Broker modular configuration with XInclude

.github/workflows/ci.yml

@@ -16,4 +16,4 @@ jobs:
     with:
       fqcn: 'middleware_automation/amq'
       molecule_tests: >-
-        [ "default", "static_cluster", "amq_upgrade", "mask_passwords", "custom_xml", "uninstall" ]
+        [ "default", "static_cluster", "replication", "amq_upgrade", "mask_passwords", "custom_xml", "uninstall" ]

molecule/replication/converge.yml

@@ -0,0 +1,68 @@
+---
+- name: Converge
+  hosts: all
+  gather_facts: yes
+  vars:
+    activemq_ha_enabled: true
+    activemq_disable_hornetq_protocol: true
+    activemq_disable_mqtt_protocol: true
+    activemq_disable_amqp_protocol: true
+    activemq_disable_stomp_protocol: true
+    activemq_shared_storage: false
+    activemq_replication: true
+    activemq_ha_allow_failback: true
+    activemq_configure_firewalld: false
+    activemq_modular_configuration: true
+    activemq_ha_check_for_active_server: true
+    activemq_systemd_wait_for_log: true
+    activemq_systemd_wait_for_port_number: 8161
+    activemq_users:
+    - user: amq
+      password: amqbrokerpass
+      roles: [ amq ]
+    activemq_acceptors:
+      - name: artemis
+        bind_address: 0.0.0.0
+        bind_port: "{{ activemq_port }}"
+        parameters:
+          tcpSendBufferSize: 1048576
+          tcpReceiveBufferSize: 1048576
+          protocols: CORE,AMQP
+          useEpoll: true
+          sslEnabled: false
+    activemq_connectors:
+      - name: artemis
+        address: "{{ activemq_host }}"
+        port: "{{ activemq_port }}"
+      - name: instance1
+        address: instance1
+      - name: instance2
+        address: instance2
+    activemq_addresses:
+      - name: queue.in
+        anycast:
+          - name: queue.in
+      - name: queue.out
+        anycast:
+          - name: queue.out
+      - name: DLQ
+        anycast:
+          - name: DLQ
+      - name: ExpiryQueue
+        anycast:
+          - name: ExpiryQueue
+      - name: a.test
+        anycast:
+          - name: a.test
+      - name: b.test
+        anycast:
+          - name: b.test
+    activemq_diverts:
+      - name: TESTDIVERT
+        address: queue.in
+        forwarding_address: queue.out
+        routing_type: ANYCAST
+        filter: "msgType LIKE '%ff%'"
+        exclusive: True
+  roles:
+    - middleware_automation.amq.activemq

molecule/replication/molecule.yml

@@ -0,0 +1,60 @@
+---
+driver:
+  name: docker
+platforms:
+  - name: instance1
+    image: registry.access.redhat.com/ubi9/ubi-init:latest
+    pre_build_image: true
+    privileged: true
+    command: "/usr/sbin/init"
+    networks:
+      - name: amq
+    tmpfs:
+      - /run
+      - /tmp
+  - name: instance2
+    image: registry.access.redhat.com/ubi9/ubi-init:latest
+    pre_build_image: true
+    privileged: true
+    command: "/usr/sbin/init"
+    networks:
+      - name: amq
+    tmpfs:
+      - /run
+      - /tmp
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+    ssh_connection:
+      pipelining: false
+  playbooks:
+    prepare: prepare.yml
+    converge: converge.yml
+    verify: verify.yml
+  inventory:
+    host_vars:
+      localhost:
+        ansible_python_interpreter: "{{ ansible_playbook_python }}"
+      instance1:
+        activemq_ha_role: 'primary'
+      instance2:
+        activemq_ha_role: 'backup'
+        activemq_replicated: true
+  env:
+    ANSIBLE_FORCE_COLOR: "true"
+verifier:
+  name: ansible
+scenario:
+  test_sequence:
+    - cleanup
+    - destroy
+    - create
+    - prepare
+    - converge
+    - idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy

molecule/replication/prepare.yml

@@ -0,0 +1,6 @@
+---
+- name: Prepare
+  hosts: all
+  tasks:
+    - name: "Run preparation common to all scenario"
+      ansible.builtin.include_tasks: ../prepare.yml

molecule/replication/roles

@@ -0,0 +1 @@
+../../roles

molecule/replication/verify.yml

@@ -0,0 +1,68 @@
+---
+- name: Verify
+  hosts: all
+  tasks:
+    - name: Populate service facts
+      ansible.builtin.service_facts:
+
+    - name: Populate activemq facts
+      middleware_automation.amq.activemq_facts:
+        base_url: http://localhost:8161
+        auth_username: amq
+        auth_password: amqbrokerpass
+        validate_certs: false
+
+    - name: Check if amq-broker service is started
+      ansible.builtin.assert:
+        that:
+          - ansible_facts.services["amq-broker.service"]["state"] == "running"
+          - ansible_facts.services["amq-broker.service"]["status"] == "enabled"
+
+    - name: Read content of instance1 logs
+      ansible.builtin.slurp:
+        src: /var/log/activemq/amq-broker/artemis.log
+      register: slurped_log_instance1
+      delegate_to: instance1
+      run_once: true
+
+    - name: Read content of instance2 logs
+      ansible.builtin.slurp:
+        src: /var/log/activemq/amq-broker/artemis.log
+      register: slurped_log_instance2
+      delegate_to: instance2
+      run_once: true
+
+    - name: Check cluster status
+      run_once: true
+      block:
+        - name: Check master on instance1
+          ansible.builtin.assert:
+            that:
+              - "'live Message Broker is starting' in slurped_log_instance1.content|b64decode or 'Primary message broker is starting' in slurped_log_instance1.content|b64decode"
+              - "'Server is now live' in slurped_log_instance1.content|b64decode or 'Server is now active' in slurped_log_instance1.content|b64decode"
+            quiet: true
+        - name: Check slave on instance2
+          ansible.builtin.assert:
+            that:
+              - "'Backup message broker is starting' in slurped_log_instance2.content|b64decode"
+              - "'waiting live to fail before it gets active' in slurped_log_instance2.content|b64decode or 'waiting for primary to fail before activating' in slurped_log_instance2.content|b64decode"
+            quiet: true
+
+    - name: Check cluster status via jolokia facts (master)
+      ansible.builtin.assert:
+        that:
+          - ansible_facts.activemq.Active == true
+          - ansible_facts.activemq.Backup == false
+          - ansible_facts.activemq.Clustered == true
+          - ansible_facts.activemq.SharedStore == false
+          - ansible_facts.activemq.HAPolicy == "Replication Primary w/quorum voting"
+      when: inventory_hostname == 'instance1'
+
+    - name: Check cluster status via jolokia facts (backup)
+      ansible.builtin.assert:
+        that:
+          - ansible_facts.activemq.Active == false
+          - ansible_facts.activemq.Backup == true
+          - ansible_facts.activemq.SharedStore == false
+          - ansible_facts.activemq.HAPolicy == "Replication Backup w/quorum voting"
+      when: inventory_hostname == 'instance2'

roles/activemq/README.md

@@ -86,6 +86,7 @@ Role Defaults
 |`activemq_mask_password_hashname`| Name of algorithm used for masking password, will be passed to custom codec | `sha1` |
 |`activemq_mask_password_iterations`| Number of iterations for masking password, will be passed to custom codec | `1024` |
 |`activemq_properties_file`| Properties file to allow updates and additions to the broker configuration after any xml has been parsed | `""` |
+|`activemq_modular_configuration`| Whether or not to enable XInclude modular configuration of broker.xml | `false` |
 
 
 #### LDAP authN/authZ

roles/activemq/defaults/main.yml

@@ -50,6 +50,7 @@ activemq_port_stomp: 61613  # for protocols [STOMP]
 activemq_name: 'Apache ActiveMQ'
 activemq_service_name: activemq
 activemq_service_override_template: ''
+activemq_modular_configuration: false
 
 ### Enable configuration for high availability
 activemq_ha_enabled: false

roles/activemq/handlers/main.yml

@@ -6,4 +6,13 @@
 - name: "Restart handler"
   ansible.builtin.include_tasks: restart.yml
   when: activemq_configuration_file_refresh_period < 1
-  listen: "restart amq_broker with no config refresh"
+  listen: "restart amq_broker with no config refresh"
+
+- name: "Restart handler"
+  ansible.builtin.file:
+    path: "{{ activemq.instance_home }}/etc/broker.xml"
+    state: touch
+    owner: "{{ activemq_service_user }}"
+    group: "{{ activemq_service_group }}"
+    mode: '0644'
+  listen: "touch broker.xml"

roles/activemq/meta/argument_specs.yml

@@ -747,6 +747,10 @@ argument_specs:
                 default: "{{ activemq_port }}"
                 type: 'int'
                 description: "The port number to wait for when activemq_systemd_wait_for_port is true"
+            activemq_modular_configuration:
+                default: false
+                type: 'bool'
+                description: "Whether or not to enable XInclude modular configuration of broker.xml"
     systemd:
         options:
             activemq_version:

roles/activemq/tasks/address_settings.yml

@@ -1,22 +1,67 @@
 ---
-- name: Create address settings configuration string
-  ansible.builtin.set_fact:
-    address_settings: "{{ address_settings | default([]) + [ lookup('template', 'address_settings.broker.xml.j2') ] }}"
-  loop: "{{ activemq_address_settings }}"
-  loop_control:
-    loop_var: address_setting
-    label: "{{ address_setting.match }}"
+- name: Create address settings in broker.xml
+  when: not activemq_modular_configuration
+  become: true
+  block:
+    - name: Create address settings configuration string
+      ansible.builtin.set_fact:
+        address_settings: "{{ address_settings | default([]) + [ lookup('template', 'address_settings.broker.xml.j2') ] }}"
+      loop: "{{ activemq_address_settings }}"
+      loop_control:
+        loop_var: address_setting
+        label: "{{ address_setting.match }}"
+
+    - name: Create address settings configuration in broker.xml
+      middleware_automation.common.xml:
+        path: "{{ activemq.instance_home }}/etc/broker.xml"
+        xpath: /conf:configuration/core:core/core:address-settings
+        input_type: xml
+        set_children: "{{ address_settings }}"
+        namespaces:
+          conf: urn:activemq
+          core: urn:activemq:core
+        pretty_print: true
+      become: true
+      notify:
+        - restart amq_broker with no config refresh
 
-- name: Create address settings configuration in broker.xml
-  middleware_automation.common.xml:
-    path: "{{ activemq.instance_home }}/etc/broker.xml"
-    xpath: /conf:configuration/core:core/core:address-settings
-    input_type: xml
-    set_children: "{{ address_settings }}"
-    namespaces:
-      conf: urn:activemq
-      core: urn:activemq:core
-    pretty_print: true
+- name: Create modular address-settings configuration
+  when: activemq_modular_configuration
   become: true
-  notify:
-    - restart amq_broker with no config refresh
+  block:
+    - name: Remove address-settings element from broker.xml
+      middleware_automation.common.xml:
+        path: "{{ activemq.instance_home }}/etc/broker.xml"
+        xpath: /conf:configuration/core:core/core:address-settings
+        state: absent
+        namespaces:
+          conf: urn:activemq
+          core: urn:activemq:core
+      notify:
+        - restart amq_broker with no config refresh
+
+    - name: Create address-settings file
+      ansible.builtin.template:
+        src: modular/address_settings.xml.j2
+        dest: "{{ activemq.instance_home }}/etc/address-settings.xml"
+        owner: "{{ activemq_service_user }}"
+        group: "{{ activemq_service_group }}"
+        mode: '0644'
+      notify:
+        - touch broker.xml
+        - restart amq_broker with no config refresh
+
+    - name: Include address-settings module in broker.xml
+      middleware_automation.common.xml:
+        path: "{{ activemq.instance_home }}/etc/broker.xml"
+        xpath: /conf:configuration/core:core/xi:include[@href='{{ activemq.instance_home }}/etc/address-settings.xml']
+        state: present
+        input_type: xml
+        namespaces:
+          conf: urn:activemq
+          core: urn:activemq:core
+          xi: http://www.w3.org/2001/XInclude
+        pretty_print: true
+      notify:
+        - touch broker.xml
+        - restart amq_broker