From ed5b610177059870a3e722b046de7ca0156357c3 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Tue, 28 Feb 2023 11:33:06 +0100 Subject: [PATCH] Allow to manage more the one vhost with mq_setup This change enables us to supply list of vhosts that needs to be created or deleted, rather then support only single vhost creation We also reduce code duplication by leveraging task includes. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/880031 Change-Id: I76548f45a20db29c1bfd5db332b490b670d973a4 --- ...lomsg_rpc_vhost_dict-fe1b48be298ac8d5.yaml | 14 +++ roles/mq_setup/tasks/main.yml | 90 +++++++------------ roles/mq_setup/tasks/rabbit_user_setup.yml | 27 ++++++ roles/mq_setup/tasks/rabbit_vhost_setup.yml | 32 +++++++ roles/mq_setup/vars/main.yml | 30 +++++++ 5 files changed, 137 insertions(+), 56 deletions(-) create mode 100644 releasenotes/notes/_oslomsg_rpc_vhost_dict-fe1b48be298ac8d5.yaml create mode 100644 roles/mq_setup/tasks/rabbit_user_setup.yml create mode 100644 roles/mq_setup/tasks/rabbit_vhost_setup.yml create mode 100644 roles/mq_setup/vars/main.yml diff --git a/releasenotes/notes/_oslomsg_rpc_vhost_dict-fe1b48be298ac8d5.yaml b/releasenotes/notes/_oslomsg_rpc_vhost_dict-fe1b48be298ac8d5.yaml new file mode 100644 index 00000000..cbfc615d --- /dev/null +++ b/releasenotes/notes/_oslomsg_rpc_vhost_dict-fe1b48be298ac8d5.yaml @@ -0,0 +1,14 @@ +--- +features: + - | + Variables ``_oslomsg_rpc_vhost`` and ``_oslomsg_notify_vhost`` for mq_setup + role are now a list of mappings, which means you can manage multiple vhosts + within same role include. You can provide `state` and `name` keys for + vhosts. + For backwards compatability variables stil can be supplied as a string but + this behaviour is deprecated and will be removed in the future. +deprecations: + - | + Definition of variables ``_oslomsg_rpc_vhost`` and + ``_oslomsg_notify_vhost`` as a string is deprecated in favor of list of + mappings. diff --git a/roles/mq_setup/tasks/main.yml b/roles/mq_setup/tasks/main.yml index 7f624df9..6f68f58c 100644 --- a/roles/mq_setup/tasks/main.yml +++ b/roles/mq_setup/tasks/main.yml @@ -15,38 +15,29 @@ - name: Setup RPC MQ Service (RabbitMQ) delegate_to: "{{ _oslomsg_rpc_setup_host }}" + block: + - name: Setup RPC vhost and policies + vars: + __mq_policies: "{{ _oslomsg_rpc_policies | default([]) + oslomsg_rpc_policies }}" + include_tasks: rabbit_vhost_setup.yml + loop: "{{ __resolved_oslomsg_rpc_vhost }}" + loop_control: + loop_var: __mq_vhost + + - name: Setup RPC user + vars: + __mq_nolog: "{{ _oslomsg_nolog | default(True) }}" + __mq_userid: "{{ _oslomsg_rpc_userid }}" + __mq_password: "{{ _oslomsg_rpc_password }}" + include_tasks: rabbit_user_setup.yml + loop: "{{ __resolved_oslomsg_rpc_vhost }}" + loop_control: + loop_var: __mq_vhost when: - "(_oslomsg_configure_rpc | default(_oslomsg_rpc_transport is defined))" - "(_oslomsg_rpc_transport is defined) and (_oslomsg_rpc_transport == 'rabbit')" tags: - common-rabbitmq - block: - - name: Add RPC RabbitMQ vhost - community.rabbitmq.rabbitmq_vhost: - name: "{{ _oslomsg_rpc_vhost }}" - state: "present" - - - name: Apply RPC RabbitMQ vhost policies - community.rabbitmq.rabbitmq_policy: - name: "{{ item.name }}" - pattern: "{{ item.pattern }}" - priority: "{{ item.priority | default(0) }}" - tags: "{{ item.tags }}" - state: "{{ item.state | default(omit) }}" - vhost: "{{ _oslomsg_rpc_vhost }}" - loop: "{{ _oslomsg_rpc_policies | default([]) + oslomsg_rpc_policies }}" - - - name: Add RPC RabbitMQ user - community.rabbitmq.rabbitmq_user: - user: "{{ _oslomsg_rpc_userid }}" - password: "{{ _oslomsg_rpc_password }}" - update_password: always - vhost: "{{ _oslomsg_rpc_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - no_log: "{{ _oslomsg_nolog | default(True) }}" - name: Setup Notify MQ Service (RabbitMQ) delegate_to: "{{ _oslomsg_notify_setup_host }}" @@ -56,40 +47,27 @@ tags: - common-rabbitmq block: - - name: Add Notify RabbitMQ vhost - community.rabbitmq.rabbitmq_vhost: - name: "{{ _oslomsg_notify_vhost }}" - state: "present" + - name: Setup Notify vhost and policies + vars: + __mq_policies: "{{ _oslomsg_notify_policies | default([]) + oslomsg_notify_policies }}" + include_tasks: rabbit_vhost_setup.yml + loop: "{{ __resolved_oslomsg_notify_vhost }}" + loop_control: + loop_var: __mq_vhost when: - (_oslomsg_rpc_vhost is undefined) or (_oslomsg_notify_vhost != _oslomsg_rpc_vhost) or (_oslomsg_notify_setup_host != _oslomsg_rpc_setup_host) - - name: Apply Notify RabbitMQ vhost policies - community.rabbitmq.rabbitmq_policy: - name: "{{ item.name }}" - pattern: "{{ item.pattern }}" - priority: "{{ item.priority | default(0) }}" - tags: "{{ item.tags }}" - state: "{{ item.state | default(omit) }}" - vhost: "{{ _oslomsg_notify_vhost }}" - loop: "{{ _oslomsg_notify_policies | default([]) + oslomsg_notify_policies }}" - when: - - (_oslomsg_rpc_vhost is undefined) or - (_oslomsg_notify_vhost != _oslomsg_rpc_vhost) or - (_oslomsg_notify_setup_host != _oslomsg_rpc_setup_host) - - - name: Add Notify RabbitMQ user - community.rabbitmq.rabbitmq_user: - user: "{{ _oslomsg_notify_userid }}" - password: "{{ _oslomsg_notify_password }}" - update_password: always - vhost: "{{ _oslomsg_notify_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - no_log: "{{ _oslomsg_nolog | default(True) }}" + - name: Setup Notify user + vars: + __mq_nolog: "{{ _oslomsg_nolog | default(True) }}" + __mq_userid: "{{ _oslomsg_notify_userid }}" + __mq_password: "{{ _oslomsg_notify_password }}" + include_tasks: rabbit_user_setup.yml + loop: "{{ __resolved_oslomsg_notify_vhost }}" + loop_control: + loop_var: __mq_vhost when: - (_oslomsg_rpc_userid is undefined) or (_oslomsg_notify_userid != _oslomsg_rpc_userid) or diff --git a/roles/mq_setup/tasks/rabbit_user_setup.yml b/roles/mq_setup/tasks/rabbit_user_setup.yml new file mode 100644 index 00000000..d61a6706 --- /dev/null +++ b/roles/mq_setup/tasks/rabbit_user_setup.yml @@ -0,0 +1,27 @@ +--- +# Copyright 2023, Cleura AB. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Add RabbitMQ user + community.rabbitmq.rabbitmq_user: + user: "{{ __mq_userid }}" + password: "{{ __mq_password }}" + update_password: always + vhost: "{{ __mq_vhost.name }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + no_log: "{{ __mq_nolog | default(True) }}" + when: __mq_vhost.state | default('present') == 'present' diff --git a/roles/mq_setup/tasks/rabbit_vhost_setup.yml b/roles/mq_setup/tasks/rabbit_vhost_setup.yml new file mode 100644 index 00000000..09a9b1fd --- /dev/null +++ b/roles/mq_setup/tasks/rabbit_vhost_setup.yml @@ -0,0 +1,32 @@ +--- +# Copyright 2023, Cleura AB. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Add RabbitMQ vhost + community.rabbitmq.rabbitmq_vhost: + name: "{{ __mq_vhost.name }}" + state: "{{ __mq_vhost.state | default('present') }}" + +- name: Apply RabbitMQ vhost policies + community.rabbitmq.rabbitmq_policy: + name: "{{ policy.name }}" + pattern: "{{ policy.pattern }}" + priority: "{{ policy.priority | default(0) }}" + tags: "{{ policy.tags }}" + state: "{{ policy.state | default(omit) }}" + vhost: "{{ __mq_vhost.name }}" + loop: "{{ __mq_policies }}" + when: __mq_vhost.state | default('present') == 'present' + loop_control: + loop_var: policy diff --git a/roles/mq_setup/vars/main.yml b/roles/mq_setup/vars/main.yml new file mode 100644 index 00000000..daf9e048 --- /dev/null +++ b/roles/mq_setup/vars/main.yml @@ -0,0 +1,30 @@ +--- +# Copyright 2023, Cleura AB. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +__resolved_oslomsg_rpc_vhost: |- + {% if _oslomsg_rpc_vhost is string %} + {% set vhost_mapping = [{'name': _oslomsg_rpc_vhost, 'state': 'present'}] %} + {% else %} + {% set vhost_mapping = _oslomsg_rpc_vhost %} + {% endif %} + {{ vhost_mapping }} + +__resolved_oslomsg_notify_vhost: |- + {% if _oslomsg_notify_vhost is string %} + {% set vhost_mapping = [{'name': _oslomsg_notify_vhost, 'state': 'present'}] %} + {% else %} + {% set vhost_mapping = _oslomsg_notify_vhost %} + {% endif %} + {{ vhost_mapping }}