Adding centos-odcs/centos-odcs-private-queue queue and user

Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
2020-11-16 13:58:28 -05:00 · 2020-11-16 13:58:28 -05:00 · 11db5b4cfa
commit 11db5b4cfa
parent 1f39c7e9d0
1 changed files with 107 additions and 0 deletions
--- a/roles/rabbitmq_cluster/tasks/apps.yml
+++ b/roles/rabbitmq_cluster/tasks/apps.yml
@ -126,3 +126,110 @@
  vars:
     username: koji-centos{{ env_suffix }}
 # CENTOS KOJI END
 # CENTOS ODCS BEGIN
 - name: Configure the centos-odcs virtual host
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  rabbitmq_vhost:
    name: /centos-odcs
    state: present
  tags:
  - centos-odcs
 - name: Configure the HA policy for the centos-odcs queues
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  rabbitmq_policy:
    name: HA
    apply_to: queues
    pattern: .*
    tags:
      ha-mode: all
      ha-sync-mode: automatic  # Auto sync queues to new cluster members
      ha-sync-batch-size: 10000  # Larger is faster, but must finish in 1 net_ticktime
    vhost: /centos-odcs
  tags:
  - centos-odcs
 - name: Add a policy to limit queues to 1GB and remove after a month of no use
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  rabbitmq_policy:
    apply_to: queues
    name: pubsub_sweeper
    state: present
    pattern: ".*"
    tags:
      # Unused queues are killed after 1000 * 60 * 60 * 31 milliseconds (~a month)
      expires: 111600000
      # Queues can use at most 1GB of storage
      max-length-bytes: 1073741824
    vhost: /centos-odcs
  tags:
  - centos-odcs
 - name: Create the centos-odcs-admin user for the centos-odcs vhost (prod)
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  rabbitmq_user:
    user: centos-odcs-admin
    password: "{{ (env == 'production')|ternary(rabbitmq_centos-odcs_admin_password_production, rabbitmq_centos-odcs_admin_password_staging) }}"
    vhost: /centos-odcs
    configure_priv: .*
    read_priv: .*
    write_priv: .*
  tags:
  - centos-odcs
 - name: Dump the admin password in a file for administrative operations
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  copy:
    dest: /root/.centos-odcs-rabbitmqpass
    content: "{{ (env == 'production')|ternary(rabbitmq_centos-odcs_admin_password_production, rabbitmq_centos-odcs_admin_password_staging) }}"
    mode: 0600
    owner: root
    group: root
  tags:
  - centos-odcs
 - name: Grant the admin user access to the centos-odcs vhost
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  rabbitmq_user:
    user: admin
    vhost: /centos-odcs
    configure_priv: .*
    read_priv: .*
    write_priv: .*
    tags: administrator
  tags:
  - centos-odcs
 - name: Grant the nagios-monitoring user access to the centos-odcs vhost
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  rabbitmq_user:
    user: nagios-monitoring
    vhost: /centos-odcs
    configure_priv: "^$"
    read_priv: "^$"
    write_priv: "^$"
    tags: monitoring
  tags:
  - centos-odcs
 - name: Create a user for centos-odcs access
  run_once: true
  delegate_to: "rabbitmq01.iad2.fedoraproject.org"
  rabbitmq_user:
    user: "centos-odcs-private-queue{{ env_suffix }}"
    vhost: /centos-odcs
    configure_priv: .*
    write_priv: .*
    read_priv: .*
    state: present
  tags:
  - centos-odcs
 # CENTOS ODCS END