From 1f3dcce5ac84414174f066dc20735e02ffebf041 Mon Sep 17 00:00:00 2001
From: LinPeiWen <591171850@qq.com>
Date: Mon, 13 Dec 2021 11:23:04 +0800
Subject: [PATCH] Support enable/disable rabbitmq prometheus plugins

rabbitmq starting from 3.8.0, built-in Prometheus support,
prometheus plugins are enabled by default, when the environment is
"enable_prometheus is no", rabbitmq role will disable prometheus plugins

Closes-Bug: #1885106

Change-Id: I4d694d6224c813285d228d6bc7eece5731db1078
---
 ansible/group_vars/all.yml                     | 12 +++++++++++-
 ansible/roles/rabbitmq/tasks/config.yml        | 18 ++++++++++++++++++
 .../rabbitmq/templates/enabled_plugins.j2      |  1 +
 .../roles/rabbitmq/templates/rabbitmq.conf.j2  |  5 +++++
 .../roles/rabbitmq/templates/rabbitmq.json.j2  |  6 ++++++
 ansible/site.yml                               |  2 ++
 .../notes/bug-1885106-2347d7458a8f9cb0.yaml    | 13 +++++++++++++
 7 files changed, 56 insertions(+), 1 deletion(-)
 create mode 100644 ansible/roles/rabbitmq/templates/enabled_plugins.j2
 create mode 100644 releasenotes/notes/bug-1885106-2347d7458a8f9cb0.yaml

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index f192562852..d2c56e296f 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -434,6 +434,7 @@ outward_rabbitmq_port: "5674"
 outward_rabbitmq_management_port: "15674"
 outward_rabbitmq_cluster_port: "25674"
 outward_rabbitmq_epmd_port: "4371"
+outward_rabbitmq_prometheus_port: "15694"
 
 ovsdb_port: "6640"
 
@@ -448,7 +449,7 @@ prometheus_node_exporter_port: "9100"
 prometheus_mysqld_exporter_port: "9104"
 prometheus_haproxy_exporter_port: "9101"
 prometheus_memcached_exporter_port: "9150"
-prometheus_rabbitmq_exporter_port: "15692"
+prometheus_rabbitmq_exporter_port: "{{ rabbitmq_prometheus_port }}"
 # Default cadvisor port of 8080 already in use
 prometheus_cadvisor_port: "18080"
 prometheus_fluentd_integration_port: "24231"
@@ -470,6 +471,7 @@ rabbitmq_port: "{{ '5671' if rabbitmq_enable_tls | bool else '5672' }}"
 rabbitmq_management_port: "15672"
 rabbitmq_cluster_port: "25672"
 rabbitmq_epmd_port: "4369"
+rabbitmq_prometheus_port: "15692"
 
 redis_port: "6379"
 redis_sentinel_port: "26379"
@@ -797,6 +799,14 @@ outward_rabbitmq_user: "openstack"
 rabbitmq_enable_tls: "no"
 # CA certificate bundle in RabbitMQ container.
 rabbitmq_cacert: "/etc/ssl/certs/{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}"
+rabbitmq_enable_prometheus_plugin: "{{ enable_prometheus }}"
+rabbitmq_plugins:
+  - name: "rabbitmq_management"
+    enabled: True
+  - name: "rabbitmq_prometheus"
+    enabled: "{{ rabbitmq_enable_prometheus_plugin | bool }}"
+
+rabbitmq_enabled_plugins: "{{ rabbitmq_plugins | selectattr('enabled', 'equalto', true) | list }}"
 
 ####################
 # Qdrouterd options
diff --git a/ansible/roles/rabbitmq/tasks/config.yml b/ansible/roles/rabbitmq/tasks/config.yml
index df8c0cdb5f..fd7fd707eb 100644
--- a/ansible/roles/rabbitmq/tasks/config.yml
+++ b/ansible/roles/rabbitmq/tasks/config.yml
@@ -97,5 +97,23 @@
   notify:
     - Restart rabbitmq container
 
+- name: Copying over enabled_plugins
+  become: true
+  vars:
+    service: "{{ rabbitmq_services['rabbitmq'] }}"
+  template:
+    src: "{{ item }}"
+    dest: "{{ node_config_directory }}/{{ project_name }}/enabled_plugins"
+    mode: "0660"
+  with_first_found:
+    - "{{ node_custom_config }}/rabbitmq/{{ inventory_hostname }}/enabled_plugins"
+    - "{{ node_custom_config }}/rabbitmq/enabled_plugins"
+    - "enabled_plugins.j2"
+  when:
+    - inventory_hostname in groups[service.group]
+    - service.enabled | bool
+  notify:
+    - Restart rabbitmq container
+
 - include_tasks: copy-certs.yml
   when: rabbitmq_enable_tls | bool
diff --git a/ansible/roles/rabbitmq/templates/enabled_plugins.j2 b/ansible/roles/rabbitmq/templates/enabled_plugins.j2
new file mode 100644
index 0000000000..4b15cfc892
--- /dev/null
+++ b/ansible/roles/rabbitmq/templates/enabled_plugins.j2
@@ -0,0 +1 @@
+[{{ rabbitmq_enabled_plugins | map(attribute='name') | join(', ') }}].
diff --git a/ansible/roles/rabbitmq/templates/rabbitmq.conf.j2 b/ansible/roles/rabbitmq/templates/rabbitmq.conf.j2
index 7ceafa2f59..eef0db9083 100644
--- a/ansible/roles/rabbitmq/templates/rabbitmq.conf.j2
+++ b/ansible/roles/rabbitmq/templates/rabbitmq.conf.j2
@@ -25,3 +25,8 @@ ssl_options.keyfile = /etc/rabbitmq/certs/{{ project_name }}-key.pem
 ssl_options.{{ key }} = {{ value }}
 {% endfor %}
 {% endif %}
+
+{% if 'rabbitmq_prometheus' in rabbitmq_enabled_plugins | map(attribute='name') %}
+prometheus.tcp.ip = {{ api_interface_address }}
+prometheus.tcp.port = {{ role_rabbitmq_prometheus_port }}
+{% endif %}
diff --git a/ansible/roles/rabbitmq/templates/rabbitmq.json.j2 b/ansible/roles/rabbitmq/templates/rabbitmq.json.j2
index d93df3ad18..8f72100bdf 100644
--- a/ansible/roles/rabbitmq/templates/rabbitmq.json.j2
+++ b/ansible/roles/rabbitmq/templates/rabbitmq.json.j2
@@ -24,6 +24,12 @@
             "dest": "/etc/rabbitmq/definitions.json",
             "owner": "rabbitmq",
             "perm": "0600"
+        },
+        {
+            "source": "{{ container_config_directory }}/enabled_plugins",
+            "dest": "/etc/rabbitmq/enabled_plugins",
+            "owner": "rabbitmq",
+            "perm": "0600"
         }{% if rabbitmq_enable_tls | bool %},
         {
             "source": "{{ container_config_directory }}/{{ project_name }}-cert.pem",
diff --git a/ansible/site.yml b/ansible/site.yml
index d6f1786eeb..ec5d3d5d94 100644
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -481,6 +481,7 @@
         role_rabbitmq_monitoring_user: '{{ rabbitmq_monitoring_user }}',
         role_rabbitmq_password: '{{ rabbitmq_password }}',
         role_rabbitmq_port: '{{ rabbitmq_port }}',
+        role_rabbitmq_prometheus_port: '{{ rabbitmq_prometheus_port }}',
         role_rabbitmq_user: '{{ rabbitmq_user }}',
         when: enable_rabbitmq | bool }
 
@@ -500,6 +501,7 @@
         role_rabbitmq_management_port: '{{ outward_rabbitmq_management_port }}',
         role_rabbitmq_password: '{{ outward_rabbitmq_password }}',
         role_rabbitmq_port: '{{ outward_rabbitmq_port }}',
+        role_rabbitmq_prometheus_port: '{{ outward_rabbitmq_prometheus_port }}',
         role_rabbitmq_user: '{{ outward_rabbitmq_user }}',
         when: enable_outward_rabbitmq | bool }
 
diff --git a/releasenotes/notes/bug-1885106-2347d7458a8f9cb0.yaml b/releasenotes/notes/bug-1885106-2347d7458a8f9cb0.yaml
new file mode 100644
index 0000000000..4965b587fb
--- /dev/null
+++ b/releasenotes/notes/bug-1885106-2347d7458a8f9cb0.yaml
@@ -0,0 +1,13 @@
+---
+fixes:
+  - |
+    Fixed the deployment failure of outward_rabbitmq by resolving port
+    conflicts by customizing RabbitMQ's ``prometheus.tcp.port``.
+    `LP #1885106 <https://bugs.launchpad.net/kolla-ansible/+bug/1885106>`__
+
+upgrade:
+  - |
+    RabbitMQ's Prometheus plugin is no longer enabled by default
+    if Prometheus is not deployed. If external Prometheus is used,
+    you need to turn on ``rabbitmq_enable_prometheus_plugin``
+    to get old behaviour.