Merge "Add RabbitMQ mgmt UI through HAProxy"

This commit is contained in:
Jenkins 2016-06-01 11:35:20 +00:00 committed by Gerrit Code Review
commit 2b6946e586
5 changed files with 50 additions and 0 deletions

View File

@ -22,6 +22,7 @@
## Rabbitmq Options
rabbitmq_cookie_token:
rabbitmq_monitoring_password:
## Tokens
memcached_encryption_key:

View File

@ -108,6 +108,12 @@ debug: false
# is highly recommended for securing the contents of RabbitMQ messages.
# rabbitmq_use_ssl: false
# RabbitMQ management plugin is enabled by default, the guest user has been
# removed for security reasons and a new userid 'monitoring' has been created
# with the 'monitoring' user tag. In order to modify the userid, uncomment the
# following and change 'monitoring' to your userid of choice.
# rabbitmq_monitoring_userid: monitoring
## Additional pinning generator that will allow for more packages to be pinned as you see fit.
## All pins allow for package and versions to be defined. Be careful using this as versions

View File

@ -69,3 +69,17 @@
tags:
- "rabbitmq-rsyslog-client"
- "rsyslog-client"
- name: Ensure rabbitmq user for monitoring GUI
hosts: rabbitmq_all[0]
user: root
tasks:
- name: Create rabbitmq user for monitoring GUI
rabbitmq_user:
user: "{{ rabbitmq_monitoring_userid|default('monitoring') }}"
password: "{{ rabbitmq_monitoring_password }}"
state: "present"
tags: "monitoring"
when: rabbitmq_monitoring_password is defined
tags:
- "rabbitmq_monitoring_user"

View File

@ -201,3 +201,15 @@ haproxy_service_configs:
haproxy_balance_type: http
haproxy_backend_options:
- "httpchk HEAD /"
- service:
haproxy_service_name: rabbitmq_mgmt
haproxy_backend_nodes: "{{ groups['rabbitmq'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 15672
haproxy_balance_type: http
haproxy_backend_options:
- "httpchk HEAD /"
haproxy_whitelist_networks:
- 192.168.0.0/16
- 172.16.0.0/12
- 10.0.0.0/8

View File

@ -0,0 +1,17 @@
---
features:
- The RabbitMQ Management UI is now available
through HAProxy on port 15672. The default
userid is ``monitoring``. This user can be
modified by changing the parameter
``rabbitmq_monitoring_userid`` in the file
``user_variables.yml``. Please note that ACLs
have been added to this HAProxy service by
default, such that it may only be accessed by
common internal clients. Reference
``playbooks/vars/configs/haproxy_config.yml``
upgrade:
- The variable ``rabbitmq_monitoring_password``
has been added to ``user_secrets.yml``. If
this variable does not exist, the RabbitMQ
monitoring user will not be created.