Merge "Add vhost to outward rabbitmq for Murano"

2017-06-16 11:28:33 +00:00 · 2017-06-16 11:28:33 +00:00 · f07515afe8
commit f07515afe8
parent 322eb353a2 aff43f73e3
5 changed files with 33 additions and 6 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -525,6 +525,13 @@ nova_backend_ceph: "{{ enable_ceph }}"
 nova_backend: "{{ 'rbd' if nova_backend_ceph | bool else 'default' }}"
 #######################
 # Murano options
 #######################
 murano_agent_rabbitmq_vhost: "muranoagent"
 murano_agent_rabbitmq_user: "muranoagent"
 #######################
 # Horizon options
 #######################
--- a/ansible/roles/murano/templates/murano.conf.j2
+++ b/ansible/roles/murano/templates/murano.conf.j2
@ -33,11 +33,18 @@ memcache_security_strategy = ENCRYPT
 memcache_secret_key = {{ memcache_secret_key }}
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
 [murano]
 url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}
 api_workers = {{ openstack_service_workers }}
 [oslo_messaging_notifications]
 driver = messagingv2
 {% if service_name == 'murano-engine' %}
 [rabbitmq]
 host = {{ kolla_external_vip_address }}
 port = {{ outward_rabbitmq_port }}
 login = {{ murano_agent_rabbitmq_user }}
 password = {{ murano_agent_rabbitmq_password }}
 virtual_host = {{ murano_agent_rabbitmq_vhost }}
 {% endif %}
--- a/ansible/roles/rabbitmq/templates/definitions.json.j2
+++ b/ansible/roles/rabbitmq/templates/definitions.json.j2
@ -1,14 +1,22 @@
 {
  "vhosts": [
-    {"name": "/"}
+    {"name": "/"}{% if project_name == 'outward_rabbitmq' %},
    {"name": "{{ murano_agent_rabbitmq_vhost }}"}
    {% endif %}
  ],
  "users": [
-    {"name": "{{ role_rabbitmq_user }}", "password": "{{ role_rabbitmq_password }}", "tags": "administrator"}
+    {"name": "{{ role_rabbitmq_user }}", "password": "{{ role_rabbitmq_password }}", "tags": "administrator"}{% if project_name == 'outward_rabbitmq' %},
    {"name": "{{ murano_agent_rabbitmq_user }}", "password": "{{ murano_agent_rabbitmq_password }}", "tags": "management"}
    {% endif %}
  ],
  "permissions": [
-    {"user": "{{ role_rabbitmq_user }}", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*"}
+    {"user": "{{ role_rabbitmq_user }}", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*"}{% if project_name == 'outward_rabbitmq' %},
    {"user": "{{ murano_agent_rabbitmq_user }}", "vhost": "{{ murano_agent_rabbitmq_vhost }}", "configure": ".*", "write": ".*", "read": ".*"}
    {% endif %}
  ],
  "policies":[
-    {"vhost": "/", "name": "ha-all", "pattern": ".*", "apply-to": "all", "definition": {"ha-mode":"all"}, "priority":0}
+    {"vhost": "/", "name": "ha-all", "pattern": ".*", "apply-to": "all", "definition": {"ha-mode":"all"}, "priority":0}{% if project_name == 'outward_rabbitmq' %},
    {"vhost": "{{ murano_agent_rabbitmq_vhost }}", "name": "ha-all", "pattern": ".*", "apply-to": "all", "definition": {"ha-mode":"all"}, "priority":0}
    {% endif %}
  ]
 }
--- a/etc/kolla/passwords.yml
+++ b/etc/kolla/passwords.yml
@ -94,6 +94,7 @@ heat_domain_admin_password:
 murano_database_password:
 murano_keystone_password:
 murano_agent_rabbitmq_password:
 ironic_database_password:
 ironic_keystone_password:
--- a/releasenotes/notes/murano-rabbitmq-c3cec712b12f045f.yaml
+++ b/releasenotes/notes/murano-rabbitmq-c3cec712b12f045f.yaml
@ -0,0 +1,4 @@
 ---
 features:
  - RabbitMQ now has a vhost entry so the engine can communicate
    with murano agents running in user VMs.