feat(clusters): add distributed rabbitmq support

saltstack-formulas · Jul 16, 2021 · 104d7f2 · 104d7f2
1 parent a3f8e66
commit 104d7f2
Show file tree

Hide file tree

Showing 51 changed files with 705 additions and 532 deletions.
diff --git a/docs/README.rst b/docs/README.rst
@@ -18,7 +18,7 @@ rabbitmq-formula
    :scale: 100%
    :target: https://github.com/pre-commit/pre-commit
 
-This formula installs and configures RabbitMQ server on GNU/Linux.
+This formula installs and configures RabbitMQ Clusters on GNU/Linux.
 
 .. contents:: **Table of Contents**
    :depth: 1

diff --git a/pillar.example b/pillar.example
@@ -1,42 +1,93 @@
 # -*- coding: utf-8 -*-
 # vim: ft=yaml
 ---
-rabbitmq:
-  cluster:
-    rabbit@locahost:
+values:
+  nodes:
+    default:
+      clustered: false
       user: rabbit    # 'node' would make more sense here
       host: localhost  # short hostname of node to join to, not fqdn
-      ram_node: None
-      runas: rabbitmq
-      erlang_cookie:
-        name: /var/lib/rabbitmq/.erlang.cookie
-        value: shared-value-for-all-cluster-members
-  pkg:
-    # https://github.com/rabbitmq/rabbitmq-server/releases/tag/v3.8.14
-    use_upstream: repo  # if available (i.e. packagecloud)
-  service:
-    enabled: true
-    running: true
-  config:
-    # see rabbitmq.conf.example from rabbitmq-server github docs
-    # see https://www.rabbitmq.com/configure.html
-    context:
-      listeners.tcp.1: 0.0.0.0:5672
-  env:
-    locale_all: en_US.UTF-8
-    context:
-      # https://www.rabbitmq.com/configure.html#supported-environment-variables
-      rabbitmq_mnesia_base: /var/lib/rabbitmq
-      RABBITMQ_BASE: /var/lib/rabbitmq
-      # RABBITMQ_USE_LONGNAME: true  # not working in ci
-      # https://www.rabbitmq.com/configure.html#supported-environment-variables
-      RABBITMQ_LOG_BASE: /var/log/rabbitmq
-  dir:
-    base: /var/lib/rabbitmq
+      erlang_cookie: shared-value-for-all-cluster-members
+      config:
+        listeners.tcp.1: 0.0.0.0:5672
+        # auth_backends.1: ldap
+        # auth_backends.2: internal
+        # auth_ldap.servers.1: ldap.eng.megacorp.local
+        # auth_ldap.servers.2: 192.168.0.100
+        # auth_ldap.user_dn_pattern: cn=${username},ou=People,dc=example,dc=com
+        # auth_ldap.use_ssl: false
+        # auth_ldap.port: 389
+        # auth_ldap.log: false
+      service: true
+      plugins:
+        - rabbitmq_management
+        - rabbitmq_federation
+        - rabbitmq_federation_management
+        # rabbitmq_auth_backend_ldap
+      vhosts:
+        - test_vhost
+      users: {}
+      policy:
+        rabbitmq_policy:
+          - name: HA
+          - pattern: '.*'
+          - definition: '{"ha-mode": "all"}'
+      queues:
+        my-new-queue:
+          ## note : dict format
+          user: saltstack
+          passwd: password
+          durable: true
+          auto_delete: false
+          vhost: test_vhost
+          arguments:
+            - x-message-ttl: 8640000
+            - x-expires: 8640000
+            - x-dead-letter-exchange: my-new-exchange
+      upstreams:
+        upstream_1:
+          - uri: amqp://saltstack:password@localhost
+          - trust_user_id: true
+          - ack_mode: on-confirm
+          - max_hops: 1
+      users:
+        user1:
+          - password: password
+          - force: true
+          - tags: monitoring, user
+          - perms:
+              - '/':
+                  - '.*'
+                  - '.*'
+                  - '.*'
+          - runas: root
+        user2:
+          - password: password
+          - force: true
+          - tags: monitoring, user
+          - perms:
+              - '/':
+                  - '.*'
+                  - '.*'
+                  - '.*'
+          - runas: root
+        saltstack:
+          - password: password
+          - force: false
+          - tags:
+              - administrator
+          - perms:
+              - test_vhost:
+                  - '.*'
+                  - '.*'
+                  - '.*'
+          - runas: root
 
-  vhost:
-    - test_vhost
+  environ:
+    # https://www.rabbitmq.com/configure.html#supported-environment-variables
+    rabbitmq_mnesia_dir: /var/lib/rabbitmq
 
+  ## todo: add support for ...
   binding:
     my-new-binding:
       - destination_type: queue
@@ -48,19 +99,6 @@ rabbitmq:
       - arguments:
           - 'x-message-ttl': 8640000
 
-  queue:
-    my-new-queue:
-      ## note : dict format
-      user: saltstack
-      passwd: password
-      durable: true
-      auto_delete: false
-      vhost: test_vhost
-      arguments:
-        - x-message-ttl: 8640000
-        - x-expires: 8640000
-        - x-dead-letter-exchange: my-new-exchange
-
   exchange:
     my-new-exchange:
       - user: saltstack
@@ -74,58 +112,6 @@ rabbitmq:
           - 'alternate-**exchange': 'amq.fanout'
           - 'test-header': 'testing'
 
-  plugin:
-    rabbitmq_management:
-      runas: root
-    rabbitmq_federation:
-      runas: root
-
-  policy:
-    rabbitmq_policy:
-      - name: HA
-      - pattern: '.*'
-      - definition: '{"ha-mode": "all"}'
-
-  upstream:
-    upstream_1:
-      - uri: amqp://saltstack:password@localhost
-      - trust_user_id: true
-      - ack_mode: on-confirm
-      - max_hops: 1
-
-  user:
-    user1:
-      - password: password
-      - force: true
-      - tags: monitoring, user
-      - perms:
-          - '/':
-              - '.*'
-              - '.*'
-              - '.*'
-      - runas: root
-    user2:
-      - password: password
-      - force: true
-      - tags: monitoring, user
-      - perms:
-          - '/':
-              - '.*'
-              - '.*'
-              - '.*'
-      - runas: root
-    saltstack:
-      - password: password
-      - force: false
-      - tags:
-          - administrator
-      - perms:
-          - test_vhost:
-              - '.*'
-              - '.*'
-              - '.*'
-      - runas: root
-
   tofs:
     # The files_switch key serves as a selector for alternative
     # directories under the formula files directory. See TOFS pattern

diff --git a/rabbitmq/config/clean.sls b/rabbitmq/config/clean.sls
@@ -1,20 +1,13 @@
 # -*- coding: utf-8 -*-
 # vim: ft=sls
----
-{%- set tplroot = tpldir.split('/')[0] %}
-{%- from tplroot ~ "/map.jinja" import mapdata as rabbitmq with context %}
 
 include:
-  - .file.clean
-
-        {%- if salt['cmd.run']('test -f {0}/bin/rabbitmqctl'.format(rabbitmq.dir.base)) %}
-
-  - .policy.clean
-  - .plugin.clean
-  - .upstream.clean
-  - .queue.clean
-  - .vhost.clean
-  - .user.clean
-  - .file.clean
-
-        {%- endif %}
+  - .users.clean
+  - .vhosts.clean
+  - .queues.clean
+  - .policies.clean
+  - .plugins.clean
+  - .params.clean
+  - .upstreams.clean
+  - .clusters.clean
+  - .files.clean
diff --git a/rabbitmq/config/cluster/install.sls b/rabbitmq/config/cluster/install.sls
diff --git a/rabbitmq/config/clusters/clean.sls b/rabbitmq/config/clusters/clean.sls
@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import mapdata as rabbitmq with context %}
+
+    {%- for name, node in salt["pillar.get"]("rabbitmq:nodes", {}).items() %}
+        {%- if node and 'clustered' in node and node.clustered %}
+
+rabbitmq-config-clusters-{{ name }}-leave-{{ node.join_node }}:
+  file.absent:
+    - name: {{ rabbitmq.dir.data }}/{{ name }}/.erlang.cookie
+  cmd.run:
+    - names:
+      - /usr/sbin/rabbitmqctl --node {{ name }} stop_app
+      - /usr/sbin/rabbitmqctl --node {{ name }} reset
+      - /usr/sbin/rabbitmqctl --node {{ name }} start_app
+    - runas: rabbitmq
+    - onlyif: test -x /usr/sbin/rabbitmqctl
+
+        {%- endif %}
+    {%- endfor %}
diff --git a/rabbitmq/config/cluster/init.sls → rabbitmq/config/clusters/init.sls b/rabbitmq/config/cluster/init.sls → rabbitmq/config/clusters/init.sls
diff --git a/rabbitmq/config/clusters/install.sls b/rabbitmq/config/clusters/install.sls
@@ -0,0 +1,36 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import mapdata as rabbitmq with context %}
+{%- set sls_service_running = tplroot ~ '.service.running' %}
+{%- set sls_config_user = tplroot ~ '.config.user.install' %}
+
+include:
+  - {{ sls_service_running }}
+  - {{ sls_config_user }}
+
+    {%- for name, node in salt["pillar.get"]("rabbitmq:nodes", {}).items() %}
+        {%- if node and 'clustered' in node and node.clustered %}
+
+rabbitmq-config-clusters-{{ name }}-join-{{ node.join_node }}:
+  file.managed:
+    - name: {{ rabbitmq.dir.data }}/{{ name }}/.erlang.cookie
+    - contents: {{ node.erlang_cookie }}
+    - mode: 400
+    - user: rabbitmq
+    - group: {{ rabbitmq.rootgroup }}
+    - makedirs: True
+    - require:
+      - sls: {{ sls_service_running }}
+  cmd.run:
+    - name: /usr/sbin/rabbitmqctl --node {{ name }} join_cluster {{ items.join_node }}
+    - runas: rabbitmq
+    - onlyif: test -x /usr/sbin/rabbitmqctl
+    - require:
+      - file: rabbitmq-config-clusters-{{ name }}-join-{{ node.host }}
+      - sls: {{ sls_config_user }}
+      - sls: {{ sls_service_running }}
+
+        {%- endif %}
+    {%- endfor %}