userid }}"
password: "{{ barbican_rabbitmq_password }}"
vhost: "{{ barbican_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
when: inventory_hostname == groups['barbican_all'][0]
no_log: true
- include: common/ensure-oslomsg.yml
rpc_vhost: "{{ barbican_oslomsg_rpc_vhost }}"
rpc_user: "{{ barbican_oslomsg_rpc_userid }}"
rpc_password: "{{ barbican_oslomsg_rpc_password }}"
notify_vhost: "{{ barbican_oslomsg_notify_vhost }}"
notify_user: "{{ barbican_oslomsg_notify_userid }}"
notify_password: "{{ barbican_oslomsg_notify_password }}"
roles:
- role: "os_barbican"