From 857871df00448cd1980caa8284067fba1e4ede26 Mon Sep 17 00:00:00 2001
From: Jim Rollenhagen <jim@jimrollenhagen.com>
Date: Thu, 27 Dec 2018 14:10:26 -0500
Subject: [PATCH] Allow barbican services to use independent hostnames

This allows barbican service endpoints to use custom hostnames, and adds the
following variables:

* barbican_internal_fqdn
* barbican_external_fqdn

These default to the old values of kolla_internal_fqdn or
kolla_external_fqdn.

This also adds a barbican_api_listen_port option, which defaults to
barbican_api_port for backward compatibility.

This option allow the user to differentiate between the port the
service listens on, and the port the service is reachable on. This is
useful for external load balancers which live on the same host as the
service itself.

Change-Id: I1807a9c8b64d737d0e278bb3e925fecb4fadfb08
Implements: blueprint service-hostnames
---
 ansible/group_vars/all.yml                           | 3 +++
 ansible/roles/barbican/defaults/main.yml             | 8 +++++---
 ansible/roles/barbican/tasks/precheck.yml            | 2 +-
 ansible/roles/barbican/templates/barbican-api.ini.j2 | 2 +-
 ansible/roles/barbican/templates/barbican.conf.j2    | 4 ++--
 5 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 5dcebc7cfe..6207834fe7 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -186,7 +186,10 @@ neutron_ipam_driver: "internal"
 # The list should be in alphabetical order
 aodh_api_port: "8042"
 
+barbican_internal_fqdn: "{{ kolla_internal_fqdn }}"
+barbican_external_fqdn: "{{ kolla_external_fqdn }}"
 barbican_api_port: "9311"
+barbican_api_listen_port: "{{ barbican_api_port }}"
 
 blazar_api_port: "1234"
 
diff --git a/ansible/roles/barbican/defaults/main.yml b/ansible/roles/barbican/defaults/main.yml
index d72d8efec7..e9d62b8c6d 100644
--- a/ansible/roles/barbican/defaults/main.yml
+++ b/ansible/roles/barbican/defaults/main.yml
@@ -20,11 +20,13 @@ barbican_services:
         mode: "http"
         external: false
         port: "{{ barbican_api_port }}"
+        listen_port: "{{ barbican_api_listen_port }}"
       barbican_api_external:
         enabled: "{{ enable_barbican }}"
         mode: "http"
         external: true
         port: "{{ barbican_api_port }}"
+        listen_port: "{{ barbican_api_listen_port }}"
   barbican-keystone-listener:
     container_name: barbican_keystone_listener
     group: barbican-keystone-listener
@@ -82,9 +84,9 @@ barbican_worker_dimensions: "{{ default_container_dimensions }}"
 ####################
 # OpenStack
 ####################
-barbican_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ barbican_api_port }}"
-barbican_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ barbican_api_port }}"
-barbican_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ barbican_api_port }}"
+barbican_admin_endpoint: "{{ admin_protocol }}://{{ barbican_internal_fqdn }}:{{ barbican_api_port }}"
+barbican_internal_endpoint: "{{ internal_protocol }}://{{ barbican_internal_fqdn }}:{{ barbican_api_port }}"
+barbican_public_endpoint: "{{ public_protocol }}://{{ barbican_external_fqdn }}:{{ barbican_api_port }}"
 
 barbican_logging_debug: "{{ openstack_logging_debug }}"
 
diff --git a/ansible/roles/barbican/tasks/precheck.yml b/ansible/roles/barbican/tasks/precheck.yml
index 3b798e2052..8e1fd559d8 100644
--- a/ansible/roles/barbican/tasks/precheck.yml
+++ b/ansible/roles/barbican/tasks/precheck.yml
@@ -8,7 +8,7 @@
 - name: Checking free port for Barbican API
   wait_for:
     host: "{{ api_interface_address }}"
-    port: "{{ barbican_api_port }}"
+    port: "{{ barbican_api_listen_port }}"
     connect_timeout: 1
     timeout: 1
     state: stopped
diff --git a/ansible/roles/barbican/templates/barbican-api.ini.j2 b/ansible/roles/barbican/templates/barbican-api.ini.j2
index 9fa7d13bbc..ce353292da 100644
--- a/ansible/roles/barbican/templates/barbican-api.ini.j2
+++ b/ansible/roles/barbican/templates/barbican-api.ini.j2
@@ -1,5 +1,5 @@
 [uwsgi]
-socket = {{ api_interface_address }}:{{ barbican_api_port }}
+socket = {{ api_interface_address }}:{{ barbican_api_listen_port }}
 protocol = http
 processes = {{ openstack_service_workers }}
 lazy = true
diff --git a/ansible/roles/barbican/templates/barbican.conf.j2 b/ansible/roles/barbican/templates/barbican.conf.j2
index f8a25de778..743012201e 100644
--- a/ansible/roles/barbican/templates/barbican.conf.j2
+++ b/ansible/roles/barbican/templates/barbican.conf.j2
@@ -2,9 +2,9 @@
 debug = {{ barbican_logging_debug }}
 log_dir = /var/log/kolla/barbican
 
-bind_port = {{ barbican_api_port }}
+bind_port = {{ barbican_api_listen_port }}
 bind_host = {{ api_interface_address }}
-host_href = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ barbican_api_port }}
+host_href = {{ public_protocol }}://{{ barbican_external_fqdn }}:{{ barbican_api_port }}
 backlog = 4096
 max_allowed_secret_in_bytes = 10000
 max_allowed_request_size_in_bytes = 1000000