opendev/system-config
Code Issues Proposed changes

Merge "Revert "Revert "Add Zookeeper TLS support"""

Browse Source
This commit is contained in:
Zuul 2020-07-16 19:43:48 +00:00 committed by Gerrit Code Review
commit 33a87d7989
4 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
playbooks/roles/nodepool-base/library/make_nodepool_zk_hosts.py
View File

@ -31,7 +31,7 @@ def main():
for host in p['zk_group']:
zk_hosts.append(dict(
host=p['hostvars'][host]['ansible_host'],
port=2181
port=2281
))
module.exit_json(hosts=zk_hosts, changed=True)
except Exception as e:

4
playbooks/roles/nodepool-base/tasks/main.yaml
View File

@ -71,6 +71,10 @@
vars:
new_config:
zookeeper-servers: '{{ zk_hosts.hosts }}'
zookeeper-tls:
cert: "/etc/nodepool/certs/cert.pem"
key: "/etc/nodepool/keys/key.pem"
ca: "/etc/nodepool/certs/cacert.pem"
set_fact:
nodepool_config: "{{ nodepool_config | combine(new_config) }}"

5
playbooks/roles/zuul/templates/zuul.conf.j2
View File

@ -28,8 +28,11 @@ relative_priority=true
user=zuul
[zookeeper]
hosts={% for host in groups['zookeeper'] %}{{ (hostvars[host].public_v4) }}:2181{% if not loop.last %},{% endif %}{% endfor %}
hosts={% for host in groups['zookeeper'] %}{{ (hostvars[host].public_v4) }}:2281{% if not loop.last %},{% endif %}{% endfor %}
tls_cert=/etc/zuul/certs/cert.pem
tls_key=/etc/zuul/keys/key.pem
tls_ca=/etc/zuul/certs/cacert.pem
session_timeout=40
[statsd]

2
testinfra/test_zookeeper.py
View File

@ -22,7 +22,7 @@ def test_id_file(host):
assert myid.content == b'1\n'
def test_zk_listening(host):
zk = host.socket("tcp://0.0.0.0:2181")
zk = host.socket("tcp://0.0.0.0:2281")
assert zk.is_listening
def test_zk_listening_ssl(host):