diff --git a/openstack_operator/cinder.py b/openstack_operator/cinder.py index 7db9fb1d..070ba0bc 100644 --- a/openstack_operator/cinder.py +++ b/openstack_operator/cinder.py @@ -35,10 +35,7 @@ def create_or_resume(name, spec, **_): database.ensure_mysql_cluster("cinder", spec=spec["mysql"]) # deploy rabbitmq - if not utils.ensure_secret("openstack", "cinder-rabbitmq"): - utils.create_or_update('cinder/secret-rabbitmq.yml.j2', - password=utils.generate_password()) - utils.create_or_update('cinder/rabbitmq.yml.j2', spec=spec) + utils.deploy_rabbitmq("cinder") # deploy cinder config_hash = utils.generate_hash(spec) diff --git a/openstack_operator/heat.py b/openstack_operator/heat.py index edbfa149..098e360f 100644 --- a/openstack_operator/heat.py +++ b/openstack_operator/heat.py @@ -34,10 +34,7 @@ def create_or_resume(name, spec, **_): database.ensure_mysql_cluster("heat", spec=spec["mysql"]) # deploy rabbitmq - if not utils.ensure_secret("openstack", "heat-rabbitmq"): - utils.create_or_update('heat/secret-rabbitmq.yml.j2', - password=utils.generate_password()) - utils.create_or_update('heat/rabbitmq.yml.j2', spec=spec) + utils.deploy_rabbitmq("heat") # deploy heat config_hash = utils.generate_hash(spec) diff --git a/openstack_operator/magnum.py b/openstack_operator/magnum.py index aa00dd8e..ba509b42 100644 --- a/openstack_operator/magnum.py +++ b/openstack_operator/magnum.py @@ -36,10 +36,7 @@ def create_or_resume(name, spec, **_): database.ensure_mysql_cluster("magnum", spec=spec["mysql"]) # deploy rabbitmq - if not utils.ensure_secret("openstack", "magnum-rabbitmq"): - utils.create_or_update('magnum/secret-rabbitmq.yml.j2', - password=utils.generate_password()) - utils.create_or_update('magnum/rabbitmq.yml.j2', spec=spec) + utils.deploy_rabbitmq("magnum") # deploy magnum config_hash = utils.generate_hash(spec) diff --git a/openstack_operator/neutron.py b/openstack_operator/neutron.py index 65fac3fb..eebeaf1e 100644 --- a/openstack_operator/neutron.py +++ b/openstack_operator/neutron.py @@ -33,13 +33,9 @@ def create_or_resume(spec, **_): start the service up for the first time. """ - if not utils.ensure_secret("openstack", "neutron-rabbitmq"): - utils.create_or_update('neutron/secret-rabbitmq.yml.j2', - password=utils.generate_password()) - database.ensure_mysql_cluster("neutron", spec=spec["mysql"]) - utils.create_or_update('neutron/rabbitmq.yml.j2') + utils.deploy_rabbitmq("neutron") utils.create_or_update('neutron/daemonset-server.yml.j2', spec=spec) utils.create_or_update('neutron/daemonset-openvswitch-agent.yml.j2', spec=spec) diff --git a/openstack_operator/nova.py b/openstack_operator/nova.py index 1491c6d8..bc78a69e 100644 --- a/openstack_operator/nova.py +++ b/openstack_operator/nova.py @@ -55,11 +55,7 @@ def create_or_resume(spec, **_): # NOTE(mnaser): cell0 does not need a message queue if cell != 'cell0': - if not utils.ensure_secret("openstack", "nova-%s-rabbitmq" % cell): - utils.create_or_update('nova/secret-rabbitmq.yml.j2', - component=cell, - password=utils.generate_password()) - utils.create_or_update('nova/rabbitmq.yml.j2', component=cell) + utils.deploy_rabbitmq("nova-%s" % cell) utils.create_or_update('nova/conductor/daemonset.yml.j2', spec=spec) utils.create_or_update('nova/scheduler/daemonset.yml.j2', spec=spec) diff --git a/openstack_operator/templates/cinder/rabbitmq.yml.j2 b/openstack_operator/templates/cinder/rabbitmq.yml.j2 deleted file mode 100644 index 25e9cab2..00000000 --- a/openstack_operator/templates/cinder/rabbitmq.yml.j2 +++ /dev/null @@ -1,27 +0,0 @@ ---- -# Copyright 2020 VEXXHOST, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: infrastructure.vexxhost.cloud/v1alpha1 -kind: Rabbitmq -metadata: - name: cinder - namespace: openstack -spec: - authSecret: cinder-rabbitmq - nodeSelector: - node-role.kubernetes.io/master: "" - tolerations: - - key: node-role.kubernetes.io/master - effect: NoSchedule \ No newline at end of file diff --git a/openstack_operator/templates/cinder/secret-rabbitmq.yml.j2 b/openstack_operator/templates/cinder/secret-rabbitmq.yml.j2 deleted file mode 100644 index dafcfb75..00000000 --- a/openstack_operator/templates/cinder/secret-rabbitmq.yml.j2 +++ /dev/null @@ -1,9 +0,0 @@ - -apiVersion: v1 -metadata: - name: cinder-rabbitmq - namespace: openstack -stringData: - username: cinder - password: {{ password }} -kind: Secret diff --git a/openstack_operator/templates/heat/rabbitmq.yml.j2 b/openstack_operator/templates/heat/rabbitmq.yml.j2 deleted file mode 100644 index cbbb5d50..00000000 --- a/openstack_operator/templates/heat/rabbitmq.yml.j2 +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Copyright 2020 VEXXHOST, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: infrastructure.vexxhost.cloud/v1alpha1 -kind: Rabbitmq -metadata: - name: heat - namespace: openstack -spec: - authSecret: heat-rabbitmq -{% if 'nodeSelector' in spec %} - nodeSelector: - {{ spec.nodeSelector | to_yaml | indent(4) }} -{% endif %} -{% if 'tolerations' in spec %} - tolerations: - {{ spec.tolerations | to_yaml | indent(4) }} -{% endif %} diff --git a/openstack_operator/templates/heat/secret-rabbitmq.yml.j2 b/openstack_operator/templates/heat/secret-rabbitmq.yml.j2 deleted file mode 100644 index 06945491..00000000 --- a/openstack_operator/templates/heat/secret-rabbitmq.yml.j2 +++ /dev/null @@ -1,9 +0,0 @@ - -apiVersion: v1 -metadata: - name: heat-rabbitmq - namespace: openstack -stringData: - username: heat - password: {{ password }} -kind: Secret diff --git a/openstack_operator/templates/magnum/rabbitmq.yml.j2 b/openstack_operator/templates/magnum/rabbitmq.yml.j2 deleted file mode 100644 index 4a24208a..00000000 --- a/openstack_operator/templates/magnum/rabbitmq.yml.j2 +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Copyright 2020 VEXXHOST, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: infrastructure.vexxhost.cloud/v1alpha1 -kind: Rabbitmq -metadata: - name: magnum - namespace: openstack -spec: - authSecret: magnum-rabbitmq -{% if 'nodeSelector' in spec %} - nodeSelector: - {{ spec.nodeSelector | to_yaml | indent(4) }} -{% endif %} -{% if 'tolerations' in spec %} - tolerations: - {{ spec.tolerations | to_yaml | indent(4) }} -{% endif %} diff --git a/openstack_operator/templates/magnum/secret-rabbitmq.yml.j2 b/openstack_operator/templates/magnum/secret-rabbitmq.yml.j2 deleted file mode 100644 index fa387ba0..00000000 --- a/openstack_operator/templates/magnum/secret-rabbitmq.yml.j2 +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -metadata: - name: magnum-rabbitmq - namespace: openstack -stringData: - username: magnum - password: {{ password }} -kind: Secret \ No newline at end of file diff --git a/openstack_operator/templates/neutron/secret-rabbitmq.yml.j2 b/openstack_operator/templates/neutron/secret-rabbitmq.yml.j2 deleted file mode 100644 index 7df70b53..00000000 --- a/openstack_operator/templates/neutron/secret-rabbitmq.yml.j2 +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -metadata: - name: neutron-rabbitmq - namespace: openstack - labels: - {{ labels("neutron") | indent(4) }} -stringData: - username: neutron - password: {{ password }} -kind: Secret diff --git a/openstack_operator/templates/nova/rabbitmq.yml.j2 b/openstack_operator/templates/nova/rabbitmq.yml.j2 deleted file mode 100644 index c9c39fd8..00000000 --- a/openstack_operator/templates/nova/rabbitmq.yml.j2 +++ /dev/null @@ -1,29 +0,0 @@ ---- -# Copyright 2020 VEXXHOST, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: infrastructure.vexxhost.cloud/v1alpha1 -kind: Rabbitmq -metadata: - name: nova-{{ component }} - namespace: openstack - labels: - {{ labels("nova", component=component) | indent(4) }} -spec: - authSecret: nova-{{ component }}-rabbitmq - nodeSelector: - node-role.kubernetes.io/master: "" - tolerations: - - key: node-role.kubernetes.io/master - effect: NoSchedule diff --git a/openstack_operator/templates/neutron/rabbitmq.yml.j2 b/openstack_operator/templates/operator/rabbitmq.yml.j2 similarity index 90% rename from openstack_operator/templates/neutron/rabbitmq.yml.j2 rename to openstack_operator/templates/operator/rabbitmq.yml.j2 index e76dd52a..6186c655 100644 --- a/openstack_operator/templates/neutron/rabbitmq.yml.j2 +++ b/openstack_operator/templates/operator/rabbitmq.yml.j2 @@ -16,12 +16,12 @@ apiVersion: infrastructure.vexxhost.cloud/v1alpha1 kind: Rabbitmq metadata: - name: neutron + name: {{ name }} namespace: openstack labels: - {{ labels("neutron") | indent(4) }} + {{ labels(name) | indent(4) }} spec: - authSecret: neutron-rabbitmq + authSecret: {{ name }}-rabbitmq nodeSelector: node-role.kubernetes.io/master: "" tolerations: diff --git a/openstack_operator/templates/nova/secret-rabbitmq.yml.j2 b/openstack_operator/templates/operator/secret-rabbitmq.yml.j2 similarity index 82% rename from openstack_operator/templates/nova/secret-rabbitmq.yml.j2 rename to openstack_operator/templates/operator/secret-rabbitmq.yml.j2 index d24a09f7..faf3284a 100644 --- a/openstack_operator/templates/nova/secret-rabbitmq.yml.j2 +++ b/openstack_operator/templates/operator/secret-rabbitmq.yml.j2 @@ -15,11 +15,9 @@ apiVersion: v1 metadata: - name: nova-{{ component }}-rabbitmq + name: {{ name }}-rabbitmq namespace: openstack - labels: - {{ labels("neutron", component=component) | indent(4) }} stringData: - username: nova-{{ component }} + username: {{ name }} password: {{ password }} kind: Secret diff --git a/openstack_operator/utils.py b/openstack_operator/utils.py index dd0b7009..fb1e5b8a 100644 --- a/openstack_operator/utils.py +++ b/openstack_operator/utils.py @@ -292,7 +292,7 @@ def deploy_memcached(name, **_): Deploy a generic instance of Memcached This function deploys a generic instance of Memcached with sane defaults, - it's meant to be here to be consumed/called by the serices. + it's meant to be here to be consumed/called by the services. """ create_or_update('operator/memcached.yml.j2', name=name) @@ -303,3 +303,18 @@ def deploy_uwsgi_config(): This function deploys a default configmap for uwsgi apps.""" create_or_update('operator/uwsgidefaultconfig.yml.j2') + + +def deploy_rabbitmq(name, **_): + """ + Deploy a generic instance of rabbitmq + + This function deploys a generic instance of Rabbitmq with a secret, + it's meant to be here to be consumed/called by the services. + The secret should include user and password. + """ + + if not ensure_secret("openstack", name + "-rabbitmq"): + create_or_update('operator/secret-rabbitmq.yml.j2', + name=name, password=generate_password()) + create_or_update('operator/rabbitmq.yml.j2', name=name)