--- - import_role: name: service-precheck vars: service_precheck_services: "{{ rabbitmq_services }}" service_name: "{{ project_name }}" - name: Get container facts become: true kolla_container_facts: name: - rabbitmq - outward_rabbitmq register: container_facts - name: Checking free port for RabbitMQ wait_for: host: "{{ api_interface_address }}" port: "{{ rabbitmq_port }}" connect_timeout: 1 timeout: 1 state: stopped when: - container_facts['rabbitmq'] is not defined - inventory_hostname in groups['rabbitmq'] - name: Checking free port for RabbitMQ Management wait_for: host: "{{ api_interface_address }}" port: "{{ rabbitmq_management_port }}" connect_timeout: 1 timeout: 1 state: stopped when: - container_facts['rabbitmq'] is not defined - inventory_hostname in groups['rabbitmq'] - name: Checking free port for RabbitMQ Cluster wait_for: host: "{{ api_interface_address }}" port: "{{ rabbitmq_cluster_port }}" connect_timeout: 1 timeout: 1 state: stopped when: - container_facts['rabbitmq'] is not defined - inventory_hostname in groups['rabbitmq'] - name: Checking free port for RabbitMQ EPMD wait_for: host: "{{ api_interface_address }}" port: "{{ rabbitmq_epmd_port }}" connect_timeout: 1 timeout: 1 state: stopped when: - container_facts['rabbitmq'] is not defined - inventory_hostname in groups['rabbitmq'] - name: Check if all rabbit hostnames are resolvable vars: nss_database: "{{ 'ahostsv4' if api_address_family == 'ipv4' else 'ahostsv6' }}" command: "getent {{ nss_database }} {{ hostvars[item]['ansible_hostname'] }}" changed_when: false register: rabbitmq_hostnames with_items: "{{ groups['rabbitmq'] }}" - name: Check if each rabbit hostname resolves uniquely to the proper IP address fail: msg: Hostname has to resolve uniquely to the IP address of api_interface with_subelements: - "{{ rabbitmq_hostnames.results }}" - stdout_lines when: - not item.1 is match('^'+('api' | kolla_address(item.0.item))+'\\b') - name: Check if TLS certificate exists for RabbitMQ vars: cert: "{{ query('first_found', paths, errors='ignore') }}" paths: - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/rabbitmq-cert.pem" - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-cert.pem" - "{{ kolla_certificates_dir }}/rabbitmq-cert.pem" fail: msg: No TLS certificate provided for RabbitMQ. when: - rabbitmq_enable_tls | bool - cert | length == 0 - name: Check if TLS key exists for RabbitMQ vars: key: "{{ query('first_found', paths, errors='ignore') }}" paths: - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/rabbitmq-key.pem" - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-key.pem" - "{{ kolla_certificates_dir }}/rabbitmq-key.pem" fail: msg: No TLS key provided for RabbitMQ. when: - rabbitmq_enable_tls | bool - key | length == 0 - name: Checking free port for outward RabbitMQ wait_for: host: "{{ api_interface_address }}" port: "{{ outward_rabbitmq_port }}" connect_timeout: 1 state: stopped when: - enable_outward_rabbitmq | bool - inventory_hostname in groups['outward-rabbitmq'] - container_facts['outward_rabbitmq'] is not defined - name: Checking free port for outward RabbitMQ Management wait_for: host: "{{ api_interface_address }}" port: "{{ outward_rabbitmq_management_port }}" connect_timeout: 1 state: stopped when: - enable_outward_rabbitmq | bool - inventory_hostname in groups['outward-rabbitmq'] - container_facts['outward_rabbitmq'] is not defined - name: Checking free port for outward RabbitMQ Cluster wait_for: host: "{{ api_interface_address }}" port: "{{ outward_rabbitmq_cluster_port }}" connect_timeout: 1 state: stopped when: - enable_outward_rabbitmq | bool - inventory_hostname in groups['outward-rabbitmq'] - container_facts['outward_rabbitmq'] is not defined - name: Checking free port for outward RabbitMQ EPMD wait_for: host: "{{ api_interface_address }}" port: "{{ outward_rabbitmq_epmd_port }}" connect_timeout: 1 state: stopped when: - enable_outward_rabbitmq | bool - inventory_hostname in groups['outward-rabbitmq'] - container_facts['outward_rabbitmq'] is not defined - name: Check if all outward rabbit hostnames are resolvable vars: nss_database: "{{ 'ahostsv4' if api_address_family == 'ipv4' else 'ahostsv6' }}" command: "getent {{ nss_database }} {{ hostvars[item]['ansible_hostname'] }}" changed_when: false register: outward_rabbitmq_hostnames with_items: "{{ groups['outward-rabbitmq'] }}" when: - enable_outward_rabbitmq | bool - name: Check if each rabbit hostname resolves uniquely to the proper IP address fail: msg: Hostname has to resolve uniquely to the IP address of api_interface with_subelements: - "{{ outward_rabbitmq_hostnames.results }}" - stdout_lines when: - enable_outward_rabbitmq | bool - not item.1 is match('^'+('api' | kolla_address(item.0.item))+'\\b') - name: Check if TLS certificate exists for outward RabbitMQ vars: cert: "{{ query('first_found', paths, errors='ignore') }}" paths: - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/outward_rabbitmq-cert.pem" - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-cert.pem" - "{{ kolla_certificates_dir }}/outward_rabbitmq-cert.pem" fail: msg: No TLS certificate provided for outward RabbitMQ. when: - enable_outward_rabbitmq | bool - rabbitmq_enable_tls | bool - cert | length == 0 - name: Check if TLS key exists for outward RabbitMQ vars: key: "{{ query('first_found', paths, errors='ignore') }}" paths: - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/outward_rabbitmq-key.pem" - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-key.pem" - "{{ kolla_certificates_dir }}/outward_rabbitmq-key.pem" fail: msg: No TLS key provided for outward RabbitMQ. when: - enable_outward_rabbitmq | bool - rabbitmq_enable_tls | bool - key | length == 0