1 heat_template_version: pike
4 RabbitMQ service configured with Puppet
9 description: Mapping of service_name -> network name. Typically set
10 via parameter_defaults in the resource registry. This
11 mapping overrides those in ServiceNetMapDefaults.
18 description: Role name on which the service is applied
22 description: Parameters specific to the role
26 description: Mapping of service endpoint -> protocol. Typically set
27 via parameter_defaults in the resource registry.
31 description: The username for RabbitMQ
34 description: The password for RabbitMQ
39 description: Configures RabbitMQ FD limit
43 description: Enable IPv6 in RabbitMQ
51 The number of HA queues to be configured in rabbit. The default is -1 which
52 translates to "ha-mode all". The special value 0 will be automatically
53 overridden to CEIL(N/2) where N is the number of nodes running rabbitmq.
56 MonitoringSubscriptionRabbitmq:
57 default: 'overcloud-rabbitmq'
64 internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
68 description: Role data for the RabbitMQ role.
70 service_name: rabbitmq
71 monitoring_subscription: {get_param: MonitoringSubscriptionRabbitmq}
75 rabbitmq::file_limit: {get_param: RabbitFDLimit}
76 rabbitmq::default_user: {get_param: RabbitUserName}
77 rabbitmq::default_pass: {get_param: RabbitPassword}
78 rabbit_ipv6: {get_param: RabbitIPv6}
79 tripleo.rabbitmq.firewall_rules:
85 rabbitmq::delete_guest_user: false
86 rabbitmq::wipe_db_on_cookie_change: true
87 rabbitmq::port: '5672'
88 rabbitmq::package_provider: yum
89 rabbitmq::package_source: undef
90 rabbitmq::repos_ensure: false
91 rabbitmq::tcp_keepalive: true
95 RABBITMQ_NODENAME: "rabbit@%{::hostname}"
96 RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
97 'export ERL_EPMD_ADDRESS': "%{hiera('rabbitmq::interface')}"
98 rabbitmq_kernel_variables:
99 inet_dist_listen_min: '25672'
100 inet_dist_listen_max: '25672'
101 rabbitmq_config_variables:
102 cluster_partition_handling: 'pause_minority'
103 queue_master_locator: '<<"min-masters">>'
105 rabbitmq::erlang_cookie:
107 expression: $.data.passwords.where($ != '').first()
110 - {get_param: RabbitCookie}
111 - {get_param: [DefaultPasswords, rabbit_cookie]}
112 # NOTE: bind IP is found in Heat replacing the network name with the
113 # local node IP for the given network; replacement examples
114 # (eg. for internal_api):
116 # internal_api_uri -> [IP]
117 # internal_api_subnet - > IP/CIDR
118 rabbitmq::interface: {get_param: [ServiceNetMap, RabbitmqNetwork]}
119 rabbitmq::nr_ha_queues: {get_param: RabbitHAQueues}
120 rabbitmq::ssl: {get_param: EnableInternalTLS}
121 rabbitmq::ssl_port: '5672'
122 rabbitmq::ssl_depth: 1
123 rabbitmq::ssl_only: {get_param: EnableInternalTLS}
124 rabbitmq::ssl_interface: {get_param: [ServiceNetMap, RabbitmqNetwork]}
125 # TODO(jaosorior): Remove this once we set a proper default in
127 tripleo::profile::base::rabbitmq::enable_internal_tls: {get_param: EnableInternalTLS}
130 - internal_tls_enabled
131 - generate_service_certificates: true
132 tripleo::profile::base::rabbitmq::certificate_specs:
133 service_certificate: '/etc/pki/tls/certs/rabbitmq.crt'
134 service_key: '/etc/pki/tls/private/rabbitmq.key'
137 template: "%{hiera('fqdn_NETWORK')}"
139 NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
142 template: "rabbitmq/%{hiera('fqdn_NETWORK')}"
144 NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
147 include ::tripleo::profile::base::rabbitmq
149 - name: Stop rabbitmq service
151 service: name=rabbitmq-server state=stopped
152 - name: Start rabbitmq service
154 service: name=rabbitmq-server state=started
157 - internal_tls_enabled
160 network: {get_param: [ServiceNetMap, RabbitmqNetwork]}