From f902cd14fac7de4c4c9f7d019191268a6b4e9601 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Thu, 12 Apr 2018 22:32:58 -0500
Subject: [PATCH] RabbitMQ: recover from full cluster restart
This PS updates the RabbitMQ chart to name nodes via their hostnames
rather than IPs - allowing the cluster (and single nodes) to be
restarted without impact.
Additionally the rabbitmq managment interface is exposed and basic
helm tests have been added.
Change-Id: I84857d9f3697eaa8491aafaf6ee3b9d47dbf2191
---
.../templates/bin/_rabbitmq-liveness.sh.tpl | 2 +
.../templates/bin/_rabbitmq-readiness.sh.tpl | 2 +
rabbitmq/templates/bin/_rabbitmq-test.sh.tpl | 77 +++++++++++++++++++
rabbitmq/templates/configmap-bin.yaml | 2 +
rabbitmq/templates/configmap-etc.yaml | 19 ++---
rabbitmq/templates/ingress-management.yaml | 25 ++++++
.../prometheus/exporter-deployment.yaml | 28 +++----
.../prometheus/exporter-service.yaml | 4 +-
rabbitmq/templates/pod-test.yaml | 55 +++++++++++++
rabbitmq/templates/service-discovery.yaml | 39 ++++++++++
.../templates/service-ingress-management.yaml | 25 ++++++
rabbitmq/templates/service.yaml | 2 +
rabbitmq/templates/statefulset.yaml | 46 +++++++----
.../_to_rabbit_config.tpl} | 2 +-
rabbitmq/values.yaml | 41 +++++++++-
15 files changed, 320 insertions(+), 49 deletions(-)
create mode 100644 rabbitmq/templates/bin/_rabbitmq-test.sh.tpl
create mode 100644 rabbitmq/templates/ingress-management.yaml
create mode 100644 rabbitmq/templates/pod-test.yaml
create mode 100644 rabbitmq/templates/service-discovery.yaml
create mode 100644 rabbitmq/templates/service-ingress-management.yaml
rename rabbitmq/templates/{_helpers.tpl => utils/_to_rabbit_config.tpl} (95%)
diff --git a/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl b/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl
index 4943ef54ef..2f30aa4373 100644
--- a/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl
+++ b/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl
@@ -16,4 +16,6 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
+set -e
+
exec rabbitmqctl status
diff --git a/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl b/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl
index 4943ef54ef..2f30aa4373 100644
--- a/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl
+++ b/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl
@@ -16,4 +16,6 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
+set -e
+
exec rabbitmqctl status
diff --git a/rabbitmq/templates/bin/_rabbitmq-test.sh.tpl b/rabbitmq/templates/bin/_rabbitmq-test.sh.tpl
new file mode 100644
index 0000000000..04b2f0c451
--- /dev/null
+++ b/rabbitmq/templates/bin/_rabbitmq-test.sh.tpl
@@ -0,0 +1,77 @@
+#!/bin/bash
+
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -e
+
+# Extract connection details
+RABBIT_HOSTNAME=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $2}' \
+ | awk -F'[:/]' '{print $1}'`
+RABBIT_PORT=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $2}' \
+ | awk -F'[:/]' '{print $2}'`
+
+# Extract Admin User creadential
+RABBITMQ_ADMIN_USERNAME=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $1}' \
+ | awk -F'[//:]' '{print $4}'`
+RABBITMQ_ADMIN_PASSWORD=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $1}' \
+ | awk -F'[//:]' '{print $5}'`
+
+function rabbit_find_paritions () {
+ PARTITIONS=$(rabbitmqadmin \
+ --host="${RABBIT_HOSTNAME}" \
+ --port="${RABBIT_PORT}" \
+ --username="${RABBITMQ_ADMIN_USERNAME}" \
+ --password="${RABBITMQ_ADMIN_PASSWORD}" \
+ list nodes -f raw_json | \
+ python -c "import json,sys;
+obj=json.load(sys.stdin);
+for num, node in enumerate(obj):
+ print node['partitions'];")
+
+ for PARTITION in ${PARTITIONS}; do
+ if [[ $PARTITION != '[]' ]]; then
+ echo "Cluster partition found"
+ exit 1
+ fi
+ done
+ echo "No cluster partitions found"
+}
+# Check no nodes report cluster partitioning
+rabbit_find_paritions
+
+function rabbit_check_users_match () {
+ # Check users match on all nodes
+ NODES=$(rabbitmqadmin \
+ --host="${RABBIT_HOSTNAME}" \
+ --port="${RABBIT_PORT}" \
+ --username="${RABBITMQ_ADMIN_USERNAME}" \
+ --password="${RABBITMQ_ADMIN_PASSWORD}" \
+ list nodes -f bash)
+ USER_LIST=$(mktemp --directory)
+ for NODE in ${NODES}; do
+ rabbitmqadmin \
+ --host=${NODE#*@} \
+ --port="${RABBIT_PORT}" \
+ --username="${RABBITMQ_ADMIN_USERNAME}" \
+ --password="${RABBITMQ_ADMIN_PASSWORD}" \
+ list users -f bash > ${USER_LIST}/${NODE#*@}
+ done
+ cd ${USER_LIST}; diff -q --from-file $(ls ${USER_LIST})
+ echo "User lists match for all nodes"
+}
+# Check users match on all nodes
+rabbit_check_users_match
diff --git a/rabbitmq/templates/configmap-bin.yaml b/rabbitmq/templates/configmap-bin.yaml
index 600f523578..743e3077ce 100644
--- a/rabbitmq/templates/configmap-bin.yaml
+++ b/rabbitmq/templates/configmap-bin.yaml
@@ -22,6 +22,8 @@ kind: ConfigMap
metadata:
name: {{ printf "%s-%s" $envAll.Release.Name "rabbitmq-bin" | quote }}
data:
+ rabbitmq-test.sh: |
+{{ tuple "bin/_rabbitmq-test.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbitmq-liveness.sh: |
{{ tuple "bin/_rabbitmq-liveness.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbitmq-readiness.sh: |
diff --git a/rabbitmq/templates/configmap-etc.yaml b/rabbitmq/templates/configmap-etc.yaml
index 8f329b8f94..5eef45aff3 100644
--- a/rabbitmq/templates/configmap-etc.yaml
+++ b/rabbitmq/templates/configmap-etc.yaml
@@ -17,20 +17,17 @@ limitations under the License.
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
-{{- if empty .Values.conf.rabbitmq.cluster_formation.k8s.service_name -}}
-{{- tuple "oslo_messaging" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" | set .Values.conf.rabbitmq.cluster_formation.k8s "service_name" | quote | trunc 0 -}}
-{{- end -}}
-{{- if empty .Values.conf.rabbitmq.cluster_formation.k8s.host -}}
-{{- print "kubernetes.default.svc." .Values.endpoints.cluster_domain_suffix | set .Values.conf.rabbitmq.cluster_formation.k8s "host" | quote | trunc 0 -}}
+{{- if empty $envAll.Values.conf.rabbitmq.cluster_formation.k8s.host -}}
+{{- print "kubernetes.default.svc." $envAll.Values.endpoints.cluster_domain_suffix | set $envAll.Values.conf.rabbitmq.cluster_formation.k8s "host" | quote | trunc 0 -}}
{{- end -}}
-{{- print "0.0.0.0:" ( tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup") | set .Values.conf.rabbitmq.listeners.tcp "1" | quote | trunc 0 -}}
+{{- print "0.0.0.0:" ( tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup") | set $envAll.Values.conf.rabbitmq.listeners.tcp "1" | quote | trunc 0 -}}
-{{- if empty .Values.conf.rabbitmq.default_user -}}
-{{- set .Values.conf.rabbitmq "default_user" .Values.endpoints.oslo_messaging.auth.user.username | quote | trunc 0 -}}
+{{- if empty $envAll.Values.conf.rabbitmq.default_user -}}
+{{- set $envAll.Values.conf.rabbitmq "default_user" $envAll.Values.endpoints.oslo_messaging.auth.user.username | quote | trunc 0 -}}
{{- end -}}
-{{- if empty .Values.conf.rabbitmq.default_pass -}}
-{{- set .Values.conf.rabbitmq "default_pass" .Values.endpoints.oslo_messaging.auth.user.password | quote | trunc 0 -}}
+{{- if empty $envAll.Values.conf.rabbitmq.default_pass -}}
+{{- set $envAll.Values.conf.rabbitmq "default_pass" $envAll.Values.endpoints.oslo_messaging.auth.user.password | quote | trunc 0 -}}
{{- end -}}
---
@@ -42,5 +39,5 @@ data:
enabled_plugins: |
{{ tuple "etc/_enabled_plugins.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbitmq.conf: |
-{{ include "rabbitmq.to_rabbit_config" .Values.conf.rabbitmq | indent 4 }}
+{{ include "rabbitmq.utils.to_rabbit_config" $envAll.Values.conf.rabbitmq | indent 4 }}
{{ end }}
diff --git a/rabbitmq/templates/ingress-management.yaml b/rabbitmq/templates/ingress-management.yaml
new file mode 100644
index 0000000000..cdd2c925d8
--- /dev/null
+++ b/rabbitmq/templates/ingress-management.yaml
@@ -0,0 +1,25 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if and .Values.manifests.ingress_management .Values.network.management.ingress.public }}
+{{- $envAll := . }}
+{{- if empty $envAll.Values.endpoints.oslo_messaging.hosts.public }}
+{{- $service_public_name := .Release.Name | trunc 12 }}
+{{- $_ := set $envAll.Values.endpoints.oslo_messaging.hosts "public" ( printf "%s-%s-%s" $service_public_name "mgr" ( $service_public_name | sha256sum | trunc 6 )) }}
+{{- end }}
+{{- $ingressOpts := dict "envAll" . "backendService" "management" "backendServiceType" "oslo_messaging" "backendPort" "http" -}}
+{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
+{{- end }}
diff --git a/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml b/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml
index 5767cd54a8..6cb2e27ba9 100644
--- a/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml
+++ b/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml
@@ -16,7 +16,7 @@ limitations under the License.
{{- if and .Values.manifests.monitoring.prometheus.deployment_exporter .Values.monitoring.prometheus.enabled }}
{{- $envAll := . }}
-{{- $dependencies := .Values.dependencies.static.prometheus_rabbitmq_exporter }}
+{{- $dependencies := $envAll.Values.dependencies.static.prometheus_rabbitmq_exporter }}
{{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "rabbitmq-exporter" }}
{{ tuple $envAll $dependencies $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -26,41 +26,41 @@ kind: Deployment
metadata:
name: {{ $rcControllerName | quote }}
spec:
- replicas: {{ .Values.pod.replicas.prometheus_rabbitmq_exporter }}
+ replicas: {{ $envAll.Values.pod.replicas.prometheus_rabbitmq_exporter }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "prometheus_rabbitmq_exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- namespace: {{ .Values.endpoints.prometheus_rabbitmq_exporter.namespace }}
+ namespace: {{ $envAll.Values.endpoints.prometheus_rabbitmq_exporter.namespace }}
spec:
serviceAccountName: {{ $rcControllerName | quote }}
nodeSelector:
- {{ .Values.labels.prometheus_rabbitmq_exporter.node_selector_key }}: {{ .Values.labels.prometheus_rabbitmq_exporter.node_selector_value }}
- terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.prometheus_rabbitmq_exporter.timeout | default "30" }}
+ {{ $envAll.Values.labels.prometheus_rabbitmq_exporter.node_selector_key }}: {{ $envAll.Values.labels.prometheus_rabbitmq_exporter.node_selector_value }}
+ terminationGracePeriodSeconds: {{ $envAll.Values.pod.lifecycle.termination_grace_period.prometheus_rabbitmq_exporter.timeout | default "30" }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: rabbitmq-exporter
- image: {{ .Values.images.tags.prometheus_rabbitmq_exporter }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
+ image: {{ $envAll.Values.images.tags.prometheus_rabbitmq_exporter }}
+ imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.prometheus_rabbitmq_exporter | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
ports:
- name: metrics
- containerPort: {{ .Values.network.prometheus_rabbitmq_exporter.port }}
+ containerPort: {{ $envAll.Values.network.prometheus_rabbitmq_exporter.port }}
env:
- name: RABBIT_URL
value: http://{{ tuple "oslo_messaging" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}:15672
- name: RABBIT_USER
- value: {{ .Values.endpoints.oslo_messaging.auth.user.username | quote }}
+ value: {{ $envAll.Values.endpoints.oslo_messaging.auth.user.username | quote }}
- name: RABBIT_PASSWORD
- value: {{ .Values.endpoints.oslo_messaging.auth.user.password | quote }}
+ value: {{ $envAll.Values.endpoints.oslo_messaging.auth.user.password | quote }}
- name: RABBIT_CAPABILITIES
- value: {{ tuple .Values.conf.prometheus_exporter.capabilities $envAll | include "helm-toolkit.utils.joinListWithComma" | quote }}
+ value: {{ tuple $envAll.Values.conf.prometheus_exporter.capabilities $envAll | include "helm-toolkit.utils.joinListWithComma" | quote }}
- name: PUBLISH_PORT
- value: {{ .Values.network.prometheus_rabbitmq_exporter.port | quote }}
+ value: {{ $envAll.Values.network.prometheus_rabbitmq_exporter.port | quote }}
- name: LOG_LEVEL
- value: {{ .Values.conf.prometheus_exporter.log_level | quote }}
+ value: {{ $envAll.Values.conf.prometheus_exporter.log_level | quote }}
- name: SKIPVERIFY
- value: {{ .Values.conf.prometheus_exporter.skipverify | quote }}
+ value: {{ $envAll.Values.conf.prometheus_exporter.skipverify | quote }}
{{- end }}
diff --git a/rabbitmq/templates/monitoring/prometheus/exporter-service.yaml b/rabbitmq/templates/monitoring/prometheus/exporter-service.yaml
index fbcc21f227..f49a126748 100644
--- a/rabbitmq/templates/monitoring/prometheus/exporter-service.yaml
+++ b/rabbitmq/templates/monitoring/prometheus/exporter-service.yaml
@@ -25,13 +25,13 @@ metadata:
labels:
{{ tuple $envAll "prometheus_rabbitmq_exporter" "metrics" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
annotations:
-{{- if .Values.monitoring.prometheus.enabled }}
+{{- if $envAll.Values.monitoring.prometheus.enabled }}
{{ tuple $prometheus_annotations | include "helm-toolkit.snippets.prometheus_service_annotations" | indent 4 }}
{{- end }}
spec:
ports:
- name: metrics
- port: {{ .Values.network.prometheus_rabbitmq_exporter.port }}
+ port: {{ $envAll.Values.network.prometheus_rabbitmq_exporter.port }}
selector:
{{ tuple $envAll "prometheus_rabbitmq_exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{- end }}
diff --git a/rabbitmq/templates/pod-test.yaml b/rabbitmq/templates/pod-test.yaml
new file mode 100644
index 0000000000..b47678ba85
--- /dev/null
+++ b/rabbitmq/templates/pod-test.yaml
@@ -0,0 +1,55 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.pod_test }}
+{{- $envAll := . }}
+{{- $dependencies := $envAll.Values.dependencies.static.tests }}
+
+{{- $serviceAccountName := print .Release.Name "-test" }}
+{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: v1
+kind: Pod
+metadata:
+ name: "{{.Release.Name}}-test"
+ annotations:
+ "helm.sh/hook": test-success
+spec:
+ serviceAccountName: {{ $serviceAccountName }}
+ nodeSelector:
+ {{ $envAll.Values.labels.test.node_selector_key }}: {{ $envAll.Values.labels.test.node_selector_value }}
+ restartPolicy: Never
+ initContainers:
+{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+ containers:
+ - name: {{.Release.Name}}-rabbitmq-test
+ image: {{ $envAll.Values.images.tags.scripted_test }}
+ env:
+ - name: RABBITMQ_ADMIN_CONNECTION
+ value: "{{ tuple "oslo_messaging" "internal" "user" "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}"
+ command:
+ - /tmp/rabbitmq-test.sh
+ volumeMounts:
+ - name: rabbitmq-bin
+ mountPath: /tmp/rabbitmq-test.sh
+ subPath: rabbitmq-test.sh
+ readOnly: true
+ volumes:
+ - name: rabbitmq-bin
+ configMap:
+ name: {{ printf "%s-%s" $envAll.Release.Name "rabbitmq-bin" | quote }}
+ defaultMode: 0555
+{{- end }}
diff --git a/rabbitmq/templates/service-discovery.yaml b/rabbitmq/templates/service-discovery.yaml
new file mode 100644
index 0000000000..54c16f27e7
--- /dev/null
+++ b/rabbitmq/templates/service-discovery.yaml
@@ -0,0 +1,39 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.service_discovery }}
+{{- $envAll := . }}
+{{- if empty $envAll.Values.endpoints.oslo_messaging.hosts.discovery }}
+{{- $service_discovery_name := .Release.Name | trunc 12 }}
+{{- $_ := set $envAll.Values.endpoints.oslo_messaging.hosts "discovery" ( printf "%s-%s-%s" $service_discovery_name "dsv" ( $service_discovery_name | sha256sum | trunc 6 )) }}
+{{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "oslo_messaging" "discovery" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - port: {{ tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ name: amqp
+ - port: {{ add (tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup") 20000 }}
+ name: clustering
+ - port: {{ tuple "oslo_messaging" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ name: http
+ clusterIP: None
+ selector:
+{{ tuple $envAll "rabbitmq" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+{{ end }}
diff --git a/rabbitmq/templates/service-ingress-management.yaml b/rabbitmq/templates/service-ingress-management.yaml
new file mode 100644
index 0000000000..deca9b9901
--- /dev/null
+++ b/rabbitmq/templates/service-ingress-management.yaml
@@ -0,0 +1,25 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if and .Values.manifests.service_ingress_management .Values.network.management.ingress.public }}
+{{- $envAll := . }}
+{{- if empty $envAll.Values.endpoints.oslo_messaging.hosts.public }}
+{{- $service_public_name := .Release.Name | trunc 12 }}
+{{- $_ := set $envAll.Values.endpoints.oslo_messaging.hosts "public" ( printf "%s-%s-%s" $service_public_name "mgr" ( $service_public_name | sha256sum | trunc 6 )) }}
+{{- end }}
+{{- $serviceIngressOpts := dict "envAll" . "backendService" "management" "backendServiceType" "oslo_messaging" "backendPort" "http" -}}
+{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
+{{- end }}
diff --git a/rabbitmq/templates/service.yaml b/rabbitmq/templates/service.yaml
index e9ba424ceb..262226e4bd 100644
--- a/rabbitmq/templates/service.yaml
+++ b/rabbitmq/templates/service.yaml
@@ -25,6 +25,8 @@ spec:
ports:
- port: {{ tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
name: amqp
+ - port: {{ add (tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup") 20000 }}
+ name: clustering
- port: {{ tuple "oslo_messaging" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
name: http
selector:
diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml
index c18cf41b42..e2935e9a70 100644
--- a/rabbitmq/templates/statefulset.yaml
+++ b/rabbitmq/templates/statefulset.yaml
@@ -16,7 +16,12 @@ limitations under the License.
{{- if .Values.manifests.statefulset }}
{{- $envAll := . }}
-{{- $dependencies := .Values.dependencies.static.rabbitmq }}
+{{- if empty $envAll.Values.endpoints.oslo_messaging.hosts.discovery }}
+{{- $service_discovery_name := .Release.Name | trunc 12 }}
+{{- $_ := set $envAll.Values.endpoints.oslo_messaging.hosts "discovery" ( printf "%s-%s-%s" $service_discovery_name "dsv" ( $service_discovery_name | sha256sum | trunc 6 )) }}
+{{- end }}
+
+{{- $dependencies := $envAll.Values.dependencies.static.rabbitmq }}
{{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "rabbitmq" }}
{{ tuple $envAll $dependencies $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -58,8 +63,8 @@ kind: StatefulSet
metadata:
name: {{ $rcControllerName | quote }}
spec:
- serviceName: {{ tuple "oslo_messaging" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
- replicas: {{ .Values.pod.replicas.server }}
+ serviceName: {{ tuple "oslo_messaging" "discovery" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ replicas: {{ $envAll.Values.pod.replicas.server }}
template:
metadata:
labels:
@@ -72,13 +77,13 @@ spec:
affinity:
{{ tuple $envAll "rabbitmq" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
- {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }}
+ {{ $envAll.Values.labels.server.node_selector_key }}: {{ $envAll.Values.labels.server.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-{{- if .Values.volume.chown_on_start }}
+{{- if $envAll.Values.volume.chown_on_start }}
- name: rabbitmq-perms
- image: {{ .Values.images.tags.rabbitmq }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
+ image: {{ $envAll.Values.images.tags.rabbitmq }}
+ imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
securityContext:
runAsUser: 0
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
@@ -93,7 +98,7 @@ spec:
{{- end }}
containers:
- name: rabbitmq
- image: {{ .Values.images.tags.rabbitmq }}
+ image: {{ $envAll.Values.images.tags.rabbitmq }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/rabbitmq-start.sh
@@ -104,19 +109,26 @@ spec:
- name: amqp
protocol: TCP
containerPort: {{ tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ - name: clustering
+ protocol: TCP
+ containerPort: {{ add (tuple "oslo_messaging" "internal" "amqp" . | include "helm-toolkit.endpoints.endpoint_port_lookup") 20000 }}
env:
- - name: MY_POD_IP
+ - name: MY_POD_NAME
valueFrom:
fieldRef:
- fieldPath: status.podIP
+ fieldPath: metadata.name
- name: RABBITMQ_USE_LONGNAME
value: "true"
- name: RABBITMQ_NODENAME
- value: "rabbit@$(MY_POD_IP)"
+ value: "rabbit@$(MY_POD_NAME).{{ tuple "oslo_messaging" "discovery" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}"
- name: K8S_SERVICE_NAME
- value: {{ tuple "oslo_messaging" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" | quote }}
+ value: {{ tuple "oslo_messaging" "discovery" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ # NOTE(portdirect): We use the discovery fqdn here, as we resolve
+ # nodes via their pods hostname/nodename
+ - name: K8S_HOSTNAME_SUFFIX
+ value: ".{{ tuple "oslo_messaging" "discovery" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}"
- name: RABBITMQ_ERLANG_COOKIE
- value: "{{ .Values.endpoints.oslo_messaging.auth.erlang_cookie }}"
+ value: "{{ $envAll.Values.endpoints.oslo_messaging.auth.erlang_cookie }}"
readinessProbe:
initialDelaySeconds: 10
timeoutSeconds: 10
@@ -151,11 +163,11 @@ spec:
configMap:
name: {{ printf "%s-%s" $envAll.Release.Name "rabbitmq-etc" | quote }}
defaultMode: 0444
- {{- if not .Values.volume.enabled }}
+ {{- if not $envAll.Values.volume.enabled }}
- name: rabbitmq-data
emptyDir: {}
{{- end }}
-{{- if .Values.volume.enabled }}
+{{- if $envAll.Values.volume.enabled }}
volumeClaimTemplates:
- metadata:
name: rabbitmq-data
@@ -163,7 +175,7 @@ spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
- storage: {{ .Values.volume.size }}
- storageClassName: {{ .Values.volume.class_name }}
+ storage: {{ $envAll.Values.volume.size }}
+ storageClassName: {{ $envAll.Values.volume.class_name }}
{{- end }}
{{ end }}
diff --git a/rabbitmq/templates/_helpers.tpl b/rabbitmq/templates/utils/_to_rabbit_config.tpl
similarity index 95%
rename from rabbitmq/templates/_helpers.tpl
rename to rabbitmq/templates/utils/_to_rabbit_config.tpl
index c62b49950d..fb90bd1728 100644
--- a/rabbitmq/templates/_helpers.tpl
+++ b/rabbitmq/templates/utils/_to_rabbit_config.tpl
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- define "rabbitmq.to_rabbit_config" -}}
+{{- define "rabbitmq.utils.to_rabbit_config" -}}
{{- range $top_key, $top_value := . }}
{{- if kindIs "map" $top_value -}}
{{- range $second_key, $second_value := . }}
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
index 64187d66cf..023c25e430 100644
--- a/rabbitmq/values.yaml
+++ b/rabbitmq/values.yaml
@@ -24,13 +24,17 @@ labels:
prometheus_rabbitmq_exporter:
node_selector_key: openstack-control-plane
node_selector_value: enabled
+ test:
+ node_selector_key: openstack-control-plane
+ node_selector_value: enabled
images:
tags:
prometheus_rabbitmq_exporter: docker.io/kbudde/rabbitmq-exporter:v0.21.0
prometheus_rabbitmq_exporter_helm_tests: docker.io/openstackhelm/heat:newton
- rabbitmq: docker.io/rabbitmq:3.7.3
+ rabbitmq: docker.io/rabbitmq:3.7.4
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.0
+ scripted_test: docker.io/rabbitmq:3.7.4-management
pull_policy: "IfNotPresent"
pod:
@@ -94,15 +98,15 @@ conf:
rabbitmq:
listeners:
tcp:
- #NOTE(portdirect): This is always defined via the endpoints section.
+ # NOTE(portdirect): This is always defined via the endpoints section.
1: null
cluster_formation:
peer_discovery_backend: rabbit_peer_discovery_k8s
k8s:
- address_type: ip
+ address_type: hostname
node_cleanup:
interval: "10"
- only_log_warning: "false"
+ only_log_warning: "true"
cluster_partition_handling: autoheal
queue_master_locator: min-masters
loopback_users.guest: "false"
@@ -121,6 +125,10 @@ dependencies:
service: monitoring
rabbitmq:
jobs: null
+ tests:
+ services:
+ - endpoint: internal
+ service: oslo_messaging
monitoring:
prometheus:
@@ -129,6 +137,14 @@ monitoring:
scrape: true
network:
+ management:
+ ingress:
+ public: true
+ classes:
+ namespace: "nginx"
+ cluster: "nginx-cluster"
+ annotations:
+ nginx.ingress.kubernetes.io/rewrite-target: /
prometheus_rabbitmq_exporter:
port: 9095
@@ -161,15 +177,28 @@ endpoints:
password: password
hosts:
default: rabbitmq
+ # NOTE(portdirect): If left empty, the release name sha suffixed with dsv
+ # will be used for to produce a unique hostname for clustering
+ # and discovery.
+ discovery: null
+ # NOTE(portdirect): the public host is only used to the management WUI
+ # If left empty, the release name sha suffixed with mgr, will be used to
+ # produce an unique hostname.
+ public: null
host_fqdn_override:
default: null
path: /
scheme: rabbit
port:
+ clustering:
+ # NOTE(portdirect): the value for this port is driven by amqp+20000
+ # it should not be set manually.
+ default: null
amqp:
default: 5672
http:
default: 15672
+ public: 80
prometheus_rabbitmq_exporter:
namespace: null
hosts:
@@ -193,10 +222,14 @@ volume:
manifests:
configmap_bin: true
configmap_etc: true
+ ingress_management: true
+ pod_test: true
monitoring:
prometheus:
configmap_bin: true
deployment_exporter: true
service_exporter: true
+ service_discovery: true
+ service_ingress_management: true
service: true
statefulset: true