Skip to content

Commit

Permalink
feat(clusters): distributed rabbitmq support
Browse files Browse the repository at this point in the history 
BREAKING CHANGE: the structure of pillar data is changed to
 allow multiple rabbitmq nodes per host. The default nodename
 is 'rabbit@localhost' but this commit allows multiple nodes,
 i.e. 'rabbit2@localhost', 'rabbit3@locahost', to be defined
  • Loading branch information
@noelmcloughlin
noelmcloughlin committed Jul 23, 2021
1 parent 7d8f8fd commit 1af43e6
Show file tree
Hide file tree
Showing 94 changed files with 3,310 additions and 3,102 deletions.
3 changes: 2 additions & 1 deletion .salt-lint
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
exclude_paths: []
exclude_paths:
- rabbitmq/files/default/systemd.ini.jinja
rules: {}
skip_list:
# Using `salt-lint` for linting other files as well, such as Jinja macros/templates
Expand Down
17 changes: 1 addition & 16 deletions docs/README.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ now ``pre-commit`` will run automatically on each ``git commit``. ::
Special notes
-------------

The ``rabbitmq`` state does not include ``rabbitmq.config.cluster`` state (initial cluster setup). This formula does not provide any 'forget' state (for inconsistent cluster fixing) during cluster join (could be future feature).
The default node in any rabbitmq installation is 'rabbit@localhost'. Multiple nodes per host are allowed if defined in pillar data under `rabbitmq:nodes`.

Available states
----------------
Expand All @@ -90,22 +90,12 @@ starts the associated rabbitmq service.
This state will install the rabbitmq package and has a dependency on ``rabbitmq.install``
via include list.

``rabbitmq.rabbitmqadmin``
^^^^^^^^^^^^^^^^^^^^^^^^^^

This state will install the rabbitmqadmin package only.

``rabbitmq.config``
^^^^^^^^^^^^^^^^^^^

This state will configure the rabbitmq service and has a dependency on ``rabbitmq.install``
via include list. It excludes ``rabbitmq.config.cluster`` state

``rabbitmq.config.cluster``
^^^^^^^^^^^^^^^^^^^^^^^^^^^

For initial setup this state writes the erlang cookie, joins cluster, and restarts service. The erlang cookie comes from pillar data and must the identical for all cluster members. Join fails if cluster is inconsistent (see rabbitmqctl forget_cluster_node rabbit@somehost).

``rabbitmq.service``
^^^^^^^^^^^^^^^^^^^^

Expand All @@ -127,11 +117,6 @@ then uninstalls the package.

This state will stop the rabbitmq service and disable it at boot time.

``rabbitmq.rabbitmqadmin.clean``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This state will remote the rabbitmqadmin package only.

``rabbitmq.config.clean``
^^^^^^^^^^^^^^^^^^^^^^^^^

Expand Down
322 changes: 211 additions & 111 deletions pillar.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,129 +2,229 @@
# vim: ft=yaml
---
rabbitmq:
cluster:
rabbit@locahost:
nodes:
rabbit: # default node name
clustered: false
user: rabbit # 'node' would make more sense here
host: localhost # short hostname of node to join to, not fqdn
ram_node: None
runas: rabbitmq
erlang_cookie:
name: /var/lib/rabbitmq/.erlang.cookie
value: shared-value-for-all-cluster-members
pkg:
# https://github.com/rabbitmq/rabbitmq-server/releases/tag/v3.8.14
use_upstream: repo # if available (i.e. packagecloud)
service:
enabled: true
running: true
config:
# see rabbitmq.conf.example from rabbitmq-server github docs
# see https://www.rabbitmq.com/configure.html
context:
listeners.tcp.1: 0.0.0.0:5672
env:
locale_all: en_US.UTF-8
context:
# https://www.rabbitmq.com/configure.html#supported-environment-variables
rabbitmq_mnesia_base: /var/lib/rabbitmq
RABBITMQ_BASE: /var/lib/rabbitmq
# RABBITMQ_USE_LONGNAME: true # not working in ci
# https://www.rabbitmq.com/configure.html#supported-environment-variables
RABBITMQ_LOG_BASE: /var/log/rabbitmq
dir:
base: /var/lib/rabbitmq

vhost:
- test_vhost

binding:
my-new-binding:
- destination_type: queue
- destination: my-new-queue
- routing_key: a_routing_key_string
- user: saltstack
- passwd: 'password'
- vhost: test_vhost
- arguments:
- 'x-message-ttl': 8640000

queue:
my-new-queue:
## note : dict format
user: saltstack
passwd: password
durable: true
auto_delete: false
vhost: test_vhost
arguments:
- x-message-ttl: 8640000
- x-expires: 8640000
- x-dead-letter-exchange: my-new-exchange

exchange:
my-new-exchange:
- user: saltstack
- passwd: 'password'
- type: fanout
- durable: true
- internal: false
- auto_delete: false
- vhost: test_vhost
- arguments:
- 'alternate-**exchange': 'amq.fanout'
- 'test-header': 'testing'

plugin:
rabbitmq_management:
runas: root
rabbitmq_federation:
runas: root

policy:
rabbitmq_policy:
- name: HA
- pattern: '.*'
- definition: '{"ha-mode": "all"}'

upstream:
upstream_1:
- uri: amqp://saltstack:password@localhost
- trust_user_id: true
- ack_mode: on-confirm
- max_hops: 1
nodeport: 5672
distport: 25672
erlang_cookie: shared-secret
config:
listeners.tcp.1: 0.0.0.0:5672
# https://www.rabbitmq.com/ldap.html
# auth_backends.1: ldap
# auth_backends.2: internal
# auth_ldap.servers.1: ldap.eng.megacorp.local
# auth_ldap.servers.2: 192.168.0.100
# auth_ldap.user_dn_pattern: cn=${username},ou=People,dc=example,dc=com
# auth_ldap.use_ssl: false
# auth_ldap.port: 389
# auth_ldap.log: false
service: true
plugins:
- rabbitmq_management
- rabbitmq_federation
- rabbitmq_federation_management
# rabbitmq_auth_backend_ldap
vhosts:
- default_vhost
queue:
my-new-queue:
## note : dict format
user: saltstack_mq
passwd: password
durable: true
auto_delete: false
vhost: default_vhost
arguments:
- x-message-ttl: 8640000
- x-expires: 8640000
- x-dead-letter-exchange: my-new-exchange
binding:
my-new-binding:
- destination_type: queue
- destination: my-new-queue
- routing_key: a_routing_key_string
- user: saltstack_mq
- passwd: 'password'
- vhost: default_vhost
- arguments:
- 'x-message-ttl': 8640000
exchange:
my-new-exchange:
- user: saltstack_mq
- passwd: 'password'
- type: fanout
- durable: true
- internal: false
- auto_delete: false
- vhost: default_vhost
- arguments:
- 'alternate-**exchange': 'amq.fanout'
- 'test-header': 'testing'
remove_guest_user: true
users:
user1:
password: password
force: true
tags:
- monitoring
- user
perms:
default_vhost:
- '.*'
- '.*'
- '.*'
saltstack_mq:
password: password
force: false
tags:
- administrator
- management
perms:
default_vhost:
- '.*'
- '.*'
- '.*'
airflow:
password: 'airflow'
force: true
tags:
- management
- administrator
perms:
'default_vhost':
- '.*'
- '.*'
- '.*'
policy:
my-new-rabbitmq-policy:
- name: HA
- pattern: '.*'
- definition: '{"ha-mode": "all"}'
upstream:
my-new-upstream1:
- uri: amqp://saltstack_mq:password@localhost
- trust_user_id: true
- ack_mode: on-confirm

user:
user1:
- password: password
- force: true
- tags: monitoring, user
- perms:
- '/':
rabbit2:
clustered: false
user: rabbit2 # 'node' would make more sense here
host: localhost # short hostname of node to join to, not fqdn
nodeport: 5673
distport: 25673
erlang_cookie: shared-secret
config:
listeners.tcp.1: 0.0.0.0:5673
# https://www.rabbitmq.com/ldap.html
# auth_backends.1: ldap
# auth_backends.2: internal
# auth_ldap.servers.1: ldap.eng.megacorp.local
# auth_ldap.servers.2: 192.168.0.100
# auth_ldap.user_dn_pattern: cn=${username},ou=People,dc=example,dc=com
# auth_ldap.use_ssl: false
# auth_ldap.port: 389
# auth_ldap.log: false
service: true
plugins: []
vhosts:
- rabbit2_vhost
queue:
my-new-queue:
## note : dict format
user: saltstack_mq
passwd: password
durable: true
auto_delete: false
vhost: rabbit2_vhost
arguments:
- x-message-ttl: 8640000
- x-expires: 8640000
- x-dead-letter-exchange: my-new-exchange
binding:
my-new-binding:
- destination_type: queue
- destination: my-new-queue
- routing_key: a_routing_key_string
- user: saltstack_mq
- passwd: 'password'
- vhost: rabbit2_vhost
- arguments:
- 'x-message-ttl': 8640000
exchange:
my-new-exchange:
- user: saltstack_mq
- passwd: 'password'
- type: fanout
- durable: true
- internal: false
- auto_delete: false
- vhost: rabbit2_vhost
- arguments:
- 'alternate-**exchange': 'amq.fanout'
- 'test-header': 'testing'
remove_guest_user: true
users:
user1:
password: password
force: true
tags:
- monitoring
- user
perms:
rabbit2_vhost:
- '.*'
- '.*'
- '.*'
- runas: root
user2:
- password: password
- force: true
- tags: monitoring, user
- perms:
- '/':
saltstack_mq:
password: password
force: false
tags:
- administrator
perms:
rabbit2_vhost:
- '.*'
- '.*'
- '.*'
- runas: root
saltstack:
- password: password
- force: false
- tags:
- administrator
- perms:
- test_vhost:
airflow:
password: 'airflow'
force: true
tags:
- management
- administrator
perms:
'rabbit2_vhost':
- '.*'
- '.*'
- '.*'
- runas: root
policy:
my-new-rabbitmq-policy:
- name: HA
- pattern: '.*'
- definition: '{"ha-mode": "all"}'
upstream:
my-new-upstream1:
- uri: amqp://saltstack_mq:password@localhost
- trust_user_id: true
- ack_mode: on-confirm
- max_hops: 1

pkg:
# https://github.com/rabbitmq/rabbitmq-server/releases/tag/v3.8.14
use_upstream: repo # if available (i.e. packagecloud)
environ:
locale_all: en_US.UTF-8
values: {}
# https://www.rabbitmq.com/configure.html#supported-environment-variables
# rabbitmq_mnesia_base: /var/lib/rabbitmq
# RABBITMQ_BASE: /var/lib/rabbitmq
# RABBITMQ_USE_LONGNAME: true # not working in ci
# https://www.rabbitmq.com/configure.html#supported-environment-variables
# RABBITMQ_LOG_BASE: /var/log/rabbitmq
dir:
base: /var/lib/rabbitmq

tofs:
# The files_switch key serves as a selector for alternative
Expand Down
Loading

0 comments on commit 1af43e6

Please sign in to comment.