Hi Sven,
I replied to you on IRC.
We would accept this functionality back. It looks like it was just an omission.
As a workaround, you can firewall it away yourself.
-yoctozepto
On Thu, Oct 15, 2020 at 6:53 PM Sven Kieske S.Kieske@mittwald.de wrote:
Hi,
I got a question regarding a change which was made, quite some time ago in kolla-ansible. The change in question is: https://review.opendev.org/#/c/584427/
specifically the following diff, the file was moved to a new format and name, but the possibility to configure the used interface for rabbitmq/erlang was removed.
May I ask if this was maybe by accident, or what the reason for the removal of these parameters was?
I'm asking because I'm currently deploying Openstack and am in the process of hardening the configuration.
It stood out to me, that the beam vm from rabbitmq listens on all interfaces[1], so I wanted to change that.
If there is another way to change this via kolla-ansible, it would be very kind to let me know.
Notice, I do not try to configure "ERL_EPMD_ADDRESS" (which we already do), but to control the TCP Port 25672, which, as far as I understood the rabbitmq docs, is controlled via the erlang/beam vm "inet_dist_use_interface" parameter, which was removed in this changeset.
But I might be totally wrong, I find the RabbitMQ docs a little hard to parse at times.
This is currently a deployment with 3 rabbitmq nodes, if that matters.
Thank you very much for your time in advance!
See here the relevant diff, for convenience:
commit b163cb02d1486f8844ac52e619de7b62321e42b0 Author: Paul Bourke paul.bourke@oracle.com Date: Fri Jul 20 16:35:25 2018 +0100
Update rabbitmq to use new conf & clustering Depends-On: I75e00312b36e1678b90a42cf58d24652323eff27 Change-Id: Ia716fabffca41eff816e59bbf9f4cab79ee8b72f
diff --git a/ansible/roles/rabbitmq/templates/rabbitmq.config.j2 b/ansible/roles/rabbitmq/templates/rabbitmq.config. j2 deleted file mode 100644 index 960f9fb8a..000000000 --- a/ansible/roles/rabbitmq/templates/rabbitmq.config.j2 +++ /dev/null @@ -1,24 +0,0 @@ -[
- {kernel, [
- {inet_dist_use_interface, {% raw %}{{% endraw %}{{ api_interface_address | regex_replace('.', ',') }}}},
- {inet_dist_listen_min, {{ role_rabbitmq_cluster_port }}},
- {inet_dist_listen_max, {{ role_rabbitmq_cluster_port }}}
[1]: ss -tulpn | awk '$5 ~ /0.0.0.0:|[::]:/ && /beam/' tcp LISTEN 0 128 0.0.0.0:25672 0.0.0.0:* users:(("beam.smp",pid=194345,fd=63))
-- Mit freundlichen Grüßen / Regards
Sven Kieske Systementwickler
Mittwald CM Service GmbH & Co. KG Königsberger Straße 4-6 32339 Espelkamp
Tel.: 05772 / 293-900 Fax: 05772 / 293-333
Geschäftsführer: Robert Meyer, Florian Jürgens
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
Informationen zur Datenverarbeitung im Rahmen unserer Geschäftstätigkeit gemäß Art. 13-14 DSGVO sind unter www.mittwald.de/ds abrufbar.