openstack-ansible-rabbitmq_.../doc/source/configure-rabbitmq.rst
Robb Romans 7d3cce02c3 [DOCS] Move RabbitMQ role docs
Update the role documentation to match the new format. Each role project
should maintain the configuration variations for the role project
itself.

Change-Id: I73b061da40b08b327fc3445e073cbd8997920ccd
2016-08-12 12:01:48 -05:00

37 lines
1.3 KiB
ReStructuredText

===============================
Scenario - Configuring RabbitMQ
===============================
RabbitMQ provides the messaging broker for various OpenStack services.
The OpenStack-Ansible project configures a plain text listener on port
5672 and a SSL/TLS encrypted listener on port 5671.
Customize your RabbitMQ deployment in
``/etc/openstack_deploy/user_variables.yml``.
Add a TLS encrypted listener to RabbitMQ
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The OpenStack-Ansible project provides the ability to secure RabbitMQ
communications with self-signed or user-provided SSL certificates.
Refer to "Securing services with SSL certificates" in the OSA Install
Guide for available configuration options.
Enable encrypted connections to RabbitMQ
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The control of SSL communication between various OpenStack services
and RabbitMQ is via the Ansible variable ``rabbitmq_use_ssl``:
.. code-block:: yaml
rabbitmq_use_ssl: true
Setting this variable to ``true`` adjusts the RabbitMQ port to 5671
(the default SSL/TLS listener port) and enables SSL connectivity
between each OpenStack service and RabbitMQ.
Setting this variable to ``false`` disables SSL encryption between
OpenStack services and RabbitMQ and configures all services to
use the plain text port, 5672.