RabbitMQ is used for services interconnection in the OpenStack. Murano also uses RabbitMQ as "message queue" service but the separate instance. In the OpenStack normal installation "message queue" service resides in the management network segment and should not be reachable from any tenant networks to prevent security breach. Murano uses its own agent service running on deploying instance directly. Agent should have the ability to communicate with "message queue" service. Create one more "message queue" service instance in the external network, reachable from tenant networks through the OpenStack network router service (Quantum/Neutron).
Configuration steps
Create file
/etc/default/rabbitmq-murano
with options listed below#!/bin/sh # # export RABBITMQ_NODENAME=murano@$(hostname) export RABBITMQ_CONFIG_FILE=/etc/rabbitmq/rabbitmq-murano export RABBITMQ_ENABLED_PLUGINS_FILE=/etc/rabbitmq/enabled_plugins.murano CONTROL="${CONTROL} -n ${RABBITMQ_NODENAME}" PID_FILE=/var/run/rabbitmq/murano.pid
Make copy of the original rabbitmq-server init script:
cd /etc/init.d cp rabbitmq-server rabbitmq-server-murano
Make changes inside new file
rabbitmq-server-murano
, after test calls:... test -x $DAEMON || exit 0 test -x $CONTROL || exit 0 . /etc/default/rabbitmq-murano RETVAL=0 ...
Fill in configuration files for new RabbitMQ instance.
Modify
/etc/rabbitmq/enabled_plugins.murano
[rabbitmq_management]
Modify
/etc/rabbitmq/rabbitmq-murano.config
[ {rabbit, [ {tcp_listeners, [5674]}, {log_levels,[ {connection, error} ]} ]}, {rabbitmq_management, [ {listener, [{port, 15673}]} ]}, {rabbitmq_mochiweb, [ {listeners, [{mgmt, [{port, 55673}]}]} ]} ].
Check that service works fine:
service rabbitmq-server-murano start service rabbitmq-server-murano status service rabbitmq-server-murano stop
Enable service start at OS boot time:
update-rc.d rabbitmq-server-murano defaults
Warning
Don't forget about firewall rules for new RabbitMQ service!