RabbitMQ messaging system¶
RabbitMQ is a complete and highly reliable enterprise messaging system based on the emerging AMQP standard.
Sample pillars¶
Standalone Broker¶
RabbitMQ as AMQP broker with admin user and vhosts
rabbitmq:
server:
enabled: true
bind:
address: 0.0.0.0
port: 5672
secret_key: rabbit_master_cookie
admin:
name: adminuser
password: pwd
plugins:
- amqp_client
- rabbitmq_management
host:
'/monitor':
enabled: true
user: 'monitor'
password: 'password'
RabbitMQ as a Stomp broker
rabbitmq:
server:
enabled: true
secret_key: rabbit_master_cookie
bind:
address: 0.0.0.0
port: 5672
host:
'/monitor':
enabled: true
user: 'monitor'
password: 'password'
plugins:
- rabbitmq_stomp
RabbitMQ cluster¶
RabbitMQ as base cluster node
rabbitmq:
server:
enabled: true
bind:
address: 0.0.0.0
port: 5672
secret_key: rabbit_master_cookie
admin:
name: adminuser
password: pwd
cluster:
enabled: true
role: master
mode: disc
members:
- name: openstack1
host: 10.10.10.212
- name: openstack2
host: 10.10.10.213
HA Queues definition
rabbitmq:
server:
enabled: true
...
host:
'/monitor':
enabled: true
user: 'monitor'
password: 'password'
policies:
- name: HA
pattern: '^(?!amq\.).*'
definition: '{"ha-mode": "all"}'
Enable TLS support¶
To enable support of TLS for rabbitmq-server you need to provide a path to cacert, server cert and private key :
rabbitmq:
server:
enabled: true
...
ssl:
enabled: True
key_file: /etc/rabbitmq/ssl/key.pem
cert_file: /etc/rabbitmq/ssl/cert.pem
ca_file: /etc/rabbitmq/ssl/ca.pem
To manage content of these files you can either use the following options:
rabbitmq:
server:
enabled: true
...
ssl:
enabled: True
key_file: /etc/rabbitmq/ssl/key.pem
key: |
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-------
ca_file: /etc/rabbitmq/ssl/ca.pem
cacert_chain: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-------
cert_file: /etc/rabbitmq/ssl/cert.pem
cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-------
Or you can use the salt.minion.cert salt state which creates all required files according to defined reclass model [1]. In this case you need just to enable ssl and nothing more:
rabbitmq:
server:
enabled: true
...
ssl:
enabled: True
–
Defaut port for TLS is 5671:
rabbitmq:
server:
bind:
ssl:
port: 5671
Usage¶
Check cluster status, example shows running cluster with 3 nodes: ctl-1, ctl-2, ctl-3
> rabbitmqctl cluster_status
Cluster status of node 'rabbit@ctl-1' ...
[{nodes,[{disc,['rabbit@ctl-1','rabbit@ctl-2','rabbit@ctl-3']}]},
{running_nodes,['rabbit@ctl-3','rabbit@ctl-2','rabbit@ctl-1']},
{partitions,[]}]
...done.
Setup management user.
> rabbitmqctl add_vhost vhost
> rabbitmqctl add_user user alive
> rabbitmqctl set_permissions -p vhost user ".*" ".*" ".*"
> rabbitmqctl set_user_tags user management
EPD process is Erlang Port Mapper Daemon. It’s a feature of the Erlang runtime that helps Erlang nodes to find each other. It’s a pretty tiny thing and doesn’t contain much state (other than “what Erlang nodes are running on this system?”) so it’s not a huge deal for it to still be running. Although it’s running as user rabbitmq, it was started automatically by the Erlang VM when we started. We’ve considered adding “epmd -kill” to our shutdown script - but that would break any other Erlang apps running on the system; it’s more “global” than RabbitMQ.
Read more¶
- http://www.rabbitmq.com/admin-guide.html
- https://github.com/saltstack/salt-contrib/blob/master/states/rabbitmq_plugins.py
- http://docs.saltstack.com/ref/states/all/salt.states.rabbitmq_user.html
- http://stackoverflow.com/questions/14699873/how-to-reset-user-for-rabbitmq-management
- http://www.rabbitmq.com/memory.html
Clustering¶
- http://www.rabbitmq.com/clustering.html#auto-config
- https://github.com/jesusaurus/hpcs-salt-state/tree/master/rabbitmq
- http://gigisayfan.blogspot.cz/2012/06/rabbit-mq-clustering-python-fabric.html
- http://docwiki.cisco.com/wiki/OpenStack_Havana_Release:_High-Availability_Manual_Deployment_Guide#RabbitMQ_Installation
Documentation and Bugs¶
To learn how to install and update salt-formulas, consult the documentation available online at:
In the unfortunate event that bugs are discovered, they should be reported to the appropriate issue tracker. Use Github issue tracker for specific salt formula:
For feature requests, bug reports or blueprints affecting entire ecosystem, use Launchpad salt-formulas project:
You can also join salt-formulas-users team and subscribe to mailing list:
Developers wishing to work on the salt-formulas projects should always base their work on master branch and submit pull request against specific formula.
Any questions or feedback is always welcome so feel free to join our IRC channel:
#salt-formulas @ irc.freenode.net