Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/playbooks/openshift-apps/messaging-bridges.yml
Aurélien Bompard 5c0ab4d9d0
Revert "messaging-bridge: leverage the rabbit/queue role and add monitoring to the queues" 
The messaging bridge queues have very specific setup, we can't use the
rabbit/queue role because it binds all queues to both amq.topic and
zmq.topic and we don't wan't that for the bridges.

This reverts commit 649eec104d.
2023-03-31 14:59:02 +02:00

159 lines
4.6 KiB
YAML
Raw Blame History

# Create the RabbitMQ users
- name: setup RabbitMQ
hosts: rabbitmq[0]:rabbitmq_stg[0]:rabbitmq01.iad2.fedoraproject.org
user: root
gather_facts: False
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
tasks:
- name: Create the RabbitMQ user
rabbitmq_user:
user: "messaging-bridge{{ env_suffix }}.fedoraproject.org"
vhost: /pubsub
read_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)"
write_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)"
configure_priv: "^$"
tags:
- config
- rabbitmq_cluster
- name: Create the RabbitMQ queue amqp_to_zmq
rabbitmq_queue:
name: amqp_to_zmq
vhost: /pubsub
login_user: admin
login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
tags:
- config
- rabbitmq_cluster
- name: Create the RabbitMQ queue for verify-missing
rabbitmq_queue:
name: amqp_bridge_verify_missing
vhost: /pubsub
durable: True
auto_delete: False
message_ttl: 60000
login_user: admin
login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
tags:
- config
- rabbitmq_cluster
- name: Create the amqp-to-zmq bindings
rabbitmq_binding:
name: amq.topic
destination: amqp_to_zmq
destination_type: queue
vhost: /pubsub
login_user: admin
login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
tags:
- config
- rabbitmq_cluster
- name: Create the verify-missing bindings
rabbitmq_binding:
name: "{{item}}"
destination: amqp_bridge_verify_missing
destination_type: queue
vhost: /pubsub
login_user: admin
login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
with_items:
- amq.topic
- zmq.topic
tags:
- config
- rabbitmq_cluster
# Now create the app
- name: make the app be real
hosts: os_control[0]:os_control_stg[0]
user: root
gather_facts: False
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- role: openshift/project
app: messaging-bridges
description: "ZeroMQ <-> AMQP bridges"
appowners:
- abompard
- kevin
tags:
- appowners
- role: openshift/secret-file
app: messaging-bridges
secret_name: fedmsg-key
key: fedmsg-fedmsg-migration-tools.key
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.key"
- role: openshift/secret-file
app: messaging-bridges
secret_name: fedmsg-cert
key: fedmsg-fedmsg-migration-tools.crt
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt"
- role: openshift/secret-file
app: messaging-bridges
secret_name: rabbitmq-ca
key: rabbitmq-ca.crt
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
- role: openshift/secret-file
app: messaging-bridges
secret_name: rabbitmq-key
key: rabbitmq-fedmsg-migration-tools.key
privatefile: "rabbitmq/{{env}}/pki/private/messaging-bridge{{env_suffix}}.fedoraproject.org.key"
- role: openshift/secret-file
app: messaging-bridges
secret_name: rabbitmq-cert
key: rabbitmq-fedmsg-migration-tools.crt
privatefile: "rabbitmq/{{env}}/pki/issued/messaging-bridge{{env_suffix}}.fedoraproject.org.crt"
- role: openshift/object
app: messaging-bridges
file: imagestream.yml
objectname: imagestream.yml
- role: openshift/object
app: messaging-bridges
template: buildconfig.yml
objectname: buildconfig.yml
- role: openshift/start-build
app: messaging-bridges
buildname: messaging-bridges-build
- role: openshift/object
app: messaging-bridges
template: configmap.yml
objectname: configmap.yml
- role: openshift/object
app: messaging-bridges
file: service.yml
objectname: service.yml
- role: openshift/object
app: messaging-bridges
file: deploymentconfig.yml
objectname: deploymentconfig.yml
- role: openshift/rollout
app: messaging-bridges
dcname: amqp-to-zmq
- role: openshift/rollout
app: messaging-bridges
dcname: zmq-to-amqp
- role: openshift/rollout
app: messaging-bridges
dcname: verify-missing
Reference in a new issue View git blame Copy permalink