- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with rabbitmq
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
This module manages RabbitMQ (www.rabbitmq.com)
The rabbitmq module sets up rabbitmq and has a number of providers to manage everything from vhosts to exchanges after setup.
This module has been tested against 3.5.x and 3.6.x (as well as earlier versions) and is known to not support all features against versions prior to 2.7.1.
- rabbitmq repository files.
- rabbitmq package.
- rabbitmq configuration file.
- rabbitmq service.
include '::rabbitmq'
All options and configuration can be done through interacting with the parameters on the main rabbitmq class. These are documented below.
To begin with the rabbitmq class controls the installation of rabbitmq. In here you can control many parameters relating to the package and service, such as disabling puppet support of the service:
class { '::rabbitmq':
service_manage => false,
port => '5672',
delete_guest_user => true,
}
To use RabbitMQ Environment Variables, use the parameters environment_variables
e.g.:
class { 'rabbitmq':
port => '5672',
environment_variables => {
'NODENAME' => 'node01',
'SERVICENAME' => 'RabbitMQ'
}
}
To change RabbitMQ Config Variables in rabbitmq.config, use the parameters config_variables
e.g.:
class { 'rabbitmq':
port => '5672',
config_variables => {
'hipe_compile' => true,
'frame_max' => 131072,
'log_levels' => "[{connection, info}]"
}
}
To change Erlang Kernel Config Variables in rabbitmq.config, use the parameters
config_kernel_variables
e.g.:
class { 'rabbitmq':
port => '5672',
config_kernel_variables => {
'inet_dist_listen_min' => 9100,
'inet_dist_listen_max' => 9105,
}
}
To change Management Plugin Config Variables in rabbitmq.config, use the parameters
config_management_variables
e.g.:
class { 'rabbitmq':
config_management_variables => {
'rates_mode' => 'basic',
}
}
To change Additional Config Variables in rabbitmq.config, use the parameter
config_additional_variables
e.g.:
class { 'rabbitmq':
config_additional_variables => {
'autocluster' => '[{consul_service, "rabbit"},{cluster_name, "rabbit"}]',
'foo' => '[{bar, "baz"}]'
}
}
This will result in the following config appended to the config file:
% Additional config
{autocluster, [{consul_service, "rabbit"},{cluster_name, "rabbit"}]},
{foo, [{bar, "baz"}]}
(This is required for the autocluster plugin
To use RabbitMQ clustering facilities, use the rabbitmq parameters
config_cluster
, cluster_nodes
, and cluster_node_type
, e.g.:
class { 'rabbitmq':
config_cluster => true,
cluster_nodes => ['rabbit1', 'rabbit2'],
cluster_node_type => 'ram',
erlang_cookie => 'A_SECRET_COOKIE_STRING',
wipe_db_on_cookie_change => true,
}
- rabbitmq: Main class for installation and service management.
- rabbitmq::config: Main class for rabbitmq configuration/management.
- rabbitmq::install: Handles package installation.
- rabbitmq::params: Different configuration data for different systems.
- rabbitmq::service: Handles the rabbitmq service.
- rabbitmq::repo::apt: Handles apt repo for Debian systems.
- rabbitmq::repo::rhel: Handles rpm repo for Redhat systems.
Boolean, if enabled sets up the management interface/plugin for RabbitMQ.
An array specifying authorization/authentication backend to use. Syntax: single quotes should be placed around array entries, ex. ['{foo, baz}', 'baz'] Defaults to [rabbit_auth_backend_internal], and if using LDAP defaults to [rabbit_auth_backend_internal, rabbit_auth_backend_ldap].
Choose between disc and ram nodes.
An array of nodes for clustering.
Value to set for cluster_partition_handling
RabbitMQ configuration variable.
Integer, set the collect_statistics_interval in rabbitmq.config
The file to use as the rabbitmq.config template.
String, dditional config variables in rabbitmq.config
Boolean to enable or disable clustering support.
Hash of Erlang kernel configuration variables to set (see Variables Configurable in rabbitmq.config).
DEPRECATED
Configuring queue mirroring should be done by setting the according policy for the queue. You can read more about it here
The path to write the RabbitMQ configuration file to.
Hash of configuration variables for the Management Plugin.
Boolean to enable or disable stomp.
Boolean to enable or disable shovel.
Hash of static shovel configurations
To set config variables in rabbitmq.config
Username to set for the default_user
in rabbitmq.config.
Password to set for the default_user
in rabbitmq.config.
Boolean to decide if we should delete the default guest user.
The template file to use for rabbitmq_env.config.
The path to write the rabbitmq_env.config file to.
RabbitMQ Environment Variables in rabbitmq_env.config
The erlang cookie to use for clustering - must be the same between all nodes. This value has no default and must be set explicitly if using clustering. If you run Pacemaker and you don't want to use RabbitMQ buildin cluster, you can set config_cluster to 'False' and set 'erlang_cookie'.
Set rabbitmq file ulimit. Defaults to 16384. Only available on systems with
$::osfamily == 'Debian'
or $::osfamily == 'RedHat'
.
Set the heartbeat timeout interval, default is unset which uses the builtin server
defaultsof 60 seconds. Setting this to 0
will disable heartbeats.
Uses content method for Debian OS family. Should be a template for apt::source class. Undefined by default.
Boolean, set to true to enable LDAP auth.
LDAP server to use for auth.
User DN pattern for LDAP auth.
How to bind to the LDAP server. Defaults to 'anon'.
Hash of other LDAP config variables.
Boolean, set to true to use SSL for the LDAP server.
Numeric port for LDAP server.
Boolean, set to true to log LDAP auth.
Will fall back to node_ip_address
if not explicitly set; allows configuring
a separate bind IP for the management interface.
The hostname for the RabbitMQ management interface.
The port for the RabbitMQ management interface.
Enable/Disable SSL for the management port. Has an effect only if ssl => true. Default is true. Valid values are true or false.
The value of NODE_IP_ADDRESS in rabbitmq_env.config and of the
rabbitmq_management server if it is enabled. See also management_ip_address
.
Use 0.0.0.0 to bind to all interfaces.
Determines the ensure state of the package. Set to installed by default, but could be changed to latest.
This should generally be left as default. If using a package not signed by the RabbitMQ signing key, you can use this parameter to override the expected key.
The name of the package to install.
The RabbitMQ port.
Ensure that a repo with the official (and newer) RabbitMQ package is configured, along with its signing key. Defaults to false (use system packages). This does not ensure that soft dependencies (like EPEL on RHEL systems) are present.
The state of the service.
Determines if the service is managed.
The name of the service to manage.
Configures the service for using SSL.
Configures the service to only use SSL. No cleartext TCP listeners will be created. Requires that ssl => true and port => undef also
CA cert path to use for SSL.
Cert to use for SSL.
Key to use for SSL.
Password used when generating CSR.
SSL verification depth.
SSL management port.
SSL stomp port.
rabbitmq.config SSL verify setting.
rabbitmq.config fail_if_no_peer_cert
setting.
Choose which SSL versions to enable. Example: ['tlsv1.2', 'tlsv1.1']
.
Note that it is recommended to disable sslv3
and tlsv1
to prevent against POODLE and BEAST attacks. Please see the RabbitMQ SSL documentation for more information.
Support only a given list of SSL ciphers. Example: ['dhe_rsa,aes_256_cbc,sha','dhe_dss,aes_256_cbc,sha','ecdhe_rsa,aes_256_cbc,sha']
.
Supported ciphers in your install can be listed with: rabbitmqctl eval 'ssl:cipher_suites().' Functionality can be tested with cipherscan or similar tool: https://github.com/jvehent/cipherscan.git
The port to use for Stomp.
Configures STOMP to only use SSL. No cleartext STOMP TCP listeners will be created. Requires setting ssl_stomp_port also.
Boolean to install the stomp plugin.
Integer, the size of the backlog on TCP connections.
Boolean to enable TCP connection keepalive for RabbitMQ service.
Integer, corresponds to recbuf in RabbitMQ tcp_listen_options
Integer, corresponds to sndbuf in RabbitMQ tcp_listen_options
Boolean to determine if we should DESTROY AND DELETE the RabbitMQ database.
String: OS dependent, default defined in param.pp. The system user the rabbitmq daemon runs as.
String: OS dependent, default defined in param.pp. The system group the rabbitmq daemon runs as.
String: OS dependent. default defined in param.pp. The home directory of the rabbitmq deamon.
query all current users: $ puppet resource rabbitmq_user
rabbitmq_user { 'dan':
admin => true,
password => 'bar',
}
Optional parameter tags will set further rabbitmq tags like monitoring, policymaker, etc. To set the administrator tag use admin-flag.
rabbitmq_user { 'dan':
admin => true,
password => 'bar',
tags => ['monitoring', 'tag1'],
}
query all current vhosts: $ puppet resource rabbitmq_vhost
rabbitmq_vhost { 'myvhost':
ensure => present,
}
rabbitmq_exchange { 'myexchange@myvhost':
ensure => present,
user => 'dan',
password => 'bar',
type => 'topic',
internal => false,
auto_delete => false,
durable => true,
arguments => {
hash-header => 'message-distribution-hash'
}
}
rabbitmq_queue { 'myqueue@myvhost':
ensure => present,
user => 'dan',
password => 'bar',
durable => true,
auto_delete => false,
arguments => {
x-message-ttl => 123,
x-dead-letter-exchange => 'other'
},
}
rabbitmq_binding { 'myexchange@myqueue@myvhost':
ensure => present,
user => 'dan',
password => 'bar',
destination_type => 'queue',
routing_key => '#',
arguments => {},
}
rabbitmq_binding { 'binding 1':
ensure => present,
source => 'myexchange',
destination => 'myqueue',
vhost => 'myvhost',
user => 'dan',
password => 'bar',
destination_type => 'queue',
routing_key => 'key1',
arguments => {},
}
rabbitmq_binding { 'binding 2':
ensure => present,
source => 'myexchange',
destination => 'myqueue',
vhost => 'myvhost',
user => 'dan',
password => 'bar',
destination_type => 'queue',
routing_key => 'key2',
arguments => {},
}
rabbitmq_user_permissions { 'dan@myvhost':
configure_permission => '.*',
read_permission => '.*',
write_permission => '.*',
}
rabbitmq_policy { 'ha-all@myvhost':
pattern => '.*',
priority => 0,
applyto => 'all',
definition => {
'ha-mode' => 'all',
'ha-sync-mode' => 'automatic',
},
}
query all currently enabled plugins $ puppet resource rabbitmq_plugin
rabbitmq_plugin {'rabbitmq_stomp':
ensure => present,
}
rabbitmq_parameter { 'documentumShovel@/':
component_name => '',
value => {
'src-uri' => 'amqp://',
'src-queue' => 'my-queue',
'dest-uri' => 'amqp://remote-server',
'dest-queue' => 'another-queue',
},
}
rabbitmq_parameter { 'documentumFed@/':
component_name => 'federation-upstream',
value => {
'uri' => 'amqp://myserver',
'expires' => '360000',
},
}
This is essentially a private type used by the rabbitmq::config class to manage the erlang cookie. It replaces the rabbitmq_erlang_cookie fact from earlier versions of this module. It manages the content of the cookie usually located at "${rabbitmq_home}/.erlang.cookie", which includes stopping the rabbitmq service and wiping out the database at "${rabbitmq_home}/mnesia" if the user agrees to it. We don't recommend using this type directly.
The module has been tested on:
- RedHat Enterprise Linux 6/7
- Debian 7/8
- CentOS 6/7
- Ubuntu 12.04/14.04
Testing on other platforms has been light and cannot be guaranteed. Support for EL / CentOS 5 is deprecated.
If running CentOS/RHEL, ensure the epel repo, or another repo containing a suitable Erlang version, is present. On Debian systems, puppetlabs/apt (>=2.0.0 < 5.0.0) is a soft dependency.
To have a suitable erlang version installed on RedHat and Debian systems, you have to install another puppet module from http://forge.puppetlabs.com/garethr/erlang with:
puppet module install garethr-erlang
This module handles the packages for erlang. To use the module, add the following snippet to your site.pp or an appropriate profile class:
For RedHat systems:
include 'erlang'
class { 'erlang': epel_enable => true}
For Debian systems:
include 'erlang'
package { 'erlang-base':
ensure => 'latest',
}
This module also depends on the excellent puppet/staging module on the Forge:
puppet module install puppet-staging
This module is maintained by Vox Pupuli. Voxpupuli welcomes new contributions to this module, especially those that include documentation and rspec tests. We are happy to provide guidance if necessary.
Please see CONTRIBUTING for more details.
- Jeff McCune jeff@puppetlabs.com
- Dan Bode dan@puppetlabs.com
- RPM/RHEL packages by Vincent Janelle randomfrequency@gmail.com
- Puppetlabs Module Team
- Voxpupuli Team