blob: 5cae8aaef87015083539956fb71b360ef266a64f [file] [log] [blame]
Filip Pytlounef5b0af2015-10-06 16:28:32 +02001=========================
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +03002Usage
Filip Pytlounef5b0af2015-10-06 16:28:32 +02003=========================
4
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +03005RabbitMQ is a complete and highly reliable enterprise messaging
6system based on the emerging AMQP standard.
Filip Pytlounef5b0af2015-10-06 16:28:32 +02007
Filip Pytlounef5b0af2015-10-06 16:28:32 +02008Sample pillars
9==============
10
11Standalone Broker
12-----------------
13
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +030014RabbitMQ as AMQP broker with admin user and vhosts:
Filip Pytlounef5b0af2015-10-06 16:28:32 +020015
16.. code-block:: yaml
17
18 rabbitmq:
19 server:
20 enabled: true
Buddy Lindsey, Jrf0d58ae2018-07-16 16:36:55 -050021 memory:
22 vm_high_watermark: 0.4
Filip Pytlounef5b0af2015-10-06 16:28:32 +020023 bind:
24 address: 0.0.0.0
25 port: 5672
26 secret_key: rabbit_master_cookie
27 admin:
28 name: adminuser
29 password: pwd
30 plugins:
31 - amqp_client
32 - rabbitmq_management
Nick Metz208245c2017-12-03 16:18:33 +010033 host:
34 '/monitor':
35 enabled: true
36 user: 'monitor'
37 password: 'password'
Filip Pytlounef5b0af2015-10-06 16:28:32 +020038
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +030039RabbitMQ as a Stomp broker:
Filip Pytlounef5b0af2015-10-06 16:28:32 +020040
41.. code-block:: yaml
42
43 rabbitmq:
44 server:
45 enabled: true
46 secret_key: rabbit_master_cookie
47 bind:
48 address: 0.0.0.0
49 port: 5672
Nick Metz208245c2017-12-03 16:18:33 +010050 host:
51 '/monitor':
52 enabled: true
53 user: 'monitor'
54 password: 'password'
Michael Polenchuk8115f0f2018-05-30 21:27:45 +040055 plugins_runas_user: rabbitmq
Filip Pytlounef5b0af2015-10-06 16:28:32 +020056 plugins:
57 - rabbitmq_stomp
58
59RabbitMQ cluster
60----------------
61
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +030062RabbitMQ as base cluster node:
Filip Pytlounef5b0af2015-10-06 16:28:32 +020063
64.. code-block:: yaml
65
66 rabbitmq:
67 server:
68 enabled: true
69 bind:
70 address: 0.0.0.0
71 port: 5672
72 secret_key: rabbit_master_cookie
73 admin:
74 name: adminuser
75 password: pwd
76 cluster:
77 enabled: true
78 role: master
79 mode: disc
80 members:
81 - name: openstack1
82 host: 10.10.10.212
83 - name: openstack2
84 host: 10.10.10.213
85
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +030086HA Queues definition:
Filip Pytlounef5b0af2015-10-06 16:28:32 +020087
88.. code-block:: yaml
89
90 rabbitmq:
91 server:
92 enabled: true
93 ...
Nick Metz208245c2017-12-03 16:18:33 +010094 host:
95 '/monitor':
96 enabled: true
97 user: 'monitor'
98 password: 'password'
99 policies:
100 - name: HA
101 pattern: '^(?!amq\.).*'
102 definition: '{"ha-mode": "all"}'
Kirill Bespalov09e52182017-05-10 14:20:30 +0300103
Kirill Bespalov09e52182017-05-10 14:20:30 +0300104Enable TLS support
105------------------
106
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300107To enable support of TLS for rabbitmq-server you need to provide
108a path to cacert, server cert and private key:
Kirill Bespalovb0cd0ae2017-05-30 17:45:13 +0300109
110.. code-block:: yaml
111
112 rabbitmq:
113 server:
114 enabled: true
115 ...
116 ssl:
117 enabled: True
118 key_file: /etc/rabbitmq/ssl/key.pem
119 cert_file: /etc/rabbitmq/ssl/cert.pem
120 ca_file: /etc/rabbitmq/ssl/ca.pem
121
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300122To manage content of these files you can either use the following
123options:
Kirill Bespalov09e52182017-05-10 14:20:30 +0300124
125.. code-block:: yaml
126
127 rabbitmq:
128 server:
129 enabled: true
130 ...
131 ssl:
132 enabled: True
133
Kirill Bespalovb0cd0ae2017-05-30 17:45:13 +0300134 key_file: /etc/rabbitmq/ssl/key.pem
Kirill Bespalov09e52182017-05-10 14:20:30 +0300135 key: |
136 -----BEGIN RSA PRIVATE KEY-----
137 ...
138 -----END RSA PRIVATE KEY-------
139
Kirill Bespalovb0cd0ae2017-05-30 17:45:13 +0300140 ca_file: /etc/rabbitmq/ssl/ca.pem
141 cacert_chain: |
142 -----BEGIN CERTIFICATE-----
143 ...
144 -----END CERTIFICATE-------
145
146 cert_file: /etc/rabbitmq/ssl/cert.pem
Kirill Bespalov09e52182017-05-10 14:20:30 +0300147 cert: |
148 -----BEGIN CERTIFICATE-----
149 ...
150 -----END CERTIFICATE-------
151
152
Kirill Bespalovb0cd0ae2017-05-30 17:45:13 +0300153Or you can use the `salt.minion.cert` salt state which
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300154creates all required files according to defined reclass model.
155See
156https://github.com/Mirantis/reclass-system-salt-model/tree/master/salt/minion/cert/rabbitmq
157for details. In this case you need just to enable ssl and nothing more:
Kirill Bespalov09e52182017-05-10 14:20:30 +0300158
159.. code-block:: yaml
160
161 rabbitmq:
162 server:
163 enabled: true
164 ...
165 ssl:
166 enabled: True
Kirill Bespalov09e52182017-05-10 14:20:30 +0300167
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300168Defaut port for TLS is ``5671``:
Kirill Bespalov09e52182017-05-10 14:20:30 +0300169
170.. code-block:: yaml
171
172 rabbitmq:
173 server:
174 bind:
175 ssl:
176 port: 5671
177
Filip Pytlounef5b0af2015-10-06 16:28:32 +0200178Usage
179=====
180
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300181Check cluster status, example shows running cluster with 3 nodes:
182ctl-1, ctl-2, ctl-3
Filip Pytlounef5b0af2015-10-06 16:28:32 +0200183
184.. code-block:: yaml
185
186 > rabbitmqctl cluster_status
Kirill Bespalov09e52182017-05-10 14:20:30 +0300187
Filip Pytlounef5b0af2015-10-06 16:28:32 +0200188 Cluster status of node 'rabbit@ctl-1' ...
Kirill Bespalov09e52182017-05-10 14:20:30 +0300189 [{nodes,[{disc,['rabbit@ctl-1','rabbit@ctl-2','rabbit@ctl-3']}]},
Filip Pytlounef5b0af2015-10-06 16:28:32 +0200190 {running_nodes,['rabbit@ctl-3','rabbit@ctl-2','rabbit@ctl-1']},
191 {partitions,[]}]
192 ...done.
193
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300194Setup management user:
Filip Pytlounef5b0af2015-10-06 16:28:32 +0200195
196.. code-block:: yaml
197
198 > rabbitmqctl add_vhost vhost
199 > rabbitmqctl add_user user alive
200 > rabbitmqctl set_permissions -p vhost user ".*" ".*" ".*"
201 > rabbitmqctl set_user_tags user management
202
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300203EPD process is Erlang Port Mapper Daemon. It's a feature of the
204Erlang runtime that helps Erlang nodes to find each other. It's a
205pretty tiny thing and doesn't contain much state (other than "what
206Erlang nodes are running on this system?") so it's not a huge deal for
207it to still be running.
208
209Although it's running as user rabbitmq, it was started automatically
210by the Erlang VM when we started. We've considered adding "epmd -kill"
211to our shutdown script - but that would break any other Erlang apps
212running on the system; it's more "global" than RabbitMQ.
Filip Pytlounef5b0af2015-10-06 16:28:32 +0200213
214Read more
215=========
216
217* http://www.rabbitmq.com/admin-guide.html
218* https://github.com/saltstack/salt-contrib/blob/master/states/rabbitmq_plugins.py
219* http://docs.saltstack.com/ref/states/all/salt.states.rabbitmq_user.html
220* http://stackoverflow.com/questions/14699873/how-to-reset-user-for-rabbitmq-management
221* http://www.rabbitmq.com/memory.html
222
223Clustering
224==========
225
226* http://www.rabbitmq.com/clustering.html#auto-config
227* https://github.com/jesusaurus/hpcs-salt-state/tree/master/rabbitmq
228* http://gigisayfan.blogspot.cz/2012/06/rabbit-mq-clustering-python-fabric.html
229* http://docwiki.cisco.com/wiki/OpenStack_Havana_Release:_High-Availability_Manual_Deployment_Guide#RabbitMQ_Installation
Filip Pytloun55a7ef02017-02-02 13:02:03 +0100230
231Documentation and Bugs
232======================
233
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300234* http://salt-formulas.readthedocs.io/
235 Learn how to install and update salt-formulas
Filip Pytloun55a7ef02017-02-02 13:02:03 +0100236
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300237* https://github.com/salt-formulas/salt-formula-rabbitmq/issues
238 In the unfortunate event that bugs are discovered, report the issue to the
239 appropriate issue tracker. Use the Github issue tracker for a specific salt
240 formula
Filip Pytloun55a7ef02017-02-02 13:02:03 +0100241
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300242* https://launchpad.net/salt-formulas
243 For feature requests, bug reports, or blueprints affecting the entire
244 ecosystem, use the Launchpad salt-formulas project
Filip Pytloun55a7ef02017-02-02 13:02:03 +0100245
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300246* https://launchpad.net/~salt-formulas-users
247 Join the salt-formulas-users team and subscribe to mailing list if required
Filip Pytloun55a7ef02017-02-02 13:02:03 +0100248
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300249* https://github.com/salt-formulas/salt-formula-rabbitmq
250 Develop the salt-formulas projects in the master branch and then submit pull
251 requests against a specific formula
Filip Pytloun55a7ef02017-02-02 13:02:03 +0100252
OlgaGusarenkoe27a2ea2018-07-31 00:59:36 +0300253* #salt-formulas @ irc.freenode.net
254 Use this IRC channel in case of any questions or feedback which is always
255 welcome