I want to setup a Shovel in which the destination RabbitMQ is configured to be TLS enabled.
I am unable to create a Shovel and the shovel stays in a starting state.
I have two different RabbitMQ instance in two separate docker container, one of them exposed via port 5671 (SSL) and 6671 (SSL) from host machine.
I am using RabbitMQ management plugin to establish the shovel
Below are the connection details
Source AMQP URI:
amqp://admin:pass#localhost:5672 (non-SSL)
Target AMQP URI
amqps://localhost:6671?cacertfile=/data/shared-file/certificates/ca_certificate.pem&certfile=/data/shared-file/certificates/client_certificate.pem&keyfile=/data/shared-file/certificates/client_key.pem&verify=verify_peer&server_name_indication=MyTestCA
What could be the problem here?
Kindly help
Related
I'm trying to connect to the rabbitmq which is hidden behind nginx proxy. It's declared as:
location ^~ /rabbitmq/ {
proxy_pass http://127.0.0.1:5672/;
}
The problem is that as I found AMPQ only specifies host but it doesn't know anything about urls.
Can I connect rabbit client to www.myserver.com/rabbitmq somehow? I'm using EasyNetQ to connect, but it looks like a protocol limitation, and implementation doesn't matter.
If it's not possible at all maybe there are some workarounds?
For AMQP, If using Nginx probably doing a TCP load balancing could help: https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/, otherwise if you could use HAProxy you could try something like this:
frontend rabbitmq
mode tcp
bind *:5672
use_backend bunny
backend bunny
mode tcp
server bunny 127.0.0.1:5672 check
If you want to publish message over HTTP probably you would like to expose the rabbitmq API:
http://localhost:15672/api/index.html
Notice the port 15672, from the docs:
Note that the UI and HTTP API port — typically 15672 — does not support AMQP 0-9-1, AMQP 1.0, STOMP or MQTT connections. Separate ports should be used by those clients.
I need to allow connections to Apache ActiveMQ JMS broker only from localhost.
Can not find appropriate option here:
http://activemq.apache.org/connection-configuration-uri.html
How it is possible?
I'm going to explain my situation.
Background:
I'm running three virtual machines with Debian Jessie on Open Nebula, one as master and the other two as slaves. In them i've installed JBoss AS 7.1 and mod_cluster 1.2.
Goal:
Run a stateful app, so when I shutdown the master server the cluster allows me to continue using the app with shared session and mantain the variables values.
I followed this guide with the given web application.
Errors:
I can't access directly the app at http://master/cluster-demo/ like as in the guide above, I have to specify the port (8330 for server-three).
When I shutdown server-three the slaves notices that the server is shutted down but the session is not shared and the application is no more accessible. This is the output on slave when i shoutdown server-three on master.
Configuration Files
I attach my configuration files:
/opt/jboss/domain/configuration/domain.xml
/opt/jboss/httpd/httpd/conf/httpd.conf
/opt/jboss/domain/configuration/host.xml in the master
/opt/jboss/domain/configuration/host.xml in the slaves
Answer
mod_cluster does not have anything in common with messaging (JMS, HornetQ) subsystems. mod_cluster setting also does not have anything in common with clustering subsystem, i.e. Infinispan and its workhorse, JGroups.
What AS7 mod_cluster subsystem does is that is listens to UDP multicast advertising messages emitted by Apache HTTP Server mod_cluster modules. When it receives such message, it registers itself with your Apache HTTP Server load balancer. From that moment, your registered AS7 "worker" node keeps sending specialized HTTP messages (via TCP), informing Apache HTTP Server about:
its name (jvmRoute or generated)
its current load
its deployments, i.e. application contexts
aliases etc.
When there are no worker nodes registered with your Apache HTTP Server balancer, there are no contexts, hence there is nowhere to forward your requests to.
According to the configuration you posted, you rely on UDP multicast messages being sent to/received from 224.0.1.105:23364.
Open Nebula, firewall and UDP multicast
It is possible that Open Nebula doesn't allow UDP multicast between hosts or that your iptables are blocking it. Try this:
use curl on your worker host to access the balancer host -- exactly the VirtualHost where you have the directive EnableMCPMReceive defined.
if it doesn't work, you must fix iptables, selinux, httpd's allow/deny and such
if it works, it's a good sign that worker can talk to the balancer
go to your AS7 xml, modcluster subsystem, and add attribute to the config: <mod-cluster-config advertise-socket="modcluster" proxy-list="your-httpd-address:port"> -- the one you've just tried with curl
now it should work even without UDP multicast
if you would like to debug your UDP multicast settings in Open Nebula, give it a shot with Advertize.java
1.2.0 is too old, do not use vulnerable code
Please, do not use mod_cluster 1.2.0 with your Apache HTTP Server. The version is completely obsolete and it contains serious bugs, including a code injection CVE and severe performance issue. Download mod_cluster 1.3.1.Final for httpd 2.4.x or build your own from the sources, if you desire httpd 2.2.x support. If you happen to need any any help with that, ask.
I have installed two broker of Mosquitto (1.4.2-3.2x86_64)and RabbitMQ (3.5.3-1) using newest version so far on CentOS 6 servers. With default configuration i can sub/pub messages for each broker separately, this mean that MQTT is running normally.
But when i bridge Mosquitto server to a RabbitMQ server, i face below problem right after i change mosquitto.conf file:
"Connecting bridge (Rabbit-IP)
Socket error on client client_name, disconnecting".
My bridge configuration in mosquitto.conf is:
connection test
address Rabbitmq-IP
topic # both 0 local/ remote/
Can you explain to me !
Thanks !
Try to use this option in your config file for the bridge
try_private false
This is an option that will tell the other broker that this is a bridge connection and defaults to true and if the RabbitMQ doesn't supports it, then it would not allow you to connect.
I want to set up HAProxy for RabbitMQ cluster. I have following queries on the same:
(1) Suppose I have a scenario where my RabbitMQ server, client, and haproxy are on different machines.
RabbitMQ node1 -> Machine1
RabbitMQ node2 -> Machine2
HAPROXY -> Machine3
RabbitMQ client -> Mahcine4
node1 and node2 have been clustered. Is this a correct configuration? The rationale behind my asking this question is : can HAProxy be setup on a machine which does not host any node or HaProxy has to be setup on a machine which host at least one RabbitMQ server node?
(2) If the above setup is valid, then my RabbitMQ client should know only HAPrxoy machine, and in that case, how shall I connect my client to HAProxy? The client code which works when RabbitMQ client has to connect to a machine hosting RabbitMQ server node will not work here.
I investigated and found answers of my questions. 1. This set up is valid in the sense it is a possible scenario. 2. Client will connect to HAProxy server.