Search code examples
vagrantrabbitmqchef-solo

Chef Solo in Vagrant: How to create RabbitMQ virtual host nad bind it to given username

I have a virtual machine created in Vagrant (a simple hashicorp/precise64). I need to provision it with RabbitMq and I would:

  • Create username testUsr with testPass as password with administration role
  • Create a virtual host testVirtualHost
  • Bind testVirtualHost to testUsr

This is my attempt:

Vagrant.configure(2) do |config|
    config.vm.box = "hashicorp/precise64"

    config.vm.provision "chef_solo" do |chef|
        chef.add_recipe "rabbitmq"

        chef.json = {
            'rabbitmq' => {
                'default_user' => 'testUsr',
                'default_pass' => 'testPass',
                'virtualhosts' => ['testVirtualHost'],
                'enabled_users' => [
                    { 
                        'name' => 'testUsr', 
                        'password' => 'testPass', 
                        'rights' => [{ 'vhost' => 'testVirtualHost', 'conf' => '.*', 'write' => '.*', 'read' => '.*' }]
                    }
                ]
            }
        }

    end
    config.vm.network "forwarded_port", guest: 15672, host: 15672, id: "rabbitmq"
end

The user and password is created but virtual host isn't. Where is the mistake?

Solution

  • Here is an amended Vagrantfile based on your requirements:

      Vagrant.configure(2) do |config|
      config.vm.box = "hashicorp/precise64"
      config.vm.provision "chef_solo" do |chef|
        chef.add_recipe "rabbitmq::user_management"
        chef.add_recipe "rabbitmq::mgmt_console"
        chef.json = {
          'rabbitmq' => {
            'default_user' => 'testUsr',
            'default_pass' => 'testPass',
            'virtualhosts' => ['testVirtualHost'],
            'enabled_users' => [
              {
                'name' => 'testUsr',
                'password' => 'testPass',
                'rights' => [{ 'vhost' => 'testVirtualHost', 'conf' => '.*', 'write' => '.*', 'read' => '.*' }],
                'tag' => 'administrator'
              }
            ]
          }
        }
      end
      config.vm.network "forwarded_port", guest: 15672, host: 15672, id: "rabbitmq"
    end

    Below are the changes and additions I made:

    • Create username testUsr with testPass as password with administration role

    For the testUsr to be an administrator, this user needed to be tagged with 'administrator' permissions:

            'enabled_users' => [
          {
            'name' => 'testUsr',
            'password' => 'testPass',
            'rights' => [{ 'vhost' => 'testVirtualHost', 'conf' => '.*', 'write' => '.*', 'read' => '.*' }],
            'tag' => 'administrator'
          }
    • Create a virtual host testVirtualHost

    The change here was not to call the rabbitmq recipe but call the rabbitmq::user_management recipe instead:

    chef.add_recipe "rabbitmq::user_management"

    This recipe calls the rabbitmq recipe. Part of the user_management code will create the testVirtualHost.

    • Bind testVirtualHost to testUsr

    You already had the code in place for this. The change was as above (calling rabbitmq::user_management recipe)

    I also noticed that you were port forwarding to the rabbitmq management console. For the console to work you would need to enable the rabbitmq_management plugin as per management.

    I added:

    chef.add_recipe "rabbitmq::mgmt_console"

    as the mgmt_console recipe manages that plugin.

    You will now be able to access the management console via http://localhost:15672