CODEWITHSUNDEEP
dockerdocker-composerabbitmq
Flame_Phoenix
Flame_Phoenix

Reputation: 17574

Configuring RabbitMQ management docker image with default setup & access UI

Background

I need to setup a docker-compose with a RabbitMQ service and my application. This RabbitMQ service needs to have 3 things to work properly:

What we tried

To achieve this we tried creating a folder in our project called rabbitmq with the following files:

definitions.json

{
    "rabbit_version": "3.6.6",
    "users": [
     {
      "name": "user1",
      "password_hash": "pass1",
      "hashing_algorithm": "rabbit_password_hashing_sha256",
      "tags": "administrator"
     }
    ],
    "vhosts": [
     {
      "name": "\/vhost1"
     }
    ],
    "permissions": [
     {
      "user": "user1",
      "vhost": "\/vhost1",
      "configure": ".*",
      "write": ".*",
      "read": ".*"
     }
    ],
    "parameters": [],
    "policies": [],
    "queues": [],
    "exchanges": [],
    "bindings": []
   }

rabbitmq.conf

loopback_users.guest = false
listeners.tcp.default = 5672

We are mounting this folder using the volumes command from docker-compose using the following file:

version: '3'
services:
  rabbit:
    image: rabbitmq:management
    ports:
      - "8080:15672"
      - "5672:5672"
    volumes: 
      - ${PWD}/rabbitmq:/etc/rabbitmq

Problems

We are facing two issues at the moment:

  1. we are not creating the exchange called "Pizza".
  2. we cannot access the RabbitMQ management UI via localhost:8080 even though we specify the mapping of this port in our docker-compose file.

Questions

  1. How do we define an exchange for a vhost in the defininitions.json file? (where can I read about it?)
  2. Why can't we access the UI? What are we doing wrong?

Upvotes: 0

Views: 2455

Answers (1)

Flame_Phoenix
Flame_Phoenix

Reputation: 17574

Solutions

1. Exchange creation

The first issue is easily solvable. The reason the exchange is not being created is because the "exchanges" field in the the definitions.json file is empty. To fix this you need to add an exchange object to that list:

"exchanges": [
    {
      "name": "Pizza",
      "vhost": "\/vhost1",
      "type": "fanout",
      "durable": true,
      "auto_delete": false,
      "internal": false,
      "arguments": {}
    }
  ],

One can read more about this in this blog post:

https://devops.datenkollektiv.de/creating-a-custom-rabbitmq-container-with-preconfigured-queues.html

2. Accessing the management UI

Here there are several problems with the configurations. First, I was smashing the contents of the original /etc/rabbitmq folder in the container with the ones in my local folder. This was not intended, and the fix to this issue can be found here:

Unknown variable "management.load_definitions" in rabbitmq rabbit.conf file

The second issue was in the rabbitmq.conf file. We were missing the field that tells the application to load our definitions file. Following is the correct version of the rabbitmq.conf file:

loopback_users.guest = false
listeners.tcp.default = 5672
management.load_definitions = /etc/rabbitmq/definitions.json

The third (and final) issue was with the user's password, specifically the password_hash field, which needs to follow a specific algorithm and be encoded in a specific format. More about this can be read in RabbitMQ's official documentation:

https://www.rabbitmq.com/passwords.html

To skip the pain of dealing with the salting, hashing and encoding, if all you want is to test a setup for integration purpose like we want, then just go with the password test12 that is given in the example:

"users": [
     {
      "name": "user1",
      "password_hash": "kI3GCqW5JLMJa4iX1lo7X4D6XbYqlLgxIs30+P6tENUV2POR",
      "hashing_algorithm": "rabbit_password_hashing_sha256",
      "tags": "administrator"
     }
    ]

If however, it is really important for you to know how to generate user passwords that RabbitMQ will accept here is a bash script, created by the blood and tears of a colleague:

#!/bin/bash
PWD_HEX=$(echo -n $1 | xxd -p)
SALT="908D C60A" 
HEX="$SALT $PWD_HEX"
SHA256=$(echo -n $HEX | xxd -r -p | sha256sum)
# This is thw pwd to be inserted on your rabbit load_definitions file
echo "908D C60A $SHA256" | xxd -r -p | base64

Usage: ./my_script userpass1

Conclusion

And with all this out of the way one should be able to create users, vhosts and exchanges while also having access to the management UI, all via a docker image.

Upvotes: 2

Related Questions