245cd42694
As an operator I want to be able to monitor the status of RabbitMQ by collecting metrics such as queue length, message rates (globally and per channel), and information about resource usage on the host, such as memory use, open file descriptors and the state of the cluster. Whilst it is possible to gather all of this information using the OpenStack RabbitMQ user configured by Kolla Ansible, this user has write access to the OpenStack vhost. This feature adds a monitoring user which has access to all of the information described above, but does not have write access. An example of a service which may use the monitoring user is the RabbitMQ plugin for the Monasca Agent. As not all users will configure monitoring, by default the monitoring user is disabled. To create it, the user should override the rabbitmq_monitoring_user variable. Implements: blueprint add-monitoring-user-for-rabbit Change-Id: Ie895ddc59dda1c38faab6305163d9bed6710ff9d
721 lines
16 KiB
YAML
721 lines
16 KiB
YAML
---
|
|
# NOTE(awiddersheim): Gather facts for all hosts as a
|
|
# first step since several plays below require them when
|
|
# building their configurations. The below 'gather_facts'
|
|
# set to 'false' is a bit confusing but this is to avoid
|
|
# Ansible gathering facts twice.
|
|
- name: Gather facts for all hosts
|
|
hosts: all
|
|
serial: '{{ serial|default("0") }}'
|
|
gather_facts: false
|
|
tasks:
|
|
- setup:
|
|
tags: always
|
|
|
|
# NOTE(pbourke): This case covers deploying subsets of hosts using --limit. The
|
|
# limit arg will cause the first play to gather facts only about that node,
|
|
# meaning facts such as IP addresses for rabbitmq nodes etc. will be undefined
|
|
# in the case of adding a single compute node.
|
|
# We don't want to add the delegate parameters to the above play as it will
|
|
# result in ((num_nodes-1)^2) number of SSHs when running for all nodes
|
|
# which can be very inefficient.
|
|
- name: Gather facts for all hosts (if using --limit)
|
|
hosts: all
|
|
serial: '{{ serial|default("0") }}'
|
|
gather_facts: false
|
|
tasks:
|
|
- setup:
|
|
delegate_facts: True
|
|
delegate_to: "{{ item }}"
|
|
with_items: "{{ groups['all'] }}"
|
|
when:
|
|
- (ansible_play_batch | length) != (groups['all'] | length)
|
|
|
|
- name: Detect openstack_release variable
|
|
hosts: all
|
|
gather_facts: false
|
|
tasks:
|
|
- name: Get current kolla-ansible version number
|
|
local_action: command python -c "import pbr.version; print(pbr.version.VersionInfo('kolla-ansible'))"
|
|
register: kolla_ansible_version
|
|
changed_when: false
|
|
when: openstack_release == "auto"
|
|
|
|
- name: Set openstack_release variable
|
|
set_fact:
|
|
openstack_release: "{{ kolla_ansible_version.stdout }}"
|
|
when: openstack_release == "auto"
|
|
tags: always
|
|
|
|
- name: Apply role prechecks
|
|
gather_facts: false
|
|
hosts:
|
|
- all
|
|
roles:
|
|
- role: prechecks
|
|
when: action == "precheck"
|
|
|
|
- name: Apply role chrony
|
|
gather_facts: false
|
|
hosts:
|
|
- chrony-server
|
|
- chrony
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: chrony,
|
|
tags: chrony,
|
|
when: enable_chrony | bool }
|
|
|
|
- name: Apply role collectd
|
|
gather_facts: false
|
|
hosts: collectd
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: collectd,
|
|
tags: collectd,
|
|
when: enable_collectd | bool }
|
|
|
|
- name: Apply role elasticsearch
|
|
gather_facts: false
|
|
hosts: elasticsearch
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: elasticsearch,
|
|
tags: elasticsearch,
|
|
when: enable_elasticsearch | bool }
|
|
|
|
- name: Apply role influxdb
|
|
gather_facts: false
|
|
hosts: influxdb
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: influxdb,
|
|
tags: influxdb,
|
|
when: enable_influxdb | bool }
|
|
|
|
- name: Apply role telegraf
|
|
gather_facts: false
|
|
hosts:
|
|
- telegraf
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: telegraf,
|
|
tags: telegraf,
|
|
when: enable_telegraf | bool }
|
|
|
|
- name: Apply role redis
|
|
gather_facts: false
|
|
hosts:
|
|
- redis
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: redis,
|
|
tags: redis,
|
|
when: enable_redis | bool }
|
|
|
|
- name: Apply role haproxy
|
|
gather_facts: false
|
|
hosts:
|
|
- haproxy
|
|
roles:
|
|
- { role: haproxy,
|
|
tags: haproxy,
|
|
when: enable_haproxy | bool }
|
|
|
|
- name: Apply role kibana
|
|
gather_facts: false
|
|
hosts: kibana
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: kibana,
|
|
tags: kibana,
|
|
when: enable_kibana | bool }
|
|
|
|
- name: Apply role memcached
|
|
gather_facts: false
|
|
hosts: memcached
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: memcached,
|
|
tags: [memcache, memcached],
|
|
when: enable_memcached | bool }
|
|
|
|
- name: Apply role mariadb
|
|
gather_facts: false
|
|
hosts: mariadb
|
|
roles:
|
|
- { role: mariadb,
|
|
tags: mariadb,
|
|
when: enable_mariadb | bool }
|
|
|
|
- name: Apply role iscsi
|
|
gather_facts: false
|
|
hosts:
|
|
- iscsid
|
|
- tgtd
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: iscsi,
|
|
tags: iscsi,
|
|
when: enable_iscsid | bool }
|
|
|
|
- name: Apply role multipathd
|
|
gather_facts: false
|
|
hosts:
|
|
- multipathd
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: multipathd,
|
|
tags: multipathd,
|
|
when: enable_multipathd | bool }
|
|
|
|
- name: Apply role rabbitmq
|
|
gather_facts: false
|
|
hosts: rabbitmq
|
|
roles:
|
|
- { role: rabbitmq,
|
|
tags: rabbitmq,
|
|
role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}',
|
|
role_rabbitmq_cluster_port: '{{ rabbitmq_cluster_port }}',
|
|
role_rabbitmq_epmd_port: '{{ rabbitmq_epmd_port }}',
|
|
role_rabbitmq_groups: rabbitmq,
|
|
role_rabbitmq_management_port: '{{ rabbitmq_management_port }}',
|
|
role_rabbitmq_monitoring_password: '{{ rabbitmq_monitoring_password }}',
|
|
role_rabbitmq_monitoring_user: '{{ rabbitmq_monitoring_user }}',
|
|
role_rabbitmq_password: '{{ rabbitmq_password }}',
|
|
role_rabbitmq_port: '{{ rabbitmq_port }}',
|
|
role_rabbitmq_user: '{{ rabbitmq_user }}',
|
|
when: enable_rabbitmq | bool }
|
|
|
|
- name: Apply role rabbitmq (outward)
|
|
gather_facts: false
|
|
hosts: outward-rabbitmq
|
|
roles:
|
|
- { role: rabbitmq,
|
|
tags: rabbitmq,
|
|
project_name: outward_rabbitmq,
|
|
role_rabbitmq_cluster_cookie: '{{ outward_rabbitmq_cluster_cookie }}',
|
|
role_rabbitmq_cluster_port: '{{ outward_rabbitmq_cluster_port }}',
|
|
role_rabbitmq_epmd_port: '{{ outward_rabbitmq_epmd_port }}',
|
|
role_rabbitmq_groups: outward-rabbitmq,
|
|
role_rabbitmq_management_port: '{{ outward_rabbitmq_management_port }}',
|
|
role_rabbitmq_password: '{{ outward_rabbitmq_password }}',
|
|
role_rabbitmq_port: '{{ outward_rabbitmq_port }}',
|
|
role_rabbitmq_user: '{{ outward_rabbitmq_user }}',
|
|
when: enable_outward_rabbitmq | bool }
|
|
|
|
- name: Apply role qdrouterd
|
|
gather_facts: false
|
|
hosts: qdrouterd
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: qdrouterd,
|
|
tags: qdrouterd,
|
|
when: enable_qdrouterd | bool }
|
|
|
|
- name: Apply role etcd
|
|
gather_facts: false
|
|
hosts: etcd
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: etcd,
|
|
tags: etcd,
|
|
when: enable_etcd | bool }
|
|
|
|
- name: Apply role keystone
|
|
gather_facts: false
|
|
hosts: keystone
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: keystone,
|
|
tags: keystone,
|
|
when: enable_keystone | bool }
|
|
|
|
- name: Apply role ceph
|
|
gather_facts: false
|
|
hosts:
|
|
- ceph-mon
|
|
- ceph-osd
|
|
- ceph-rgw
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: ceph,
|
|
tags: ceph,
|
|
when: enable_ceph | bool }
|
|
|
|
- name: Apply role karbor
|
|
gather_facts: false
|
|
hosts: karbor
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: karbor,
|
|
tags: karbor,
|
|
when: enable_karbor | bool }
|
|
|
|
- name: Apply role swift
|
|
gather_facts: false
|
|
hosts:
|
|
- swift-account-server
|
|
- swift-container-server
|
|
- swift-object-server
|
|
- swift-proxy-server
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: swift,
|
|
tags: swift,
|
|
when: enable_swift | bool }
|
|
|
|
- name: Apply role glance
|
|
gather_facts: false
|
|
hosts:
|
|
- ceph-mon
|
|
- glance-api
|
|
- glance-registry
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: glance,
|
|
tags: glance,
|
|
when: enable_glance | bool }
|
|
|
|
- name: Apply role ironic
|
|
gather_facts: false
|
|
hosts:
|
|
- ironic-api
|
|
- ironic-conductor
|
|
- ironic-inspector
|
|
- ironic-pxe
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: ironic,
|
|
tags: ironic,
|
|
when: enable_ironic | bool }
|
|
|
|
- name: Apply role cinder
|
|
gather_facts: false
|
|
hosts:
|
|
- ceph-mon
|
|
- cinder-api
|
|
- cinder-backup
|
|
- cinder-scheduler
|
|
- cinder-volume
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: cinder,
|
|
tags: cinder,
|
|
when: enable_cinder | bool }
|
|
|
|
- name: Apply role nova
|
|
gather_facts: false
|
|
hosts:
|
|
- ceph-mon
|
|
- compute
|
|
- nova-api
|
|
- nova-conductor
|
|
- nova-consoleauth
|
|
- nova-novncproxy
|
|
- nova-scheduler
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: nova,
|
|
tags: nova,
|
|
when: enable_nova | bool }
|
|
|
|
- name: Apply role opendaylight
|
|
gather_facts: false
|
|
hosts: opendaylight
|
|
roles:
|
|
- { role: opendaylight,
|
|
tags: opendaylight,
|
|
when: enable_opendaylight | bool }
|
|
|
|
- name: Apply role openvswitch
|
|
hosts:
|
|
- openvswitch
|
|
roles:
|
|
- { role: openvswitch,
|
|
tags: openvswitch,
|
|
when: "(enable_openvswitch | bool) and not (enable_ovs_dpdk | bool)"}
|
|
|
|
- name: Apply role ovs-dpdk
|
|
hosts:
|
|
- openvswitch
|
|
roles:
|
|
- { role: ovs-dpdk,
|
|
tags: ovs-dpdk,
|
|
when: "(enable_openvswitch | bool) and (enable_ovs_dpdk | bool)"}
|
|
|
|
- name: Apply nova-hyperv role
|
|
gather_facts: false
|
|
hosts:
|
|
- hyperv
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: nova-hyperv,
|
|
tags: nova-hyperv,
|
|
when: enable_hyperv | bool }
|
|
|
|
# (gmmaha): Please do not change the order listed here. The current order is a
|
|
# workaround to fix the bug https://bugs.launchpad.net/kolla/+bug/1546789
|
|
- name: Apply role neutron
|
|
gather_facts: false
|
|
hosts:
|
|
- neutron-server
|
|
- neutron-dhcp-agent
|
|
- neutron-l3-agent
|
|
- neutron-lbaas-agent
|
|
- neutron-metadata-agent
|
|
- neutron-vpnaas-agent
|
|
- compute
|
|
- manila-share
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: neutron,
|
|
tags: neutron,
|
|
when: enable_neutron | bool }
|
|
|
|
- name: Apply role kuryr
|
|
gather_facts: false
|
|
hosts:
|
|
- compute
|
|
roles:
|
|
- { role: kuryr,
|
|
tags: kuryr,
|
|
when: enable_kuryr | bool }
|
|
|
|
- name: Apply role heat
|
|
gather_facts: false
|
|
hosts:
|
|
- heat-api
|
|
- heat-api-cfn
|
|
- heat-engine
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: heat,
|
|
tags: heat,
|
|
when: enable_heat | bool }
|
|
|
|
- name: Apply role horizon
|
|
gather_facts: false
|
|
hosts:
|
|
- horizon
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: horizon,
|
|
tags: horizon,
|
|
when: enable_horizon | bool }
|
|
|
|
- name: Apply role murano
|
|
gather_facts: false
|
|
hosts:
|
|
- murano-api
|
|
- murano-engine
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: murano,
|
|
tags: murano,
|
|
when: enable_murano | bool }
|
|
|
|
- name: Apply role solum
|
|
gather_facts: false
|
|
hosts:
|
|
- solum-api
|
|
- solum-worker
|
|
- solum-deployer
|
|
- solum-conductor
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: solum,
|
|
tags: solum,
|
|
when: enable_solum | bool }
|
|
|
|
- name: Apply role magnum
|
|
gather_facts: false
|
|
hosts:
|
|
- magnum-api
|
|
- magnum-conductor
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: magnum,
|
|
tags: magnum,
|
|
when: enable_magnum | bool }
|
|
|
|
- name: Apply role mistral
|
|
gather_facts: false
|
|
hosts:
|
|
- mistral-api
|
|
- mistral-engine
|
|
- mistral-executor
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: mistral,
|
|
tags: mistral,
|
|
when: enable_mistral | bool }
|
|
|
|
- name: Apply role sahara
|
|
gather_facts: false
|
|
hosts:
|
|
- sahara-api
|
|
- sahara-engine
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: sahara,
|
|
tags: sahara,
|
|
when: enable_sahara | bool }
|
|
|
|
- name: Apply role mongodb
|
|
gather_facts: false
|
|
hosts:
|
|
- mongodb
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: mongodb,
|
|
tags: mongodb,
|
|
when: enable_mongodb | bool }
|
|
|
|
- name: Apply role panko
|
|
gather_facts: false
|
|
hosts: panko-api
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: panko,
|
|
tags: panko,
|
|
when: enable_panko | bool }
|
|
|
|
- name: Apply role manila
|
|
gather_facts: false
|
|
hosts:
|
|
- manila-api
|
|
- manila-data
|
|
- manila-share
|
|
- manila-scheduler
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: manila,
|
|
tags: manila,
|
|
when: enable_manila | bool }
|
|
|
|
- name: Apply role gnocchi
|
|
gather_facts: false
|
|
hosts:
|
|
- gnocchi-api
|
|
- gnocchi-metricd
|
|
- gnocchi-statsd
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: gnocchi,
|
|
tags: gnocchi,
|
|
when: enable_gnocchi | bool }
|
|
|
|
- name: Apply role ceilometer
|
|
gather_facts: false
|
|
vars_files:
|
|
- "roles/panko/defaults/main.yml"
|
|
hosts:
|
|
- ceilometer
|
|
- compute
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: ceilometer,
|
|
tags: ceilometer,
|
|
when: enable_ceilometer | bool }
|
|
|
|
- name: Apply role aodh
|
|
gather_facts: false
|
|
hosts:
|
|
- aodh
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: aodh,
|
|
tags: aodh,
|
|
when: enable_aodh | bool }
|
|
|
|
- name: Apply role barbican
|
|
gather_facts: false
|
|
hosts:
|
|
- barbican-api
|
|
- barbican-keystone-listener
|
|
- barbican-worker
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: barbican,
|
|
tags: barbican,
|
|
when: enable_barbican | bool }
|
|
|
|
- name: Apply role congress
|
|
gather_facts: false
|
|
hosts:
|
|
- congress-api
|
|
- congress-policy-engine
|
|
- congress-datasource
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: congress,
|
|
tags: congress,
|
|
when: enable_congress | bool }
|
|
|
|
- name: Apply role tempest
|
|
gather_facts: false
|
|
hosts:
|
|
- tempest
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: tempest,
|
|
tags: tempest,
|
|
when: enable_tempest | bool }
|
|
|
|
- name: Apply role designate
|
|
gather_facts: false
|
|
hosts:
|
|
- designate-api
|
|
- designate-central
|
|
- designate-mdns
|
|
- designate-worker
|
|
- designate-sink
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: designate,
|
|
tags: designate,
|
|
when: enable_designate | bool }
|
|
|
|
- name: Apply role rally
|
|
gather_facts: false
|
|
hosts: rally
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: rally,
|
|
tags: rally,
|
|
when: enable_rally | bool }
|
|
|
|
- name: Apply role vmtp
|
|
gather_facts: false
|
|
hosts:
|
|
- vmtp
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: vmtp,
|
|
tags: vmtp,
|
|
when: enable_vmtp | bool }
|
|
|
|
- name: Apply role trove
|
|
gather_facts: false
|
|
hosts:
|
|
- trove-api
|
|
- trove-conductor
|
|
- trove-taskmanager
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: trove,
|
|
tags: trove,
|
|
when: enable_trove | bool }
|
|
|
|
- name: Apply role watcher
|
|
gather_facts: false
|
|
hosts:
|
|
- watcher-api
|
|
- watcher-engine
|
|
- watcher-applier
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: watcher,
|
|
tags: watcher,
|
|
when: enable_watcher | bool }
|
|
|
|
- name: Apply role grafana
|
|
gather_facts: false
|
|
hosts:
|
|
- grafana
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: grafana,
|
|
tags: grafana,
|
|
when: enable_grafana | bool }
|
|
|
|
- name: Apply role cloudkitty
|
|
gather_facts: false
|
|
hosts:
|
|
- cloudkitty-api
|
|
- cloudkitty-processor
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: cloudkitty,
|
|
tags: cloudkitty,
|
|
when: enable_cloudkitty | bool }
|
|
|
|
- name: Apply role freezer
|
|
gather_facts: false
|
|
hosts:
|
|
- freezer-api
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: freezer,
|
|
tags: freezer,
|
|
when: enable_freezer | bool }
|
|
|
|
- name: Apply role senlin
|
|
gather_facts: false
|
|
hosts:
|
|
- senlin-api
|
|
- senlin-engine
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: senlin,
|
|
tags: senlin,
|
|
when: enable_senlin | bool }
|
|
|
|
- name: Apply role searchlight
|
|
gather_facts: false
|
|
hosts:
|
|
- searchlight-api
|
|
- searchlight-listener
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: searchlight,
|
|
tags: searchlight,
|
|
when: enable_searchlight | bool }
|
|
|
|
- name: Apply role tacker
|
|
gather_facts: false
|
|
hosts:
|
|
- tacker-server
|
|
- tacker-conductor
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: tacker,
|
|
tags: tacker,
|
|
when: enable_tacker | bool }
|
|
|
|
- name: Apply role octavia
|
|
gather_facts: false
|
|
hosts:
|
|
- octavia-api
|
|
- octavia-health-manager
|
|
- octavia-housekeeping
|
|
- octavia-worker
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: octavia,
|
|
tags: octavia,
|
|
when: enable_octavia | bool }
|
|
|
|
- name: Apply role zun
|
|
gather_facts: false
|
|
hosts:
|
|
- zun-api
|
|
- zun-compute
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: zun,
|
|
tags: zun,
|
|
when: enable_zun | bool }
|
|
|
|
- name: Apply role skydive
|
|
gather_facts: false
|
|
hosts:
|
|
- skydive-agent
|
|
- skydive-analyzer
|
|
serial: '{{ serial|default("0") }}'
|
|
roles:
|
|
- { role: skydive,
|
|
tags: skydive,
|
|
when: enable_skydive | bool }
|