diff --git a/ansible/roles/rabbitmq/tasks/precheck.yml b/ansible/roles/rabbitmq/tasks/precheck.yml index 3f462c3608..966e32bf97 100644 --- a/ansible/roles/rabbitmq/tasks/precheck.yml +++ b/ansible/roles/rabbitmq/tasks/precheck.yml @@ -59,12 +59,14 @@ register: rabbitmq_hostnames with_items: "{{ groups['rabbitmq'] }}" -- name: Check if rabbit hostname resolves to IP address of api_interface +- name: Check if each rabbit hostname resolves uniquely to the proper IP address fail: - msg: "Hostname has to resolve to IP address of api_interface" - with_items: "{{ rabbitmq_hostnames.results }}" + msg: Hostname has to resolve uniquely to the IP address of api_interface + with_subelements: + - "{{ rabbitmq_hostnames.results }}" + - stdout_lines when: - - "item.stdout.find('api' | kolla_address(item['item'])) == -1" + - not item.1 is match('^'+('api' | kolla_address(item.0.item))+'\\b') - name: Checking free port for outward RabbitMQ wait_for: @@ -120,10 +122,12 @@ when: - enable_outward_rabbitmq | bool -- name: Check if rabbit hostname resolves to IP address of api_interface +- name: Check if each rabbit hostname resolves uniquely to the proper IP address fail: - msg: "Hostname has to resolve to IP address of api_interface" - with_items: "{{ outward_rabbitmq_hostnames.results }}" + msg: Hostname has to resolve uniquely to the IP address of api_interface + with_subelements: + - "{{ outward_rabbitmq_hostnames.results }}" + - stdout_lines when: - enable_outward_rabbitmq | bool - - "item.stdout.find('api' | kolla_address(item['item'])) == -1" + - not item.1 is match('^'+('api' | kolla_address(item.0.item))+'\\b') diff --git a/releasenotes/notes/bug-1863363-eb5d0ddd0d0d1090.yaml b/releasenotes/notes/bug-1863363-eb5d0ddd0d0d1090.yaml new file mode 100644 index 0000000000..efe29a2aac --- /dev/null +++ b/releasenotes/notes/bug-1863363-eb5d0ddd0d0d1090.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Makes RabbitMQ hostname address resolution precheck stronger by + requiring uniqueness of resolution to avoid later issues. + `LP#1863363 `