Playbook to install and configure rabbitmq. Will come with various configuration tweaking later on.

If you wish to discuss modifications, or help to support more platforms, open an issue.

Use Ansible galaxy to install this playbook:

$ ansible-galaxy install Mayeu.RabbitMQ,1.4.0

The master branch should currently be considered instable. Please avoid using it for something else than test purpose :)

Currently only Debian Jessie and Wheezy on amd64 are supported. Patch welcome to support other distribution or OS.

Starting with the commit 67c608826a140868a71854ce3129b5f3d67ddcce, this playbook use semantic versioning. Following the specification, and since the playbook is used in production and I want to avoid breaking the compatibility, the first version number is 1.0.0

The public API defined in the semantic versioning correspond to the settings available to the user. Breaking the API (incrementing from X.Y.Z to (X+1).Y.Z) in this context mean that the user need to change variable name for its playbook to run.

Any new feature added (from X.Y.Z to X.(Y+1).Z) should have a working default value that need no user interaction by default. If a feature addition require user interaction, then it is not a minor upgrade, but a major one.

Exemple:

rabbitmq_conf_env:
  RABBITMQ_ROCKS: correct

Will generate:

RABBITMQ_ROCKS="correct"

Defining the vhosts configuration

rabbitmq_vhost_definitions:
  - name:    vhost1
    node:    node_name #Optional, defaults to "rabbit"
    tracing: yes       #Optional, defaults to "no"

Defining the users configuration:

rabbitmq_users_definitions:
  - vhost:    vhost1
    user:     user1
    password: password1
    node:     node_name  # Optional, defaults to "rabbit"
    configure_priv: "^resource.*" # Optional, defaults to ".*"
    read_priv: "^$" # Disallow reading.
    write_priv: "^$" # Disallow writing.
  - vhost:    vhost1
    user:     user2
    password: password2
    force:    no
    tags:                # Optional, user tags
    - administrator

Defining the federation upstream configuration:

rabbitmq_federation_upstream:
  - name: upstream name
    vhost: local vhost to federate
    value: json description of the federation
    local_username: the local username for the federation

See the RabbitMQ documentation for the possible JSON value.

Defining the policy configuration:

rabbitmq_policy_configuration:
  - name: name of the policy
    vhost: vhost where the policy will be applied
    pattern: pattern of the policy
    tags: description of the policy in dict form # exemple: "ha-mode=all"

You have to put the needed certificates in your files/ folder, for example:

files/
 |- cacert.crt
 |- myserver_key.key
 |- myserver_cert.crt

And then configure the role:

    rabbitmq_cacert: files/cacert.crt
    rabbitmq_server_key: files/myserver_key.key
    rabbitmq_server_cert: files/myserver_cert.crt

As an alternative, you can download SSL certificates from an S3 bucket. This feature requires the certificate files listed above to be stored in an S3 bucket, boto to be installed on the target system, and the target system to have access to the S3 bucket. One way to achieve S3 access from an EC2 instance without placing any credentials is via EC2 IAM role configuration.

With all those in place configure the role to pull from the root of the bucket:

    rabbitmq_ssl_from_s3: true
    rabbitmq_ssl_s3_bucket: your-s3-bucket-name
    rabbitmq_ssl_s3_path: ""

There is some tests that try to provision a VM using Vagrant. Just launch them with:

$ vagrant up # for test with Debian jessie
$ export VAGRANT_BOX_NAME='chef/centos-6.5' vagrant up # for test with Centos

You can change the VM used during test by setting the VAGRANT_BOX_NAME env variable to something else than deb/jessie.

BSD