<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Meaning that messages published in London and Moscow can be consumed in Cloud.<br></blockquote></div></blockquote><div><br></div><div>Yes but I want it biodirectional, I tried to simplify the example, but I guess that wasn't helpful. What I want is:</div>
<div style><ol style><li style>Cloud posts to local topic exchange "oracle.london" - this message is consumed by the London server.<br></li><li style>London posts to a local topic exchange "oracle.london" - this message is consumed by the Cloud server.</li>
<li style>Moscow posts to a local topic exchange "oracle.moscow" - this message is consumed by the Cloud server.</li><li style>etc.</li></ol><div style>So Cloud consumes everything and the Local servers consume messages sent to them by the Cloud - messages are not sent between servers otherwise. So Cloud -> Local Servers and Local Servers -> Cloud (but not Local Server -> Local Server).</div>
<div><br></div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
</blockquote></div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Did you do that on the Cloud machine? It sounds like you did - but here you're telling it to connect to itself?<br>
</blockquote></blockquote><div><br></div><div style>No, the cloud is not connecting to itself, the Cloud is connecting to each "Local" server (London and Moscow) and the "Local" servers connect to the cloud.</div>
<div><br></div><div style><div>Here are more details as to what I did (just with different usernames/passwords) - I have 3 physical machines on the same VPN:</div><div><br></div><div>Cloud: 10.9.0.1</div><div>London: 10.9.0.2</div>
<div>Moscow: 10.9.0.3</div><div><br></div><div>They each have a RabbitMQ instance, on each one I do:</div><div><ol style><li style>Create vhost: oracle<br></li><li style>Create new users: moscow:password, london:password, cloud:password<br>
</li><li style>Set permissions for all users for the oracle vhost: .* .* .*<br></li><li style>Set local username and nodename</li><ol style><li style>Cloud: rabbitmqctl -p oracle set_parameter federation local-username '"Cloud"'</li>
<li style>London: rabbitmqctl -p oracle set_parameter federation local-nodename '"London"'</li><li style>Moscow: rabbitmqctl -p oracle set_parameter federation local-nodename '"Moscow"'</li>
</ol><li style>Create a federation upstream</li><ol style><li style>Cloud - set London and Moscow as upstreams (with the appropriate user/pass)</li><ol style><li style>rabbitmqctl set_parameter federation-upstream London '{"uri":"amqp://<a href="http://london:password@10.9.0.2/oracle">london:password@10.9.0.2/oracle</a>"}'</li>
<li style>rabbitmqctl set_parameter federation-upstream Moscow '{"uri":"amqp://<a href="http://moscow:password@10.9.0.3/oracle">moscow:password@10.9.0.3/oracle</a>"}'</li></ol><li style>Local Servers - Set Cloud as the upstream with unique user/pass</li>
<ol style><li style>London: rabbitmqctl set_parameter federation-upstream Cloud '{"uri":"amqp://<a href="http://london:password@10.9.0.1/oracle">london:password@10.9.0.1/oracle</a>"}'</li><li style>
Moscow: rabbitmqctl set_parameter federation-upstream Cloud '{"uri":"amqp://<a href="http://moscow:password@10.9.0.1/oracle">moscow:password@10.9.0.1/oracle</a>"}'</li></ol></ol><li style>Create a federation upstream set</li>
<ol style><li style>Cloud:</li><ol style><li style>rabbitmqctl -p oracle set_parameter federation-upstream-set London '[{"upstream": "London"}]'</li><li style>rabbitmqctl -p oracle set_parameter federation-upstream-set Moscow '[{"upstream": "Moscow"}]'</li>
</ol><li style>London: rabbitmqctl -p oracle set_parameter federation-upstream-set Cloud '[{"upstream": "Cloud"}]'</li><li style>Moscow: rabbitmqctl -p oracle set_parameter federation-upstream-set Cloud '[{"upstream": "Cloud"}]'</li>
</ol><li style>Create a federation policy</li><ol style><li style>Cloud:</li><ol style><li style>rabbitmqctl -p oracle set_policy London "^oracle.london" '{"federation-upstream-set": "London"}'</li>
<li style>rabbitmqctl -p oracle set_policy Moscow "^oracle.moscow" '{"federation-upstream-set": "Moscow"}'</li></ol><li style>London: rabbitmqctl -p oracle set_policy London "^oracle.london" '{"federation-upstream-set": "Cloud"}'</li>
<li style>Moscow: rabbitmqctl -p oracle set_policy Moscow "^oracle.moscow" '{"federation-upstream-set": "Cloud"}'</li></ol></ol></div></div><div style>Now the problem comes when I set a federation upstream on the "Local" servers (London and Moscow), I want to have a different username/password on each. But it seems the "Cloud" upstream must always have the same username/password? - Unless I am misunderstanding something?</div>
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"></blockquote>
<br>
I think what you want to do is:<br>
<br>
* Create the London / Moscow users on the London / Moscow boxes<br>
* Add upstreams for London / Moscow on Cloud, pointing to the London / Moscow machines<br>
* Set the federation policy on Cloud<br>
* If you have deleted / restricted the "guest" account on Cloud, then set "local-username" to another account that is able to publish messages</blockquote><div><br></div><div style>Yes, I did all that, but I want to federate in both directions. If I do the above, all messages I write to the Local servers (London, Moscow) I can consume on the Cloud server, however if I write from the Cloud server, I cannot consume the messages on the Local servers.</div>
<div style><br></div><div style>To do that, I need to add federation upstreams on the local servers:</div><div style><br></div><div style>rabbitmqctl set_parameter federation-upstream Cloud '{"uri":"amqp://<a href="http://london:password@10.9.0.1/oracle">london:password@10.9.0.1/oracle</a>"}'<br>
</div><div style>rabbitmqctl set_parameter federation-upstream Cloud '{"uri":"amqp://<a href="http://moscow:password@10.9.0.1/oracle">moscow:password@10.9.0.1/oracle</a>"}'<br></div><div style>
<br></div><div style>But I cannot do that because RabbitMQ only accepts a single local-username :( - Am I missing something?</div><div style><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div><div><br>
<br>
Cheers, Simon<br>
<br>
-- <br>
Simon MacMullen<br>
RabbitMQ, Pivotal<br>
</div></div></blockquote></div><br></div></div>