Skip to content

Commit

Permalink
Enable "rabbitmq_prometheus" in RabbitMQ 3.8 by default
Browse files Browse the repository at this point in the history
  • Loading branch information
@tianon
tianon committed Jun 25, 2020
1 parent e5da520 commit 6bda400
Show file tree
Hide file tree
Showing 21 changed files with 281 additions and 6 deletions.
27 changes: 27 additions & 0 deletions 3.7-rc/alpine/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ file_env() {
: "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
# ... and so should "prometheus"
: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"

# Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
fileEnvKeys=(
Expand All @@ -51,6 +55,9 @@ sslConfigKeys=(
managementConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
prometheusConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
rabbitConfigKeys=(
default_pass
default_user
Expand All @@ -61,12 +68,16 @@ fileConfigKeys=(
management_ssl_cacertfile
management_ssl_certfile
management_ssl_keyfile
prometheus_ssl_cacertfile
prometheus_ssl_certfile
prometheus_ssl_keyfile
ssl_cacertfile
ssl_certfile
ssl_keyfile
)
allConfigKeys=(
"${managementConfigKeys[@]/#/management_}"
"${prometheusConfigKeys[@]/#/prometheus_}"
"${rabbitConfigKeys[@]}"
"${sslConfigKeys[@]/#/ssl_}"
)
Expand All @@ -75,6 +86,9 @@ declare -A configDefaults=(
[management_ssl_fail_if_no_peer_cert]='false'
[management_ssl_verify]='verify_none'

[prometheus_ssl_fail_if_no_peer_cert]='false'
[prometheus_ssl_verify]='verify_none'

[ssl_fail_if_no_peer_cert]='true'
[ssl_verify]='verify_peer'
)
Expand Down Expand Up @@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
case "$conf" in
ssl_*) haveSslConfig=1 ;;
management_ssl_*) haveManagementSslConfig=1 ;;
prometheus_ssl_*) havePrometheusSslConfig=1 ;;
esac
fi
done
Expand Down Expand Up @@ -271,6 +286,7 @@ rabbit_env_config() {
case "$prefix" in
ssl) key="ssl_options.$key" ;;
management_ssl) key="management.ssl.$key" ;;
prometheus_ssl) key="prometheus.ssl.$key" ;;
esac

local val="${!var:-}"
Expand Down Expand Up @@ -390,6 +406,17 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
fi
fi

# if prometheus plugin is installed, generate config for it
# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
if [ "$havePrometheusSslConfig" ]; then
rabbit_set_config 'prometheus.ssl.port' 15691
rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
else
rabbit_set_config 'prometheus.tcp.port' 15692
fi
fi
fi

combinedSsl='/tmp/rabbitmq-ssl/combined.pem'
Expand Down
27 changes: 27 additions & 0 deletions 3.7-rc/ubuntu/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ file_env() {
: "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
# ... and so should "prometheus"
: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"

# Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
fileEnvKeys=(
Expand All @@ -51,6 +55,9 @@ sslConfigKeys=(
managementConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
prometheusConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
rabbitConfigKeys=(
default_pass
default_user
Expand All @@ -61,12 +68,16 @@ fileConfigKeys=(
management_ssl_cacertfile
management_ssl_certfile
management_ssl_keyfile
prometheus_ssl_cacertfile
prometheus_ssl_certfile
prometheus_ssl_keyfile
ssl_cacertfile
ssl_certfile
ssl_keyfile
)
allConfigKeys=(
"${managementConfigKeys[@]/#/management_}"
"${prometheusConfigKeys[@]/#/prometheus_}"
"${rabbitConfigKeys[@]}"
"${sslConfigKeys[@]/#/ssl_}"
)
Expand All @@ -75,6 +86,9 @@ declare -A configDefaults=(
[management_ssl_fail_if_no_peer_cert]='false'
[management_ssl_verify]='verify_none'

[prometheus_ssl_fail_if_no_peer_cert]='false'
[prometheus_ssl_verify]='verify_none'

[ssl_fail_if_no_peer_cert]='true'
[ssl_verify]='verify_peer'
)
Expand Down Expand Up @@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
case "$conf" in
ssl_*) haveSslConfig=1 ;;
management_ssl_*) haveManagementSslConfig=1 ;;
prometheus_ssl_*) havePrometheusSslConfig=1 ;;
esac
fi
done
Expand Down Expand Up @@ -271,6 +286,7 @@ rabbit_env_config() {
case "$prefix" in
ssl) key="ssl_options.$key" ;;
management_ssl) key="management.ssl.$key" ;;
prometheus_ssl) key="prometheus.ssl.$key" ;;
esac

local val="${!var:-}"
Expand Down Expand Up @@ -390,6 +406,17 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
fi
fi

# if prometheus plugin is installed, generate config for it
# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
if [ "$havePrometheusSslConfig" ]; then
rabbit_set_config 'prometheus.ssl.port' 15691
rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
else
rabbit_set_config 'prometheus.tcp.port' 15692
fi
fi
fi

combinedSsl='/tmp/rabbitmq-ssl/combined.pem'
Expand Down
27 changes: 27 additions & 0 deletions 3.7/alpine/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ file_env() {
: "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
# ... and so should "prometheus"
: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"

# Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
fileEnvKeys=(
Expand All @@ -51,6 +55,9 @@ sslConfigKeys=(
managementConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
prometheusConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
rabbitConfigKeys=(
default_pass
default_user
Expand All @@ -61,12 +68,16 @@ fileConfigKeys=(
management_ssl_cacertfile
management_ssl_certfile
management_ssl_keyfile
prometheus_ssl_cacertfile
prometheus_ssl_certfile
prometheus_ssl_keyfile
ssl_cacertfile
ssl_certfile
ssl_keyfile
)
allConfigKeys=(
"${managementConfigKeys[@]/#/management_}"
"${prometheusConfigKeys[@]/#/prometheus_}"
"${rabbitConfigKeys[@]}"
"${sslConfigKeys[@]/#/ssl_}"
)
Expand All @@ -75,6 +86,9 @@ declare -A configDefaults=(
[management_ssl_fail_if_no_peer_cert]='false'
[management_ssl_verify]='verify_none'

[prometheus_ssl_fail_if_no_peer_cert]='false'
[prometheus_ssl_verify]='verify_none'

[ssl_fail_if_no_peer_cert]='true'
[ssl_verify]='verify_peer'
)
Expand Down Expand Up @@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
case "$conf" in
ssl_*) haveSslConfig=1 ;;
management_ssl_*) haveManagementSslConfig=1 ;;
prometheus_ssl_*) havePrometheusSslConfig=1 ;;
esac
fi
done
Expand Down Expand Up @@ -271,6 +286,7 @@ rabbit_env_config() {
case "$prefix" in
ssl) key="ssl_options.$key" ;;
management_ssl) key="management.ssl.$key" ;;
prometheus_ssl) key="prometheus.ssl.$key" ;;
esac

local val="${!var:-}"
Expand Down Expand Up @@ -390,6 +406,17 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
fi
fi

# if prometheus plugin is installed, generate config for it
# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
if [ "$havePrometheusSslConfig" ]; then
rabbit_set_config 'prometheus.ssl.port' 15691
rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
else
rabbit_set_config 'prometheus.tcp.port' 15692
fi
fi
fi

combinedSsl='/tmp/rabbitmq-ssl/combined.pem'
Expand Down
27 changes: 27 additions & 0 deletions 3.7/ubuntu/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ file_env() {
: "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
# ... and so should "prometheus"
: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"

# Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
fileEnvKeys=(
Expand All @@ -51,6 +55,9 @@ sslConfigKeys=(
managementConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
prometheusConfigKeys=(
"${sslConfigKeys[@]/#/ssl_}"
)
rabbitConfigKeys=(
default_pass
default_user
Expand All @@ -61,12 +68,16 @@ fileConfigKeys=(
management_ssl_cacertfile
management_ssl_certfile
management_ssl_keyfile
prometheus_ssl_cacertfile
prometheus_ssl_certfile
prometheus_ssl_keyfile
ssl_cacertfile
ssl_certfile
ssl_keyfile
)
allConfigKeys=(
"${managementConfigKeys[@]/#/management_}"
"${prometheusConfigKeys[@]/#/prometheus_}"
"${rabbitConfigKeys[@]}"
"${sslConfigKeys[@]/#/ssl_}"
)
Expand All @@ -75,6 +86,9 @@ declare -A configDefaults=(
[management_ssl_fail_if_no_peer_cert]='false'
[management_ssl_verify]='verify_none'

[prometheus_ssl_fail_if_no_peer_cert]='false'
[prometheus_ssl_verify]='verify_none'

[ssl_fail_if_no_peer_cert]='true'
[ssl_verify]='verify_peer'
)
Expand Down Expand Up @@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
case "$conf" in
ssl_*) haveSslConfig=1 ;;
management_ssl_*) haveManagementSslConfig=1 ;;
prometheus_ssl_*) havePrometheusSslConfig=1 ;;
esac
fi
done
Expand Down Expand Up @@ -271,6 +286,7 @@ rabbit_env_config() {
case "$prefix" in
ssl) key="ssl_options.$key" ;;
management_ssl) key="management.ssl.$key" ;;
prometheus_ssl) key="prometheus.ssl.$key" ;;
esac

local val="${!var:-}"
Expand Down Expand Up @@ -390,6 +406,17 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
fi
fi

# if prometheus plugin is installed, generate config for it
# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
if [ "$havePrometheusSslConfig" ]; then
rabbit_set_config 'prometheus.ssl.port' 15691
rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
else
rabbit_set_config 'prometheus.tcp.port' 15692
fi
fi
fi

combinedSsl='/tmp/rabbitmq-ssl/combined.pem'
Expand Down
4 changes: 3 additions & 1 deletion 3.8-rc/alpine/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,8 @@ RUN set -eux; \
su-exec rabbitmq rabbitmq-plugins list; \
# no stale cookies
rm "$RABBITMQ_DATA_DIR/.erlang.cookie"
# Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419)
RUN set -eux; rabbitmq-plugins enable --offline rabbitmq_prometheus; echo 'management_agent.disable_metrics_collector = true' >> /etc/rabbitmq/rabbitmq.conf

# Added for backwards compatibility - users can simply COPY custom plugins to /plugins
RUN ln -sf /opt/rabbitmq/plugins /plugins
Expand All @@ -246,5 +248,5 @@ ENV LANG=C.UTF-8 LANGUAGE=C.UTF-8 LC_ALL=C.UTF-8
COPY docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"]

EXPOSE 4369 5671 5672 25672
EXPOSE 4369 5671 5672 15691 15692 25672
CMD ["rabbitmq-server"]

0 comments on commit 6bda400

Please sign in to comment.