如何在启动 RabbitMQ Docker 容器时添加初始用户?
How to add initial users when starting a RabbitMQ Docker container?
目前我正在使用 DockerHub 中的默认 RabbitMQ 映像启动 RabbitMQ Docker 容器。使用以下命令。
docker run --restart=always \
-d \
-e RABBITMQ_NODENAME=rabbitmq \
-v /opt/docker/rabbitmq/data:/var/lib/rabbitmq/mnesia/rabbitmq \
-p 5672:5672 \
-p 15672:15672 \
--name rabbitmq rabbitmq:3-management
我需要在图像首次启动时提供默认用户/和虚拟主机。例如创建默认 'test-user'.
目前我必须通过使用管理插件并通过网络添加用户/虚拟主机来手动完成 ui。有什么方法可以在启动 RabbitMQ 图像时提供默认设置?
这是我如何添加非特权用户 gg RUN useradd -d /home/gg -m -s /bin/bash gg
RUN echo gg:gg | chpasswd
RUN echo 'gg ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/gg
RUN chmod 0440 /etc/sudoers.d/gg
的示例
您可以创建一个简单的 Docker 文件来扩展基本图像的功能并创建默认用户。
您需要的 Docker 文件如下:
FROM rabbitmq
# Define environment variables.
ENV RABBITMQ_USER user
ENV RABBITMQ_PASSWORD user
ENV RABBITMQ_PID_FILE /var/lib/rabbitmq/mnesia/rabbitmq
ADD init.sh /init.sh
RUN chmod +x /init.sh
EXPOSE 15672
# Define default command
CMD ["/init.sh"]
和 init.sh:
#!/bin/sh
# Create Rabbitmq user
( rabbitmqctl wait --timeout 60 $RABBITMQ_PID_FILE ; \
rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD 2>/dev/null ; \
rabbitmqctl set_user_tags $RABBITMQ_USER administrator ; \
rabbitmqctl set_permissions -p / $RABBITMQ_USER ".*" ".*" ".*" ; \
echo "*** User '$RABBITMQ_USER' with password '$RABBITMQ_PASSWORD' completed. ***" ; \
echo "*** Log in the WebUI at port 15672 (example: http:/localhost:15672) ***") &
# $@ is used to pass arguments to the rabbitmq-server command.
# For example if you use it like this: docker run -d rabbitmq arg1 arg2,
# it will be as you run in the container rabbitmq-server arg1 arg2
rabbitmq-server $@
此脚本还在端口 15672 初始化并公开 RabbitMQ webadmin。
想出一个适合我需要的解决方案,把它留在这里以防其他人需要它。
总结
我们的想法是采用启用了管理插件的标准 rabbitmq 容器,并使用它来创建所需的配置,然后导出并使用它来启动新容器。下面的解决方案创建了一个派生的 docker 图像,但它也可以在 运行 时间挂载这两个文件(例如使用 docker compose)。
参考资料
组件
官方rabbitmq镜像,管理插件版本(rabbitmq:management)
基于原始图像的自定义图像,使用此 Dockerfile(使用版本 3.6.6):
FROM rabbitmq:3.6.6-management
ADD rabbitmq.config /etc/rabbitmq/
ADD definitions.json /etc/rabbitmq/
RUN chown rabbitmq:rabbitmq /etc/rabbitmq/rabbitmq.config /etc/rabbitmq/definitions.json
CMD ["rabbitmq-server"]
rabbitmq.config 只是告诉 rabbitmq 从 json 文件
加载定义
definitions.json包含用户,虚拟主机等,可以通过管理web界面的导出功能生成
rabbitmq.config 例子:
[
{rabbit, [
{loopback_users, []}
]},
{rabbitmq_management, [
{load_definitions, "/etc/rabbitmq/definitions.json"}
]}
].
definitions.json 例子:
{
"rabbit_version": "3.6.6",
"users": [
{
"name": "user1",
"password_hash": "pass1",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": ""
},
{
"name": "adminuser",
"password_hash": "adminpass",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "\/vhost1"
},
{
"name": "\/vhost2"
}
],
"permissions": [
{
"user": "user1",
"vhost": "\/vhost1",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"parameters": [],
"policies": [],
"queues": [],
"exchanges": [],
"bindings": []
}
替代版本
派生新的 docker 图像只是一种解决方案,并且在可移植性是关键的情况下效果最好,因为它避免了在图像中包含 host-based 文件管理。
在某些情况下,使用官方映像并提供主机本地存储中的配置文件可能是首选。
rabbitmq.config和definitions.json文件的制作方式相同,然后在运行时挂载。
备注:
- 为了这些示例,我假设它们已放在 /etc/so/ 中
- 文件需要是世界可读的或由 rabbitmq 用户或组拥有(docker 容器内的数字 id 是 999),这需要由主机的系统管理员处理
docker 运行 示例:
docker run --rm -it \
-v /etc/so/rabbitmq.config:/etc/rabbitmq/rabbitmq.config:ro \
-v /etc/so/definitions.json:/etc/rabbitmq/definitions.json:ro \
rabbitmq:3.6-management
docker 撰写 示例:
version: '2.1'
services:
rabbitmq:
image: "rabbitmq:3.6-management"
ports:
- 5672:5672
- 15672:15672
volumes:
- /etc/so/rabbitmq.config:/etc/rabbitmq/rabbitmq.config:ro
- /etc/so/definitions.json:/etc/rabbitmq/definitions.json:ro
我想补充一点,sudo 的回复对我帮助很大。但是它仍然错过了要添加到 Dockerfile 的命令。
rabbitmq.config 和 definitions.json 文件应该属于 rabbitmq 用户和组。所以在添加文件后 运行 chown.
我的完整 Dockerfile 如下:
FROM rabbitmq:3-management-alpine
ADD definitions.json /etc/rabbitmq/
ADD rabbitmq.config /etc/rabbitmq/
RUN chown rabbitmq:rabbitmq /etc/rabbitmq/rabbitmq.config /etc/rabbitmq/definitions.json
EXPOSE 4369 5671 5672 15671 15672 25672
CMD ["rabbitmq-server"]
rabbitmq.config 文件包含以下内容,是默认图像配置和添加的定义加载的合并:
[
{ rabbit, [
{loopback_users, []},
{ tcp_listeners, [ 5672 ]},
{ ssl_listeners, [ ]},
{ hipe_compile, false }
]},
{ rabbitmq_management, [
{ load_definitions, "/etc/rabbitmq/definitions.json"},
{ listeners, [
{ port, 15672 },
{ ssl, false }
]}
]}
].
可以从概览选项卡中的管理界面导出定义文件。
所以您首先要创建一个普通的 'empty' rabbitmq 容器。定义您喜欢的任何用户、交易所和队列。然后进入管理界面,导出定义并使用上述文件创建自己的图像。
下载定义是在定义文件中为您自己的密码获取正确密码哈希值的最简单方法。如果您不想这样做,您应该按照此处 (https://www.rabbitmq.com/passwords.html) 中所述的说明生成正确的哈希值。
在我的例子中 sleep 5 上述解决方案不起作用,因为 RabbitMQ 启动时间要长得多且不可预测。发布解决方案等待 RabbitMQ 启动并且 运行:
Dockerfile
FROM rabbitmq:3-management
ADD init.sh /
ADD config_rabbit.sh /
RUN chmod +x /init.sh /config_rabbit.sh
ENTRYPOINT ["/init.sh"]
init.sh
#!/bin/bash
# Launch config script in background
# Note there is no RabbitMQ Docker image support for executing commands after server (PID 1) is running (something like "ADD schema.sql /docker-entrypoint-initdb.d" in MySql image), so we are using this trick
/config_rabbit.sh &
# Launch
/docker-entrypoint.sh rabbitmq-server
config_rabbit.sh
#!/bin/bash
# This script needs to be executed just once
if [ -f /[=12=].completed ] ; then
echo "[=12=] `date` /[=12=].completed found, skipping run"
exit 0
fi
# Wait for RabbitMQ startup
for (( ; ; )) ; do
sleep 5
rabbitmqctl -q node_health_check > /dev/null 2>&1
if [ $? -eq 0 ] ; then
echo "[=12=] `date` rabbitmq is now running"
break
else
echo "[=12=] `date` waiting for rabbitmq startup"
fi
done
# Execute RabbitMQ config commands here
# Create user
rabbitmqctl add_user USER PASSWORD
rabbitmqctl set_permissions -p / USER ".*" ".*" ".*"
echo "[=12=] `date` user USER created"
# Create queue
rabbitmqadmin declare queue name=QUEUE durable=true
echo "[=12=] `date` queues created"
# Create mark so script is not ran again
touch /[=12=].completed
最新版本的 RabbitMQ image on Dockerhub 具有将默认用户名/密码从 "guest" / "guest" 更改为其他内容的内置功能。
只需在启动镜像时设置环境变量"RABBITMQ_DEFAULT_USER"和"RABBITMQ_DEFAULT_PASS"即可。
作为 docker 命令,您会 运行 像这样的图像:
docker run \
-e RABBITMQ_DEFAULT_USER=test-user \
-e RABBITMQ_DEFAULT_PASS=test-user \
-p 5672:5672 \
rabbitmq
我不得不根据上面的评论对接受的答案中的脚本进行一些更改才能使其正常工作。
Dockerfile
FROM rabbitmq
# Define environment variables.
ENV RABBITMQ_USER user
ENV RABBITMQ_PASSWORD user
ADD init.sh /init.sh
EXPOSE 15672
# Define default command
CMD ["/init.sh"]
init.sh
#!/bin/sh
( sleep 10 && \
rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD && \
rabbitmqctl set_user_tags $RABBITMQ_USER administrator && \
rabbitmqctl set_permissions -p / $RABBITMQ_USER ".*" ".*" ".*" ) & \
rabbitmq-server
使用 RabbitMQ 3.7 和较新的 rabbitmq.conf (sysctl) 配置格式,以下使用默认用户和队列设置 RabbitMQ Docker,您可以选择添加按照 dockerfile 中的 运行 命令创建用户...
RUN rabbitmqctl add_user {username} {password}
RUN rabbitmqctl set_user_tags {username} administrator
RUN rabbitmqctl set_permissions ...
rabbitmq.conf
# Default user
default_user = testuser
default_pass = testpassword
## The default "guest" user is only permitted to access the server
## via a loopback interface (e.g. localhost).
loopback_users.guest = true
# IPv4
listeners.tcp.default = 5672
## HTTP listener and embedded Web server settings.
management.tcp.port = 15672
# Load queue definitions
management.load_definitions = /etc/rabbitmq/definitions.json
#Ignore SSL
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = true
definitions.json
{
"rabbit_version": "3.7.11",
"users": [
{
"name": "testuser",
"password_hash": "txn+nsYVkAaIMvDsH8Fsyb3RWMCMWihRUVCk/wICL1NBKKvz",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [ { "name": "test-vhost" } ],
"permissions": [
{
"user": "testuser",
"vhost": "test-vhost",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"topic_permissions": [],
"parameters": [],
"global_parameters": [
{
"name": "cluster_name",
"value": "rabbit@test-rabbit"
}
],
"policies": [],
"queues": [
{
"name": "testqueue",
"vhost": "test-vhost",
"durable": true,
"auto_delete": false,
"arguments": {}
}
],
"exchanges": [],
"bindings": []
}
Docker文件
FROM rabbitmq:3.7-management
COPY rabbitmq.conf /etc/rabbitmq
COPY definitions.json /etc/rabbitmq
RUN ls /etc/rabbitmq
RUN cat /etc/rabbitmq/rabbitmq.conf
Dockers 命令构建和 运行 容器...
docker build -t rabbitmq-with-queue .
docker run --rm -it --hostname my-rabbit -p 5672:5672 -p 15672:15672 rabbitmq-with-queue
在Kubernetes中,类似于@sudo的回答;可以通过 ConfigMap & Volume 将 definitions.json 文件加载到容器中。
ConfigMap rabbitmq-definitions-configmap 被定义为从文件创建的 configmap,目标是 definitions.json。
您也可以对 rabbitmq.config 文件执行相同的操作。
请注意 mountPath 和 subPath 的用法,仅使用 mountPath 对我不起作用。
apiVersion: apps/v1
kind: Deployment
metadata:
name: rabbitmq-deployment
spec:
selector:
matchLabels:
app: rabbitmq-deployment
replicas: 1
template:
metadata:
labels:
app: rabbitmq-deployment
spec:
volumes:
- name: rabbitmq-definitions
configMap:
name: rabbitmq-definitions-configmap
containers:
- name: rabbitmq
image: rabbitmq:3.7.18-management-alpine
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: rabbitmq-configmap
- secretRef:
name: rabbitmq-secrets
volumeMounts:
- name: rabbitmq-definitions
mountPath: /etc/rabbitmq/definitions.json
subPath: rabbitmq-definitions
上述解决方案有一个警告:它们将 "disable" 官方兔子 docker 图像中的 docker-entrypoint.sh 脚本 present。这对您来说可能是问题,也可能不是问题。此脚本创建初始 RabbitMQ 配置文件;添加一些好的默认值(例如,如果容器是 运行 内存限制,则总内存限制)。
如果您想保持完全兼容性并且不想 "disable" 此脚本,您可以使用以下方法。它将添加一个额外的 admin 用户和 admin 密码,并保持 guest 用户不变。这对开发很有用。
此方法使用 definitions.json 文件来初始化使用管理插件的用户。为了通知插件有关 definitions.json 文件的信息,我们使用 RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS 环境变量(而不是 rabbitmq.conf 文件)。
创建definitions.json文件:
{
"users": [
{
"name": "guest",
"password_hash": "R184F4Fs6JLdo8tFqRjWnkJL2DlAZJupxEqkO/8kfV/G63+z",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
},
{
"name": "admin",
"password_hash": "FGA5ZeTOLHnIp4ZjxIj0PsShW/DpLgdYAlHsbli7KMMa8Z0O",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "/"
}
],
"permissions": [
{
"user": "guest",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
},
{
"user": "admin",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"parameters": [],
"policies": [],
"queues": [],
"exchanges": [],
"bindings": []
}
创建自定义 Dockerfile:
FROM rabbitmq:3.8.3-management
ADD --chown=rabbitmq ./definitions.json /etc/rabbitmq/
ENV RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS="-rabbitmq_management load_definitions \"/etc/rabbitmq/definitions.json\""
使用以下命令构建镜像:
docker build --tag myrabbit:1.0.0 .
然后运行它:
docker run -d -p 5672:5672 -p 15672:15672 --restart unless-stopped --name rabbitmq myrabbit:1.0.0
就我而言,我想知道是否可以通过简单地挂载数据文件夹来转储 docker 容器 user/vhost/data。
我找到了以下文档:https://www.rabbitmq.com/backup.html,帮助太大了。
现在,我确实将 /var/lib/rabbitmq 卷挂载到主机上,但是当重新创建容器时,用户和虚拟主机的配置消失了。
很快我意识到在重新创建容器后,生成了一个具有不同 ID 的新数据集。
所以旧数据还在,只是id断开了
在我的示例中,0df72ae1a7a5一个是旧的,当我创建一个新的268bac197c69时,旧数据不再有效。
root@268bac197c69:~/mnesia# ls -alh /var/lib/rabbitmq/mnesia
total 100K
drwxr-xr-x. 14 rabbitmq rabbitmq 4.0K Jun 13 13:43 .
drwxr-xr-x. 5 rabbitmq root 4.0K Jun 13 13:42 ..
drwxr-xr-x. 4 rabbitmq rabbitmq 4.0K Mar 6 2020 rabbit@0df72ae1a7a5
-rw-r--r--. 1 rabbitmq rabbitmq 64 Mar 6 2020 rabbit@0df72ae1a7a5-feature_flags
drwxr-xr-x. 2 rabbitmq rabbitmq 4.0K Mar 6 2020 rabbit@0df72ae1a7a5-plugins-expand
-rw-r--r--. 1 rabbitmq rabbitmq 2 Mar 6 2020 rabbit@0df72ae1a7a5.pid
drwxr-xr-x. 4 rabbitmq rabbitmq 4.0K Jun 13 13:43 rabbit@268bac197c69
-rw-r--r--. 1 rabbitmq rabbitmq 148 Jun 13 13:43 rabbit@268bac197c69-feature_flags
drwxr-xr-x. 10 rabbitmq rabbitmq 4.0K Jun 13 13:43 rabbit@268bac197c69-plugins-expand
-rw-r--r--. 1 rabbitmq rabbitmq 3 Jun 13 13:43 rabbit@268bac197c69.pid
在容器中,以下命令显示当前活动id:
rabbitmqctl eval 'rabbit_mnesia:dir().'
它打印"/var/lib/rabbitmq/mnesia/rabbit@268bac197c69",当前新创建的。
所以现在问题减少为:
How to restore the old data with the specific old id when the container recreates?
很快,我发现当前id和容器hostname是一样的,是创建容器时随机生成的!
那么如何将 id 与特定值关联起来呢?我查看 docker-hub rabbitmq 页面:https://hub.docker.com/_/rabbitmq
One of the important things to note about RabbitMQ is that it stores data based on what it calls the "Node Name", which defaults to the hostname. What this means for usage in Docker is that we should specify -h/--hostname explicitly for each daemon so that we don't get a random hostname and can keep track of our data:
最后的解决方案来了,我们只需要将hostname指定为一个特定的值,容器重建时一切都会自动恢复。
最终解决方案:
只需在我们的 docker-compose 部分添加主机名设置:
注意:主机名行和卷行很重要。
rabbitmq:
image: rabbitmq:management
container_name: rabbitmq
restart: always
hostname: 0df72ae1a7a5
environment:
RABBITMQ_DEFAULT_USER: rabbit
RABBITMQ_DEFAULT_PASS: rabbit
volumes:
- /var/docker/rabbitmq/var/lib/rabbitmq:/var/lib/rabbitmq
此处的其他一些解决方案无法使用 TLS,因为它们禁用了父入口点。其他人有不必要的步骤,因为父图像有一个未记录的特征,如果它出现在 /etc/rabbitmq.
下,它将消耗 definitions.json
这似乎是最简单的方法:
Docker 文件
FROM rabbitmq:3.8.2-management
ADD definitions.json /etc/rabbitmq/
RUN chown rabbitmq:rabbitmq /etc/rabbitmq/definitions.json
definitions.json - 编辑以满足您的用户/虚拟主机/权限需求
{
"users": [
{
"name": "guest",
"password_hash": "R184F4Fs6JLdo8tFqRjWnkJL2DlAZJupxEqkO/8kfV/G63+z",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
},
{
"name": "admin",
"password_hash": "FGA5ZeTOLHnIp4ZjxIj0PsShW/DpLgdYAlHsbli7KMMa8Z0O",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "/"
}
],
"permissions": [
{
"user": "guest",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
},
{
"user": "admin",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"parameters": [],
"policies": [],
"queues": [],
"exchanges": [],
"bindings": []
}
通过 Dockerfile 指令在自定义图像上使用 cron 对我有用:
# add rabbitmq user with /usr/sbin/rabbitmqctl at boot time.
RUN echo "@reboot root sleep 5 && rabbitmqctl add_user admin admin && rabbitmqctl set_user_tags admin administrator && rabbitmqctl set_permissions -p / admin \".*\" \".*\" \".*\"" >> /etc/crontab
图像基于 Rocky Linux 和 Systemd。这是我的完整 Dockerfile:
FROM rockylinux/rockylinux:latest
LABEL maintainer="acool@example.com"
# remove unecessary systemd unit files
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
# import rabbitmq repo signatures
RUN rpm --import https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc && \
rpm --import 'https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-erlang/gpg.E495BB49CC4BBE5B.key' && \
rpm --import 'https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-server/gpg.9F4587F226208342.key'
# copy rabbitmq repo config
COPY config/rabbitmq.repo /etc/yum.repos.d/rabbitmq.repo
# install packages
RUN dnf -y update \
&& dnf -y install epel-release.noarch \
http://rpms.remirepo.net/enterprise/remi-release-8.rpm \
&& dnf module -y install php:remi-8.0 \
&& dnf -y install rabbitmq-server \
supervisor \
memcached \
iproute \
# postfix \
mailx \
vim \
nano \
dos2unix \
wget \
openssh \
rsync \
unzip \
ImageMagick \
ncurses \
cronie \
&& dnf clean all
# create admin user account
ARG UID=1000
RUN useradd --create-home --uid $UID admin
# enable services
RUN systemctl enable rabbitmq-server.service memcached.service \
&& rabbitmq-plugins enable rabbitmq_management
# add rabbitmq user with /usr/sbin/rabbitmqctl at boot time.
RUN echo "@reboot root sleep 5 && rabbitmqctl add_user admin admin && rabbitmqctl set_user_tags admin administrator && rabbitmqctl set_permissions -p / admin \".*\" \".*\" \".*\"" >> /etc/crontab
EXPOSE 15672 9001
ENTRYPOINT ["/sbin/init"]
构建图像:
docker build --build-arg UID=$(id -u) -t customRockyLinux:customRockyLinux .
运行 图片:
docker run --name customRL_container -d --privileged -p 15672:15672 -p 9001:9001 customRockyLinux:customRockyLinux
以 root 身份与容器交互:
docker exec -it customRL_container bash
或作为特定用户:
docker exec -it --user admin customRL_container bash
验证 RabbitMQ 用户:
root@a2dc7498de45 /]# rabbitmqctl list_users
user tags
admin [administrator]
guest [administrator]
[root@a2dc7498de45 /]#
[root@a2dc7498de45 /]#
[root@a2dc7498de45 /]# rabbitmqctl --version
3.9.5
[root@a2dc7498de45 /]# cat /etc/redhat-release
Rocky Linux release 8.4 (Green Obsidian)
祝你好运!!
创建两个文件夹,data 和 etc
enabled_plugins
[rabbitmq_management,rabbitmq_prometheus].
rabbitmq.conf
auth_mechanisms.1 = PLAIN
auth_mechanisms.2 = AMQPLAIN
loopback_users.guest = false
listeners.tcp.default = 5672
#default_pass = admin
#default_user = admin
hipe_compile = false
#management.listener.port = 15672
#management.listener.ssl = false
management.tcp.port = 15672
management.load_definitions = /etc/rabbitmq/definitions.json
definitions.json
您可以根据需要添加任意数量的用户、队列、交易所
{
"users": [
{
"name": "admin",
"password": "admin",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "/"
}
],
"policies": [
{
"vhost": "/",
"name": "ha",
"pattern": "",
"apply-to": "all",
"definition": {
"ha-mode": "all",
"ha-sync-batch-size": 256,
"ha-sync-mode": "automatic"
},
"priority": 0
}
],
"permissions": [
{
"user": "admin",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"queues": [
{
"name": "job-import.triggered.queue",
"vhost": "/",
"durable": true,
"auto_delete": false,
"arguments": {}
}
],
"exchanges": [
{
"name": "lob-proj-dx",
"vhost": "/",
"type": "direct",
"durable": true,
"auto_delete": false,
"internal": false,
"arguments": {}
}
],
"bindings": [
{
"source": "lob-proj-dx",
"vhost": "/",
"destination": "job-import.triggered.queue",
"destination_type": "queue",
"routing_key": "job-import.event.triggered",
"arguments": {}
}
]
}
运行兔子
docker run --restart=always -d -p 5672:5672 -p 15672:15672 --mount type=bind,source=E:\docker\rabbit\data,target=/var/lib/rabbitmq/ --mount type=bind,source=E:\docker\rabbit\etc,target=/etc/rabbitmq/ --name rabbitmq --hostname my-rabbit rabbitmq:3.7.28-management
取自here
此方法不需要创建自定义 docker 图像,不需要 docker-compose 而且它在重启后保持状态
好吧...由于 image and docs 已经更新,现在可能很明显了,但是因为我在这里搜索了我的方式,所以至少有一个默认用户和 vhost 的环境变量(但是还不是多个):
If you wish to change the default username and password of guest /
guest, you can do so with the RABBITMQ_DEFAULT_USER and
RABBITMQ_DEFAULT_PASS environmental variables. These variables were
available previously in the docker-specific entrypoint shell script
but are now available in RabbitMQ directly.
$ docker run -d --hostname my-rabbit --name some-rabbit -e
RABBITMQ_DEFAULT_USER=user -e RABBITMQ_DEFAULT_PASS=password
rabbitmq:3-management
If you wish to change the default vhost, you can do so with the
RABBITMQ_DEFAULT_VHOST environmental variables:
$ docker run -d --hostname my-rabbit --name some-rabbit -e
RABBITMQ_DEFAULT_VHOST=my_vhost rabbitmq:3-management
但是 using definitions is the right answer: create a definitions.json and import 它通过 load_definitions 配置键。
目前我正在使用 DockerHub 中的默认 RabbitMQ 映像启动 RabbitMQ Docker 容器。使用以下命令。
docker run --restart=always \
-d \
-e RABBITMQ_NODENAME=rabbitmq \
-v /opt/docker/rabbitmq/data:/var/lib/rabbitmq/mnesia/rabbitmq \
-p 5672:5672 \
-p 15672:15672 \
--name rabbitmq rabbitmq:3-management
我需要在图像首次启动时提供默认用户/和虚拟主机。例如创建默认 'test-user'.
目前我必须通过使用管理插件并通过网络添加用户/虚拟主机来手动完成 ui。有什么方法可以在启动 RabbitMQ 图像时提供默认设置?
这是我如何添加非特权用户 gg RUN useradd -d /home/gg -m -s /bin/bash gg
RUN echo gg:gg | chpasswd
RUN echo 'gg ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/gg
RUN chmod 0440 /etc/sudoers.d/gg
您可以创建一个简单的 Docker 文件来扩展基本图像的功能并创建默认用户。 您需要的 Docker 文件如下:
FROM rabbitmq
# Define environment variables.
ENV RABBITMQ_USER user
ENV RABBITMQ_PASSWORD user
ENV RABBITMQ_PID_FILE /var/lib/rabbitmq/mnesia/rabbitmq
ADD init.sh /init.sh
RUN chmod +x /init.sh
EXPOSE 15672
# Define default command
CMD ["/init.sh"]
和 init.sh:
#!/bin/sh
# Create Rabbitmq user
( rabbitmqctl wait --timeout 60 $RABBITMQ_PID_FILE ; \
rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD 2>/dev/null ; \
rabbitmqctl set_user_tags $RABBITMQ_USER administrator ; \
rabbitmqctl set_permissions -p / $RABBITMQ_USER ".*" ".*" ".*" ; \
echo "*** User '$RABBITMQ_USER' with password '$RABBITMQ_PASSWORD' completed. ***" ; \
echo "*** Log in the WebUI at port 15672 (example: http:/localhost:15672) ***") &
# $@ is used to pass arguments to the rabbitmq-server command.
# For example if you use it like this: docker run -d rabbitmq arg1 arg2,
# it will be as you run in the container rabbitmq-server arg1 arg2
rabbitmq-server $@
此脚本还在端口 15672 初始化并公开 RabbitMQ webadmin。
想出一个适合我需要的解决方案,把它留在这里以防其他人需要它。
总结
我们的想法是采用启用了管理插件的标准 rabbitmq 容器,并使用它来创建所需的配置,然后导出并使用它来启动新容器。下面的解决方案创建了一个派生的 docker 图像,但它也可以在 运行 时间挂载这两个文件(例如使用 docker compose)。
参考资料
组件
官方rabbitmq镜像,管理插件版本(rabbitmq:management)
基于原始图像的自定义图像,使用此 Dockerfile(使用版本 3.6.6):
FROM rabbitmq:3.6.6-management ADD rabbitmq.config /etc/rabbitmq/ ADD definitions.json /etc/rabbitmq/ RUN chown rabbitmq:rabbitmq /etc/rabbitmq/rabbitmq.config /etc/rabbitmq/definitions.json CMD ["rabbitmq-server"]rabbitmq.config 只是告诉 rabbitmq 从 json 文件
加载定义definitions.json包含用户,虚拟主机等,可以通过管理web界面的导出功能生成
rabbitmq.config 例子:
[
{rabbit, [
{loopback_users, []}
]},
{rabbitmq_management, [
{load_definitions, "/etc/rabbitmq/definitions.json"}
]}
].
definitions.json 例子:
{
"rabbit_version": "3.6.6",
"users": [
{
"name": "user1",
"password_hash": "pass1",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": ""
},
{
"name": "adminuser",
"password_hash": "adminpass",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "\/vhost1"
},
{
"name": "\/vhost2"
}
],
"permissions": [
{
"user": "user1",
"vhost": "\/vhost1",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"parameters": [],
"policies": [],
"queues": [],
"exchanges": [],
"bindings": []
}
替代版本
派生新的 docker 图像只是一种解决方案,并且在可移植性是关键的情况下效果最好,因为它避免了在图像中包含 host-based 文件管理。
在某些情况下,使用官方映像并提供主机本地存储中的配置文件可能是首选。
rabbitmq.config和definitions.json文件的制作方式相同,然后在运行时挂载。
备注:
- 为了这些示例,我假设它们已放在 /etc/so/ 中
- 文件需要是世界可读的或由 rabbitmq 用户或组拥有(docker 容器内的数字 id 是 999),这需要由主机的系统管理员处理
docker 运行 示例:
docker run --rm -it \
-v /etc/so/rabbitmq.config:/etc/rabbitmq/rabbitmq.config:ro \
-v /etc/so/definitions.json:/etc/rabbitmq/definitions.json:ro \
rabbitmq:3.6-management
docker 撰写 示例:
version: '2.1'
services:
rabbitmq:
image: "rabbitmq:3.6-management"
ports:
- 5672:5672
- 15672:15672
volumes:
- /etc/so/rabbitmq.config:/etc/rabbitmq/rabbitmq.config:ro
- /etc/so/definitions.json:/etc/rabbitmq/definitions.json:ro
我想补充一点,sudo 的回复对我帮助很大。但是它仍然错过了要添加到 Dockerfile 的命令。
rabbitmq.config 和 definitions.json 文件应该属于 rabbitmq 用户和组。所以在添加文件后 运行 chown.
我的完整 Dockerfile 如下:
FROM rabbitmq:3-management-alpine
ADD definitions.json /etc/rabbitmq/
ADD rabbitmq.config /etc/rabbitmq/
RUN chown rabbitmq:rabbitmq /etc/rabbitmq/rabbitmq.config /etc/rabbitmq/definitions.json
EXPOSE 4369 5671 5672 15671 15672 25672
CMD ["rabbitmq-server"]
rabbitmq.config 文件包含以下内容,是默认图像配置和添加的定义加载的合并:
[
{ rabbit, [
{loopback_users, []},
{ tcp_listeners, [ 5672 ]},
{ ssl_listeners, [ ]},
{ hipe_compile, false }
]},
{ rabbitmq_management, [
{ load_definitions, "/etc/rabbitmq/definitions.json"},
{ listeners, [
{ port, 15672 },
{ ssl, false }
]}
]}
].
可以从概览选项卡中的管理界面导出定义文件。
所以您首先要创建一个普通的 'empty' rabbitmq 容器。定义您喜欢的任何用户、交易所和队列。然后进入管理界面,导出定义并使用上述文件创建自己的图像。
下载定义是在定义文件中为您自己的密码获取正确密码哈希值的最简单方法。如果您不想这样做,您应该按照此处 (https://www.rabbitmq.com/passwords.html) 中所述的说明生成正确的哈希值。
在我的例子中 sleep 5 上述解决方案不起作用,因为 RabbitMQ 启动时间要长得多且不可预测。发布解决方案等待 RabbitMQ 启动并且 运行:
Dockerfile
FROM rabbitmq:3-management ADD init.sh / ADD config_rabbit.sh / RUN chmod +x /init.sh /config_rabbit.sh ENTRYPOINT ["/init.sh"]init.sh
#!/bin/bash # Launch config script in background # Note there is no RabbitMQ Docker image support for executing commands after server (PID 1) is running (something like "ADD schema.sql /docker-entrypoint-initdb.d" in MySql image), so we are using this trick /config_rabbit.sh & # Launch /docker-entrypoint.sh rabbitmq-serverconfig_rabbit.sh
#!/bin/bash # This script needs to be executed just once if [ -f /[=12=].completed ] ; then echo "[=12=] `date` /[=12=].completed found, skipping run" exit 0 fi # Wait for RabbitMQ startup for (( ; ; )) ; do sleep 5 rabbitmqctl -q node_health_check > /dev/null 2>&1 if [ $? -eq 0 ] ; then echo "[=12=] `date` rabbitmq is now running" break else echo "[=12=] `date` waiting for rabbitmq startup" fi done # Execute RabbitMQ config commands here # Create user rabbitmqctl add_user USER PASSWORD rabbitmqctl set_permissions -p / USER ".*" ".*" ".*" echo "[=12=] `date` user USER created" # Create queue rabbitmqadmin declare queue name=QUEUE durable=true echo "[=12=] `date` queues created" # Create mark so script is not ran again touch /[=12=].completed
最新版本的 RabbitMQ image on Dockerhub 具有将默认用户名/密码从 "guest" / "guest" 更改为其他内容的内置功能。
只需在启动镜像时设置环境变量"RABBITMQ_DEFAULT_USER"和"RABBITMQ_DEFAULT_PASS"即可。
作为 docker 命令,您会 运行 像这样的图像:
docker run \
-e RABBITMQ_DEFAULT_USER=test-user \
-e RABBITMQ_DEFAULT_PASS=test-user \
-p 5672:5672 \
rabbitmq
我不得不根据上面的评论对接受的答案中的脚本进行一些更改才能使其正常工作。
Dockerfile
FROM rabbitmq
# Define environment variables.
ENV RABBITMQ_USER user
ENV RABBITMQ_PASSWORD user
ADD init.sh /init.sh
EXPOSE 15672
# Define default command
CMD ["/init.sh"]
init.sh
#!/bin/sh
( sleep 10 && \
rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD && \
rabbitmqctl set_user_tags $RABBITMQ_USER administrator && \
rabbitmqctl set_permissions -p / $RABBITMQ_USER ".*" ".*" ".*" ) & \
rabbitmq-server
使用 RabbitMQ 3.7 和较新的 rabbitmq.conf (sysctl) 配置格式,以下使用默认用户和队列设置 RabbitMQ Docker,您可以选择添加按照 dockerfile 中的 运行 命令创建用户...
RUN rabbitmqctl add_user {username} {password}
RUN rabbitmqctl set_user_tags {username} administrator
RUN rabbitmqctl set_permissions ...
rabbitmq.conf
# Default user
default_user = testuser
default_pass = testpassword
## The default "guest" user is only permitted to access the server
## via a loopback interface (e.g. localhost).
loopback_users.guest = true
# IPv4
listeners.tcp.default = 5672
## HTTP listener and embedded Web server settings.
management.tcp.port = 15672
# Load queue definitions
management.load_definitions = /etc/rabbitmq/definitions.json
#Ignore SSL
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = true
definitions.json
{
"rabbit_version": "3.7.11",
"users": [
{
"name": "testuser",
"password_hash": "txn+nsYVkAaIMvDsH8Fsyb3RWMCMWihRUVCk/wICL1NBKKvz",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [ { "name": "test-vhost" } ],
"permissions": [
{
"user": "testuser",
"vhost": "test-vhost",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"topic_permissions": [],
"parameters": [],
"global_parameters": [
{
"name": "cluster_name",
"value": "rabbit@test-rabbit"
}
],
"policies": [],
"queues": [
{
"name": "testqueue",
"vhost": "test-vhost",
"durable": true,
"auto_delete": false,
"arguments": {}
}
],
"exchanges": [],
"bindings": []
}
Docker文件
FROM rabbitmq:3.7-management
COPY rabbitmq.conf /etc/rabbitmq
COPY definitions.json /etc/rabbitmq
RUN ls /etc/rabbitmq
RUN cat /etc/rabbitmq/rabbitmq.conf
Dockers 命令构建和 运行 容器...
docker build -t rabbitmq-with-queue .
docker run --rm -it --hostname my-rabbit -p 5672:5672 -p 15672:15672 rabbitmq-with-queue
在Kubernetes中,类似于@sudo的回答;可以通过 ConfigMap & Volume 将 definitions.json 文件加载到容器中。
ConfigMap rabbitmq-definitions-configmap 被定义为从文件创建的 configmap,目标是 definitions.json。
您也可以对 rabbitmq.config 文件执行相同的操作。
请注意 mountPath 和 subPath 的用法,仅使用 mountPath 对我不起作用。
apiVersion: apps/v1
kind: Deployment
metadata:
name: rabbitmq-deployment
spec:
selector:
matchLabels:
app: rabbitmq-deployment
replicas: 1
template:
metadata:
labels:
app: rabbitmq-deployment
spec:
volumes:
- name: rabbitmq-definitions
configMap:
name: rabbitmq-definitions-configmap
containers:
- name: rabbitmq
image: rabbitmq:3.7.18-management-alpine
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: rabbitmq-configmap
- secretRef:
name: rabbitmq-secrets
volumeMounts:
- name: rabbitmq-definitions
mountPath: /etc/rabbitmq/definitions.json
subPath: rabbitmq-definitions
上述解决方案有一个警告:它们将 "disable" 官方兔子 docker 图像中的 docker-entrypoint.sh 脚本 present。这对您来说可能是问题,也可能不是问题。此脚本创建初始 RabbitMQ 配置文件;添加一些好的默认值(例如,如果容器是 运行 内存限制,则总内存限制)。
如果您想保持完全兼容性并且不想 "disable" 此脚本,您可以使用以下方法。它将添加一个额外的 admin 用户和 admin 密码,并保持 guest 用户不变。这对开发很有用。
此方法使用 definitions.json 文件来初始化使用管理插件的用户。为了通知插件有关 definitions.json 文件的信息,我们使用 RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS 环境变量(而不是 rabbitmq.conf 文件)。
创建definitions.json文件:
{
"users": [
{
"name": "guest",
"password_hash": "R184F4Fs6JLdo8tFqRjWnkJL2DlAZJupxEqkO/8kfV/G63+z",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
},
{
"name": "admin",
"password_hash": "FGA5ZeTOLHnIp4ZjxIj0PsShW/DpLgdYAlHsbli7KMMa8Z0O",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "/"
}
],
"permissions": [
{
"user": "guest",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
},
{
"user": "admin",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"parameters": [],
"policies": [],
"queues": [],
"exchanges": [],
"bindings": []
}
创建自定义 Dockerfile:
FROM rabbitmq:3.8.3-management
ADD --chown=rabbitmq ./definitions.json /etc/rabbitmq/
ENV RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS="-rabbitmq_management load_definitions \"/etc/rabbitmq/definitions.json\""
使用以下命令构建镜像:
docker build --tag myrabbit:1.0.0 .
然后运行它:
docker run -d -p 5672:5672 -p 15672:15672 --restart unless-stopped --name rabbitmq myrabbit:1.0.0
就我而言,我想知道是否可以通过简单地挂载数据文件夹来转储 docker 容器 user/vhost/data。
我找到了以下文档:https://www.rabbitmq.com/backup.html,帮助太大了。
现在,我确实将 /var/lib/rabbitmq 卷挂载到主机上,但是当重新创建容器时,用户和虚拟主机的配置消失了。
很快我意识到在重新创建容器后,生成了一个具有不同 ID 的新数据集。
所以旧数据还在,只是id断开了
在我的示例中,0df72ae1a7a5一个是旧的,当我创建一个新的268bac197c69时,旧数据不再有效。
root@268bac197c69:~/mnesia# ls -alh /var/lib/rabbitmq/mnesia
total 100K
drwxr-xr-x. 14 rabbitmq rabbitmq 4.0K Jun 13 13:43 .
drwxr-xr-x. 5 rabbitmq root 4.0K Jun 13 13:42 ..
drwxr-xr-x. 4 rabbitmq rabbitmq 4.0K Mar 6 2020 rabbit@0df72ae1a7a5
-rw-r--r--. 1 rabbitmq rabbitmq 64 Mar 6 2020 rabbit@0df72ae1a7a5-feature_flags
drwxr-xr-x. 2 rabbitmq rabbitmq 4.0K Mar 6 2020 rabbit@0df72ae1a7a5-plugins-expand
-rw-r--r--. 1 rabbitmq rabbitmq 2 Mar 6 2020 rabbit@0df72ae1a7a5.pid
drwxr-xr-x. 4 rabbitmq rabbitmq 4.0K Jun 13 13:43 rabbit@268bac197c69
-rw-r--r--. 1 rabbitmq rabbitmq 148 Jun 13 13:43 rabbit@268bac197c69-feature_flags
drwxr-xr-x. 10 rabbitmq rabbitmq 4.0K Jun 13 13:43 rabbit@268bac197c69-plugins-expand
-rw-r--r--. 1 rabbitmq rabbitmq 3 Jun 13 13:43 rabbit@268bac197c69.pid
在容器中,以下命令显示当前活动id:
rabbitmqctl eval 'rabbit_mnesia:dir().'
它打印"/var/lib/rabbitmq/mnesia/rabbit@268bac197c69",当前新创建的。
所以现在问题减少为:
How to restore the old data with the specific old id when the container recreates?
很快,我发现当前id和容器hostname是一样的,是创建容器时随机生成的!
那么如何将 id 与特定值关联起来呢?我查看 docker-hub rabbitmq 页面:https://hub.docker.com/_/rabbitmq
One of the important things to note about RabbitMQ is that it stores data based on what it calls the "Node Name", which defaults to the hostname. What this means for usage in Docker is that we should specify -h/--hostname explicitly for each daemon so that we don't get a random hostname and can keep track of our data:
最后的解决方案来了,我们只需要将hostname指定为一个特定的值,容器重建时一切都会自动恢复。
最终解决方案:
只需在我们的 docker-compose 部分添加主机名设置:
注意:主机名行和卷行很重要。
rabbitmq:
image: rabbitmq:management
container_name: rabbitmq
restart: always
hostname: 0df72ae1a7a5
environment:
RABBITMQ_DEFAULT_USER: rabbit
RABBITMQ_DEFAULT_PASS: rabbit
volumes:
- /var/docker/rabbitmq/var/lib/rabbitmq:/var/lib/rabbitmq
此处的其他一些解决方案无法使用 TLS,因为它们禁用了父入口点。其他人有不必要的步骤,因为父图像有一个未记录的特征,如果它出现在 /etc/rabbitmq.
下,它将消耗 definitions.json这似乎是最简单的方法:
Docker 文件
FROM rabbitmq:3.8.2-management
ADD definitions.json /etc/rabbitmq/
RUN chown rabbitmq:rabbitmq /etc/rabbitmq/definitions.json
definitions.json - 编辑以满足您的用户/虚拟主机/权限需求
{
"users": [
{
"name": "guest",
"password_hash": "R184F4Fs6JLdo8tFqRjWnkJL2DlAZJupxEqkO/8kfV/G63+z",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
},
{
"name": "admin",
"password_hash": "FGA5ZeTOLHnIp4ZjxIj0PsShW/DpLgdYAlHsbli7KMMa8Z0O",
"hashing_algorithm": "rabbit_password_hashing_sha256",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "/"
}
],
"permissions": [
{
"user": "guest",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
},
{
"user": "admin",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"parameters": [],
"policies": [],
"queues": [],
"exchanges": [],
"bindings": []
}
通过 Dockerfile 指令在自定义图像上使用 cron 对我有用:
# add rabbitmq user with /usr/sbin/rabbitmqctl at boot time.
RUN echo "@reboot root sleep 5 && rabbitmqctl add_user admin admin && rabbitmqctl set_user_tags admin administrator && rabbitmqctl set_permissions -p / admin \".*\" \".*\" \".*\"" >> /etc/crontab
图像基于 Rocky Linux 和 Systemd。这是我的完整 Dockerfile:
FROM rockylinux/rockylinux:latest
LABEL maintainer="acool@example.com"
# remove unecessary systemd unit files
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
# import rabbitmq repo signatures
RUN rpm --import https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc && \
rpm --import 'https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-erlang/gpg.E495BB49CC4BBE5B.key' && \
rpm --import 'https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-server/gpg.9F4587F226208342.key'
# copy rabbitmq repo config
COPY config/rabbitmq.repo /etc/yum.repos.d/rabbitmq.repo
# install packages
RUN dnf -y update \
&& dnf -y install epel-release.noarch \
http://rpms.remirepo.net/enterprise/remi-release-8.rpm \
&& dnf module -y install php:remi-8.0 \
&& dnf -y install rabbitmq-server \
supervisor \
memcached \
iproute \
# postfix \
mailx \
vim \
nano \
dos2unix \
wget \
openssh \
rsync \
unzip \
ImageMagick \
ncurses \
cronie \
&& dnf clean all
# create admin user account
ARG UID=1000
RUN useradd --create-home --uid $UID admin
# enable services
RUN systemctl enable rabbitmq-server.service memcached.service \
&& rabbitmq-plugins enable rabbitmq_management
# add rabbitmq user with /usr/sbin/rabbitmqctl at boot time.
RUN echo "@reboot root sleep 5 && rabbitmqctl add_user admin admin && rabbitmqctl set_user_tags admin administrator && rabbitmqctl set_permissions -p / admin \".*\" \".*\" \".*\"" >> /etc/crontab
EXPOSE 15672 9001
ENTRYPOINT ["/sbin/init"]
构建图像:
docker build --build-arg UID=$(id -u) -t customRockyLinux:customRockyLinux .
运行 图片:
docker run --name customRL_container -d --privileged -p 15672:15672 -p 9001:9001 customRockyLinux:customRockyLinux
以 root 身份与容器交互:
docker exec -it customRL_container bash
或作为特定用户:
docker exec -it --user admin customRL_container bash
验证 RabbitMQ 用户:
root@a2dc7498de45 /]# rabbitmqctl list_users
user tags
admin [administrator]
guest [administrator]
[root@a2dc7498de45 /]#
[root@a2dc7498de45 /]#
[root@a2dc7498de45 /]# rabbitmqctl --version
3.9.5
[root@a2dc7498de45 /]# cat /etc/redhat-release
Rocky Linux release 8.4 (Green Obsidian)
祝你好运!!
创建两个文件夹,data 和 etc
enabled_plugins
[rabbitmq_management,rabbitmq_prometheus].
rabbitmq.conf
auth_mechanisms.1 = PLAIN
auth_mechanisms.2 = AMQPLAIN
loopback_users.guest = false
listeners.tcp.default = 5672
#default_pass = admin
#default_user = admin
hipe_compile = false
#management.listener.port = 15672
#management.listener.ssl = false
management.tcp.port = 15672
management.load_definitions = /etc/rabbitmq/definitions.json
definitions.json 您可以根据需要添加任意数量的用户、队列、交易所
{
"users": [
{
"name": "admin",
"password": "admin",
"tags": "administrator"
}
],
"vhosts": [
{
"name": "/"
}
],
"policies": [
{
"vhost": "/",
"name": "ha",
"pattern": "",
"apply-to": "all",
"definition": {
"ha-mode": "all",
"ha-sync-batch-size": 256,
"ha-sync-mode": "automatic"
},
"priority": 0
}
],
"permissions": [
{
"user": "admin",
"vhost": "/",
"configure": ".*",
"write": ".*",
"read": ".*"
}
],
"queues": [
{
"name": "job-import.triggered.queue",
"vhost": "/",
"durable": true,
"auto_delete": false,
"arguments": {}
}
],
"exchanges": [
{
"name": "lob-proj-dx",
"vhost": "/",
"type": "direct",
"durable": true,
"auto_delete": false,
"internal": false,
"arguments": {}
}
],
"bindings": [
{
"source": "lob-proj-dx",
"vhost": "/",
"destination": "job-import.triggered.queue",
"destination_type": "queue",
"routing_key": "job-import.event.triggered",
"arguments": {}
}
]
}
运行兔子
docker run --restart=always -d -p 5672:5672 -p 15672:15672 --mount type=bind,source=E:\docker\rabbit\data,target=/var/lib/rabbitmq/ --mount type=bind,source=E:\docker\rabbit\etc,target=/etc/rabbitmq/ --name rabbitmq --hostname my-rabbit rabbitmq:3.7.28-management
取自here
此方法不需要创建自定义 docker 图像,不需要 docker-compose 而且它在重启后保持状态
好吧...由于 image and docs 已经更新,现在可能很明显了,但是因为我在这里搜索了我的方式,所以至少有一个默认用户和 vhost 的环境变量(但是还不是多个):
If you wish to change the default username and password of guest / guest, you can do so with the RABBITMQ_DEFAULT_USER and RABBITMQ_DEFAULT_PASS environmental variables. These variables were available previously in the docker-specific entrypoint shell script but are now available in RabbitMQ directly.
$ docker run -d --hostname my-rabbit --name some-rabbit -e
RABBITMQ_DEFAULT_USER=user -e RABBITMQ_DEFAULT_PASS=password
rabbitmq:3-management
If you wish to change the default vhost, you can do so with the RABBITMQ_DEFAULT_VHOST environmental variables:
$ docker run -d --hostname my-rabbit --name some-rabbit -e
RABBITMQ_DEFAULT_VHOST=my_vhost rabbitmq:3-management
但是 definitions.json and import 它通过 load_definitions 配置键。