Add vhost to outward rabbitmq for Murano

Change-Id: I09654f29b59e0327ee1a7961e0990e4c6927e8fc
Closes-Bug: #1620374
This commit is contained in:
Paul Bourke 2017-04-06 15:14:04 +01:00
parent d8fe3ea780
commit aff43f73e3
5 changed files with 33 additions and 6 deletions

View File

@ -522,6 +522,13 @@ nova_backend_ceph: "{{ enable_ceph }}"
nova_backend: "{{ 'rbd' if nova_backend_ceph | bool else 'default' }}" nova_backend: "{{ 'rbd' if nova_backend_ceph | bool else 'default' }}"
#######################
# Murano options
#######################
murano_agent_rabbitmq_vhost: "muranoagent"
murano_agent_rabbitmq_user: "muranoagent"
####################### #######################
# Horizon options # Horizon options
####################### #######################

View File

@ -33,11 +33,18 @@ memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }} memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[murano] [murano]
url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }} url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}
api_workers = {{ openstack_service_workers }} api_workers = {{ openstack_service_workers }}
[oslo_messaging_notifications] [oslo_messaging_notifications]
driver = messagingv2 driver = messagingv2
{% if service_name == 'murano-engine' %}
[rabbitmq]
host = {{ kolla_external_vip_address }}
port = {{ outward_rabbitmq_port }}
login = {{ murano_agent_rabbitmq_user }}
password = {{ murano_agent_rabbitmq_password }}
virtual_host = {{ murano_agent_rabbitmq_vhost }}
{% endif %}

View File

@ -1,14 +1,22 @@
{ {
"vhosts": [ "vhosts": [
{"name": "/"} {"name": "/"}{% if project_name == 'outward_rabbitmq' %},
{"name": "{{ murano_agent_rabbitmq_vhost }}"}
{% endif %}
], ],
"users": [ "users": [
{"name": "{{ role_rabbitmq_user }}", "password": "{{ role_rabbitmq_password }}", "tags": "administrator"} {"name": "{{ role_rabbitmq_user }}", "password": "{{ role_rabbitmq_password }}", "tags": "administrator"}{% if project_name == 'outward_rabbitmq' %},
{"name": "{{ murano_agent_rabbitmq_user }}", "password": "{{ murano_agent_rabbitmq_password }}", "tags": "management"}
{% endif %}
], ],
"permissions": [ "permissions": [
{"user": "{{ role_rabbitmq_user }}", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*"} {"user": "{{ role_rabbitmq_user }}", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*"}{% if project_name == 'outward_rabbitmq' %},
{"user": "{{ murano_agent_rabbitmq_user }}", "vhost": "{{ murano_agent_rabbitmq_vhost }}", "configure": ".*", "write": ".*", "read": ".*"}
{% endif %}
], ],
"policies":[ "policies":[
{"vhost": "/", "name": "ha-all", "pattern": ".*", "apply-to": "all", "definition": {"ha-mode":"all"}, "priority":0} {"vhost": "/", "name": "ha-all", "pattern": ".*", "apply-to": "all", "definition": {"ha-mode":"all"}, "priority":0}{% if project_name == 'outward_rabbitmq' %},
{"vhost": "{{ murano_agent_rabbitmq_vhost }}", "name": "ha-all", "pattern": ".*", "apply-to": "all", "definition": {"ha-mode":"all"}, "priority":0}
{% endif %}
] ]
} }

View File

@ -94,6 +94,7 @@ heat_domain_admin_password:
murano_database_password: murano_database_password:
murano_keystone_password: murano_keystone_password:
murano_agent_rabbitmq_password:
ironic_database_password: ironic_database_password:
ironic_keystone_password: ironic_keystone_password:

View File

@ -0,0 +1,4 @@
---
features:
- RabbitMQ now has a vhost entry so the engine can communicate
with murano agents running in user VMs.