Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
25735 commits 9 branches 0 tags 111 MiB
Commit graph

28 commits

Author SHA1 Message Date
Aurélien Bompard
abb8274dba Changing erlang cookies requires restarting the server 2018-11-28 09:37:57 +00:00
Patrick Uiterwijk
52c915cab4 Add prod erlang cookie 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-11-28 09:14:47 +00:00
Patrick Uiterwijk
a7b56e6b08 Add prod rabbitmq admin 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-11-28 10:08:37 +01:00
Aurélien Bompard
20c0cc5415 Allow the RabbitMQ user to login to the management UI 2018-10-05 09:57:46 +00:00
Aurélien Bompard
9a108064c7 Oh crap Erlang does not use # for comments 2018-10-05 09:50:40 +00:00
Aurélien Bompard
e90ec28ebe The RabbitMQ ansible modules can't use https yet. 
Disable SSL on the management api, and mitigate the security risk by
only listening on localhost.
 2018-10-05 09:42:04 +00:00
Aurélien Bompard
6088ebdd00 Only create the rabbitmq user on one member of the cluster 2018-10-05 08:39:35 +00:00
Aurélien Bompard
a3cac4de5b RabbitMQ: create admin user 2018-10-05 08:33:04 +00:00
Aurélien Bompard
618eae997e Create the RabbitMQ user, queues and bindings 2018-10-04 16:26:46 +00:00
Jeremy Cline
f57f3026d5 Add a RabbitMQ vhost for pubsub (fedmsg) and configure an HA policy 
Since many of our applications will likely wish to use RabbitMQ for
private things like work queues, using separate vhosts is a good idea.
This sets up a single vhost to act as a fedmsg replacement (called
pubsub) and configures it for high availability.

The HA policy mirrors queues to all nodes in the cluster and enables
automatic synchronization with a batch size of 10K messages. Automatic
synchronization means that when a new node joins the cluster, all
messages from existing nodes are pushed to the new node, blocking queue
activity until mirroring is complete.

Signed-off-by: Jeremy Cline <jcline@redhat.com>
 2018-10-02 18:11:29 +00:00
Jeremy Cline
e8b13a2fa4 Raise the file limit on the RabbitMQ cluster 
RabbitMQ recommends[0] that the open file descriptor limit be set to a
minimum of 50K. It recommends that the maximum number of open
connections be multiplied by 2 and added to the total number of queues.
Finally, it suggests that 500K isn't an unreasonable setting. This sets
the default to 500K and makes the value configurable.

Signed-off-by: Jeremy Cline <jcline@redhat.com>
 2018-09-18 15:35:20 +00:00
Patrick Uiterwijk
29c479c291 Use just the common name from client certs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 14:19:33 +00:00
Patrick Uiterwijk
7f1ef59465 Enable ssl auth plugin 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 13:56:16 +00:00
Patrick Uiterwijk
cfcbb8b41f Make very sure the default guest user is no more 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 21:26:56 +00:00
Patrick Uiterwijk
1d3648bcd5 Please enable the service now 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 21:22:53 +00:00
Patrick Uiterwijk
0bffc3a1b1 Silly me. Directories and their X flags 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 21:21:23 +00:00
Patrick Uiterwijk
4458ed8d21 We configure long (FQDN) names 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 21:08:24 +00:00
Patrick Uiterwijk
86ff0d1a7f Can't end with a comma here. Rabbitmq grumpy 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:59:24 +00:00
Patrick Uiterwijk
8d0b10e81b Set a node name 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:57:40 +00:00
Patrick Uiterwijk
9a4edf5f64 Add missing comma 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:53:09 +00:00
Patrick Uiterwijk
34d54c4be7 Fix paths to certs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:44:40 +00:00
Patrick Uiterwijk
c6a33bd8fb Build combined config 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:43:17 +00:00
Patrick Uiterwijk
37131d4ef5 We will need custom env 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:38:39 +00:00
Patrick Uiterwijk
418b8a07b2 Use owner= not user= 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:33:41 +00:00
Patrick Uiterwijk
a5bfab5427 Deploy erlang cookie 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:31:40 +00:00
Patrick Uiterwijk
35b4080a58 Import some more rabbitmq cluster config 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:23:16 +00:00
Patrick Uiterwijk
c71de9325b Deploy rhos13 repo to rabbitmq cluster 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:06:47 +00:00
Patrick Uiterwijk
5d8e972157 Start initial rabbitmq_Cluster role 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-02 20:04:06 +00:00