0

I am new to the Kubernetes and learning by experimenting. I have created RabbitMQ statefulset and it's working. However, the issue I am facing is the way I use it's admin portal. By default RabbitMQ provides the guest/guest credential but that works only with localhsot. It gives me a thought that I supposed to have another user for admin as well as for my connection string at API side to access RabbitMQ. (currently in API side also I use guest:guest@.... as bad practice)

I like to change but I don't know how. I can manually login to the RabbitMQ admin portal (after deployment and using guest:guest credential) can create new user. But I thought of automating that as part of Kubernetes Statefulset deployment.

I have tried to add post lifecycle hook of kubernetes but that did not work well. I have following items:

rabbitmq-configmap:

rabbitmq.conf: |
## Clustering
#cluster_formation.peer_discovery_backend = k8s
cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
cluster_formation.k8s.address_type = hostname
cluster_partition_handling = autoheal

#cluster_formation.k8s.hostname_suffix = rabbitmq.${NAMESPACE}.svc.cluster.local
#cluster_formation.node_cleanup.interval = 10
#cluster_formation.node_cleanup.only_log_warning = true

rabbitmq-serviceaccount:

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rabbitmq
rules:
- apiGroups: [""]
  resources: ["endpoints"]
  verbs:
  - get
  - list
  - watch

rabbitmq-statefulset:

initContainers:
  - name: "rabbitmq-config"
    image: busybox
    volumeMounts:
    - name: rabbitmq-config
      mountPath: /tmp/rabbitmq
    - name: rabbitmq-config-rw
      mountPath: /etc/rabbitmq
    command:
    - sh
    - -c
    # the newline is needed since the Docker image entrypoint scripts appends to the config file
    - cp /tmp/rabbitmq/rabbitmq.conf /etc/rabbitmq/rabbitmq.conf && echo '' >> /etc/rabbitmq/rabbitmq.conf;
      cp /tmp/rabbitmq/enabled_plugins /etc/rabbitmq/enabled_plugins;
  containers:
  - name: rabbitmq
    image: rabbitmq
    ports:
    - containerPort: 15672

Any help?

Brijesh Shah
  • 573
  • 6
  • 18

1 Answers1

3

There are multiple way to do it

You can use the RabbitMQ CLI to add the user into it.

Add the environment variables and change the username/password instead of guest .

image: rabbitmq:management-alpine
    environment:
      RABBITMQ_DEFAULT_USER: user
      RABBITMQ_DEFAULT_PASS: password

Passing argument to image

https://www.rabbitmq.com/cli.html#passing-arguments

Mounting the configuration file to RabbitMQ volume.

Rabbitmq.conf file

auth_mechanisms.1 = PLAIN
auth_mechanisms.2 = AMQPLAIN
loopback_users.guest = false
listeners.tcp.default = 5672
#default_pass = admin
#default_user = admin
hipe_compile = false
#management.listener.port = 15672
#management.listener.ssl = false
management.tcp.port = 15672
management.load_definitions = /etc/rabbitmq/definitions.json
#default_pass = admin
#default_user = admin

definitions.json

{
    "users": [
      {
        "name": "user",  
        "password_hash": "password",
        "hashing_algorithm": "rabbit_password_hashing_sha256",
        "tags": "administrator"
      }
    ],

    "vhosts":[
        {"name":"/"}
    ],
    "queues":[
        {"name":"qwer","vhost":"/","durable":true,"auto_delete":false,"arguments":{}}
    ]
}

Another option

Dockerfile

FROM rabbitmq

# Define environment variables.
ENV RABBITMQ_USER user
ENV RABBITMQ_PASSWORD password

ADD init.sh /init.sh
EXPOSE 15672

# Define default command
CMD ["/init.sh"]

init.sh

#!/bin/sh

# Create Rabbitmq user
( sleep 5 ; \
rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD 2>/dev/null ; \
rabbitmqctl set_user_tags $RABBITMQ_USER administrator ; \
rabbitmqctl set_permissions -p / $RABBITMQ_USER  ".*" ".*" ".*" ; \
echo "*** User '$RABBITMQ_USER' with password '$RABBITMQ_PASSWORD' completed. ***" ; \
echo "*** Log in the WebUI at port 15672 (example: http:/localhost:15672) ***") &

# $@ is used to pass arguments to the rabbitmq-server command.
# For example if you use it like this: docker run -d rabbitmq arg1 arg2,
# it will be as you run in the container rabbitmq-server arg1 arg2
rabbitmq-server $@

You can read more here

Harsh Manvar
  • 27,020
  • 6
  • 48
  • 102