<div dir="ltr">Oh you're right! - it broke because I removed the guest user, not because I had a second username. I got confused as to what the username does, when I changed it to anything other than what was used to connect (which was a user on the system), it showed the user not found error.<div>
<br></div><div style>Everything is working like I wanted with the commands bellow.</div><div style><br></div><div style>One question however, if I have a topic exchange and I bind a queue with a routing key. Is the federation plugin able to determine and only federate relevant messages? -- What I mean by that is if an exchange has no queues that match a routing key, will the message still be federated?</div>
<div style><br></div><div style>---</div><div style><br></div><div style><div>On Cloud:</div><div> # Sanity</div><div> rabbitmqctl delete_user guest</div><div> rabbitmqctl add_user portal password</div><div> rabbitmqctl set_user_tags portal administrator</div>
<div><br></div><div> # New Vhost</div><div> rabbitmqctl add_vhost oracle</div><div><br></div><div> # Federation details</div><div> rabbitmqctl -p oracle set_permissions portal xanview.* xanview.* xanview.*</div><div>
rabbitmqctl -p oracle set_parameter federation local-username '"portal"'</div>
<div> rabbitmqctl -p oracle set_parameter federation local-nodename '"portal"'</div><div> rabbitmqctl -p oracle set_policy federate-me "^xanview" '{"federation-upstream-set": "all"}'</div>
<div><br></div><div> # Local server 1</div><div> rabbitmqctl add_user welbeck-dvr1 password</div><div> rabbitmqctl -p oracle set_permissions welbeck-dvr1 xanview.* xanview.* xanview.*</div><div> rabbitmqctl -p oracle set_parameter federation-upstream welbeck-dvr1 \</div>
<div> '{"uri":"amqp://<a href="http://welbeck-dvr1:password@10.9.0.2/oracle">welbeck-dvr1:password@10.9.0.2/oracle</a>"}'</div><div><br></div><div> # Local server 2</div><div> rabbitmqctl add_user test-dvr2 password</div>
<div> rabbitmqctl -p oracle set_permissions test-dvr2 xanview.* xanview.* xanview.*</div><div> rabbitmqctl -p oracle set_parameter federation-upstream test-dvr2 \</div><div> '{"uri":"amqp://<a href="http://test-dvr2:password@10.9.0.3/oracle">test-dvr2:password@10.9.0.3/oracle</a>"}'</div>
<div><br></div><div><br></div><div>On XanBox 1:</div><div> # New Vhost</div><div> rabbitmqctl delete_user guest # sanity</div><div> rabbitmqctl add_vhost oracle</div><div><br></div><div> # Federation details</div><div>
rabbitmqctl -p oracle set_parameter federation local-username '"welbeck-dvr1"'</div><div> rabbitmqctl -p oracle set_parameter federation local-nodename '"welbeck-dvr1"'</div><div> rabbitmqctl -p oracle set_policy federate-me "^xanview" '{"federation-upstream-set": "all"}'</div>
<div><br></div><div> # User & upstream</div><div> rabbitmqctl add_user welbeck-dvr1 password</div><div> rabbitmqctl -p oracle set_permissions welbeck-dvr1 xanview.* xanview.* xanview.*</div><div> rabbitmqctl -p oracle set_parameter federation-upstream Portal \</div>
<div> '{"uri":"amqp://<a href="http://welbeck-dvr1:password@10.9.0.1/oracle">welbeck-dvr1:password@10.9.0.1/oracle</a>"}'</div><div><br></div><div><br></div><div>On XanBox 2:</div><div>
# New Vhost</div>
<div> rabbitmqctl delete_user guest # Sanity</div><div> rabbitmqctl add_vhost oracle</div><div><br></div><div> # Federation details</div><div> rabbitmqctl -p oracle set_parameter federation local-username '"test-dvr2"'</div>
<div> rabbitmqctl -p oracle set_parameter federation local-nodename '"test-dvr2"'</div><div> rabbitmqctl -p oracle set_policy federate-me "^xanview" '{"federation-upstream-set": "all"}'</div>
<div><br></div><div> # User & upstream</div><div> rabbitmqctl add_user test-dvr2 password</div><div> rabbitmqctl -p oracle set_permissions test-dvr2 xanview.* xanview.* xanview.*</div><div> rabbitmqctl -p oracle set_parameter federation-upstream Portal \</div>
<div> '{"uri":"amqp://<a href="http://test-dvr2:password@10.9.0.1/oracle">test-dvr2:password@10.9.0.1/oracle</a>"}'</div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On 14 May 2013 14:46, Simon MacMullen <span dir="ltr"><<a href="mailto:simon@rabbitmq.com" target="_blank">simon@rabbitmq.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On 14/05/13 14:24, Roman Gaufman wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Yes but I want it biodirectional, I tried to simplify the example, but I<br>
guess that wasn't helpful.<br>
</blockquote>
<br></div>
Ah, got it.<br>
<br>
<snip><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">
They each have a RabbitMQ instance, on each one I do:<br>
<br></div>
1. Create vhost: oracle<br>
2. Create new users: moscow:password, london:password, cloud:password<br>
3. Set permissions for all users for the oracle vhost: .* .* .*<br>
4. Set local username and nodename<br>
1. Cloud: rabbitmqctl -p oracle set_parameter federation<br>
local-username '"Cloud"'<br>
2. London: rabbitmqctl -p oracle set_parameter federation<br>
local-nodename '"London"'<br>
3. Moscow: rabbitmqctl -p oracle set_parameter federation<br>
local-nodename '"Moscow"'<br>
</blockquote>
<br>
So here you are setting the local-username to "Cloud", but local-nodename to "London" / "Moscow". Is that another simplification? Is that happening on the same machine?<br>
<br>
<snip> the rest of the configuration looks reasonable.<div class="im"><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Now the problem comes when I set a federation upstream on the "Local"<br>
servers (London and Moscow), I want to have a different<br>
username/password on each. But it seems the "Cloud" upstream must always<br>
have the same username/password? - Unless I am misunderstanding something?<br>
</blockquote>
<br></div>
I'm afraid it's still not tremendously clear what you are asking here. If you want "London" to connect to "Cloud" using one username and "Moscow" to connect to "Cloud" with another, then you can do that - just set the usernames / passwords in the URLs differently.<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">
Yes, I did all that, but I want to federate in both directions. If I do<br>
the above, all messages I write to the Local servers (London, Moscow) I<br>
can consume on the Cloud server, however if I write from the Cloud<br>
server, I cannot consume the messages on the Local servers.<br>
<br>
To do that, I need to add federation upstreams on the local servers:<br>
<br>
rabbitmqctl set_parameter federation-upstream Cloud<br>
'{"uri":"amqp://<a href="http://london:password@10.9.0.1/oracle" target="_blank">london:<u></u>password@10.9.0.1/oracle</a><br></div>
<<a href="http://london:password@10.9.0.1/oracle" target="_blank">http://london:password@10.9.<u></u>0.1/oracle</a>>"}'<div class="im"><br>
rabbitmqctl set_parameter federation-upstream Cloud<br>
'{"uri":"amqp://<a href="http://moscow:password@10.9.0.1/oracle" target="_blank">moscow:<u></u>password@10.9.0.1/oracle</a><br></div>
<<a href="http://moscow:password@10.9.0.1/oracle" target="_blank">http://moscow:password@10.9.<u></u>0.1/oracle</a>>"}'<div class="im"><br>
<br>
But I cannot do that because RabbitMQ only accepts a single<br>
local-username :( - Am I missing something?<br>
</div></blockquote>
<br>
Ah - I think I understand what you are missing. Do you think local-username must correspond to the username set in another server's upstream URL? That's not the case.<br>
<br>
The remote username(s) (i.e. the ones in the upstream URLs) need to be valid users in the upstream host. I think you have that right.<br>
<br>
The local-username just needs to exist locally and be able to publish messages; it's used to republish messages that have been received from a remote host. *It does not need to correspond to anything else*.<br>
<br>
The fact that you are seeing {error,user_does_not_exist} on a certain host means that you have set the local-username to the name of a user that does not exist on that host. Or that you have not set it, it;s defaulting to "guest", and "guest" does not exist.<br>
<br>
Does this make sense?<div class="HOEnZb"><div class="h5"><br>
<br>
Cheers, Simon<br>
-- <br>
Simon MacMullen<br>
RabbitMQ, Pivotal<br>
</div></div></blockquote></div><br></div>