[rabbitmq-discuss] Multiple local-usernames for federation

Roman Gaufman hackeron at gmail.com
Tue May 14 14:24:11 BST 2013


>
>  Meaning that messages published in London and Moscow can be consumed in
>> Cloud.
>>
>
Yes but I want it biodirectional, I tried to simplify the example, but I
guess that wasn't helpful. What I want is:

   1. Cloud posts to local topic exchange "oracle.london" - this message is
   consumed by the London server.
   2. London posts to a local topic exchange  "oracle.london" - this
   message is consumed by the Cloud server.
   3. Moscow posts to a local topic exchange "oracle.moscow" - this message
   is consumed by the Cloud server.
   4. etc.

So Cloud consumes everything and the Local servers consume messages sent to
them by the Cloud - messages are not sent between servers otherwise. So
Cloud -> Local Servers and Local Servers -> Cloud (but not Local Server ->
Local Server).

 Did you do that on the Cloud machine? It sounds like you did - but here
>> you're telling it to connect to itself?
>>
>
No, the cloud is not connecting to itself, the Cloud is connecting to each
"Local" server (London and Moscow) and the "Local" servers connect to the
cloud.

Here are more details as to what I did (just with different
usernames/passwords) - I have 3 physical machines on the same VPN:

Cloud: 10.9.0.1
London: 10.9.0.2
Moscow: 10.9.0.3

They each have a RabbitMQ instance, on each one I do:

   1. Create vhost: oracle
   2. Create new users: moscow:password, london:password, cloud:password
   3. Set permissions for all users for the oracle vhost: .* .* .*
   4. Set local username and nodename
      1. Cloud: rabbitmqctl -p oracle set_parameter federation
      local-username '"Cloud"'
      2. London: rabbitmqctl -p oracle set_parameter federation
      local-nodename '"London"'
      3. Moscow: rabbitmqctl -p oracle set_parameter federation
      local-nodename '"Moscow"'
   5. Create a federation upstream
      1. Cloud - set London and Moscow as upstreams (with the appropriate
      user/pass)
         1. rabbitmqctl set_parameter federation-upstream London
         '{"uri":"amqp://london:[email protected]/oracle"}'
         2. rabbitmqctl set_parameter federation-upstream
         Moscow '{"uri":"amqp://moscow:[email protected]/oracle"}'
      2. Local Servers - Set Cloud as the upstream with unique user/pass
         1. London: rabbitmqctl set_parameter federation-upstream Cloud
         '{"uri":"amqp://london:[email protected]/oracle"}'
         2. Moscow: rabbitmqctl set_parameter federation-upstream Cloud
         '{"uri":"amqp://moscow:[email protected]/oracle"}'
      6. Create a federation upstream set
      1. Cloud:
         1. rabbitmqctl -p oracle set_parameter federation-upstream-set
         London '[{"upstream": "London"}]'
         2. rabbitmqctl -p oracle set_parameter federation-upstream-set
         Moscow '[{"upstream": "Moscow"}]'
      2. London: rabbitmqctl -p oracle set_parameter
      federation-upstream-set Cloud '[{"upstream": "Cloud"}]'
      3. Moscow: rabbitmqctl -p oracle set_parameter
      federation-upstream-set Cloud '[{"upstream": "Cloud"}]'
   7. Create a federation policy
      1. Cloud:
         1. rabbitmqctl -p oracle set_policy London "^oracle.london"
         '{"federation-upstream-set": "London"}'
         2. rabbitmqctl -p oracle set_policy Moscow "^oracle.moscow"
         '{"federation-upstream-set": "Moscow"}'
      2. London: rabbitmqctl -p oracle set_policy London "^oracle.london"
      '{"federation-upstream-set": "Cloud"}'
      3. Moscow: rabbitmqctl -p oracle set_policy Moscow "^oracle.moscow"
      '{"federation-upstream-set": "Cloud"}'

Now the problem comes when I set a federation upstream on the "Local"
servers (London and Moscow), I want to have a different username/password
on each. But it seems the "Cloud" upstream must always have the same
username/password? - Unless I am misunderstanding something?


>
> I think what you want to do is:
>
> * Create the London / Moscow users on the London / Moscow boxes
> * Add upstreams for London / Moscow on Cloud, pointing to the London /
> Moscow machines
> * Set the federation policy on Cloud
> * If you have deleted / restricted the "guest" account on Cloud, then set
> "local-username" to another account that is able to publish messages


Yes, I did all that, but I want to federate in both directions. If I do the
above, all messages I write to the Local servers (London, Moscow) I can
consume on the Cloud server, however if I write from the Cloud server, I
cannot consume the messages on the Local servers.

To do that, I need to add federation upstreams on the local servers:

rabbitmqctl set_parameter federation-upstream Cloud '{"uri":"amqp://
london:password at 10.9.0.1/oracle"}'
rabbitmqctl set_parameter federation-upstream Cloud '{"uri":"amqp://
moscow:password at 10.9.0.1/oracle"}'

But I cannot do that because RabbitMQ only accepts a single local-username
:( - Am I missing something?



>
>
> Cheers, Simon
>
> --
> Simon MacMullen
> RabbitMQ, Pivotal
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130514/d97f7602/attachment.htm>


More information about the rabbitmq-discuss mailing list