x/packstack
Code Issues Proposed changes

Fixes qpid ssl error

Browse Source 
Fixes errors when CONFIG_QPID_ENABLE_SSL is set
to y

The best solution without breaking anything was to
open always both qpid ports.
This is temporary until the firewall puppet
module is updated to the latest version.

Change-Id: Ie0668eb6e0728c7da93cda06d55d5b32bae8e25c
Fixes: rhbz#1048705
This commit is contained in:
Ivan Chavero
2014-01-06 01:17:30 -07:00
parent 51afb22e86
commit 805d7ff211
2 changed files with 18 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
packstack/plugins/qpid_002.py
View File

@@ -207,9 +207,7 @@ def createmanifest(config):
manifestdata = "" manifestdata = ""
ssl_manifestdata = "" ssl_manifestdata = ""
server = utils.ScriptRunner(config['CONFIG_QPID_HOST']) server = utils.ScriptRunner(config['CONFIG_QPID_HOST'])
ports = set(["'5672'"])
if config['CONFIG_QPID_ENABLE_SSL'] == 'y': if config['CONFIG_QPID_ENABLE_SSL'] == 'y':
ports.add("'%s'" % (config['CONFIG_QPID_SSL_PORT']))
config['CONFIG_QPID_ENABLE_SSL'] = 'true' config['CONFIG_QPID_ENABLE_SSL'] = 'true'
config['CONFIG_QPID_PROTOCOL'] = 'ssl' config['CONFIG_QPID_PROTOCOL'] = 'ssl'
config['CONFIG_QPID_CLIENTS_PORT'] = "5671" config['CONFIG_QPID_CLIENTS_PORT'] = "5671"
@@ -240,11 +238,15 @@ def createmanifest(config):
#All hosts should be able to talk to qpid #All hosts should be able to talk to qpid
hosts = ["'%s'" % i for i in filtered_hosts(config, exclude=False)] hosts = ["'%s'" % i for i in filtered_hosts(config, exclude=False)]
# if the rule already exists for one port puppet will fail # if the rule already exists for one port puppet will fail
# we have to add them by separate # so i had to add always both qpid ports (plain and SSL) in order
for port in ports: # to avoid rule changes, this is due some problematic behaviour of
config['FIREWALL_ALLOWED'] = ','.join(hosts) # the puppet firewall module
config['FIREWALL_SERVICE_NAME'] = "qpid - %s" % (port) # this is a temporary solution, as soon as the firewall module is
config['FIREWALL_PORTS'] = port # updated we'll go back to previous state in which we open just
manifestdata += getManifestTemplate("firewall.pp") # the needed ports
config['FIREWALL_ALLOWED'] = ','.join(hosts)
config['FIREWALL_SERVICE_NAME'] = "qpid"
config['FIREWALL_PORTS'] = "'5671', '5672'"
manifestdata += getManifestTemplate("firewall.pp")
appendManifestFile(manifestfile, manifestdata, 'pre') appendManifestFile(manifestfile, manifestdata, 'pre')

9
packstack/puppet/templates/qpid_ssl.pp
View File

@@ -4,13 +4,20 @@ group { 'qpidd':
ensure => 'present', ensure => 'present',
} }
exec { 'stop_qpid' :
command => '/sbin/service qpidd stop',
}
user { 'qpidd': user { 'qpidd':
ensure => 'present', ensure => 'present',
managehome => true, managehome => true,
home => '/var/run/qpidd', home => '/var/run/qpidd',
require => Group['qpidd'] require => Group['qpidd'],
before => Class['qpid::server']
} }
Exec['stop_qpid']->User['qpidd']
file { 'pid_dir': file { 'pid_dir':
path => '/var/run/qpidd', path => '/var/run/qpidd',
ensure => directory, ensure => directory,