Refactor usage of RabbitMQ resources
This patch refactors all creation of RabbitMQ resources such as users and ACLs to a define called openstack_integration::mq_user. This will make sure RabbitMQ is automatically installed as well, as there are times where dependencies to RabbitMQ are added to things like Keystone which break Beaker tests in other repos (but we don't know they're broken until the change merges). In addition, instead of setting up dependencies on the tagged services, we use the anchors provided which should hopefully test against them as well. Change-Id: Ib122ddd105529de5e12389cc9db2e4e09ec4ad54
This commit is contained in:
Mohammed Naser
parent
86bc9c496a
commit
a52d9564c0
@ -3,26 +3,9 @@ class openstack_integration::aodh {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'aodh':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'aodh':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'aodh@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'aodh':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['aodh::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -3,27 +3,9 @@ class openstack_integration::barbican {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'barbican':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'barbican':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'barbican@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
Rabbitmq_user_permissions['barbican@/'] -> Service<| tag == 'barbican-service' |>
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'barbican':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['barbican::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -12,26 +12,9 @@ class openstack_integration::ceilometer (
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'ceilometer':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'ceilometer':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'ceilometer@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'ceilometer':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['ceilometer::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -22,26 +22,9 @@ class openstack_integration::cinder (
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'cinder':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'cinder':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'cinder@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'cinder':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['cinder::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -7,21 +7,10 @@ class openstack_integration::designate {
|
||||
include ::openstack_integration::params
|
||||
include ::openstack_integration::bind
|
||||
|
||||
rabbitmq_user { 'designate':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'designate':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
before => Anchor['designate::service::begin'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'designate@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
Rabbitmq_user_permissions['designate@/'] -> Service<| tag == 'designate-service' |>
|
||||
|
||||
class { '::designate::db::mysql':
|
||||
password => 'designate',
|
||||
|
||||
@ -25,26 +25,9 @@ class openstack_integration::glance (
|
||||
$crt_file = undef
|
||||
}
|
||||
|
||||
rabbitmq_user { 'glance':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'glance':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'glance@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'glance':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['glance::service::begin'],
|
||||
}
|
||||
|
||||
class { '::glance::db::mysql':
|
||||
|
||||
@ -3,27 +3,9 @@ class openstack_integration::heat {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'heat':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'heat':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'heat@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
Rabbitmq_user_permissions['heat@/'] -> Service<| tag == 'heat-service' |>
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'heat':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['heat::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -11,29 +11,9 @@ class openstack_integration::ironic {
|
||||
Exec['update-ca-certificates'] ~> Service['httpd']
|
||||
}
|
||||
|
||||
rabbitmq_user { 'ironic':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'ironic':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'ironic@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
# https://bugs.launchpad.net/ironic/+bug/1564075
|
||||
Rabbitmq_user_permissions['ironic@/'] -> Service<| tag == 'ironic-service' |>
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'ironic':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['ironic::service::begin'],
|
||||
}
|
||||
|
||||
class { '::ironic':
|
||||
|
||||
@ -30,27 +30,9 @@ class openstack_integration::keystone (
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'keystone':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'keystone':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'keystone@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
Rabbitmq_user_permissions['keystone@/'] -> Service<| tag == 'keystone-service' |>
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'keystone':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['keystone::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -3,28 +3,9 @@ class openstack_integration::mistral {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'mistral':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'mistral':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['rabbitmq'],
|
||||
}
|
||||
|
||||
rabbitmq_user_permissions { 'mistral@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['rabbitmq'],
|
||||
}
|
||||
Rabbitmq_user_permissions['mistral@/'] -> Service<| tag == 'mistral-service' |>
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'mistral':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['mistral::service::begin'],
|
||||
}
|
||||
|
||||
if $::osfamily == 'RedHat' {
|
||||
|
||||
46
manifests/mq_user.pp
Normal file
46
manifests/mq_user.pp
Normal file
@ -0,0 +1,46 @@
|
||||
# Create a message queue user for a service
|
||||
#
|
||||
# [*password*]
|
||||
# The password for the message queue account
|
||||
#
|
||||
# [*admin*]
|
||||
# (optional) If the acconut is an admin account
|
||||
# Defaults to true
|
||||
#
|
||||
# [*vhost*]
|
||||
# The virtual host assigned to the user
|
||||
# Defaults to /
|
||||
#
|
||||
define openstack_integration::mq_user (
|
||||
$password,
|
||||
$admin = true,
|
||||
$vhost = '/',
|
||||
) {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::rabbitmq
|
||||
|
||||
rabbitmq_user { $name:
|
||||
admin => $admin,
|
||||
password => $password,
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
rabbitmq_user_permissions { "${name}@${vhost}":
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
include ::openstack_integration::qdr
|
||||
|
||||
qdr_user { $name:
|
||||
password => $password,
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -31,27 +31,9 @@ class openstack_integration::neutron (
|
||||
Exec['update-ca-certificates'] ~> Service['neutron-server']
|
||||
}
|
||||
|
||||
rabbitmq_user { 'neutron':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'neutron':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'neutron@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
Rabbitmq_user_permissions['neutron@/'] -> Service<| tag == 'neutron-service' |>
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'neutron':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['neutron::service::begin'],
|
||||
}
|
||||
|
||||
case $driver {
|
||||
|
||||
@ -52,27 +52,9 @@ class openstack_integration::nova (
|
||||
'password' => 'an_even_bigger_secret',
|
||||
})
|
||||
|
||||
rabbitmq_user { 'nova':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'nova':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'nova@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
Rabbitmq_user_permissions['nova@/'] -> Service<| tag == 'nova-service' |>
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'nova':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['nova::service::begin'],
|
||||
}
|
||||
|
||||
class { '::nova::db::mysql':
|
||||
|
||||
@ -3,26 +3,9 @@ class openstack_integration::sahara {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'sahara':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'sahara':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'sahara@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'sahara':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['sahara::service::begin'],
|
||||
}
|
||||
|
||||
class { '::sahara::db::mysql':
|
||||
|
||||
@ -3,26 +3,9 @@ class openstack_integration::trove {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'trove':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'trove':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'trove@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'trove':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['trove::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -3,26 +3,9 @@ class openstack_integration::vitrage {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'vitrage':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'vitrage':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'vitrage@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'vitrage':
|
||||
password => 'an_even_bigger_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['vitrage::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
@ -3,26 +3,9 @@ class openstack_integration::watcher {
|
||||
include ::openstack_integration::config
|
||||
include ::openstack_integration::params
|
||||
|
||||
rabbitmq_user { 'watcher':
|
||||
admin => true,
|
||||
openstack_integration::mq_user { 'watcher':
|
||||
password => 'my_secret',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['rabbitmq'],
|
||||
}
|
||||
rabbitmq_user_permissions { 'watcher@/':
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
require => Class['rabbitmq'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::messaging_default_proto == 'amqp' {
|
||||
qdr_user { 'watcher':
|
||||
password => 'my_secret',
|
||||
provider => 'sasl',
|
||||
require => Class['::qdr'],
|
||||
}
|
||||
before => Anchor['watcher::service::begin'],
|
||||
}
|
||||
|
||||
if $::openstack_integration::config::ssl {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user