openstack/openstack-ansible-rabbitmq_server
Code Issues Proposed changes
openstack-ansible-rabbitmq_.../doc/source/configure-rabbitmq.rst
Niklas Schwarz e46cf7c988 Add ability to add custom configuration for RabbitMQ 
This implements a new variable  rabbitmq_custom_config  to
be able to place custom configuration to the rabbitmq.conf
e.g. to configure installed plugins

Change-Id: I952eefe646b00f60184f8d353f6f055bbdc4ac90
2023-11-07 09:50:42 +01:00

1.7 KiB
Raw Blame History

Scenario - Configuring RabbitMQ

RabbitMQ provides the messaging broker for various OpenStack services. The OpenStack-Ansible project configures a plain text listener on port 5672 and a SSL/TLS encrypted listener on port 5671.

Customize your RabbitMQ deployment in /etc/openstack_deploy/user_variables.yml.

Add a TLS encrypted listener to RabbitMQ

The OpenStack-Ansible project provides the ability to secure RabbitMQ communications with self-signed or user-provided SSL certificates. Refer to "Securing services with SSL certificates" in the OSA Install Guide for available configuration options.

Enable encrypted connections to RabbitMQ

The control of SSL communication between various OpenStack services and RabbitMQ is via the Ansible variable rabbitmq_use_ssl:

rabbitmq_use_ssl: true

Setting this variable to true adjusts the RabbitMQ port to 5671 (the default SSL/TLS listener port) and enables SSL connectivity between each OpenStack service and RabbitMQ.

Setting this variable to false disables SSL encryption between OpenStack services and RabbitMQ and configures all services to use the plain text port, 5672.

Add custom configuration to RabbitMQ

To add custom configuration, e.g. to configure installed plugins, can be accomplished by defining a variable rabbitmq_additional_config and add you configuration as a block to this variable. Make sure to not add redundent configuration

rabbitmq_additional_config:
   prometheus.tcp.port: 15680
   prometheus.tcp.ip: 0.0.0.0