From 3f7e851b9854b87815795d28a34c81e69388ac01 Mon Sep 17 00:00:00 2001 From: Andrew Bonney Date: Fri, 17 Jan 2025 15:47:02 +0000 Subject: [PATCH] Fix quorum queue support for ironic-inspector Configuration of RPC for ironic-inspector was a bit of a mixed bag, with some config fixed at defaults which are only relevant for HA queues. This conforms it to the way the majority of variables are managed. Note that this changes the default for ironic_inspector_oslomsg_rpc_use_ssl, but this should be set via oslomsg_rpc_use_ssl anyway. This also removes various unused inspector notification defaults. Change-Id: I7edc658f57de5ffc6d4aa158b02d26fa3ad71c9d --- defaults/main.yml | 20 ++++---------------- templates/inspector.conf.j2 | 16 +++++++++++++++- vars/main.yml | 5 +++++ 3 files changed, 24 insertions(+), 17 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index e0c60578..f50127a7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -518,25 +518,13 @@ ironic_inspector_oslomsg_rpc_setup_host: "{{ (ironic_oslomsg_rpc_host_group in g ironic_inspector_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}" ironic_inspector_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}" ironic_inspector_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}" -ironic_inspector_oslomsg_rpc_use_ssl: "True" -ironic_inspector_oslomsg_rpc_userid: ironic -ironic_inspector_oslomsg_rpc_vhost: /ironic +ironic_inspector_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}" +ironic_inspector_oslomsg_rpc_userid: "{{ ironic_oslomsg_rpc_userid }}" +ironic_inspector_oslomsg_rpc_password: "{{ ironic_oslomsg_rpc_password }}" +ironic_inspector_oslomsg_rpc_vhost: "{{ ironic_oslomsg_rpc_vhost }}" ironic_inspector_oslomsg_rpc_ssl_version: "{{ oslomsg_rpc_ssl_version | default('TLSv1_2') }}" ironic_inspector_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}" -ironic_inspector_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}" -ironic_inspector_oslomsg_notify_setup_host: >- - {{ (ironic_inspector_oslomsg_notify_host_group in groups) | ternary(groups[ironic_inspector_oslomsg_notify_host_group][0], 'localhost') }} -ironic_inspector_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}" -ironic_inspector_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}" -ironic_inspector_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}" -ironic_inspector_oslomsg_notify_use_ssl: "False" -ironic_inspector_oslomsg_notify_userid: "{{ ironic_inspector_oslomsg_rpc_userid }}" -ironic_inspector_oslomsg_notify_password: "{{ ironic_oslomsg_rpc_password }}" -ironic_inspector_oslomsg_notify_vhost: "{{ ironic_inspector_oslomsg_rpc_vhost }}" -ironic_inspector_oslomsg_notify_ssl_version: "{{ oslomsg_notify_ssl_version | default('TLSv1_2') }}" -ironic_inspector_oslomsg_notify_ssl_ca_file: "{{ oslomsg_notify_ssl_ca_file | default('') }}" - ### ### Backend TLS ### diff --git a/templates/inspector.conf.j2 b/templates/inspector.conf.j2 index 277badaf..2e34fa0e 100644 --- a/templates/inspector.conf.j2 +++ b/templates/inspector.conf.j2 @@ -12,7 +12,7 @@ auth_strategy = keystone debug = {{ debug }} # RPC Backend -transport_url = {{ ironic_inspector_oslomsg_rpc_transport }}://{% for host in ironic_inspector_oslomsg_rpc_servers.split(',') %}{{ ironic_inspector_oslomsg_rpc_userid }}:{{ ironic_oslomsg_rpc_password }}@{{ host }}:{{ ironic_inspector_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ ironic_inspector_oslomsg_rpc_vhost }}{% if ironic_inspector_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} +transport_url = {{ ironic_inspector_oslomsg_rpc_transport }}://{% for host in ironic_inspector_oslomsg_rpc_servers.split(',') %}{{ ironic_inspector_oslomsg_rpc_userid }}:{{ ironic_inspector_oslomsg_rpc_password }}@{{ host }}:{{ ironic_inspector_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ _ironic_inspector_oslomsg_rpc_vhost_conf }}{% if ironic_inspector_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} {% if ironic_backend_ssl | bool %} [ssl] @@ -84,6 +84,20 @@ memcached_servers = {{ memcached_servers }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcached_encryption_key }} +[oslo_messaging_rabbit] +ssl = {{ ironic_oslomsg_rpc_use_ssl }} +pool_max_size = {{ ironic_wsgi_processes }} +rabbit_quorum_queue = {{ ironic_oslomsg_rabbit_quorum_queues }} +rabbit_transient_quorum_queue = {{ ironic_oslomsg_rabbit_transient_quorum_queues }} +rabbit_qos_prefetch_count = {{ ironic_oslomsg_rabbit_qos_prefetch_count }} +use_queue_manager = {{ ironic_oslomsg_rabbit_queue_manager }} +{% if ironic_oslomsg_rabbit_queue_manager %} +hostname = {{ [ansible_facts['hostname'], ironic_service_name] | join('-') }} +{% endif %} +rabbit_stream_fanout = {{ ironic_oslomsg_rabbit_stream_fanout }} +rabbit_quorum_delivery_limit = {{ ironic_oslomsg_rabbit_quorum_delivery_limit }} +rabbit_quorum_max_memory_bytes = {{ ironic_oslomsg_rabbit_quorum_max_memory_bytes }} + [oslo_policy] [pci_devices] diff --git a/vars/main.yml b/vars/main.yml index 1c387d48..49fe183e 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -33,6 +33,11 @@ _ironic_oslomsg_notify_vhost_conf: >- (ironic_oslomsg_notify_vhost is string) | ternary( ironic_oslomsg_notify_vhost, ironic_oslomsg_notify_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) }} +_ironic_inspector_oslomsg_rpc_vhost_conf: >- + {{ + (ironic_inspector_oslomsg_rpc_vhost is string) | ternary( + ironic_inspector_oslomsg_rpc_vhost, ironic_inspector_oslomsg_rpc_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) + }} # This special list brings together all of the package installations into one # task to save time.