Allow rabbit mq kombu ssl configuration
Add the rest of the kombu ssl configuration options. Change-Id: Ifba96ecd08de5b18b1e365f6f5c25677a9008af2 Partial-Bug: 1464706
This commit is contained in:
parent
8c23bb8df1
commit
808e27fff5
|
@ -14,4 +14,4 @@ recipe 'openstack-identity::registration', 'Adds user, tenant, role and endpoint
|
|||
supports os
|
||||
end
|
||||
|
||||
depends 'openstack-common', '>= 11.2.0'
|
||||
depends 'openstack-common', '>= 11.4.0'
|
||||
|
|
|
@ -842,7 +842,6 @@ describe 'openstack-identity::server' do
|
|||
/^rpc_conn_pool_size = 30$/,
|
||||
/^rabbit_host = 127.0.0.1$/,
|
||||
/^rabbit_port = 5672$/,
|
||||
/^rabbit_use_ssl = false$/,
|
||||
/^rabbit_userid = guest$/,
|
||||
/^rabbit_password = guest$/,
|
||||
/^rabbit_virtual_host = \/$/,
|
||||
|
@ -858,7 +857,6 @@ describe 'openstack-identity::server' do
|
|||
/^amqp_auto_delete = false$/,
|
||||
/^rpc_conn_pool_size = 30$/,
|
||||
/^rabbit_hosts = rabbit_servers_value$/,
|
||||
/^rabbit_use_ssl = false$/,
|
||||
/^rabbit_userid = guest$/,
|
||||
/^rabbit_password = guest$/,
|
||||
/^rabbit_virtual_host = \/$/,
|
||||
|
@ -867,10 +865,35 @@ describe 'openstack-identity::server' do
|
|||
expect(chef_run).to render_config_file(path).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
it 'has komdefaults for oslo_messaging_rabbit section with ha' do
|
||||
it 'does not have ssl config set' do
|
||||
[/^rabbit_use_ssl=/,
|
||||
/^kombu_ssl_version=/,
|
||||
/^kombu_ssl_keyfile=/,
|
||||
/^kombu_ssl_certfile=/,
|
||||
/^kombu_ssl_ca_certs=/,
|
||||
/^kombu_reconnect_delay=/,
|
||||
/^kombu_reconnect_timeout=/].each do |line|
|
||||
expect(chef_run).not_to render_config_file(path).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'sets ssl config' do
|
||||
node.set['openstack']['mq']['identity']['rabbit']['use_ssl'] = true
|
||||
node.set['openstack']['mq']['identity']['rabbit']['kombu_ssl_version'] = 'ssl_version'
|
||||
expect(chef_run).to render_config_file(path).with_section_content('oslo_messaging_rabbit', /^kombu_ssl_version = ssl_version$/)
|
||||
node.set['openstack']['mq']['identity']['rabbit']['kombu_ssl_version'] = 'TLSv1.2'
|
||||
node.set['openstack']['mq']['identity']['rabbit']['kombu_ssl_keyfile'] = 'keyfile'
|
||||
node.set['openstack']['mq']['identity']['rabbit']['kombu_ssl_certfile'] = 'certfile'
|
||||
node.set['openstack']['mq']['identity']['rabbit']['kombu_ssl_ca_certs'] = 'certsfile'
|
||||
node.set['openstack']['mq']['identity']['rabbit']['kombu_reconnect_delay'] = 123.123
|
||||
node.set['openstack']['mq']['identity']['rabbit']['kombu_reconnect_timeout'] = 123
|
||||
[/^rabbit_use_ssl=true/,
|
||||
/^kombu_ssl_version=TLSv1.2$/,
|
||||
/^kombu_ssl_keyfile=keyfile$/,
|
||||
/^kombu_ssl_certfile=certfile$/,
|
||||
/^kombu_ssl_ca_certs=certsfile$/,
|
||||
/^kombu_reconnect_delay=123.123$/,
|
||||
/^kombu_reconnect_timeout=123$/].each do |line|
|
||||
expect(chef_run).to render_config_file(path).with_section_content('oslo_messaging_rabbit', line)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -803,13 +803,34 @@ amqp_auto_delete = <%= node['openstack']['mq']['identity']['auto_delete'] %>
|
|||
#rpc_conn_pool_size = 30
|
||||
rpc_conn_pool_size = <%= node["openstack"]["identity"]["rpc_conn_pool_size"] %>
|
||||
|
||||
# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
|
||||
# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
|
||||
# distributions. (string value)
|
||||
# Deprecated group/name - [DEFAULT]/kombu_ssl_version
|
||||
#kombu_ssl_version =
|
||||
<% if node["openstack"]["mq"]["identity"]["rabbit"]["use_ssl"] && node["openstack"]["mq"]["identity"]["rabbit"]["kombu_ssl_version"] -%>
|
||||
kombu_ssl_version = <%= node["openstack"]["mq"]["identity"]["rabbit"]["kombu_ssl_version"] %>
|
||||
<% if node['openstack']['mq']['identity']['rabbit']['use_ssl'] -%>
|
||||
|
||||
# Connect over SSL for RabbitMQ. (boolean value)
|
||||
rabbit_use_ssl=true
|
||||
|
||||
<% if node['openstack']['mq']['identity']['rabbit']['kombu_ssl_version'] -%>
|
||||
# SSL version to use (valid only if SSL enabled). valid values
|
||||
# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on
|
||||
# some distributions. (string value)
|
||||
kombu_ssl_version=<%= node['openstack']['mq']['identity']['rabbit']['kombu_ssl_version'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['identity']['rabbit']['kombu_ssl_keyfile'] -%>
|
||||
# SSL key file (valid only if SSL enabled)
|
||||
kombu_ssl_keyfile=<%= node['openstack']['mq']['identity']['rabbit']['kombu_ssl_keyfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['identity']['rabbit']['kombu_ssl_certfile'] -%>
|
||||
# SSL cert file (valid only if SSL enabled)
|
||||
kombu_ssl_certfile=<%= node['openstack']['mq']['identity']['rabbit']['kombu_ssl_certfile'] %>
|
||||
<% end -%>
|
||||
<% if node['openstack']['mq']['identity']['rabbit']['kombu_ssl_ca_certs'] -%>
|
||||
# SSL certification authority file (valid only if SSL enabled)
|
||||
kombu_ssl_ca_certs=<%= node['openstack']['mq']['identity']['rabbit']['kombu_ssl_ca_certs'] %>
|
||||
<% end -%>
|
||||
# How long to wait before reconnecting in response to an AMQP consumer cancel notification
|
||||
kombu_reconnect_delay=<%= node['openstack']['mq']['identity']['rabbit']['kombu_reconnect_delay'] %>
|
||||
# How long to wait before considering a reconnect attempt to have failed.
|
||||
# This value should not be longer than rpc_response_timeout
|
||||
kombu_reconnect_timeout=<%= node['openstack']['mq']['identity']['rabbit']['kombu_reconnect_timeout'] %>
|
||||
<% end -%>
|
||||
|
||||
<% if node["openstack"]["mq"]["identity"]["rabbit"]["ha"] %>
|
||||
|
@ -835,11 +856,6 @@ rabbit_host = <%= node["openstack"]["mq"]["identity"]["rabbit"]["host"] %>
|
|||
rabbit_port = <%= node["openstack"]["mq"]["identity"]["rabbit"]["port"] %>
|
||||
<% end -%>
|
||||
|
||||
# Connect over SSL for RabbitMQ. (boolean value)
|
||||
# Deprecated group/name - [DEFAULT]/rabbit_use_ssl
|
||||
#rabbit_use_ssl = false
|
||||
rabbit_use_ssl = <%= node["openstack"]["mq"]["identity"]["rabbit"]["use_ssl"] %>
|
||||
|
||||
# The RabbitMQ userid. (string value)
|
||||
# Deprecated group/name - [DEFAULT]/rabbit_userid
|
||||
#rabbit_userid = guest
|
||||
|
|
Loading…
Reference in New Issue