From 75a5d0f2f1dec19ad91383fb80cc278955e0125d Mon Sep 17 00:00:00 2001 From: Edward Hope-Morley Date: Wed, 31 May 2017 13:20:03 +0100 Subject: [PATCH] Cleanup config.yaml Re-order settings based on section and move HA options to bottom and mark as deprecated since they and their related code is due for imminent removal (has been deprecated for several cycles now) and should not be used. Change-Id: Ic13897a2c8fd97cfb98454375d7325a018c5b37d --- config.yaml | 261 +++++++++++++++++++++++++++------------------------- 1 file changed, 135 insertions(+), 126 deletions(-) diff --git a/config.yaml b/config.yaml index 1b2a3351..ebc6d458 100644 --- a/config.yaml +++ b/config.yaml @@ -1,17 +1,104 @@ options: + source: + type: string + default: + description: | + Optional configuration to support use of additional sources such as: + . + - ppa:myteam/ppa + - cloud:xenial-proposed/ocata + - http://my.archive.com/ubuntu main + . + The last option should be used in conjunction with the key configuration + option. + key: + type: string + default: + description: | + Key ID to import to the apt keyring to support use with arbitary source + configuration from outside of Launchpad archives or PPA's. + harden: + default: + type: string + description: | + Apply system hardening. Supports a space-delimited list of modules + to run. Supported modules currently include os, ssh, apache and mysql. management_plugin: type: boolean default: False description: enable the management plugin - # SSL Configuration options + mirroring-queues: + type: boolean + default: True + description: | + When set to True the 'ha-mode: all' policy is applied to all the + exchanges that match the expression '^(?!amq\.).*' + cluster-partition-handling: + type: string + default: ignore + description: | + RabbitMQ offers three ways to deal with network partitions automatically. + Available modes: + . + ignore - Your network is reliable. All your nodes are in a rack, + connected with a switch, and that switch is also the route to the outside + world. You don't want to run any risk of any of your cluster shutting + down if any other part of it fails (or you have a two node cluster). + . + pause_minority - Your network is maybe less reliable. You have clustered + across 3 AZs in EC2, and you assume that only one AZ will fail at once. + In that scenario you want the remaining two AZs to continue working and + the nodes from the failed AZ to rejoin automatically and without fuss + when the AZ comes back. + . + autoheal - Your network may not be reliable. You are more concerned with + continuity of service than with data integrity. You may have a two node + cluster. + . + For more information see http://www.rabbitmq.com/partitions.html + use-syslog: + type: boolean + default: False + description: | + If True, services that support it will log to syslog instead of their + normal log location. + max-cluster-tries: + type: int + default: 3 + description: | + Number of tries to cluster with other units before giving up and throwing + a hook error. + min-cluster-size: + type: int + default: + description: | + Minimum number of units expected to exist before charm will attempt to + form a rabbitmq cluster. + stats_cron_schedule: + type: string + default: '*/5 * * * *' + description: | + Cron schedule used to generate rabbitmq stats. If unset + no stats will be generated + queue_thresholds: + type: string + default: "[['\\*', '\\*', 100, 200]]" + description: | + List of RabbitMQ queue size check thresholds. Interpreted as YAML + in format [, , , ] + - ['/', 'queue1', 10, 20] + - ['/', 'queue2', 200, 300] + Wildcards '*' are accepted to monitor all vhosts and/or queues + # SSL configuration ssl: type: string default: "off" description: | - Enable SSL connections on rabbitmq, valid values are 'off', 'on', 'only'. If ssl_key, - ssl_cert, ssl_ca are provided then then those values will be used. Otherwise - the service will act as its own certificate authority and pass its ca cert to clients. - For HA or clustered rabbits ssl key/cert must be provided. + Enable SSL connections on rabbitmq, valid values are 'off', 'on', 'only'. + If ssl_key, ssl_cert, ssl_ca are provided then then those values will be + used. Otherwise the service will act as its own certificate authority and + pass its ca cert to clients. For HA or clustered rabbits ssl key/cert + must be provided. ssl_enabled: type: boolean default: False @@ -23,18 +110,51 @@ options: description: SSL port ssl_key: type: string - description: private unencrypted key in base64 PEM format (starts "-----BEGIN RSA PRIVATE KEY-----") + description: | + Private unencrypted key in base64 PEM format (i.e. starts with + "-----BEGIN RSA PRIVATE KEY-----") default: ssl_cert: type: string - description: X.509 certificate in base64 PEM format (starts "-----BEGIN CERTIFICATE-----") + description: | + X.509 certificate in base64 PEM format (i.e. starts with + "-----BEGIN CERTIFICATE-----") default: ssl_ca: type: string description: | - Certificate authority cert that the cert. Optional if the ssl_cert is signed by a ca - recognized by the os. Format is base64 PEM (concatenated certs if needed). + Certificate authority cert that the cert. Optional if the ssl_cert is + signed by a ca recognized by the os. Format is base64 PEM (concatenated + certs if needed). default: + # Network configuration (by default all access is over 'private-address') + access-network: + type: string + default: + description: | + The IP address and netmask of the 'access' network (e.g. 192.168.0.0/24) + . + This network will be used for access to RabbitMQ messaging services. + cluster-network: + type: string + default: + description: | + The IP address and netmask of the 'cluster' network (e.g. 192.168.0.0/24) + . + This network will be used for RabbitMQ to cluster. + prefer-ipv6: + type: boolean + default: False + description: | + If True enables IPv6 support. The charm will expect network interfaces + to be configured with an IPv6 address. If set to False (default) IPv4 + is expected. + . + NOTE: these charms do not currently support IPv6 privacy extension. In + order for this charm to function correctly, the privacy extension must be + disabled and a non-temporary address must be configured/available on + your network interface. + # Monitoring nagios_context: default: "juju" type: string @@ -42,7 +162,9 @@ options: Used by the nrpe-external-master subordinate charm. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: + . juju-myservice-0 + . If you're running multiple environments with the same services in them this allows you to differentiate between them. nagios_servicegroups: @@ -51,7 +173,7 @@ options: description: | A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup - # HA configuration settings + # HA configuration (DEPRECATED) vip: type: string description: "Virtual IP to use to front rabbitmq in ha configuration" @@ -86,34 +208,6 @@ options: hacluster charm will keep rabbit in active/active setup, but in addition it will deploy a VIP that can be used by services that cannot work with mutiple AMQPs (like Glance in pre-Icehouse). - mirroring-queues: - type: boolean - default: True - description: | - When set to true the 'ha-mode: all' policy is applied to all the exchages - that match the expression '^(?!amq\.).*' - cluster-partition-handling: - type: string - default: ignore - description: | - RabbitMQ offers three ways to deal with network partitions automatically. - Available modes: - - ignore - Your network is reliable. All your nodes are in a rack, - connected with a switch, and that switch is also the route to the outside world. - You don't want to run any risk of any of your cluster shutting down if any other part of it fails - (or you have a two node cluster). - - pause_minority - Your network is maybe less reliable. You have clustered across 3 AZs in EC2, - and you assume that only one AZ will fail at once. - In that scenario you want the remaining two AZs to continue working and the nodes from the failed AZ - to rejoin automatically and without fuss when the AZ comes back. - - autoheal - Your network may not be reliable. - You are more concerned with continuity of service than with data integrity. - You may have a two node cluster. - - For more information see http://www.rabbitmq.com/partitions.html. rbd-size: type: string default: 5G @@ -134,91 +228,6 @@ options: This value dictates the number of replicas ceph must make of any object it stores within the rabbitmq rbd pool. Of course, this only applies if using Ceph as a backend store. Note that once the rabbitmq - rbd pool has been created, changing this value will not have any - effect (although it can be changed in ceph by manually configuring - your ceph cluster). - use-syslog: - type: boolean - default: False - description: | - If True, services that support it will log to syslog instead of their normal - log location. - max-cluster-tries: - type: int - default: 3 - description: | - Number of tries to cluster with other units before giving up and throwing - a hook error. - source: - type: string - default: - description: | - Optional configuration to support use of additional sources such as: - . - - ppa:myteam/ppa - - cloud:precise-proposed/folsom - - http://my.archive.com/ubuntu main - . - The last option should be used in conjunction with the key configuration - option. - key: - type: string - default: - description: | - Key ID to import to the apt keyring to support use with arbitary source - configuration from outside of Launchpad archives or PPA's. - # Network configuration options - # by default all access is over 'private-address' - access-network: - type: string - default: - description: | - The IP address and netmask of the 'access' network (e.g., 192.168.0.0/24) - . - This network will be used for access to RabbitMQ messaging services. - cluster-network: - type: string - default: - description: | - The IP address and netmask of the 'cluster' network (e.g., 192.168.0.0/24) - . - This network will be used for RabbitMQ to cluster. - prefer-ipv6: - type: boolean - default: False - description: | - If True enables IPv6 support. The charm will expect network interfaces - to be configured with an IPv6 address. If set to False (default) IPv4 - is expected. - . - NOTE: these charms do not currently support IPv6 privacy extension. In - order for this charm to function correctly, the privacy extension must be - disabled and a non-temporary address must be configured/available on - your network interface. - min-cluster-size: - type: int - default: - description: | - Minimum number of units expected to exist before charm will attempt to - form a rabbitmq cluster. - stats_cron_schedule: - type: string - default: '*/5 * * * *' - description: | - Cron schedule used to generate rabbitmq stats. If unset - no stats will be generated - queue_thresholds: - type: string - default: "[['\\*', '\\*', 100, 200]]" - description: | - List of RabbitMQ queue size check thresholds. Interpreted as YAML - in format [, , , ] - - ['/', 'queue1', 10, 20] - - ['/', 'queue2', 200, 300] - Wildcards '*' are accepted to monitor all vhosts and/or queues - harden: - default: - type: string - description: | - Apply system hardening. Supports a space-delimited list of modules - to run. Supported modules currently include os, ssh, apache and mysql. + rbd pool has been created, changing this value will not have any effect + (although it can be changed in ceph by manually configuring your ceph + cluster).