aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSaravanan KR <skramaja@redhat.com>2016-11-24 19:35:59 +0530
committerSaravanan KR <skramaja@redhat.com>2017-02-03 16:15:50 +0530
commit76931e535c69ab437c4710dc749bc363f4533ea5 (patch)
tree409175c1b570494de1b673705c98ada0067d5d75
parenta75c6c618e34d74389b9963f994f5e18ec29674a (diff)
Add support to changing the Rabbitmq password on update
Rabbitmq Password is set on the fresh deployment, but during update, if the password is changed, it is modified in all config files including rabbitmq config. But the rabbitmq connection fails because the new password is not successful applied to rabbitmq. Setting the rabbitmq_user will invoke 'rabbitmqctl change_password'. Scenario: The password change is applied on Step1 when configuring Rabbitmq. Other services may be updated on different Steps. Till other services config is updated with new rabbitmq password, and restarted, the connections will get Access Denied response. It has cyclic dependency. So the passwords will be changes at Step1 and once all services are updated, the connections will work as is. Partial-Bug: #1611704 Change-Id: I44865af3d5eb2d37eb648ac7227277e86c8fbc54
-rw-r--r--manifests/profile/base/rabbitmq.pp26
-rw-r--r--releasenotes/notes/rabbitmq_password_change-4fce15c9ebb0e20c.yaml4
2 files changed, 30 insertions, 0 deletions
diff --git a/manifests/profile/base/rabbitmq.pp b/manifests/profile/base/rabbitmq.pp
index fd8de8f..1eaabf0 100644
--- a/manifests/profile/base/rabbitmq.pp
+++ b/manifests/profile/base/rabbitmq.pp
@@ -43,6 +43,18 @@
# (Optional) Array of host(s) for RabbitMQ nodes.
# Defaults to hiera('rabbitmq_node_names', []).
#
+# [*rabbitmq_pass*]
+# (Optional) RabbitMQ Default Password.
+# Defaults to hiera('rabbitmq::default_pass')
+#
+# [*rabbitmq_user*]
+# (Optional) RabbitMQ Default User.
+# Defaults to hiera('rabbitmq::default_user')
+#
+# [*stack_action*]
+# (Optional) Action of the stack deployment.
+# Defaults to hiera('stack_action')
+#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
@@ -55,6 +67,9 @@ class tripleo::profile::base::rabbitmq (
$kernel_variables = hiera('rabbitmq_kernel_variables'),
$inet_dist_interface = hiera('rabbitmq::interface', undef),
$nodes = hiera('rabbitmq_node_names', []),
+ $rabbitmq_pass = hiera('rabbitmq::default_pass'),
+ $rabbitmq_user = hiera('rabbitmq::default_user'),
+ $stack_action = hiera('stack_action'),
$step = hiera('step'),
) {
# IPv6 environment, necessary for RabbitMQ.
@@ -103,6 +118,17 @@ class tripleo::profile::base::rabbitmq (
environment_variables => $rabbit_env,
}
}
+ # In case of HA, starting of rabbitmq-server is managed by pacemaker, because of which, a dependency
+ # to Service['rabbitmq-server'] will not work. Sticking with UPDATE action.
+ if $stack_action == 'UPDATE' {
+ # Required for changing password on update scenario. Password will be changed only when
+ # called explicity, if the rabbitmq service is already running.
+ rabbitmq_user { $rabbitmq_user :
+ password => $rabbitmq_pass,
+ provider => 'rabbitmqctl',
+ admin => true,
+ }
+ }
}
}
diff --git a/releasenotes/notes/rabbitmq_password_change-4fce15c9ebb0e20c.yaml b/releasenotes/notes/rabbitmq_password_change-4fce15c9ebb0e20c.yaml
new file mode 100644
index 0000000..351db74
--- /dev/null
+++ b/releasenotes/notes/rabbitmq_password_change-4fce15c9ebb0e20c.yaml
@@ -0,0 +1,4 @@
+---
+issues:
+ - Invoke rabbitmq_user resource explicity to apply password change during
+ update, if any.