1992282b88
As with other services, this passes the necessary hieradata to enable TLS for RabbitMQ. This will mean (once we set it via puppet-tripleo) that there will only be TLS connections, as the ssl_only option is being used. bp tls-via-certmonger Change-Id: I960bf747cd5e3040f99b28e2fc5873ca3a7472b5 Depends-On: Ic2a7f877745a0a490ddc9315123bd1180b03c514
73 lines
2.7 KiB
YAML
73 lines
2.7 KiB
YAML
heat_template_version: ocata
|
|
|
|
description: >
|
|
RabbitMQ service with Pacemaker configured with Puppet
|
|
|
|
parameters:
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
|
|
resources:
|
|
RabbitMQServiceBase:
|
|
type: ../rabbitmq.yaml
|
|
properties:
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
EndpointMap: {get_param: EndpointMap}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the RabbitMQ pacemaker role.
|
|
value:
|
|
service_name: rabbitmq
|
|
monitoring_subscription: {get_attr: [RabbitMQServiceBase, role_data, monitoring_subscription]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [RabbitMQServiceBase, role_data, config_settings]
|
|
- rabbitmq::service_manage: false
|
|
step_config: |
|
|
include ::tripleo::profile::pacemaker::rabbitmq
|
|
upgrade_tasks:
|
|
- name: get bootstrap nodeid
|
|
tags: common
|
|
command: hiera bootstrap_nodeid
|
|
register: bootstrap_node
|
|
- name: set is_bootstrap_node fact
|
|
tags: common
|
|
set_fact: is_bootstrap_node={{bootstrap_node.stdout == ansible_hostname}}
|
|
- name: get rabbitmq policy
|
|
tags: common
|
|
shell: pcs resource show rabbitmq | grep -q -E "Attributes:.*\"ha-mode\":\"all\""
|
|
register: rabbit_ha_mode
|
|
when: is_bootstrap_node
|
|
ignore_errors: true
|
|
- name: set migrate_rabbit_ha_mode fact
|
|
tags: common
|
|
set_fact: migrate_rabbit_ha_mode={{rabbit_ha_mode.rc == 0}}
|
|
when: is_bootstrap_node
|
|
- name: Fixup for rabbitmq ha-queues LP#1668600
|
|
tags: step0,pre-upgrade
|
|
shell: |
|
|
nr_controllers=$(($(hiera controller_node_names | grep -o "," |wc -l) + 1))
|
|
nr_queues=$(($nr_controllers / 2 + ($nr_controllers % 2)))
|
|
if ! [ $nr_queues -gt 0 -a $nr_queues -le $nr_controllers ]; then
|
|
echo "ERROR: The nr. of HA queues during the rabbit upgrade is out of range: $nr_queues"
|
|
exit 1
|
|
fi
|
|
pcs resource update rabbitmq set_policy='ha-all ^(?!amq\\.).* {"ha-mode":"exactly","ha-params":'"$nr_queues}" --wait=600
|
|
when: is_bootstrap_node and migrate_rabbit_ha_mode
|
|
metadata_settings:
|
|
get_attr: [RabbitMQServiceBase, role_data, metadata_settings]
|