Comment 8 for bug 1836650

Well, for us, there was a problem. Because of some misconfigurations that
Kolla-ansible was creating, we ended up with 500k thousands of messages in
one of the RabbitMq topics. This almost crashed our PROD environment.

On Wed, Oct 9, 2019 at 9:11 AM Mark Goddard <email address hidden> wrote:

> I don't think it's necessary, there wasn't really a bug involved IIRC,
> just slightly confusing config for keystone notifications.
>
> Is there a problem that needs fixing?
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1836650
>
> Title:
> Bug when configuring Keystone events format
>
> Status in OpenStack Identity (keystone):
> Invalid
> Status in kolla-ansible:
> Fix Committed
> Status in kolla-ansible stein series:
> New
> Status in kolla-ansible train series:
> Fix Committed
>
> Bug description:
> By default Kolla-ansible defines 'enable_cadf_notifications' as 'no'.
> This variable is used to enable/disable CADF format in Keystone. The
> default of Keystone is 'CADF' already, but it (Keystone) does not set
> any messaging drivers; as a consequence, the default behavior of
> Keystone is not to send event messages to the queueing system. We were
> led to believe that using 'enable_cadf_notifications' with value 'no'
> would lead Kolla-ansible to configure the 'basic' message format.
> However, that is not what happens.
>
> Kolla-ansible will configure Keystone without setting the oslo.messaging
> driver as messagingv2 when 'enable_cadf_notifications: no'. This will
> create a configuration that does not publish events in RabbitMQ. A PR was
> pull request (PR) was proposed to fix this misunderstanding in
> https://review.opendev.org/#/c/670626. That PR is introducing a few
> things:
> * Moving the definition of 'enable_cadf_notifications' to Keystone role
> as it is only used there
> * Changing the default value defined to 'yes' because that is the
> default behavior in Keystone. Keystone uses CADF format by Default.
> * Add an else condition in Keystone.conf template. When CADF is not
> enabled, we need to explicitly set the format as 'basic'. Moreover,
> enabling the message driver to allow us to get messages in the queueing
> system.
>
> After opening the PR, the fellow Radosław Piliszek questioned the
> proposed changes. More details can be found there (
> https://review.opendev.org/#/c/670626/2), at the PR's comments. In
> summary, it was questioned the use of a parameter in Kolla-ansible to
> enable/disable a feature in Keystone. It is argued that this is not the
> goal of Kolla-ansible. Right now, we have a few options with respect to
> this issue:
> option 1 -- we can use the PR as is;
> option 2 -- we can remove the "feature" (enable_cadf_notifications)
> in kolla-ansible to configure CADF notification format;
> option 3 -- do nothing (abandon this PR), and leave things as they
> are.
>
> The community now has to decide on which path we will follow to
> address this situation. Afterwards, we can move on and propose a PR to
> apply/address the selected option into Kolla-ansible.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/keystone/+bug/1836650/+subscriptions
>

--
Rafael Weingärtner