/rabbitmq

Development repository for Chef cookbook RabbitMQ

Primary LanguageRubyApache License 2.0Apache-2.0

rabbitmq Cookbook

Build Status

This is a cookbook for managing RabbitMQ with Chef. It is intended for RabbitMQ 2.6.1 or later releases. With Chef we have adopted support >= 11.14.0 for chef-client, and leaning heavily on chef-client 12 and above.

Requirements

This cookbook depends on the erlang cookbook.

The release was tested with (rabbitmq.com/distro version), from the kitchen.yml.

  • CentOS 6.5
  • CentOS 7.0
  • Ubuntu 12.04
  • Ubuntu 14.04
  • Debian 7.0

Recipes

default

Installs rabbitmq-server from RabbitMQ.com via direct download of the installation package or using the distribution version. Depending on your distribution, the provided version may be quite old so they are disabled by default. If you want to use the distro version, set the attribute ['rabbitmq']['use_distro_version'] to true. You may override the download URL attribute ['rabbitmq']['package'] if you wish to use a local mirror.

The cluster recipe is now combined with the default and will now auto-cluster. Set the ['rabbitmq']['cluster'] attribute to true, ['rabbitmq']['cluster_disk_nodes'] array of node@host strings that describe which you want to be disk nodes and then set an alphanumeric string for the erlang_cookie.

To enable SSL turn ssl to true and set the paths to your cacert, cert and key files.

Attributes

Default values and usage information of important attributes are shown below. More attributes are documented in metadata.rb.

Username and Password

The default username and password are guest/guest:

['rabbitmq']['default_user'] = 'guest'

['rabbitmq']['default_pass'] = 'guest'

Loopback Users

By default, the guest user can only connect via localhost. This is the behavior of RabbitMQ when the loopback_users configuration is not specified in it's configuration file. Also, by default, this cookbook does not specify loopback_users in the configuration file:

['rabbitmq']['loopback_users'] = nil

If you wish to allow the default guest user to connect remotely, you can change this to []. If instead you wanted to allow just the user 'foo' to connect over loopback, you would set this value to ["foo"]. More information can be found here: https://www.rabbitmq.com/access-control.html.

mgmt_console

Installs the rabbitmq_management and rabbitmq_management_visualiser plugins. To use https connection to management console, turn ['rabbitmq']['web_console_ssl'] to true. The SSL port for web management console can be configured by setting attribute ['rabbitmq']['web_console_ssl_port'], whose default value is 15671.

plugin_management

Enables any plugins listed in the node['rabbitmq']['enabled_plugins'] and disables any listed in node['rabbitmq']['disabled_plugins'] attributes.

community_plugins

Downloads, installs and enables pre-built community plugins binaries.

To specify a plugin, set the attribute node['rabbitmq']['community_plugins']['PLUGIN_NAME'] to 'DOWNLOAD_URL'. For example, to use the RabbitMQ priority queue plugin, set the attribute node['rabbitmq']['community_plugins']['rabbitmq_priority_queue'] to 'https://www.rabbitmq.com/community-plugins/v3.4.x/rabbitmq_priority_queue-3.4.x-3431dc1e.ez'.

policy_management

Enables any policies listed in the node['rabbitmq']['policies'] and disables any listed in node['rabbitmq']['disabled_policies'] attributes.

user_management

Enables any users listed in the node['rabbitmq']['enabled_users'] and disables any listed in node['rabbitmq']['disabled_users'] attributes.

virtualhost_management

Enables any vhosts listed in the node['rabbitmq']['virtualhosts'] and disables any listed in node['rabbitmq']['disabled_virtualhosts'] attributes.

Resources/Providers

There are 4 LWRPs for interacting with RabbitMQ.

plugin

Enables or disables a rabbitmq plugin. Plugins are not supported for releases prior to 2.7.0.

  • :enable enables a plugin
  • :disable disables a plugin

Examples

rabbitmq_plugin "rabbitmq_stomp" do
  action :enable
end
rabbitmq_plugin "rabbitmq_shovel" do
  action :disable
end

policy

sets or clears a rabbitmq policy.

  • :set sets a policy
  • :clear clears a policy
  • :list lists policys

Examples

rabbitmq_policy "ha-all" do
  pattern "^(?!amq\\.).*"
  params ({"ha-mode"=>"all"})
  priority 1
  action :set
end
rabbitmq_policy "ha-all" do
  action :clear
end

user

Adds and deletes users, fairly simplistic permissions management.

  • :add adds a user with a password
  • :delete deletes a user
  • :set_permissions sets the permissions for a user, vhost is optional
  • :clear_permissions clears the permissions for a user
  • :set_tags set the tags on a user
  • :clear_tags clear any tags on a user
  • :change_password set the password for a user

Examples

rabbitmq_user "guest" do
  action :delete
end
rabbitmq_user "nova" do
  password "sekret"
  action :add
end
rabbitmq_user "nova" do
  vhost "/nova"
  permissions ".* .* .*"
  action :set_permissions
end
rabbitmq_user "joe" do
  tag "admin,lead"
  action :set_tags
end

vhost

Adds and deletes vhosts.

  • :add adds a vhost
  • :delete deletes a vhost

Examples

rabbitmq_vhost "/nova" do
  action :add
end

Limitations

For an already running cluster, these actions still require manual intervention:

  • changing the :erlang_cookie
  • turning :cluster from true to false

License & Authors

Copyright (c) 2009-2013, Chef Software, Inc.
Copyright (c) 2014-2015, Chef Software, Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.