def test_configure_notification_ttl(self, rabbitmqctl):
rabbit_utils.configure_notification_ttl('test', 23000)
rabbitmqctl.assert_called_once_with('set_policy', 'TTL',
'^(versioned_)?notifications.*',
'{"message-ttl":23000}',
'--priority', '1', '--apply-to',
'queues', '-p', 'test')
def test_configure_notification_ttl(self, rabbitmqctl):
rabbit_utils.configure_notification_ttl('test',
23000)
rabbitmqctl.assert_called_once_with(
'set_policy',
'TTL', '^(versioned_)?notifications.*',
'{"message-ttl":23000}',
'--priority', '1',
'--apply-to', 'queues',
'-p', 'test'
)
def config_changed(check_deferred_restarts=True):
"""Run config-chaged hook.
:param check_deferred_events: Whether to check if restarts are
permitted before running hook.
:type check_deferred_events: bool
"""
configure_deferred_restarts(rabbit.services())
allowed, reason = is_hook_allowed(
'config-changed', check_deferred_restarts=check_deferred_restarts)
if not allowed:
log(reason, "WARN")
return
# Update hosts with this unit's information
cluster_ip = ch_ip.get_relation_ip(
rabbit_net_utils.CLUSTER_INTERFACE,
cidr_network=config(rabbit_net_utils.CLUSTER_OVERRIDE_CONFIG))
rabbit.update_hosts_file({cluster_ip: rabbit.get_unit_hostname()})
# Add archive source if provided and not in the upgrade process
if not leader_get("cluster_series_upgrading"):
add_source(config('source'), config('key'))
# Copy in defaults file for updated ulimits
shutil.copyfile('templates/rabbitmq-server',
'/etc/default/rabbitmq-server')
# Install packages to ensure any changes to source
# result in an upgrade if applicable only if we change the 'source'
# config option
if rabbit.archive_upgrade_available():
# Avoid packge upgrade collissions
# Stopping and attempting to start rabbitmqs at the same time leads to
# failed restarts
rabbit.cluster_wait()
rabbit.install_or_upgrade_packages()
if config('ssl') == 'off':
open_port(5672)
close_port(int(config('ssl_port')))
elif config('ssl') == 'on':
open_port(5672)
open_port(int(config('ssl_port')))
elif config('ssl') == 'only':
close_port(5672)
open_port(int(config('ssl_port')))
else:
log("Unknown ssl config value: '%s'" % config('ssl'), level=ERROR)
chown(RABBIT_DIR, rabbit.RABBIT_USER, rabbit.RABBIT_USER)
chmod(RABBIT_DIR, 0o775)
if rabbit.management_plugin_enabled():
rabbit.enable_plugin(MAN_PLUGIN)
open_port(rabbit.get_managment_port())
else:
rabbit.disable_plugin(MAN_PLUGIN)
close_port(rabbit.get_managment_port())
# LY: Close the old managment port since it may have been opened in a
# previous version of the charm. close_port is a noop if the port
# is not open
close_port(55672)
# NOTE(jamespage): If a newer RMQ version is
# installed and the old style configuration file
# is still on disk, remove before re-rendering
# any new configuration.
if (os.path.exists(rabbit.RABBITMQ_CONFIG)
and cmp_pkgrevno('rabbitmq-server', '3.7') >= 0):
os.remove(rabbit.RABBITMQ_CONFIG)
rabbit.ConfigRenderer(rabbit.CONFIG_FILES()).write_all()
if is_relation_made("ha"):
ha_is_active_active = config("ha-vip-only")
if ha_is_active_active:
update_nrpe_checks()
else:
if is_elected_leader('res_rabbitmq_vip'):
update_nrpe_checks()
else:
log("hacluster relation is present but this node is not active"
" skipping update nrpe checks")
elif is_relation_made('nrpe-external-master'):
update_nrpe_checks()
# Only set values if this is the leader
if not is_leader():
return
rabbit.set_all_mirroring_queues(config('mirroring-queues'))
# Update cluster in case min-cluster-size has changed
for rid in relation_ids('cluster'):
for unit in related_units(rid):
cluster_changed(relation_id=rid, remote_unit=unit)
# NOTE(jamespage): Workaround until we have a good way
# of generally disabling notifications
# based on which services are deployed.
if 'openstack' in rabbit.list_vhosts():
rabbit.configure_notification_ttl('openstack',
config('notification-ttl'))
def configure_amqp(username,
vhost,
relation_id,
admin=False,
ttlname=None,
ttlreg=None,
ttl=None):
"""Configure rabbitmq server.
This function creates user/password, vhost and sets user permissions. It
also enabales mirroring queues if requested.
Calls to rabbitmqctl are costly and as such we aim to limit them by only
doing them if we detect that a settings needs creating or updating. To
achieve this we track what we set by storing key/value pairs associated
with a particular relation id in a local database.
Since this function is only supposed to be called by the cluster leader,
the database is expected to be invalidated if it exists and we are no
longer leader so as to ensure that a leader switch results in a
rabbitmq configuraion consistent with the current leader's view.
:param username: client username.
:param vhost: vhost name.
:param relation_id: optional relation id used to identify the context of
this operation. This should always be provided
so that we can track what has been set.
:param admin: boolean value defining whether the new user is admin.
:param ttlname: the name of ttl
:param ttlreg: the regular expression of ttl
:param ttl: the vaule of ttl
:returns: user password
"""
log(
"Configuring rabbitmq for user '{}' vhost '{}' (rid={})".format(
username, vhost, relation_id), DEBUG)
if not relation_id:
raise Exception("Invalid relation id '{}' provided to "
"{}()".format(relation_id, configure_amqp.__name__))
# get and update service password
password = rabbit.get_rabbit_password(username)
expected = {
'username': username,
'vhost': vhost,
'ttl': ttl,
'mirroring-queues': config('mirroring-queues')
}
kvstore = kv()
tracker = kvstore.get('amqp_config_tracker') or {}
val = tracker.get(relation_id)
if val == expected and not val.get('stale'):
log(
"Rabbit already configured for relation "
"'{}'".format(relation_id), DEBUG)
return password
else:
tracker[relation_id] = expected
# update vhost
rabbit.create_vhost(vhost)
# NOTE(jamespage): Workaround until we have a good way
# of generally disabling notifications
# based on which services are deployed.
if vhost == 'openstack':
rabbit.configure_notification_ttl(vhost, config('notification-ttl'))
rabbit.configure_ttl(vhost, ttlname, ttlreg, ttl)
if admin:
rabbit.create_user(username, password, ['administrator'])
else:
rabbit.create_user(username, password)
rabbit.grant_permissions(username, vhost)
# NOTE(freyes): after rabbitmq-server 3.0 the method to define HA in the
# queues is different
# http://www.rabbitmq.com/blog/2012/11/19/breaking-things-with-rabbitmq-3-0
if config('mirroring-queues'):
rabbit.set_ha_mode(vhost, 'all')
kvstore.set(key='amqp_config_tracker', value=tracker)
kvstore.flush()
return password
def config_changed():
if is_unit_paused_set():
log("Do not run config_changed while unit is paused", "WARNING")
return
# Update hosts with this unit's information
cluster_ip = ch_ip.get_relation_ip(
rabbit_net_utils.CLUSTER_INTERFACE,
cidr_network=config(rabbit_net_utils.CLUSTER_OVERRIDE_CONFIG))
rabbit.update_hosts_file({cluster_ip: rabbit.get_unit_hostname()})
# Add archive source if provided and not in the upgrade process
if not leader_get("cluster_series_upgrading"):
add_source(config('source'), config('key'))
# Copy in defaults file for updated ulimits
shutil.copyfile(
'templates/rabbitmq-server',
'/etc/default/rabbitmq-server')
# Install packages to ensure any changes to source
# result in an upgrade if applicable only if we change the 'source'
# config option
if rabbit.archive_upgrade_available():
# Avoid packge upgrade collissions
# Stopping and attempting to start rabbitmqs at the same time leads to
# failed restarts
rabbit.cluster_wait()
rabbit.install_or_upgrade_packages()
if config('ssl') == 'off':
open_port(5672)
close_port(int(config('ssl_port')))
elif config('ssl') == 'on':
open_port(5672)
open_port(int(config('ssl_port')))
elif config('ssl') == 'only':
close_port(5672)
open_port(int(config('ssl_port')))
else:
log("Unknown ssl config value: '%s'" % config('ssl'), level=ERROR)
chown(RABBIT_DIR, rabbit.RABBIT_USER, rabbit.RABBIT_USER)
chmod(RABBIT_DIR, 0o775)
if config('management_plugin') is True:
rabbit.enable_plugin(MAN_PLUGIN)
open_port(rabbit.get_managment_port())
else:
rabbit.disable_plugin(MAN_PLUGIN)
close_port(rabbit.get_managment_port())
# LY: Close the old managment port since it may have been opened in a
# previous version of the charm. close_port is a noop if the port
# is not open
close_port(55672)
rabbit.ConfigRenderer(
rabbit.CONFIG_FILES).write_all()
if is_relation_made("ha"):
ha_is_active_active = config("ha-vip-only")
if ha_is_active_active:
update_nrpe_checks()
else:
if is_elected_leader('res_rabbitmq_vip'):
update_nrpe_checks()
else:
log("hacluster relation is present but this node is not active"
" skipping update nrpe checks")
elif is_relation_made('nrpe-external-master'):
update_nrpe_checks()
# Only set values if this is the leader
if not is_leader():
return
rabbit.set_all_mirroring_queues(config('mirroring-queues'))
# Update cluster in case min-cluster-size has changed
for rid in relation_ids('cluster'):
for unit in related_units(rid):
cluster_changed(relation_id=rid, remote_unit=unit)
# NOTE(jamespage): Workaround until we have a good way
# of generally disabling notifications
# based on which services are deployed.
if 'openstack' in rabbit.list_vhosts():
rabbit.configure_notification_ttl('openstack',
config('notification-ttl'))
def configure_amqp(username, vhost, relation_id, admin=False):
"""Configure rabbitmq server.
This function creates user/password, vhost and sets user permissions. It
also enabales mirroring queues if requested.
Calls to rabbitmqctl are costly and as such we aim to limit them by only
doing them if we detect that a settings needs creating or updating. To
achieve this we track what we set by storing key/value pairs associated
with a particular relation id in a local database.
Since this function is only supposed to be called by the cluster leader,
the database is expected to be invalidated if it exists and we are no
longer leader so as to ensure that a leader switch results in a
rabbitmq configuraion consistent with the current leader's view.
:param username: client username.
:param vhost: vhost name.
:param relation_id: optional relation id used to identify the context of
this operation. This should always be provided
so that we can track what has been set.
:param admin: boolean value defining whether the new user is admin.
:returns: user password
"""
log("Configuring rabbitmq for user '{}' vhost '{}' (rid={})".
format(username, vhost, relation_id), DEBUG)
if not relation_id:
raise Exception("Invalid relation id '{}' provided to "
"{}()".format(relation_id, configure_amqp.__name__))
# get and update service password
password = rabbit.get_rabbit_password(username)
expected = {'username': username, 'vhost': vhost,
'mirroring-queues': config('mirroring-queues')}
kvstore = kv()
tracker = kvstore.get('amqp_config_tracker') or {}
val = tracker.get(relation_id)
if val == expected and not val.get('stale'):
log("Rabbit already configured for relation "
"'{}'".format(relation_id), DEBUG)
return password
else:
tracker[relation_id] = expected
# update vhost
rabbit.create_vhost(vhost)
# NOTE(jamespage): Workaround until we have a good way
# of generally disabling notifications
# based on which services are deployed.
if vhost == 'openstack':
rabbit.configure_notification_ttl(vhost,
config('notification-ttl'))
if admin:
rabbit.create_user(username, password, ['administrator'])
else:
rabbit.create_user(username, password)
rabbit.grant_permissions(username, vhost)
# NOTE(freyes): after rabbitmq-server 3.0 the method to define HA in the
# queues is different
# http://www.rabbitmq.com/blog/2012/11/19/breaking-things-with-rabbitmq-3-0
if config('mirroring-queues'):
rabbit.set_ha_mode(vhost, 'all')
kvstore.set(key='amqp_config_tracker', value=tracker)
kvstore.flush()
return password