From 573a151de1cf5ecbe9f7bac8ceb2843165d09cc4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Tue, 24 Jun 2025 09:59:55 +0200 Subject: [PATCH] RabbitMQ: use the new configuration file format in RDU3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- roles/rabbitmq_cluster/tasks/main.yml | 13 ++ .../rabbitmq_cluster/templates/rabbitmq.conf | 148 ++++++++++++++++++ 2 files changed, 161 insertions(+) create mode 100644 roles/rabbitmq_cluster/templates/rabbitmq.conf diff --git a/roles/rabbitmq_cluster/tasks/main.yml b/roles/rabbitmq_cluster/tasks/main.yml index 1b26672615..841a3dfc84 100644 --- a/roles/rabbitmq_cluster/tasks/main.yml +++ b/roles/rabbitmq_cluster/tasks/main.yml @@ -73,6 +73,19 @@ with_items: - rabbitmq.config - rabbitmq-env.conf + when: "datacenter == 'iad2'" + notify: + - Restart rabbitmq + tags: + - rabbitmq_cluster + - config + +- name: Deploy configuration + ansible.builtin.template: src={{item}} dest=/etc/rabbitmq/{{item}} owner=root group=root mode=0644 + with_items: + - rabbitmq.conf + - rabbitmq-env.conf + when: "datacenter == 'rdu3'" notify: - Restart rabbitmq tags: diff --git a/roles/rabbitmq_cluster/templates/rabbitmq.conf b/roles/rabbitmq_cluster/templates/rabbitmq.conf new file mode 100644 index 0000000000..dc1d5d8435 --- /dev/null +++ b/roles/rabbitmq_cluster/templates/rabbitmq.conf @@ -0,0 +1,148 @@ +## See https://rabbitmq.com/configure.html to learn about how to configure RabbitMQ, +## the ini-style format used by rabbitmq.conf, how it is different from `advanced.config`, +## how to verify effective configuration, and so on. +## +## See https://rabbitmq.com/documentation.html for the rest of RabbitMQ documentation. + +# ====================================== +# Core broker section +# ====================================== + + +## Networking +## ==================== +## +## Related doc guide: https://rabbitmq.com/networking.html. +## + +# Disable regular TCP (non-TLS) listeners. +listeners.tcp = none + +## TLS configuration. +## +## Related doc guide: https://rabbitmq.com/ssl.html. +## +listeners.ssl.default = 5671 +ssl_options.verify = verify_peer +ssl_options.fail_if_no_peer_cert = true +ssl_options.cacertfile = /etc/rabbitmq/ca.crt +ssl_options.certfile = /etc/rabbitmq/nodecert/node.crt +ssl_options.keyfile = /etc/rabbitmq/nodecert/node.key + +## Authentication +## +## Related doc guide: https://rabbitmq.com/authentication.html. +## +auth_mechanisms.1 = EXTERNAL + +## Set the server AMQP 0-9-1 heartbeat timeout in seconds. +## RabbitMQ nodes will send heartbeat frames at roughly +## the (timeout / 2) interval. Two missed heartbeats from +## a client will close its connection. +## +## Values lower than 6 seconds are very likely to produce +## false positives and are not recommended. +## +## Related doc guides: +## +## * https://rabbitmq.com/heartbeats.html +## * https://rabbitmq.com/networking.html +## +heartbeat = 600 + +## Set the max permissible number of channels per connection. +## 0 means "no limit". +## +channel_max = 128 + +## Tags for default user +## +## For more details about tags, see the documentation for the +## Management Plugin at https://rabbitmq.com/management.html. +## +default_user_tags.administrator = true + +## +## Clustering +## ===================== +## +cluster_partition_handling = autoheal + +## Make clustering happen *automatically* at startup. Only applied +## to nodes that have just been reset or started for the first time. +## +## Relevant doc guide: https://rabbitmq.com//cluster-formation.html +## + +cluster_formation.peer_discovery_backend = rabbit_peer_discovery_classic_config +cluster_formation.classic_config.nodes.1 = rabbit@rabbitmq01{{env_suffix}}.{{datacenter}}.fedoraproject.org +cluster_formation.classic_config.nodes.2 = rabbit@rabbitmq02{{env_suffix}}.{{datacenter}}.fedoraproject.org +cluster_formation.classic_config.nodes.3 = rabbit@rabbitmq03{{env_suffix}}.{{datacenter}}.fedoraproject.org + +## This node's type can be configured. If you are not sure +## what node type to use, always use 'disc'. +cluster_formation.node_type = disc + +## Timeout used to detect peer unavailability, including CLI tools. +## Related doc guide: https://www.rabbitmq.com/nettick.html. +## +net_ticktime = 120 + + +## Logging settings. +## +## See https://rabbitmq.com/logging.html for details. +## +log.connection.level = none + + +# ======================================= +# Management section +# ======================================= + +## Log all requests to the management HTTP API to a file. +## +# management.http_log_dir = /path/to/access.log + +## HTTP listener and embedded Web server settings. +# ## See https://rabbitmq.com/management.html for details. +# +management.tcp.port = 15672 +management.tcp.ip = 127.0.0.1 + + +## ---------------------------------------------------------------------------- +## RabbitMQ Shovel Plugin +## +## Related doc guide: https://rabbitmq.com/shovel.html +## ---------------------------------------------------------------------------- + + +## ---------------------------------------------------------------------------- +## RabbitMQ STOMP Plugin +## +## Related doc guide: https://rabbitmq.com/stomp.html +## ---------------------------------------------------------------------------- + + +## ---------------------------------------------------------------------------- +## RabbitMQ MQTT Adapter +## +## See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md +## for details +## ---------------------------------------------------------------------------- + + +## ---------------------------------------------------------------------------- +## RabbitMQ AMQP 1.0 Support +## +## See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md. +## ---------------------------------------------------------------------------- + + +## ---------------------------------------------------------------------------- +## RabbitMQ LDAP Plugin +## +## Related doc guide: https://rabbitmq.com/ldap.html. +## +## ----------------------------------------------------------------------------