Openstack RabbitMQ配置管理以及对SSL的支持

SSL文件：

[root@controller ssl]# pwd/etc/rabbitmq/ssl[root@controller ssl]# lscacert.pem  cert.pem  key.pem

RabbitMQ 中SSL配置：

[root@controller rabbitmq]# cat rabbitmq.config[  {kernel, [  ]},  {ssl, [{versions, ['tlsv1.2']}]},  {rabbit, [    {ssl_listeners, [5671]},    {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},                    {certfile,"/etc/rabbitmq/ssl/cert.pem"},                    {keyfile,"/etc/rabbitmq/ssl/key.pem"},                    {verify,verify_none},                    {fail_if_no_peer_cert,false}                    ,{versions,['tlsv1.2']}                    ]},    {tcp_listen_options, [binary, {packet,raw},                                  {reuseaddr,true},                                  {backlog,128},                                  {nodelay,true},                                  {exit_on_close,false},                                  {keepalive,false}]},    {default_user, <<"guest">>},    {default_pass, <<"guest">>}  ]}].

Openstack中各组件关于RabbitMQ的配置：

Keystone：

/etc/keystone/keystone.conf

Glance：

/etc/glance/glance-api.conf

/etc/glance/glance-registry.conf

Neutron:

/etc/neutron/neutron.conf

Nova:

/etc/nova/nova.conf

Cinder:

/etc/cinder/cinder.conf

Heat:

/etc/heat/heat.conf

Ceilometer:

/etc/ceilometer/ceilometer.conf

[DEFAULT]notification_driver = messagingnotification_topics = notificationsrpc_thread_pool_size = 64rpc_response_timeout = 60rpc_backend = rabbitcontrol_exchange = openstack

[oslo_messaging_rabbit]amqp_durable_queues = trueamqp_auto_delete = falserpc_conn_pool_size = 30rabbit_host = 10.14.0.102rabbit_port = 5671rabbit_use_ssl = truerabbit_userid = guestrabbit_password = guestrabbit_virtual_host = /