From 613a87da4515bbf1cca752d346ea70b267b8190c Mon Sep 17 00:00:00 2001 From: Michal Kuratczyk Date: Fri, 3 Jan 2025 16:13:05 +0100 Subject: [PATCH] Example of importing from a ConfigMap and a Secret --- .../README.md | 14 ++++ .../definitions.json | 65 +++++++++++++++++++ .../rabbitmq.yaml | 33 ++++++++++ .../import-multiple-definition-files/setup.sh | 4 ++ .../import-multiple-definition-files/test.sh | 5 ++ .../users.json | 13 ++++ 6 files changed, 134 insertions(+) create mode 100644 docs/examples/import-multiple-definition-files/README.md create mode 100644 docs/examples/import-multiple-definition-files/definitions.json create mode 100644 docs/examples/import-multiple-definition-files/rabbitmq.yaml create mode 100755 docs/examples/import-multiple-definition-files/setup.sh create mode 100755 docs/examples/import-multiple-definition-files/test.sh create mode 100644 docs/examples/import-multiple-definition-files/users.json diff --git a/docs/examples/import-multiple-definition-files/README.md b/docs/examples/import-multiple-definition-files/README.md new file mode 100644 index 000000000..b8ee9b670 --- /dev/null +++ b/docs/examples/import-multiple-definition-files/README.md @@ -0,0 +1,14 @@ +# Import Multiple Definition Files Example + +RabbitMQ supports importing definitions from a folder with multiple JSON files. +In this example we take advantage of this feature to split the definitions into a ConfigMap +with most of the definitions and a Secret that contains user definitions only. + +First, we need to create the ConfigMap and Secret with the definitions: +```bash +kubectl create configmap definitions --from-file='definitions.json=/my/path/to/definitions.json' +kubectl create secret generic users --from-file='definitions.json=/my/path/to/users.json' +``` + +Afterwards, we leverage the StatefulSet Override to mount these resources as files in a folder +and specify that folder as the defintion import path. diff --git a/docs/examples/import-multiple-definition-files/definitions.json b/docs/examples/import-multiple-definition-files/definitions.json new file mode 100644 index 000000000..719c44292 --- /dev/null +++ b/docs/examples/import-multiple-definition-files/definitions.json @@ -0,0 +1,65 @@ +{ + "permissions": [ + { + "configure": ".*", + "read": ".*", + "user": "guest", + "vhost": "/", + "write": ".*" + } + ], + "bindings": [ + { + "arguments": {}, + "destination": "qq", + "destination_type": "queue", + "routing_key": "3c01b232-e21a-4320-bbdb-329eede5188c", + "source": "direct", + "vhost": "/" + } + ], + "queues": [ + { + "arguments": { + "x-queue-type": "quorum" + }, + "auto_delete": false, + "durable": true, + "name": "qq", + "type": "quorum", + "vhost": "/" + } + ], + "parameters": [], + "policies": [], + "rabbitmq_version": "4.1.0+beta.3.47.gac7dcc9", + "rabbit_version": "4.1.0+beta.3.47.gac7dcc9", + "exchanges": [ + { + "arguments": {}, + "auto_delete": false, + "durable": true, + "name": "direct", + "type": "direct", + "vhost": "/" + } + ], + "vhosts": [ + { + "default_queue_type": "classic", + "limits": [], + "metadata": { + "description": "Default virtual host", + "tags": [] + }, + "name": "/" + } + ], + "global_parameters": [ + { + "name": "cluster_tags", + "value": [] + } + ], + "topic_permissions": [] +} diff --git a/docs/examples/import-multiple-definition-files/rabbitmq.yaml b/docs/examples/import-multiple-definition-files/rabbitmq.yaml new file mode 100644 index 000000000..7820d4fbc --- /dev/null +++ b/docs/examples/import-multiple-definition-files/rabbitmq.yaml @@ -0,0 +1,33 @@ +apiVersion: rabbitmq.com/v1beta1 +kind: RabbitmqCluster +metadata: + name: import-multiple-definition-files +spec: + replicas: 1 + override: + statefulSet: + spec: + template: + spec: + containers: + - name: rabbitmq + volumeMounts: + # 01- prefix is used to ensure that users are imported first + - mountPath: /etc/rabbitmq/definitions/01-users.json + name: users + subPath: users.json + # 02- prefix is used to ensure that definitions are imported after users, since + # they might reference users (eg. to set up permissions) + - mountPath: /etc/rabbitmq/definitions/02-definitions.json + name: definitions + subPath: definitions.json + volumes: + - name: users + secret: + secretName: users # Name of the Secret containing user definitions + - name: definitions + configMap: + name: definitions # Name of the ConfigMap containing other definitions + rabbitmq: + additionalConfig: | + load_definitions = /etc/rabbitmq/definitions # Path to the folder diff --git a/docs/examples/import-multiple-definition-files/setup.sh b/docs/examples/import-multiple-definition-files/setup.sh new file mode 100755 index 000000000..b043ee5ce --- /dev/null +++ b/docs/examples/import-multiple-definition-files/setup.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +kubectl create configmap definitions --from-file=definitions.json +kubectl create secret generic users --from-file=users.json diff --git a/docs/examples/import-multiple-definition-files/test.sh b/docs/examples/import-multiple-definition-files/test.sh new file mode 100755 index 000000000..d111f5499 --- /dev/null +++ b/docs/examples/import-multiple-definition-files/test.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +set -x + +kubectl exec import-multiple-definition-files-server-0 -c rabbitmq -- rabbitmqctl authenticate_user guest guest diff --git a/docs/examples/import-multiple-definition-files/users.json b/docs/examples/import-multiple-definition-files/users.json new file mode 100644 index 000000000..77889f120 --- /dev/null +++ b/docs/examples/import-multiple-definition-files/users.json @@ -0,0 +1,13 @@ +{ + "users": [ + { + "hashing_algorithm": "rabbit_password_hashing_sha256", + "limits": {}, + "name": "guest", + "password_hash": "KYBvEg5fU0m1sE8E6qNmjITswwixc9EMjxWcjiC5f/70vgmC", + "tags": [ + "administrator" + ] + } + ] +}