diff --git a/etc/openstack_deploy/user_secrets.yml b/etc/openstack_deploy/user_secrets.yml index a5f6e91468..2d9fe5e87e 100644 --- a/etc/openstack_deploy/user_secrets.yml +++ b/etc/openstack_deploy/user_secrets.yml @@ -15,7 +15,6 @@ ## Rabbitmq Options -rabbitmq_password: rabbitmq_cookie_token: ## Tokens @@ -32,17 +31,21 @@ keystone_container_mysql_password: keystone_auth_admin_token: keystone_auth_admin_password: keystone_service_password: +keystone_rabbitmq_password: ## Ceilometer Options: ceilometer_container_db_password: ceilometer_service_password: ceilometer_telemetry_secret: +ceilometer_rabbitmq_password: ## Cinder Options cinder_container_mysql_password: cinder_service_password: cinder_v2_service_password: cinder_profiler_hmac_key: +cinder_rabbitmq_password: + ## Ceph/rbd: a UUID to be used by libvirt to refer to the client.cinder user #cinder_ceph_client_uuid: @@ -50,6 +53,7 @@ cinder_profiler_hmac_key: glance_container_mysql_password: glance_service_password: glance_profiler_hmac_key: +glance_rabbitmq_password: ## Heat Options heat_stack_domain_admin_password: @@ -60,6 +64,7 @@ heat_auth_encryption_key: heat_service_password: heat_cfn_service_password: heat_profiler_hmac_key: +heat_rabbitmq_password: ## Horizon Options horizon_container_mysql_password: @@ -68,6 +73,7 @@ horizon_secret_key: ## Neutron Options neutron_container_mysql_password: neutron_service_password: +neutron_rabbitmq_password: ## Nova Options nova_container_mysql_password: @@ -77,6 +83,7 @@ nova_service_password: nova_v3_service_password: nova_v21_service_password: nova_s3_service_password: +nova_rabbitmq_password: ## Swift Options: swift_service_password: diff --git a/playbooks/inventory/group_vars/hosts.yml b/playbooks/inventory/group_vars/hosts.yml index 6fff94fa11..5fd9b29c6f 100644 --- a/playbooks/inventory/group_vars/hosts.yml +++ b/playbooks/inventory/group_vars/hosts.yml @@ -46,7 +46,6 @@ lxc_container_caches: ## RabbitMQ -rabbitmq_userid: openstack rabbitmq_cluster_name: openstack rabbitmq_port: 5672 rabbitmq_servers: "{% for host in groups['rabbitmq_all'] %}{{ hostvars[host]['ansible_ssh_host'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}" @@ -91,6 +90,8 @@ ceilometer_service_tenant_name: service ceilometer_service_adminuri: "{{ ceilometer_service_proto }}://{{ internal_lb_vip_address }}:{{ ceilometer_service_port }}" ceilometer_service_adminurl: "{{ ceilometer_service_adminuri }}/" ceilometer_service_region: "{{ service_region }}" +ceilometer_rabbitmq_userid: ceilometer +ceilometer_rabbitmq_vhost: /ceilometer ## Nova diff --git a/playbooks/roles/os_ceilometer/defaults/main.yml b/playbooks/roles/os_ceilometer/defaults/main.yml index 42724d1e8d..c34ec694ab 100644 --- a/playbooks/roles/os_ceilometer/defaults/main.yml +++ b/playbooks/roles/os_ceilometer/defaults/main.yml @@ -36,6 +36,11 @@ ceilometer_db_port: 27017 ceilometer_connection_string: "{{ ceilometer_db_type }}://{{ ceilometer_database_user }}:{{ ceilometer_container_db_password }}@{{ ceilometer_db_ip }}:{{ ceilometer_db_port }}/{{ ceilometer_database_name }}" +## RabbitMQ info +ceilometer_rabbitmq_userid: ceilometer +ceilometer_rabbitmq_vhost: /ceilometer + + #Ceilometer services info ceilometer_role_name: admin ceilometer_api_host_address: 0.0.0.0 diff --git a/playbooks/roles/os_ceilometer/tasks/ceilometer_messaging_setup.yml b/playbooks/roles/os_ceilometer/tasks/ceilometer_messaging_setup.yml new file mode 100644 index 0000000000..0723033cf8 --- /dev/null +++ b/playbooks/roles/os_ceilometer/tasks/ceilometer_messaging_setup.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ ceilometer_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - ceilometer-rabbitmq + - ceilometer-rabbitmq-vhost + +- name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ ceilometer_rabbitmq_userid }}" + password: "{{ ceilometer_rabbitmq_password }}" + vhost: "{{ ceilometer_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - ceilometer-rabbitmq + - ceilometer-rabbitmq-user diff --git a/playbooks/roles/os_ceilometer/tasks/ceilometer_pre_install.yml b/playbooks/roles/os_ceilometer/tasks/ceilometer_pre_install.yml index cfde633c97..2f19eba1b2 100644 --- a/playbooks/roles/os_ceilometer/tasks/ceilometer_pre_install.yml +++ b/playbooks/roles/os_ceilometer/tasks/ceilometer_pre_install.yml @@ -100,3 +100,7 @@ tags: - sudoers - ceilometer-sudoers + +- include: ceilometer_messaging_setup.yml + when: > + inventory_hostname == groups['ceilometer_api'][0] diff --git a/playbooks/roles/os_ceilometer/templates/ceilometer.conf.j2 b/playbooks/roles/os_ceilometer/templates/ceilometer.conf.j2 index 4d6c4217af..704261f420 100644 --- a/playbooks/roles/os_ceilometer/templates/ceilometer.conf.j2 +++ b/playbooks/roles/os_ceilometer/templates/ceilometer.conf.j2 @@ -12,8 +12,9 @@ policy_file = /etc/ceilometer/policy.json [oslo_messaging_rabbit] rpc_backend = rabbit rabbit_port = {{ rabbitmq_port }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} +rabbit_userid = {{ ceilometer_rabbitmq_userid }} +rabbit_password = {{ ceilometer_rabbitmq_password }} +rabbit_virtual_host = {{ ceilometer_rabbitmq_vhost }} rabbit_hosts = {{ rabbitmq_servers }} [api] diff --git a/playbooks/roles/os_cinder/defaults/main.yml b/playbooks/roles/os_cinder/defaults/main.yml index 6dc1362597..0ac6a57f9a 100644 --- a/playbooks/roles/os_cinder/defaults/main.yml +++ b/playbooks/roles/os_cinder/defaults/main.yml @@ -33,6 +33,10 @@ cinder_fatal_deprecations: False cinder_galera_user: cinder cinder_galera_database: cinder +## RabbitMQ info +cinder_rabbitmq_userid: cinder +cinder_rabbitmq_vhost: /cinder + ## Cinder User / Group cinder_system_user_name: cinder cinder_system_group_name: cinder diff --git a/playbooks/roles/os_cinder/tasks/cinder_messaging_setup.yml b/playbooks/roles/os_cinder/tasks/cinder_messaging_setup.yml new file mode 100644 index 0000000000..fecc6aac10 --- /dev/null +++ b/playbooks/roles/os_cinder/tasks/cinder_messaging_setup.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ cinder_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - cinder-rabbitmq + - cinder-rabbitmq-vhost + +- name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ cinder_rabbitmq_userid }}" + password: "{{ cinder_rabbitmq_password }}" + vhost: "{{ cinder_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - cinder-rabbitmq + - cinder-rabbitmq-user diff --git a/playbooks/roles/os_cinder/tasks/cinder_pre_install.yml b/playbooks/roles/os_cinder/tasks/cinder_pre_install.yml index b8d1083341..e0cfdcb22a 100644 --- a/playbooks/roles/os_cinder/tasks/cinder_pre_install.yml +++ b/playbooks/roles/os_cinder/tasks/cinder_pre_install.yml @@ -87,3 +87,7 @@ tags: - sudoers - cinder-sudoers + +- include: cinder_messaging_setup.yml + when: > + inventory_hostname == groups['cinder_all'][0] diff --git a/playbooks/roles/os_cinder/templates/cinder.conf.j2 b/playbooks/roles/os_cinder/templates/cinder.conf.j2 index bcef1437dd..f99c288003 100644 --- a/playbooks/roles/os_cinder/templates/cinder.conf.j2 +++ b/playbooks/roles/os_cinder/templates/cinder.conf.j2 @@ -92,7 +92,7 @@ default_volume_type = {{ cinder_default_volume_type }} {% if cinder_backends is defined %} enabled_backends={% for backend in cinder_backends|dictsort %}{{ backend.0 }}{% if not loop.last %},{% endif %}{% endfor %} -#Ceilometer configurations +#cinder configurations {% if cinder_ceilometer_enabled %} notification_driver = cinder.openstack.common.notifier.rpc_notifier {% endif %} @@ -115,8 +115,9 @@ connection = mysql://{{ cinder_galera_user }}:{{ cinder_container_mysql_password [oslo_messaging_rabbit] rabbit_port = {{ rabbitmq_port }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} +rabbit_userid = {{ cinder_rabbitmq_userid }} +rabbit_password = {{ cinder_rabbitmq_password }} +rabbit_virtual_host = {{ cinder_rabbitmq_vhost }} rabbit_hosts = {{ rabbitmq_servers }} [oslo_concurrency] diff --git a/playbooks/roles/os_glance/defaults/main.yml b/playbooks/roles/os_glance/defaults/main.yml index 046ae1f687..601e40a575 100644 --- a/playbooks/roles/os_glance/defaults/main.yml +++ b/playbooks/roles/os_glance/defaults/main.yml @@ -47,6 +47,10 @@ glance_enable_v1_registry: True glance_enable_v2_api: True glance_enable_v2_registry: True +## RabbitMQ info +glance_rabbitmq_userid: glance +glance_rabbitmq_vhost: /glance + ## DB info glance_galera_database: glance glance_galera_user: glance diff --git a/playbooks/roles/os_glance/tasks/glance_messaging_setup.yml b/playbooks/roles/os_glance/tasks/glance_messaging_setup.yml new file mode 100644 index 0000000000..ed589f5994 --- /dev/null +++ b/playbooks/roles/os_glance/tasks/glance_messaging_setup.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ glance_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - glance-rabbitmq + - glance-rabbitmq-vhost + +- name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ glance_rabbitmq_userid }}" + password: "{{ glance_rabbitmq_password }}" + vhost: "{{ glance_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - glance-rabbitmq + - glance-rabbitmq-user diff --git a/playbooks/roles/os_glance/tasks/glance_pre_install.yml b/playbooks/roles/os_glance/tasks/glance_pre_install.yml index 273b5a2d81..0f8939f139 100644 --- a/playbooks/roles/os_glance/tasks/glance_pre_install.yml +++ b/playbooks/roles/os_glance/tasks/glance_pre_install.yml @@ -80,3 +80,7 @@ tags: - glance-dirs - glance-logs + +- include: glance_messaging_setup.yml + when: > + inventory_hostname == groups['glance_all'][0] diff --git a/playbooks/roles/os_glance/templates/glance-api.conf.j2 b/playbooks/roles/os_glance/templates/glance-api.conf.j2 index b8b5f6e4a2..a7bb3b8bd3 100644 --- a/playbooks/roles/os_glance/templates/glance-api.conf.j2 +++ b/playbooks/roles/os_glance/templates/glance-api.conf.j2 @@ -35,8 +35,9 @@ notification_driver = {{ glance_notification_driver }} rpc_backend = {{ glance_rpc_backend }} rabbit_hosts = {{ rabbitmq_servers }} rabbit_port = {{ rabbitmq_port }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} +rabbit_userid = {{ glance_rabbitmq_userid }} +rabbit_password = {{ glance_rabbitmq_password }} +rabbit_virtual_host = {{ glance_rabbitmq_vhost }} rabbit_notification_exchange = glance rabbit_notification_topic = notifications rabbit_durable_queues = False diff --git a/playbooks/roles/os_glance/templates/glance-registry.conf.j2 b/playbooks/roles/os_glance/templates/glance-registry.conf.j2 index 409be22a4e..5e0b087fa5 100644 --- a/playbooks/roles/os_glance/templates/glance-registry.conf.j2 +++ b/playbooks/roles/os_glance/templates/glance-registry.conf.j2 @@ -20,7 +20,9 @@ limit_param_default = 25 notification_driver = {{ glance_notification_driver }} rpc_backend = {{ glance_rpc_backend }} rabbit_hosts = {{ rabbitmq_servers }} -rabbit_password = {{ rabbitmq_password }} +rabbit_userid = {{ glance_rabbitmq_userid }} +rabbit_password = {{ glance_rabbitmq_password }} +rabbit_virtual_host = {{ glance_rabbitmq_vhost }} {% endif %} [database] diff --git a/playbooks/roles/os_heat/defaults/main.yml b/playbooks/roles/os_heat/defaults/main.yml index e1ff320c2a..3d2ef8f8d9 100644 --- a/playbooks/roles/os_heat/defaults/main.yml +++ b/playbooks/roles/os_heat/defaults/main.yml @@ -34,6 +34,10 @@ heat_clients_heat_endpoint: publicURL heat_galera_user: heat heat_galera_database: heat +## RabbitMQ info +heat_rabbitmq_userid: heat +heat_rabbitmq_vhost: /heat + ## RPC heat_rpc_backend: heat.openstack.common.rpc.impl_kombu diff --git a/playbooks/roles/os_heat/tasks/heat_messaging_setup.yml b/playbooks/roles/os_heat/tasks/heat_messaging_setup.yml new file mode 100644 index 0000000000..7ab6b3c87d --- /dev/null +++ b/playbooks/roles/os_heat/tasks/heat_messaging_setup.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ heat_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - heat-rabbitmq + - heat-rabbitmq-vhost + +- name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ heat_rabbitmq_userid }}" + password: "{{ heat_rabbitmq_password }}" + vhost: "{{ heat_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - heat-rabbitmq + - heat-rabbitmq-user diff --git a/playbooks/roles/os_heat/tasks/heat_pre_install.yml b/playbooks/roles/os_heat/tasks/heat_pre_install.yml index 3e8bc7eb67..3740e35fc6 100644 --- a/playbooks/roles/os_heat/tasks/heat_pre_install.yml +++ b/playbooks/roles/os_heat/tasks/heat_pre_install.yml @@ -88,3 +88,7 @@ tags: - heat-dirs - heat-logs + +- include: heat_messaging_setup.yml + when: > + inventory_hostname == groups['heat_all'][0] diff --git a/playbooks/roles/os_heat/templates/heat.conf.j2 b/playbooks/roles/os_heat/templates/heat.conf.j2 index 44018811c8..f315598f27 100644 --- a/playbooks/roles/os_heat/templates/heat.conf.j2 +++ b/playbooks/roles/os_heat/templates/heat.conf.j2 @@ -57,8 +57,9 @@ bind_port = {{ heat_watch_port }} [oslo_messaging_rabbit] rabbit_port = {{ rabbitmq_port }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} +rabbit_userid = {{ heat_rabbitmq_userid }} +rabbit_password = {{ heat_rabbitmq_password }} +rabbit_virtual_host = {{ heat_rabbitmq_vhost }} rabbit_hosts = {{ rabbitmq_servers }} diff --git a/playbooks/roles/os_keystone/defaults/main.yml b/playbooks/roles/os_keystone/defaults/main.yml index 79481b1cba..e8ede18c76 100644 --- a/playbooks/roles/os_keystone/defaults/main.yml +++ b/playbooks/roles/os_keystone/defaults/main.yml @@ -78,6 +78,10 @@ keystone_database_min_pool_size: 5 keystone_database_max_pool_size: 120 keystone_database_pool_timeout: 30 +## RabbitMQ info +keystone_rabbitmq_userid: keystone +keystone_rabbitmq_vhost: /keystone + ## Role info keystone_role_name: admin keystone_default_role_name: _member_ diff --git a/playbooks/roles/os_keystone/tasks/keystone_messaging_setup.yml b/playbooks/roles/os_keystone/tasks/keystone_messaging_setup.yml new file mode 100644 index 0000000000..ddd11c2305 --- /dev/null +++ b/playbooks/roles/os_keystone/tasks/keystone_messaging_setup.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ keystone_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - keystone-rabbitmq + - keystone-rabbitmq-vhost + +- name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ keystone_rabbitmq_userid }}" + password: "{{ keystone_rabbitmq_password }}" + vhost: "{{ keystone_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - keystone-rabbitmq + - keystone-rabbitmq-user diff --git a/playbooks/roles/os_keystone/tasks/keystone_pre_install.yml b/playbooks/roles/os_keystone/tasks/keystone_pre_install.yml index 1816ebf96c..b75ababc45 100644 --- a/playbooks/roles/os_keystone/tasks/keystone_pre_install.yml +++ b/playbooks/roles/os_keystone/tasks/keystone_pre_install.yml @@ -106,3 +106,7 @@ tags: - keystone-dirs - keystone-logs + +- include: keystone_messaging_setup.yml + when: > + inventory_hostname == groups['keystone_all'][0] diff --git a/playbooks/roles/os_keystone/templates/keystone.conf.j2 b/playbooks/roles/os_keystone/templates/keystone.conf.j2 index d2276353f2..802904e6f8 100644 --- a/playbooks/roles/os_keystone/templates/keystone.conf.j2 +++ b/playbooks/roles/os_keystone/templates/keystone.conf.j2 @@ -134,9 +134,11 @@ admin_port = {{ keystone_admin_port }} public_port = {{ keystone_service_port }} [oslo_messaging_rabbit] +rabbit_port = {{ rabbitmq_port }} +rabbit_userid = {{ keystone_rabbitmq_userid }} +rabbit_password = {{ keystone_rabbitmq_password }} +rabbit_virtual_host = {{ keystone_rabbitmq_vhost }} rabbit_hosts = {{ rabbitmq_servers }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} {% if keystone_sp is defined %} [federation] @@ -147,3 +149,4 @@ trusted_dashboard = {{ item }} {% endfor %} {% endif %} {% endif %} + diff --git a/playbooks/roles/os_neutron/defaults/main.yml b/playbooks/roles/os_neutron/defaults/main.yml index e64e355a42..2a60d51240 100644 --- a/playbooks/roles/os_neutron/defaults/main.yml +++ b/playbooks/roles/os_neutron/defaults/main.yml @@ -39,6 +39,10 @@ neutron_db_max_overflow: 20 neutron_db_pool_size: 120 neutron_db_pool_timeout: 30 +## RabbitMQ info +neutron_rabbitmq_userid: neutron +neutron_rabbitmq_vhost: /neutron + ## Plugins neutron_plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin # Other plugins can be added to the system by simply extending the list `neutron_plugin_base`. diff --git a/playbooks/roles/os_neutron/tasks/neutron_messaging_setup.yml b/playbooks/roles/os_neutron/tasks/neutron_messaging_setup.yml new file mode 100644 index 0000000000..1cea089f2d --- /dev/null +++ b/playbooks/roles/os_neutron/tasks/neutron_messaging_setup.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ neutron_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - neutron-rabbitmq + - neutron-rabbitmq-vhost + +- name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ neutron_rabbitmq_userid }}" + password: "{{ neutron_rabbitmq_password }}" + vhost: "{{ neutron_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - neutron-rabbitmq + - neutron-rabbitmq-user diff --git a/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml b/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml index b134c956c7..63a936464e 100644 --- a/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml +++ b/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml @@ -92,3 +92,7 @@ tags: - sudoers - neutron-sudoers + +- include: neutron_messaging_setup.yml + when: > + inventory_hostname == groups['neutron_all'][0] diff --git a/playbooks/roles/os_neutron/templates/neutron.conf.j2 b/playbooks/roles/os_neutron/templates/neutron.conf.j2 index b9622533a4..c39cfa05b1 100644 --- a/playbooks/roles/os_neutron/templates/neutron.conf.j2 +++ b/playbooks/roles/os_neutron/templates/neutron.conf.j2 @@ -149,8 +149,9 @@ root_helper = sudo /usr/local/bin/neutron-rootwrap /etc/neutron/rootwrap.conf # Messaging service [oslo_messaging_rabbit] rabbit_port = {{ rabbitmq_port }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} +rabbit_userid = {{ neutron_rabbitmq_userid }} +rabbit_password = {{ neutron_rabbitmq_password }} +rabbit_virtual_host = {{ neutron_rabbitmq_vhost }} rabbit_hosts = {{ rabbitmq_servers }} # Concurrency (locking mechanisms) diff --git a/playbooks/roles/os_nova/defaults/main.yml b/playbooks/roles/os_nova/defaults/main.yml index f445c17b0a..9f5308bd2e 100644 --- a/playbooks/roles/os_nova/defaults/main.yml +++ b/playbooks/roles/os_nova/defaults/main.yml @@ -38,6 +38,10 @@ nova_db_max_overflow: 10 nova_db_max_pool_size: 120 nova_db_pool_timeout: 30 +## RabbitMQ info +nova_rabbitmq_userid: nova +nova_rabbitmq_vhost: /nova + ## RPC nova_rpc_backend: nova.openstack.common.rpc.impl_kombu nova_rpc_thread_pool_size: 64 diff --git a/playbooks/roles/os_nova/tasks/nova_messaging_setup.yml b/playbooks/roles/os_nova/tasks/nova_messaging_setup.yml new file mode 100644 index 0000000000..19d7138297 --- /dev/null +++ b/playbooks/roles/os_nova/tasks/nova_messaging_setup.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ nova_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - nova-rabbitmq + - nova-rabbitmq-vhost + +- name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ nova_rabbitmq_userid }}" + password: "{{ nova_rabbitmq_password }}" + vhost: "{{ nova_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + tags: + - nova-rabbitmq + - nova-rabbitmq-user diff --git a/playbooks/roles/os_nova/tasks/nova_pre_install.yml b/playbooks/roles/os_nova/tasks/nova_pre_install.yml index e17dc7bf6e..425f8a40d3 100644 --- a/playbooks/roles/os_nova/tasks/nova_pre_install.yml +++ b/playbooks/roles/os_nova/tasks/nova_pre_install.yml @@ -109,3 +109,7 @@ tags: - sudoers - nova-sudoers + +- include: nova_messaging_setup.yml + when: > + inventory_hostname == groups['nova_all'][0] diff --git a/playbooks/roles/os_nova/templates/nova.conf.j2 b/playbooks/roles/os_nova/templates/nova.conf.j2 index 8ddc49a799..205664b0a8 100644 --- a/playbooks/roles/os_nova/templates/nova.conf.j2 +++ b/playbooks/roles/os_nova/templates/nova.conf.j2 @@ -226,10 +226,10 @@ lock_path = /var/lock/nova [oslo_messaging_rabbit] -amqp_auto_delete = False rabbit_port = {{ rabbitmq_port }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} +rabbit_userid = {{ nova_rabbitmq_userid }} +rabbit_password = {{ nova_rabbitmq_password }} +rabbit_virtual_host = {{ nova_rabbitmq_vhost }} rabbit_hosts = {{ rabbitmq_servers }} diff --git a/playbooks/roles/os_swift/templates/proxy-server.conf.j2 b/playbooks/roles/os_swift/templates/proxy-server.conf.j2 index 518950df1e..45fe43bd85 100644 --- a/playbooks/roles/os_swift/templates/proxy-server.conf.j2 +++ b/playbooks/roles/os_swift/templates/proxy-server.conf.j2 @@ -144,7 +144,7 @@ use = egg:swift#xprofile paste.filter_factory = ceilometermiddleware.swift:filter_factory control_exchange = swift driver = messagingv2 -url = rabbit://openstack:{{ rabbitmq_password }}@{{ groups['rabbitmq_all'][0] }} +url = rabbit://{{ ceilometer_rabbitmq_userid }}:{{ ceilometer_rabbitmq_password }}@{{ hostvars[groups['rabbitmq_all'][0]]['ansible_ssh_host'] }}:5672{{ ceilometer_rabbitmq_vhost }} topic = notifications log_level = WARN {% endif %} diff --git a/playbooks/roles/rabbitmq_server/defaults/main.yml b/playbooks/roles/rabbitmq_server/defaults/main.yml index 76c977a6e9..70e997aeb1 100644 --- a/playbooks/roles/rabbitmq_server/defaults/main.yml +++ b/playbooks/roles/rabbitmq_server/defaults/main.yml @@ -38,8 +38,6 @@ rabbitmq_pip_packages: - python-memcached - pycrypto -rabbitmq_userid: rabbitmq - # Name of the rabbitmq cluster rabbitmq_cluster_name: rabbitmq_cluster1 diff --git a/playbooks/roles/rabbitmq_server/tasks/rabbitmq_post_install.yml b/playbooks/roles/rabbitmq_server/tasks/rabbitmq_post_install.yml index 6712425956..e620331499 100644 --- a/playbooks/roles/rabbitmq_server/tasks/rabbitmq_post_install.yml +++ b/playbooks/roles/rabbitmq_server/tasks/rabbitmq_post_install.yml @@ -46,18 +46,6 @@ - include: rabbitmq_restart.yml when: rabbit_config_changed|changed or rabbitmq_plugin|changed or rabbitmq_queue_mirror|changed -- name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ rabbitmq_userid }}" - password: "{{ rabbitmq_password }}" - vhost: "/" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - tags: - - rabbitmq-user - # This is being done because the rabbitctl command used by the module # is not very effective at returning proper status codes for failure # and the module does not error detection. until we can go upstream