From 9b13d416bd1180eb184f211d2988253ff83b1182 Mon Sep 17 00:00:00 2001 From: Jesse Pretorius Date: Tue, 24 Jul 2018 19:23:06 +0100 Subject: [PATCH] Remove all MQ vhost/user and DB create tasks Now that all the MQ and database creation tasks are in the roles, and use appropriate defaults, we can remove all the wiring from group_vars and the tasks. To cater to the changes in passwords, we also ensure that the upgrade tooling renames any existing secrets. The healthcheck-infrastructure.yml playbook is deliberately left alone due to it being refactored anyway in https://review.openstack.org/587408 Change-Id: Ie3960e2e2ac9c0aff0bc36f46182be2fc0a038b3 --- etc/openstack_deploy/user_secrets.yml | 57 +-- inventory/group_vars/all/oslo-messaging.yml | 387 ------------------ inventory/group_vars/tacker_all.yml | 4 - playbooks/common-tasks/mysql-db-user.yml | 43 -- .../oslomsg-notify-vhost-user.yml | 46 --- .../common-tasks/oslomsg-rpc-vhost-user.yml | 62 --- .../common-tasks/rabbitmq-vhost-user.yml | 42 -- playbooks/os-aodh-install.yml | 20 - playbooks/os-barbican-install.yml | 20 - playbooks/os-ceilometer-install.yml | 19 - playbooks/os-cinder-install.yml | 36 -- playbooks/os-designate-install.yml | 21 - playbooks/os-heat-install.yml | 21 - playbooks/os-ironic-install.yml | 10 - playbooks/os-keystone-install.yml | 34 -- playbooks/os-magnum-install.yml | 9 - playbooks/os-neutron-install.yml | 35 -- playbooks/os-nova-install.yml | 35 -- playbooks/os-octavia-install.yml | 10 - playbooks/os-sahara-install.yml | 23 -- playbooks/os-swift-install.yml | 26 -- playbooks/os-tacker-install.yml | 10 - playbooks/os-trove-install.yml | 21 - .../playbooks/user-secrets-adjustment.yml | 39 +- 24 files changed, 56 insertions(+), 974 deletions(-) delete mode 100644 playbooks/common-tasks/mysql-db-user.yml delete mode 100644 playbooks/common-tasks/oslomsg-notify-vhost-user.yml delete mode 100644 playbooks/common-tasks/oslomsg-rpc-vhost-user.yml delete mode 100644 playbooks/common-tasks/rabbitmq-vhost-user.yml diff --git a/etc/openstack_deploy/user_secrets.yml b/etc/openstack_deploy/user_secrets.yml index 4072bfeb6c..dcb8f34770 100644 --- a/etc/openstack_deploy/user_secrets.yml +++ b/etc/openstack_deploy/user_secrets.yml @@ -33,47 +33,43 @@ galera_root_password: keystone_container_mysql_password: keystone_auth_admin_password: keystone_service_password: -keystone_rabbitmq_password: +keystone_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#keystone_oslomsg_rpc_password: #keystone_oslomsg_notify_password: ## Ceilometer Options: ceilometer_container_db_password: ceilometer_service_password: ceilometer_telemetry_secret: -ceilometer_rabbitmq_password: +ceilometer_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#ceilometer_oslomsg_rpc_password: #ceilometer_oslomsg_notify_password: ## Aodh Options: aodh_container_db_password: aodh_service_password: -aodh_rabbitmq_password: +aodh_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#aodh_oslomsg_rpc_password: #aodh_oslomsg_notify_password: ## Cinder Options cinder_container_mysql_password: cinder_service_password: cinder_profiler_hmac_key: -cinder_rabbitmq_password: +cinder_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#cinder_oslomsg_rpc_password: #cinder_oslomsg_notify_password: ## Ceph/rbd: a UUID to be used by libvirt to refer to the client.cinder user @@ -83,13 +79,12 @@ cinder_ceph_client_uuid: glance_container_mysql_password: glance_service_password: glance_profiler_hmac_key: +glance_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#glance_oslomsg_rpc_password: #glance_oslomsg_notify_password: -glance_rabbitmq_password: ## Gnocchi Options: gnocchi_container_mysql_password: @@ -102,21 +97,20 @@ heat_container_mysql_password: heat_auth_encryption_key: ### THE HEAT AUTH KEY NEEDS TO BE 32 CHARACTERS LONG ## heat_service_password: -heat_rabbitmq_password: +heat_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#heat_oslomsg_rpc_password: #heat_oslomsg_notify_password: ## Ironic options -ironic_rabbitmq_password: +ironic_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#ironic_oslomsg_rpc_password: +#ironic_oslomsg_notify_password: ironic_container_mysql_password: ironic_service_password: ironic_swift_temp_url_secret_key: @@ -128,12 +122,11 @@ horizon_secret_key: ## Neutron Options neutron_container_mysql_password: neutron_service_password: -neutron_rabbitmq_password: +neutron_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#neutron_oslomsg_rpc_password: #neutron_oslomsg_notify_password: neutron_ha_vrrp_auth_password: @@ -142,12 +135,11 @@ nova_container_mysql_password: nova_api_container_mysql_password: nova_metadata_proxy_secret: nova_service_password: -nova_rabbitmq_password: +nova_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#nova_oslomsg_rpc_password: #nova_oslomsg_notify_password: nova_placement_service_password: @@ -158,23 +150,21 @@ lxd_trust_password: octavia_container_mysql_password: octavia_service_password: octavia_health_hmac_key: -octavia_rabbitmq_password: +octavia_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#octavia_oslomsg_rpc_password: #octavia_oslomsg_notify_password: octavia_cert_client_password: ## Sahara Options sahara_container_mysql_password: -sahara_rabbitmq_password: +sahara_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#sahara_oslomsg_rpc_password: #sahara_oslomsg_notify_password: sahara_service_password: @@ -185,13 +175,7 @@ swift_dispersion_password: swift_hash_path_suffix: swift_hash_path_prefix: # Swift needs a telemetry password when using ceilometer -swift_rabbitmq_telemetry_password: -#NOTE: Please uncomment those -# if you want to split rpc and notify users -# Please also wire the appropriate userid in -# your user variables. -#swift_oslomsg_rpc_password: -#swift_oslomsg_notify_password: +swift_oslomsg_notify_password: ## haproxy stats password haproxy_stats_password: @@ -200,12 +184,11 @@ haproxy_keepalived_authentication_password: ## Magnum Options magnum_service_password: magnum_galera_password: -magnum_rabbitmq_password: +magnum_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#magnum_oslomsg_rpc_password: #magnum_oslomsg_notify_password: magnum_trustee_password: @@ -214,12 +197,11 @@ rally_galera_password: ## Trove Options trove_galera_password: -trove_rabbitmq_password: +trove_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#trove_oslomsg_rpc_password: #trove_oslomsg_notify_password: trove_service_password: trove_admin_user_password: @@ -228,23 +210,21 @@ trove_inst_rpc_key_encr_key: ## Barbican Options barbican_galera_password: -barbican_rabbitmq_password: +barbican_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#barbican_oslomsg_rpc_password: #barbican_oslomsg_notify_password: barbican_service_password: ## Designate Options designate_galera_password: -designate_rabbitmq_password: +designate_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#designate_oslomsg_rpc_password: #designate_oslomsg_notify_password: designate_service_password: @@ -252,12 +232,11 @@ designate_service_password: molteniron_container_mysql_password: ## Tacker options -tacker_rabbitmq_password: +tacker_oslomsg_rpc_password: #NOTE: Please uncomment those # if you want to split rpc and notify users # Please also wire the appropriate userid in # your user variables. -#tacker_oslomsg_rpc_password: #tacker_oslomsg_notify_password: tacker_service_password: tacker_container_mysql_password: diff --git a/inventory/group_vars/all/oslo-messaging.yml b/inventory/group_vars/all/oslo-messaging.yml index 4ab906ca6e..59dd4e59c4 100644 --- a/inventory/group_vars/all/oslo-messaging.yml +++ b/inventory/group_vars/all/oslo-messaging.yml @@ -19,7 +19,6 @@ oslomsg_rpc_port: "{{ rabbitmq_port }}" oslomsg_rpc_servers: "{{ rabbitmq_servers }}" oslomsg_rpc_use_ssl: "{{ rabbitmq_use_ssl }}" oslomsg_rpc_host_group: "{{ rabbitmq_host_group }}" -oslomsg_rpc_ssl_param: "{{ (oslomsg_rpc_use_ssl | bool) | ternary(1, 0) }}" # Notify oslomsg_notify_transport: rabbit @@ -27,389 +26,3 @@ oslomsg_notify_port: "{{ rabbitmq_port }}" oslomsg_notify_servers: "{{ rabbitmq_servers }}" oslomsg_notify_use_ssl: "{{ rabbitmq_use_ssl }}" oslomsg_notify_host_group: "{{ rabbitmq_host_group }}" -oslomsg_notify_ssl_param: "{{ (oslomsg_notify_use_ssl | bool) | ternary(1, 0) }}" - -## AODH -aodh_oslomsg_rpc_userid: aodh -aodh_oslomsg_rpc_vhost: /aodh -aodh_oslomsg_rpc_password: "{{ aodh_rabbitmq_password }}" -aodh_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -aodh_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -aodh_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -aodh_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -aodh_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -aodh_oslomsg_notify_userid: "{{ aodh_oslomsg_rpc_userid }}" -aodh_oslomsg_notify_vhost: "{{ aodh_oslomsg_rpc_vhost }}" -aodh_oslomsg_notify_password: "{{ aodh_oslomsg_rpc_password }}" -aodh_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -aodh_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -aodh_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -aodh_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -aodh_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" - -## Barbican -barbican_oslomsg_rpc_userid: barbican -barbican_oslomsg_rpc_vhost: /barbican -barbican_oslomsg_rpc_password: "{{ barbican_rabbitmq_password }}" -barbican_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -barbican_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -barbican_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -barbican_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -barbican_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -barbican_oslomsg_notify_userid: "{{ barbican_oslomsg_rpc_userid }}" -barbican_oslomsg_notify_vhost: "{{ barbican_oslomsg_rpc_vhost }}" -barbican_oslomsg_notify_password: "{{ barbican_oslomsg_rpc_password }}" -barbican_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -barbican_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -barbican_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -barbican_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -barbican_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim to remove when wiring is done in barbican role -barbican_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -barbican_rabbitmq_port: "{{ oslomsg_rpc_port }}" -barbican_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -barbican_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -barbican_rabbitmq_userid: "{{ barbican_oslomsg_rpc_userid }}" -barbican_rabbitmq_vhost: "{{ barbican_oslomsg_rpc_vhost }}" - -## Ceilometer -ceilometer_oslomsg_rpc_userid: ceilometer -ceilometer_oslomsg_rpc_vhost: /ceilometer -ceilometer_oslomsg_rpc_password: "{{ ceilometer_rabbitmq_password }}" -ceilometer_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -ceilometer_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -ceilometer_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -ceilometer_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -ceilometer_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -ceilometer_oslomsg_notify_userid: "{{ ceilometer_oslomsg_rpc_userid }}" -ceilometer_oslomsg_notify_vhost: "{{ ceilometer_oslomsg_rpc_vhost }}" -ceilometer_oslomsg_notify_password: "{{ ceilometer_oslomsg_rpc_password }}" -ceilometer_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -ceilometer_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -ceilometer_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -ceilometer_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -ceilometer_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim to remove when wiring is done in ceilometer role -ceilometer_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -ceilometer_rabbitmq_port: "{{ oslomsg_rpc_port }}" -ceilometer_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -ceilometer_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -ceilometer_rabbitmq_userid: "{{ ceilometer_oslomsg_rpc_userid }}" -ceilometer_rabbitmq_vhost: "{{ ceilometer_oslomsg_rpc_vhost }}" - -## Cinder -cinder_oslomsg_rpc_userid: cinder -cinder_oslomsg_rpc_vhost: /cinder -cinder_oslomsg_rpc_password: "{{ cinder_rabbitmq_password }}" -cinder_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -cinder_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -cinder_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -cinder_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -cinder_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -cinder_oslomsg_notify_userid: "{{ cinder_oslomsg_rpc_userid }}" -cinder_oslomsg_notify_vhost: "{{ cinder_oslomsg_rpc_vhost }}" -cinder_oslomsg_notify_password: "{{ cinder_oslomsg_rpc_password }}" -cinder_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -cinder_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -cinder_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -cinder_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -cinder_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim to remove when wiring is done in cinder role -cinder_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -cinder_rabbitmq_port: "{{ oslomsg_rpc_port }}" -cinder_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -cinder_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -cinder_rabbitmq_userid: "{{ cinder_oslomsg_rpc_userid }}" -cinder_rabbitmq_vhost: "{{ cinder_oslomsg_rpc_vhost }}" - -## Designate -designate_oslomsg_rpc_userid: designate -designate_oslomsg_rpc_vhost: /designate -designate_oslomsg_rpc_password: "{{ designate_rabbitmq_password }}" -designate_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -designate_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -designate_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -designate_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -designate_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -designate_oslomsg_notify_userid: "{{ designate_oslomsg_rpc_userid }}" -designate_oslomsg_notify_vhost: "{{ designate_oslomsg_rpc_vhost }}" -designate_oslomsg_notify_password: "{{ designate_oslomsg_rpc_password }}" -designate_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -designate_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -designate_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -designate_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -designate_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim to remove when wiring is done in designate role -designate_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -designate_rabbitmq_port: "{{ oslomsg_rpc_port }}" -designate_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -designate_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -designate_rabbitmq_userid: "{{ designate_oslomsg_rpc_userid }}" -designate_rabbitmq_vhost: "{{ designate_oslomsg_rpc_vhost }}" - -## Glance -glance_oslomsg_rpc_password: "{{ glance_rabbitmq_password }}" -glance_oslomsg_notify_password: "{{ glance_rabbitmq_password }}" - -## Heat -heat_oslomsg_rpc_userid: heat -heat_oslomsg_rpc_vhost: /heat -heat_oslomsg_rpc_password: "{{ heat_rabbitmq_password }}" -heat_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -heat_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -heat_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -heat_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -heat_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -heat_oslomsg_notify_userid: "{{ heat_oslomsg_rpc_userid }}" -heat_oslomsg_notify_vhost: "{{ heat_oslomsg_rpc_vhost }}" -heat_oslomsg_notify_password: "{{ heat_oslomsg_rpc_password }}" -heat_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -heat_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -heat_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -heat_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -heat_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" - -## Ironic -ironic_oslomsg_rpc_userid: ironic -ironic_oslomsg_rpc_vhost: /ironic -ironic_oslomsg_rpc_password: "{{ ironic_rabbitmq_password }}" -ironic_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -ironic_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -ironic_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -ironic_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -ironic_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -ironic_oslomsg_notify_userid: "{{ ironic_oslomsg_rpc_userid }}" -ironic_oslomsg_notify_vhost: "{{ ironic_oslomsg_rpc_vhost }}" -ironic_oslomsg_notify_password: "{{ ironic_oslomsg_rpc_password }}" -ironic_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -ironic_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -ironic_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -ironic_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -ironic_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" - -## Keystone -keystone_oslomsg_rpc_userid: keystone -keystone_oslomsg_rpc_vhost: /keystone -keystone_oslomsg_rpc_password: "{{ keystone_rabbitmq_password }}" -keystone_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -keystone_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -keystone_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -keystone_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -keystone_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -keystone_oslomsg_notify_userid: "{{ keystone_oslomsg_rpc_userid }}" -keystone_oslomsg_notify_vhost: "{{ keystone_oslomsg_rpc_vhost }}" -keystone_oslomsg_notify_password: "{{ keystone_oslomsg_rpc_password }}" -keystone_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -keystone_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -keystone_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -keystone_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -keystone_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim until upgrade is fixed -keystone_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -keystone_rabbitmq_port: "{{ oslomsg_rpc_port }}" -keystone_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -keystone_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -keystone_rabbitmq_userid: "{{ keystone_oslomsg_rpc_userid }}" -keystone_rabbitmq_vhost: "{{ keystone_oslomsg_rpc_vhost }}" - -## Magnum -magnum_oslomsg_rpc_userid: magnum -magnum_oslomsg_rpc_vhost: /magnum -magnum_oslomsg_rpc_password: "{{ magnum_rabbitmq_password }}" -magnum_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -magnum_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -magnum_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -magnum_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -magnum_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -magnum_oslomsg_notify_userid: "{{ magnum_oslomsg_rpc_userid }}" -magnum_oslomsg_notify_vhost: "{{ magnum_oslomsg_rpc_vhost }}" -magnum_oslomsg_notify_password: "{{ magnum_oslomsg_rpc_password }}" -magnum_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -magnum_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -magnum_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -magnum_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -magnum_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim until role is fixed -magnum_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -magnum_rabbitmq_port: "{{ oslomsg_rpc_port }}" -magnum_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -magnum_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -magnum_rabbitmq_userid: "{{ magnum_oslomsg_rpc_userid }}" -magnum_rabbitmq_vhost: "{{ magnum_oslomsg_rpc_vhost }}" - -## Neutron -# RPC -neutron_oslomsg_rpc_userid: neutron -neutron_oslomsg_rpc_vhost: /neutron -neutron_oslomsg_rpc_password: "{{ neutron_rabbitmq_password }}" -neutron_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -neutron_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -neutron_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -neutron_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -neutron_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -neutron_oslomsg_notify_userid: "{{ neutron_oslomsg_rpc_userid }}" -neutron_oslomsg_notify_vhost: "{{ neutron_oslomsg_rpc_vhost }}" -neutron_oslomsg_notify_password: "{{ neutron_oslomsg_rpc_password }}" -neutron_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -neutron_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -neutron_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -neutron_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -neutron_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim until octavia role and neutron upgrade is fixed -neutron_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -neutron_rabbitmq_port: "{{ oslomsg_rpc_port }}" -neutron_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -neutron_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -neutron_rabbitmq_userid: "{{ neutron_oslomsg_rpc_userid }}" -neutron_rabbitmq_vhost: "{{ neutron_oslomsg_rpc_vhost }}" -neutron_rabbitmq_telemetry_userid: "{{ neutron_rabbitmq_userid }}" -neutron_rabbitmq_telemetry_password: "{{ neutron_rabbitmq_password }}" -neutron_rabbitmq_telemetry_vhost: "{{ neutron_rabbitmq_vhost }}" -neutron_rabbitmq_telemetry_port: "{{ neutron_rabbitmq_port }}" -neutron_rabbitmq_telemetry_servers: "{{ neutron_rabbitmq_servers }}" -neutron_rabbitmq_telemetry_use_ssl: "{{ neutron_rabbitmq_use_ssl }}" -neutron_rabbitmq_telemetry_host_group: "{{ neutron_rabbitmq_host_group }}" - -## Nova -nova_oslomsg_rpc_userid: nova -nova_oslomsg_rpc_vhost: /nova -nova_oslomsg_rpc_password: "{{ nova_rabbitmq_password }}" -nova_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -nova_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -nova_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -nova_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -nova_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -nova_oslomsg_notify_userid: "{{ nova_oslomsg_rpc_userid }}" -nova_oslomsg_notify_vhost: "{{ nova_oslomsg_rpc_vhost }}" -nova_oslomsg_notify_password: "{{ nova_oslomsg_rpc_password }}" -nova_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -nova_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -nova_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -nova_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -nova_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim until nova upgrade and ceilometer role is fixed -nova_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -nova_rabbitmq_port: "{{ oslomsg_rpc_port }}" -nova_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -nova_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -nova_rabbitmq_userid: "{{ nova_oslomsg_rpc_userid }}" -nova_rabbitmq_vhost: "{{ nova_oslomsg_rpc_vhost }}" - -## Octavia -octavia_oslomsg_rpc_userid: octavia -octavia_oslomsg_rpc_vhost: /octavia -octavia_oslomsg_rpc_password: "{{ octavia_rabbitmq_password }}" -octavia_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -octavia_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -octavia_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -octavia_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -octavia_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -octavia_oslomsg_notify_userid: "{{ octavia_oslomsg_rpc_userid }}" -octavia_oslomsg_notify_vhost: "{{ octavia_oslomsg_rpc_vhost }}" -octavia_oslomsg_notify_password: "{{ octavia_oslomsg_rpc_password }}" -octavia_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -octavia_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -octavia_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -octavia_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -octavia_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim until octavia role is fixed -octavia_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -octavia_rabbitmq_port: "{{ oslomsg_rpc_port }}" -octavia_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -octavia_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -octavia_rabbitmq_userid: "{{ octavia_oslomsg_rpc_userid }}" -octavia_rabbitmq_vhost: "{{ octavia_oslomsg_rpc_vhost }}" - -## Sahara -sahara_oslomsg_rpc_userid: sahara -sahara_oslomsg_rpc_vhost: /sahara -sahara_oslomsg_rpc_password: "{{ sahara_rabbitmq_password }}" -sahara_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -sahara_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -sahara_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -sahara_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -sahara_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -sahara_oslomsg_notify_userid: "{{ sahara_oslomsg_rpc_userid }}" -sahara_oslomsg_notify_vhost: "{{ sahara_oslomsg_rpc_vhost }}" -sahara_oslomsg_notify_password: "{{ sahara_oslomsg_rpc_password }}" -sahara_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -sahara_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -sahara_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -sahara_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -sahara_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" - -## Swift -swift_oslomsg_rpc_userid: swift -swift_oslomsg_rpc_vhost: /swift -swift_oslomsg_rpc_password: "{{ swift_rabbitmq_password }}" -swift_oslomsg_rpc_transport: "{{ oslomsg_notify_transport }}" -swift_oslomsg_rpc_port: "{{ oslomsg_notify_port }}" -swift_oslomsg_rpc_servers: "{{ oslomsg_notify_servers }}" -swift_oslomsg_rpc_use_ssl: "{{ oslomsg_notify_use_ssl }}" -swift_oslomsg_rpc_host_group: "{{ oslomsg_notify_host_group }}" -# TODO: (andymccr) ceilometer with swift does not support SSL rabbitmq connections, so we are hard coding the port and use_ssl var -swift_oslomsg_notify_userid: "{{ swift_oslomsg_rpc_userid }}" -swift_oslomsg_notify_vhost: "{{ swift_oslomsg_rpc_vhost }}" -swift_oslomsg_notify_password: "{{ swift_oslomsg_rpc_password }}" -swift_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -swift_oslomsg_notify_port: 5672 -swift_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -swift_oslomsg_notify_use_ssl: False -swift_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Swift is not properly wired yet, so compatibility monkey patching: -# For now swift ceilometer does not work with SSL - this is a speculative option in the hope it gets added -swift_rabbitmq_telemetry_userid: "{{ swift_oslomsg_notify_userid }}" -swift_rabbitmq_telemetry_vhost: "{{ swift_oslomsg_notify_vhost }}" -swift_rabbitmq_telemetry_port: "{{ swift_oslomsg_notify_port }}" -swift_rabbitmq_telemetry_servers: "{{ swift_oslomsg_notify_servers }}" -swift_rabbitmq_telemetry_use_ssl: "{{ swift_oslomsg_notify_use_ssl }}" - -## Tacker -tacker_oslomsg_rpc_userid: tacker -tacker_oslomsg_rpc_vhost: /tacker -tacker_oslomsg_rpc_password: "{{ tacker_rabbitmq_password }}" -tacker_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -tacker_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -tacker_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -tacker_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -tacker_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -tacker_oslomsg_notify_userid: "{{ tacker_oslomsg_rpc_userid }}" -tacker_oslomsg_notify_vhost: "{{ tacker_oslomsg_rpc_vhost }}" -tacker_oslomsg_notify_password: "{{ tacker_oslomsg_rpc_password }}" -tacker_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -tacker_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -tacker_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -tacker_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -tacker_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim until tacker role is fixed -tacker_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -tacker_rabbitmq_port: "{{ oslomsg_rpc_port }}" -tacker_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -tacker_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -tacker_rabbitmq_userid: "{{ tacker_oslomsg_rpc_userid }}" -tacker_rabbitmq_vhost: "{{ tacker_oslomsg_rpc_vhost }}" - -## Trove -trove_oslomsg_rpc_userid: trove -trove_oslomsg_rpc_vhost: /trove -trove_oslomsg_rpc_password: "{{ trove_rabbitmq_password }}" -trove_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport }}" -trove_oslomsg_rpc_port: "{{ oslomsg_rpc_port }}" -trove_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers }}" -trove_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -trove_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group }}" -trove_oslomsg_notify_userid: "{{ trove_oslomsg_rpc_userid }}" -trove_oslomsg_notify_vhost: "{{ trove_oslomsg_rpc_vhost }}" -trove_oslomsg_notify_password: "{{ trove_oslomsg_rpc_password }}" -trove_oslomsg_notify_transport: "{{ oslomsg_notify_transport }}" -trove_oslomsg_notify_port: "{{ oslomsg_notify_port }}" -trove_oslomsg_notify_servers: "{{ oslomsg_notify_servers }}" -trove_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl }}" -trove_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group }}" -# Shim until trove role is fixed -trove_rabbitmq_host_group: "{{ oslomsg_rpc_host_group }}" -trove_rabbitmq_port: "{{ oslomsg_rpc_port }}" -trove_rabbitmq_servers: "{{ oslomsg_rpc_servers }}" -trove_rabbitmq_use_ssl: "{{ oslomsg_rpc_use_ssl }}" -trove_rabbitmq_userid: "{{ trove_oslomsg_rpc_userid }}" -trove_rabbitmq_vhost: "{{ trove_oslomsg_rpc_vhost }}" diff --git a/inventory/group_vars/tacker_all.yml b/inventory/group_vars/tacker_all.yml index b754e74929..861b711c4c 100644 --- a/inventory/group_vars/tacker_all.yml +++ b/inventory/group_vars/tacker_all.yml @@ -24,10 +24,6 @@ tacker_service_in_ldap: "{{ service_ldap_backend_enabled }}" tacker_aodh_enabled: "{{ groups['aodh_all'] is defined and groups['aodh_all'] | length > 0 }}" tacker_gnocchi_enabled: "{{ groups['gnocchi_all'] is defined and groups['gnocchi_all'] | length > 0 }}" -# NOTE: these and their swift_all.yml counterpart should be moved back to all.yml once swift with tacker gets proper SSL support -# swift_rabbitmq_telemetry_port: "{{ rabbitmq_port }}" -# swift_rabbitmq_telemetry_use_ssl: "{{ rabbitmq_use_ssl }}" - # Ensure that the package state matches the global setting tacker_package_state: "{{ package_state }}" diff --git a/playbooks/common-tasks/mysql-db-user.yml b/playbooks/common-tasks/mysql-db-user.yml deleted file mode 100644 index a36ae721fc..0000000000 --- a/playbooks/common-tasks/mysql-db-user.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- -# Copyright 2016, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Create DB for service - mysql_db: - login_user: "{{ galera_root_user }}" - login_password: "{{ galera_root_password }}" - login_host: "{{ login_host }}" - name: "{{ db_name }}" - state: "present" - delegate_to: "{{ groups['galera_all'][0] }}" - no_log: True - tags: - - common-mysql - -- name: Grant access to the DB for the service - mysql_user: - login_user: "{{ galera_root_user }}" - login_password: "{{ galera_root_password }}" - login_host: "{{ login_host }}" - name: "{{ user_name }}" - password: "{{ password }}" - host: "{{ item }}" - state: "present" - priv: "{{ db_name }}.*:ALL" - append_privs: "{{ db_append_privs | default(omit) }}" - delegate_to: "{{ groups['galera_all'][0] }}" - with_items: "{{ grant_list | default(['localhost', '%']) }}" - no_log: True - tags: - - common-mysql diff --git a/playbooks/common-tasks/oslomsg-notify-vhost-user.yml b/playbooks/common-tasks/oslomsg-notify-vhost-user.yml deleted file mode 100644 index 41255e1673..0000000000 --- a/playbooks/common-tasks/oslomsg-notify-vhost-user.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Usage: -# To use this common task to create to create the user and vhost if -# needed for the messaging backend configured for Notify communications. -# To used this common task, the variables "notify_user", "notify_password" -# and "notify_vhost" must be set. - -- name: Ensure Notify Rabbitmq vhost - rabbitmq_vhost: - name: "{{ notify_vhost }}" - state: "present" - delegate_to: "{{ groups[oslomsg_notify_host_group][0] }}" - tags: - - common-rabbitmq - when: - - oslomsg_notify_transport == "rabbit" - -- name: Ensure Notify Rabbitmq user - rabbitmq_user: - user: "{{ notify_user }}" - password: "{{ notify_password }}" - vhost: "{{ notify_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - force: true - delegate_to: "{{ groups[oslomsg_notify_host_group][0] }}" - no_log: true - tags: - - common-rabbitmq - when: - - oslomsg_notify_transport == "rabbit" diff --git a/playbooks/common-tasks/oslomsg-rpc-vhost-user.yml b/playbooks/common-tasks/oslomsg-rpc-vhost-user.yml deleted file mode 100644 index 19c6744411..0000000000 --- a/playbooks/common-tasks/oslomsg-rpc-vhost-user.yml +++ /dev/null @@ -1,62 +0,0 @@ ---- -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Usage: -# To use this common task to create to create the user and vhost (if -# needed for the messaging backend configured for RPC communications. -# To used this common task, the variables "rpc_user", "rpc_password" and -# "rpc_vhost" must be set. - -- name: Ensure RPC Rabbitmq vhost - rabbitmq_vhost: - name: "{{ rpc_vhost }}" - state: "present" - delegate_to: "{{ groups[oslomsg_rpc_host_group][0] }}" - tags: - - common-rabbitmq - when: - - oslomsg_rpc_transport == "rabbit" - -- name: Ensure RPC Rabbitmq user - rabbitmq_user: - user: "{{ rpc_user }}" - password: "{{ rpc_password }}" - vhost: "{{ rpc_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - force: true - delegate_to: "{{ groups[oslomsg_rpc_host_group][0] }}" - no_log: true - tags: - - common-rabbitmq - when: - - oslomsg_rpc_transport == "rabbit" - -- name: Ensure RPC qdrouterd vhost - command: echo 'create rpc qdrouterd vhost' - delegate_to: "{{ groups[oslomsg_rpc_host_group][0] }}" - tags: - - common-qdrouterd - when: - - oslomsg_rpc_transport == "amqp" - -- name: Ensure RPC qdrouterd user - command: echo 'create rpc qdrouterd user' - delegate_to: "{{ groups[oslomsg_rpc_host_group][0] }}" - tags: - - common-qdrouterd - when: - - oslomsg_rpc_transport == "amqp" diff --git a/playbooks/common-tasks/rabbitmq-vhost-user.yml b/playbooks/common-tasks/rabbitmq-vhost-user.yml deleted file mode 100644 index 1eb2aa7a06..0000000000 --- a/playbooks/common-tasks/rabbitmq-vhost-user.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Copyright 2016, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Usage: -# To use this common task to create rabbitmq virtual hosts if needed -# and to create a user within rabbitmq. To use this common task the -# variables "vhost", "user", and "password" must be set. - -- name: Ensure Rabbitmq vhost - rabbitmq_vhost: - name: "{{ vhost }}" - state: "present" - delegate_to: "{{ groups[_rabbitmq_host_group][0] }}" - tags: - - common-rabbitmq - -- name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ user }}" - password: "{{ password }}" - vhost: "{{ vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "{{ groups[_rabbitmq_host_group][0] }}" - no_log: true - tags: - - common-rabbitmq - diff --git a/playbooks/os-aodh-install.yml b/playbooks/os-aodh-install.yml index 37bd179ba6..c8f1e81c4a 100644 --- a/playbooks/os-aodh-install.yml +++ b/playbooks/os-aodh-install.yml @@ -27,26 +27,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ aodh_oslomsg_rpc_userid }}" - rpc_password: "{{ aodh_oslomsg_rpc_password }}" - rpc_vhost: "{{ aodh_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['aodh_api'][0] - - groups[aodh_oslomsg_rpc_host_group] | length > 0 - - - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ aodh_oslomsg_notify_userid }}" - notify_password: "{{ aodh_oslomsg_notify_password }}" - notify_vhost: "{{ aodh_oslomsg_notify_vhost }}" - when: - - inventory_hostname == groups['aodh_api'][0] - - groups[aodh_oslomsg_notify_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-barbican-install.yml b/playbooks/os-barbican-install.yml index 6c5131f6c9..5888f39769 100644 --- a/playbooks/os-barbican-install.yml +++ b/playbooks/os-barbican-install.yml @@ -27,26 +27,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ barbican_oslomsg_rpc_userid }}" - rpc_password: "{{ barbican_oslomsg_rpc_password }}" - rpc_vhost: "{{ barbican_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['barbican_api'][0] - - groups[barbican_oslomsg_rpc_host_group] | length > 0 - - - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ barbican_oslomsg_notify_userid }}" - notify_password: "{{ barbican_oslomsg_notify_password }}" - notify_vhost: "{{ barbican_oslomsg_notify_vhost }}" - when: - - inventory_hostname == groups['barbican_api'][0] - - groups[barbican_oslomsg_notify_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-ceilometer-install.yml b/playbooks/os-ceilometer-install.yml index 7f2e78fe25..a39f6dba61 100644 --- a/playbooks/os-ceilometer-install.yml +++ b/playbooks/os-ceilometer-install.yml @@ -24,25 +24,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ ceilometer_oslomsg_rpc_userid }}" - rpc_password: "{{ ceilometer_oslomsg_rpc_password }}" - rpc_vhost: "{{ ceilometer_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['ceilometer_central_container'][0] - - groups[ceilometer_oslomsg_rpc_host_group] | length > 0 - - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ ceilometer_oslomsg_notify_userid }}" - notify_password: "{{ ceilometer_oslomsg_notify_password }}" - notify_vhost: "{{ ceilometer_oslomsg_notify_vhost }}" - when: - - inventory_hostname == groups['ceilometer_central_container'][0] - - groups[ceilometer_oslomsg_notify_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-cinder-install.yml b/playbooks/os-cinder-install.yml index 709416d0d9..a1c23a2456 100644 --- a/playbooks/os-cinder-install.yml +++ b/playbooks/os-cinder-install.yml @@ -13,42 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Prepare MQ services - hosts: cinder_all - gather_facts: no - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - vars_files: - - "defaults/{{ install_method }}_install.yml" - tags: - - cinder - tasks: - - - name: Configure oslo messaging rpc vhost/user - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ cinder_oslomsg_rpc_userid }}" - rpc_password: "{{ cinder_oslomsg_rpc_password }}" - rpc_vhost: "{{ cinder_oslomsg_rpc_vhost }}" - when: - - groups[cinder_oslomsg_rpc_host_group] | length > 0 - run_once: yes - - - name: Configure oslo messaging notify vhost/user - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ cinder_oslomsg_notify_userid }}" - notify_password: "{{ cinder_oslomsg_notify_password }}" - notify_vhost: "{{ cinder_oslomsg_notify_vhost }}" - when: - - "cinder_ceilometer_enabled | bool" - - groups[cinder_oslomsg_notify_host_group] | length > 0 - run_once: yes - - - - name: Install cinder scheduler services include: common-playbooks/cinder.yml vars: diff --git a/playbooks/os-designate-install.yml b/playbooks/os-designate-install.yml index dd2a497bde..e6e0b90aef 100644 --- a/playbooks/os-designate-install.yml +++ b/playbooks/os-designate-install.yml @@ -30,27 +30,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ designate_oslomsg_rpc_userid }}" - rpc_password: "{{ designate_oslomsg_rpc_password }}" - rpc_vhost: "{{ designate_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['designate_all'][0] - - groups[designate_oslomsg_rpc_host_group] | length > 0 - - - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ designate_oslomsg_notify_userid }}" - notify_password: "{{ designate_oslomsg_notify_password }}" - notify_vhost: "{{ designate_oslomsg_notify_vhost }}" - when: - - designate_ceilometer_enabled | bool - - inventory_hostname == groups['designate_all'][0] - - groups[designate_oslomsg_notify_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-heat-install.yml b/playbooks/os-heat-install.yml index 1f10da85c7..bc4e22c1e2 100644 --- a/playbooks/os-heat-install.yml +++ b/playbooks/os-heat-install.yml @@ -28,27 +28,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ heat_oslomsg_rpc_userid }}" - rpc_password: "{{ heat_oslomsg_rpc_password }}" - rpc_vhost: "{{ heat_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['heat_all'][0] - - groups[heat_oslomsg_rpc_host_group] | length > 0 - - - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ heat_oslomsg_notify_userid }}" - notify_password: "{{ heat_oslomsg_notify_password }}" - notify_vhost: "{{ heat_oslomsg_notify_vhost }}" - when: - - heat_ceilometer_enabled | bool - - inventory_hostname == groups['heat_all'][0] - - groups[heat_oslomsg_notify_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-ironic-install.yml b/playbooks/os-ironic-install.yml index 788487287a..378000d065 100644 --- a/playbooks/os-ironic-install.yml +++ b/playbooks/os-ironic-install.yml @@ -27,16 +27,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ ironic_oslomsg_rpc_userid }}" - rpc_password: "{{ ironic_oslomsg_rpc_password }}" - rpc_vhost: "{{ ironic_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['ironic_all'][0] - - groups[ironic_oslomsg_rpc_host_group] | length > 0 - - include: common-tasks/unbound-clients.yml static: no when: diff --git a/playbooks/os-keystone-install.yml b/playbooks/os-keystone-install.yml index 2a0f4f29f7..4c1b693745 100644 --- a/playbooks/os-keystone-install.yml +++ b/playbooks/os-keystone-install.yml @@ -28,40 +28,6 @@ roles: - role: "openstack_openrc" -- name: Prepare MQ/DB services - hosts: keystone_all - gather_facts: no - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - vars_files: - - "defaults/{{ install_method }}_install.yml" - tags: - - keystone - tasks: - - - name: Configure oslo messaging rpc vhost/user - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ keystone_oslomsg_rpc_userid }}" - rpc_password: "{{ keystone_oslomsg_rpc_password }}" - rpc_vhost: "{{ keystone_oslomsg_rpc_vhost }}" - when: - - groups[keystone_oslomsg_rpc_host_group] | length > 0 - run_once: yes - - - name: Configure oslo messaging notify vhost/user - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ keystone_oslomsg_notify_userid }}" - notify_password: "{{ keystone_oslomsg_notify_password }}" - notify_vhost: "{{ keystone_oslomsg_notify_vhost }}" - when: - - "keystone_ceilometer_enabled | bool" - - groups[keystone_oslomsg_notify_host_group] | length > 0 - run_once: yes - - name: Installation and setup of Keystone diff --git a/playbooks/os-magnum-install.yml b/playbooks/os-magnum-install.yml index 9f4d90d041..05ea9e9932 100644 --- a/playbooks/os-magnum-install.yml +++ b/playbooks/os-magnum-install.yml @@ -40,15 +40,6 @@ when: - hostvars['localhost']['resolvconf_enabled'] | bool - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ magnum_oslomsg_rpc_userid }}" - rpc_password: "{{ magnum_oslomsg_rpc_password }}" - rpc_vhost: "{{ magnum_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['magnum_all'][0] - - groups[magnum_oslomsg_rpc_host_group] | length > 0 roles: - role: "os_magnum" diff --git a/playbooks/os-neutron-install.yml b/playbooks/os-neutron-install.yml index 399524e0a5..680a84b764 100644 --- a/playbooks/os-neutron-install.yml +++ b/playbooks/os-neutron-install.yml @@ -26,41 +26,6 @@ group_when: "{{ neutron_plugin_type == 'ml2.ovs.dvr' }}" -- name: Prepare MQ/DB services - hosts: neutron_all - gather_facts: no - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - vars_files: - - "defaults/{{ install_method }}_install.yml" - tags: - - neutron - tasks: - - - name: Configure oslo messaging rpc vhost/user - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ neutron_oslomsg_rpc_userid }}" - rpc_password: "{{ neutron_oslomsg_rpc_password }}" - rpc_vhost: "{{ neutron_oslomsg_rpc_vhost }}" - when: - - groups[neutron_oslomsg_rpc_host_group] | length > 0 - run_once: yes - - - name: Configure oslo messaging notify vhost/user - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ neutron_oslomsg_notify_userid }}" - notify_password: "{{ neutron_oslomsg_notify_password }}" - notify_vhost: "{{ neutron_oslomsg_notify_vhost }}" - when: - - neutron_ceilometer_enabled | bool - - groups[neutron_oslomsg_notify_host_group] | length > 0 - run_once: yes - - - name: Install neutron server include: common-playbooks/neutron.yml diff --git a/playbooks/os-nova-install.yml b/playbooks/os-nova-install.yml index 339e826416..6173e96b40 100644 --- a/playbooks/os-nova-install.yml +++ b/playbooks/os-nova-install.yml @@ -13,41 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Prepare MQ services - hosts: nova_conductor - gather_facts: no - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - vars_files: - - "defaults/{{ install_method }}_install.yml" - tags: - - nova - tasks: - - name: Configure oslo messaging rpc vhost/user - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ nova_oslomsg_rpc_userid }}" - rpc_password: "{{ nova_oslomsg_rpc_password }}" - rpc_vhost: "{{ nova_oslomsg_rpc_vhost }}" - when: - - groups[nova_oslomsg_rpc_host_group] | length > 0 - run_once: yes - - - name: Configure oslo.messaging notify vhost/user - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ nova_oslomsg_notify_userid }}" - notify_password: "{{ nova_oslomsg_notify_password }}" - notify_vhost: "{{ nova_oslomsg_notify_vhost }}" - when: - - nova_ceilometer_enabled | bool - - groups[nova_oslomsg_notify_host_group] | length > 0 - run_once: yes - - - - name: Install nova-conductor services include: common-playbooks/nova.yml vars: diff --git a/playbooks/os-octavia-install.yml b/playbooks/os-octavia-install.yml index 32a38969c0..8b5aa8406f 100644 --- a/playbooks/os-octavia-install.yml +++ b/playbooks/os-octavia-install.yml @@ -27,16 +27,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ octavia_oslomsg_rpc_userid }}" - rpc_password: "{{ octavia_oslomsg_rpc_password }}" - rpc_vhost: "{{ octavia_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['octavia_all'][0] - - groups[octavia_oslomsg_rpc_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-sahara-install.yml b/playbooks/os-sahara-install.yml index 547e0bdc5d..8c59278537 100644 --- a/playbooks/os-sahara-install.yml +++ b/playbooks/os-sahara-install.yml @@ -25,29 +25,6 @@ static: no when: not is_metal - - name: Configure oslo messaging rpc vhost/user - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ sahara_oslomsg_rpc_userid }}" - rpc_password: "{{ sahara_oslomsg_rpc_password }}" - rpc_vhost: "{{ sahara_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['sahara_all'][0] - - groups[sahara_oslomsg_rpc_host_group] | length > 0 - - - name: Configure oslo messaging notify vhost/user - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ sahara_oslomsg_notify_userid }}" - notify_password: "{{ sahara_oslomsg_notify_password }}" - notify_vhost: "{{ sahara_oslomsg_notify_vhost }}" - when: - - sahara_ceilometer_enabled | bool - - inventory_hostname == groups['sahara_all'][0] - - groups[sahara_oslomsg_notify_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-swift-install.yml b/playbooks/os-swift-install.yml index 0b781267bf..567c5a2542 100644 --- a/playbooks/os-swift-install.yml +++ b/playbooks/os-swift-install.yml @@ -37,32 +37,6 @@ when: - hostvars['localhost']['resolvconf_enabled'] | bool - # If we're using ceilometer then swift needs a rabbitmq/vhost & usera - - include: common-tasks/rabbitmq-vhost-user.yml - static: no - vars: - user: "{{ swift_rabbitmq_telemetry_userid }}" - password: "{{ swift_rabbitmq_telemetry_password }}" - vhost: "{{ swift_rabbitmq_telemetry_vhost }}" - _rabbitmq_host_group: "{{ swift_rabbitmq_telemetry_host_group }}" - when: - - swift_ceilometer_enabled | bool - - inventory_hostname == groups['swift_all'][0] - tags: - - always - - - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ swift_oslomsg_notify_userid }}" - notify_password: "{{ swift_oslomsg_notify_password }}" - notify_vhost: "{{ swift_oslomsg_notify_vhost }}" - when: - - swift_ceilometer_enabled | bool - - inventory_hostname == groups['swift_all'][0] - tags: - - always - roles: - role: "os_swift" swift_do_setup: True diff --git a/playbooks/os-tacker-install.yml b/playbooks/os-tacker-install.yml index 04f3ebd59e..c2e0067f05 100644 --- a/playbooks/os-tacker-install.yml +++ b/playbooks/os-tacker-install.yml @@ -27,16 +27,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ tacker_oslomsg_rpc_userid }}" - rpc_password: "{{ tacker_oslomsg_rpc_password }}" - rpc_vhost: "{{ tacker_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['tacker_all'][0] - - groups[tacker_oslomsg_rpc_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-trove-install.yml b/playbooks/os-trove-install.yml index ba1a7a9763..9da9aec9db 100644 --- a/playbooks/os-trove-install.yml +++ b/playbooks/os-trove-install.yml @@ -30,27 +30,6 @@ static: no when: not is_metal - - include: common-tasks/oslomsg-rpc-vhost-user.yml - static: no - vars: - rpc_user: "{{ trove_oslomsg_rpc_userid }}" - rpc_password: "{{ trove_oslomsg_rpc_password }}" - rpc_vhost: "{{ trove_oslomsg_rpc_vhost }}" - when: - - inventory_hostname == groups['trove_all'][0] - - groups[trove_oslomsg_rpc_host_group] | length > 0 - - - include: common-tasks/oslomsg-notify-vhost-user.yml - static: no - vars: - notify_user: "{{ trove_oslomsg_notify_userid }}" - notify_password: "{{ trove_oslomsg_notify_password }}" - notify_vhost: "{{ trove_oslomsg_notify_vhost }}" - when: - - trove_ceilometer_enabled | bool - - inventory_hostname == groups['trove_all'][0] - - groups[trove_oslomsg_notify_host_group] | length > 0 - - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/scripts/upgrade-utilities/playbooks/user-secrets-adjustment.yml b/scripts/upgrade-utilities/playbooks/user-secrets-adjustment.yml index 6c24641c8b..30ddf095ee 100644 --- a/scripts/upgrade-utilities/playbooks/user-secrets-adjustment.yml +++ b/scripts/upgrade-utilities/playbooks/user-secrets-adjustment.yml @@ -22,6 +22,7 @@ - name: Read example user secrets file shell: "grep '^[a-zA-Z]' {{ playbook_dir }}/../../../etc/openstack_deploy/user_secrets.yml" register: secrets + - name: Rename changed secrets lineinfile: dest: "/etc/openstack_deploy/{{ _osa_secrets_file_name }}" @@ -29,10 +30,45 @@ line: "{{ item.new_name }}: \\1" backrefs: yes with_items: - - { old_name: "ironic_galera_password", new_name: "ironic_container_mysql_password" } + - old_name: "keystone_rabbitmq_password" + new_name: "keystone_oslomsg_rpc_password" + - old_name: "ceilometer_rabbitmq_password" + new_name: "ceilometer_oslomsg_rpc_password" + - old_name: "aodh_rabbitmq_password" + new_name: "aodh_oslomsg_rpc_password" + - old_name: "cinder_rabbitmq_password" + new_name: "cinder_oslomsg_rpc_password" + - old_name: "glance_rabbitmq_password" + new_name: "glance_oslomsg_rpc_password" + - old_name: "heat_rabbitmq_password" + new_name: "heat_oslomsg_rpc_password" + - old_name: "ironic_rabbitmq_password" + new_name: "ironic_oslomsg_rpc_password" + - old_name: "neutron_rabbitmq_password" + new_name: "neutron_oslomsg_rpc_password" + - old_name: "nova_rabbitmq_password" + new_name: "nova_oslomsg_rpc_password" + - old_name: "octavia_rabbitmq_password" + new_name: "octavia_oslomsg_rpc_password" + - old_name: "sahara_rabbitmq_password" + new_name: "sahara_oslomsg_rpc_password" + - old_name: "swift_rabbitmq_telemetry_password" + new_name: "swift_oslomsg_notify_password" + - old_name: "magnum_rabbitmq_password" + new_name: "magnum_oslomsg_rpc_password" + - old_name: "trove_rabbitmq_password" + new_name: "trove_oslomsg_rpc_password" + - old_name: "barbican_rabbitmq_password" + new_name: "barbican_oslomsg_rpc_password" + - old_name: "designate_rabbitmq_password" + new_name: "designate_oslomsg_rpc_password" + - old_name: "tacker_rabbitmq_password" + new_name: "tacker_oslomsg_rpc_password" + - name: Read user secrets file shell: "grep '^[a-zA-Z]' /etc/openstack_deploy/{{ _osa_secrets_file_name }}" register: user_secrets + - name: Add missing secrets lineinfile: dest: "/etc/openstack_deploy/{{ _osa_secrets_file_name }}" @@ -40,6 +76,7 @@ with_items: "{{ secrets.stdout_lines }}" when: - "user_secrets.stdout.find(item) == -1" + - name: Generate new secrets shell: "/opt/ansible-runtime/bin/python {{ playbook_dir }}/../../../scripts/pw-token-gen.py --file /etc/openstack_deploy/{{ _osa_secrets_file_name }}" vars: