Allow rabbit mq kombu ssl configuration
Add the rest of the kombu ssl configuration options. After this patch goes in, will need to update each cookbook that uses rabbit mq to add these to the conf file. Change-Id: Ie89f48b4a471d48df88f185a1012da9eb63071bd Partial-Bug: 1464706
This commit is contained in:
parent
8d37e1c07e
commit
818c927a3d
|
@ -57,6 +57,17 @@ default['openstack']['mq']['qpid']['protocol'] = 'tcp'
|
|||
default['openstack']['mq']['rabbitmq']['use_ssl'] = false
|
||||
# SSL version to use (valid only if SSL enabled)
|
||||
default['openstack']['mq']['rabbitmq']['kombu_ssl_version'] = nil
|
||||
# SSL key file (valid only if SSL enabled)
|
||||
default['openstack']['mq']['rabbitmq']['kombu_ssl_keyfile'] = nil
|
||||
# SSL cert file (valid only if SSL enabled)
|
||||
default['openstack']['mq']['rabbitmq']['kombu_ssl_certfile'] = nil
|
||||
# SSL certification authority file (valid only if SSL enabled)
|
||||
default['openstack']['mq']['rabbitmq']['kombu_ssl_ca_certs'] = nil
|
||||
# How long to wait before reconnecting in response to an AMQP consumer cancel notification
|
||||
default['openstack']['mq']['rabbitmq']['kombu_reconnect_delay'] = 1.0
|
||||
# How long to wait before considering a reconnect attempt to have failed.
|
||||
# This value should not be longer than rpc_response_timeout
|
||||
default['openstack']['mq']['rabbitmq']['kombu_reconnect_timeout'] = 60
|
||||
# global switch for handling rabbit ha
|
||||
default['openstack']['mq']['rabbitmq']['ha'] = false
|
||||
# global switch for number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disable the heartbeat)
|
||||
|
@ -95,7 +106,12 @@ rabbit_defaults = {
|
|||
heartbeat_timeout_threshold: node['openstack']['mq']['rabbitmq']['heartbeat_timeout_threshold'],
|
||||
heartbeat_rate: node['openstack']['mq']['rabbitmq']['heartbeat_rate'],
|
||||
use_ssl: node['openstack']['mq']['rabbitmq']['use_ssl'],
|
||||
kombu_ssl_version: node['openstack']['mq']['rabbitmq']['kombu_ssl_version']
|
||||
kombu_ssl_version: node['openstack']['mq']['rabbitmq']['kombu_ssl_version'],
|
||||
kombu_ssl_keyfile: node['openstack']['mq']['rabbitmq']['kombu_ssl_keyfile'],
|
||||
kombu_ssl_certfile: node['openstack']['mq']['rabbitmq']['kombu_ssl_certfile'],
|
||||
kombu_ssl_ca_certs: node['openstack']['mq']['rabbitmq']['kombu_ssl_ca_certs'],
|
||||
kombu_reconnect_delay: node['openstack']['mq']['rabbitmq']['kombu_reconnect_delay'],
|
||||
kombu_reconnect_timeout: node['openstack']['mq']['rabbitmq']['kombu_reconnect_timeout']
|
||||
}
|
||||
|
||||
###################################################################
|
||||
|
|
|
@ -4,7 +4,7 @@ maintainer_email 'opscode-chef-openstack@googlegroups.com'
|
|||
license 'Apache 2.0'
|
||||
description 'Common OpenStack attributes, libraries and recipes.'
|
||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||
version '11.3.0'
|
||||
version '11.4.0'
|
||||
|
||||
recipe 'openstack-common', 'Installs/Configures common recipes'
|
||||
recipe 'openstack-common::set_endpoints_by_interface', 'Set endpoints by interface'
|
||||
|
|
|
@ -49,27 +49,6 @@ describe 'openstack-common::default' do
|
|||
.with(version: '~> 2.3')
|
||||
end
|
||||
|
||||
it 'enables rabbit ha for all services' do
|
||||
node.set['openstack']['mq']['rabbitmq']['ha'] = true
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['ha']).to eq(true)
|
||||
end
|
||||
end
|
||||
|
||||
it 'enables rabbit heartbeat_timeout_threshold for all services' do
|
||||
node.set['openstack']['mq']['rabbitmq']['heartbeat_timeout_threshold'] = 123
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['heartbeat_timeout_threshold']).to eq(123)
|
||||
end
|
||||
end
|
||||
|
||||
it 'enables rabbit heartbeat_rate for all services' do
|
||||
node.set['openstack']['mq']['rabbitmq']['heartbeat_rate'] = 123
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['heartbeat_rate']).to eq(123)
|
||||
end
|
||||
end
|
||||
|
||||
it 'has correct host for endpoints' do
|
||||
%w(identity-api identity-internal identity-admin compute-api compute-ec2-api compute-ec2-admin
|
||||
compute-xvpvnc compute-novnc compute-vnc compute-metadata-api network-api network-linuxbridge
|
||||
|
@ -111,22 +90,41 @@ describe 'openstack-common::default' do
|
|||
end
|
||||
end
|
||||
|
||||
it 'enables rabbit ssl version for all services' do
|
||||
node.set['openstack']['mq']['rabbitmq']['kombu_ssl_version'] = 'TLSv1.2'
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['kombu_ssl_version']).to eq('TLSv1.2')
|
||||
context 'rabbit mq' do
|
||||
rabbit_opts = {
|
||||
'userid' => 'guest',
|
||||
'vhost' => '/',
|
||||
'port' => '5672',
|
||||
'host' => '127.0.0.1',
|
||||
'ha' => true,
|
||||
'heartbeat_timeout_threshold' => 123,
|
||||
'heartbeat_rate' => 123,
|
||||
'kombu_ssl_version' => 'TLSv1.2',
|
||||
'kombu_ssl_keyfile' => 'key_file',
|
||||
'kombu_ssl_certfile' => 'cert_file',
|
||||
'kombu_ssl_ca_certs' => 'ca_certs_file',
|
||||
'kombu_reconnect_delay' => 123.456,
|
||||
'kombu_reconnect_timeout' => 123
|
||||
}
|
||||
rabbit_opts.each do |key, value|
|
||||
it "configures rabbit mq #{key}" do
|
||||
node.set['openstack']['mq']['rabbitmq'][key] = value
|
||||
mq_services.each do |service|
|
||||
expect(chef_run.node['openstack']['mq'][service]['rabbit'][key]).to eq(value)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
it 'set rabbit_max_retries to 0 for all services' do
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['rabbit_max_retries']).to eq(0)
|
||||
it 'set rabbit_max_retries to 0 for all services' do
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['rabbit_max_retries']).to eq(0)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
it 'set rabbit_retry_interval to 1 for all services' do
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['rabbit_retry_interval']).to eq(1)
|
||||
it 'set rabbit_retry_interval to 1 for all services' do
|
||||
mq_services.each do |svc|
|
||||
expect(chef_run.node['openstack']['mq'][svc]['rabbit']['rabbit_retry_interval']).to eq(1)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue