openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/prechecks/tasks/service_checks.yml
Sven Kieske 64575519aa enable quorum queues 
This implements a global toggle `om_enable_rabbitmq_quorum_queues`
to enable quorum queues for each service in RabbitMQ, similar to
what was done for HA[0].

Quorum Queues are enabled by default.

Quorum queues are more reliable, safer, simpler and faster than
replicated mirrored classic queues[1].

Mirrored classic queues are deprecated and scheduled for removal
in RabbitMQ 4.0[2].

Notice, that we do not need a new policy in the RabbitMQ definitions
template, because their usage is enabled on the client side and can't
be set using a policy[3].

Notice also, that quorum queues are not yet enabled in oslo.messaging
for the usage of reply_ and fanout_ queues (transient queues).
This will change once[4] is merged.

[0]: https://review.opendev.org/c/openstack/kolla-ansible/+/867771
[1]: https://www.rabbitmq.com/quorum-queues.html
[2]: https://blog.rabbitmq.com/posts/2021/08/4.0-deprecation-announcements/
[3]: https://www.rabbitmq.com/quorum-queues.html#declaring
[4]: https://review.opendev.org/c/openstack/oslo.messaging/+/888479

Signed-off-by: Sven Kieske <kieske@osism.tech>
Change-Id: I6c033d460a5c9b93c346e9e47e93b159d3c27830
2023-11-30 13:53:00 +00:00

82 lines
2.7 KiB
YAML
Raw Blame History

---
- name: Checking if system uses systemd
become: true
assert:
that:
- "ansible_facts.service_mgr == 'systemd'"
when: inventory_hostname in groups['baremetal']
- name: Checking Docker version
become: true
command: "{{ kolla_container_engine }} --version"
register: result
changed_when: false
check_mode: false
when:
- kolla_container_engine == 'docker'
- inventory_hostname in groups['baremetal']
failed_when: result is failed
or result.stdout | regex_replace('.*\\b(\\d+\\.\\d+\\.\\d+)\\b.*', '\\1') is version(docker_version_min, '<')
# NOTE(mgoddard): If passwords.yml is encrypted using ansible-vault, this check
# will pass, but only because nothing in the vault file has the format of a
# YAML dict item.
- name: Checking empty passwords in passwords.yml. Run kolla-genpwd if this task fails
command:
cmd: grep '^[^#].*:\s*$' "{{ node_config }}/passwords.yml"
delegate_to: localhost
run_once: True
register: result
changed_when: false
failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":")
check_mode: false
- name: Check if nscd is running
command: pgrep nscd
ignore_errors: yes
failed_when: false
changed_when: false
check_mode: false
register: nscd_status
- name: Fail if nscd is running
fail:
msg: |
Service nscd is running. This is known to cause issues with Docker's user namespaces in
Kolla. Please disable it before proceeding.
when:
- nscd_status.rc == 0
- name: Validate that internal and external vip address are different when TLS is enabled only on either the internal and external network
run_once: True
fail:
msg: 'kolla_external_vip_address and kolla_internal_vip_address must not be the same when only one network has TLS enabled'
changed_when: false
when:
- kolla_enable_tls_external | bool or kolla_enable_tls_internal | bool
- not (kolla_enable_tls_external | bool and kolla_enable_tls_internal | bool)
- kolla_same_external_internal_vip | bool
- name: Validate that enable_ceph is disabled
run_once: True
fail:
msg: "We are sorry but enable_ceph is no longer supported. Please use external ceph support."
when:
- (enable_ceph | default()) | bool
- name: Validate that enable_zun is disabled
run_once: True
fail:
msg: |
Apologies, Zun is currently not supported for this release.
Please consult the release notes.
when:
- (enable_zun | default()) | bool
- name: Validate rabbitmq variables
run_once: True
fail:
msg: |
Please set only one of om_enable_rabbitmq_high_availability or om_enable_rabbitmq_quorum_queues
when: (om_enable_rabbitmq_high_availability | bool) == (om_enable_rabbitmq_quorum_queues | bool)
View Git Blame Copy Permalink