search

pivotal-cf / java-cfenv

Apache License 2.0
91 stars 56 forks source link

rabbit credentials might be incomplete / miss virtualhost info #52

Open imod opened 5 years ago

imod commented 5 years ago

We deploy or applications on two different CF installations (pivotal and swisscom). The two are different in terms of how the rabbit credentials are defined in VCAP_SERVICES.

The rabbit credentials on pivotal only provide uri and http_api_uri in the credentials, where swisscom also provides things like the very important virtualhost (vhost). Although the virtual host ist also part of the uri on pivotal (last part of the uri), it is quite cumbersome to get hold of it. As a workaround we currently take advantage of the fact that virtualhost is equals to the username when the service is provided by cloudamqp on pivotal.

So our current config looks like this (we fallback to the username in case there is no vhost defined):

@Bean
public ConnectionFactory rabbit(CfEnv cfEnv) {
    // "label" must match name of bound service on CF!
    CfCredentials rabbitCredentials = cfEnv.findCredentialsByName("rabbit");
    CachingConnectionFactory connectionFactory = new CachingConnectionFactory(rabbitCredentials.getHost(), Integer.parseInt(rabbitCredentials.getPort()));
    connectionFactory.setChannelCacheSize(CHANNEL_CACHE_SIZE);
    connectionFactory.setUsername(rabbitCredentials.getUsername());
    connectionFactory.setPassword(rabbitCredentials.getPassword());

    String vhost = StringUtils.isNotBlank(rabbitCredentials.getString("vhost")) ? rabbitCredentials.getString("vhost") : rabbitCredentials.getUsername();
    connectionFactory.setVirtualHost(vhost);

    return connectionFactory;
}

With this issue, I ask you to provide a more reliable way to access the virtualhost also in case where it is only configured in the uri (as in the case on run.pivotal.io). If not possible, I suggest to add some kind of documentation about this. ...btw, this did not make any difference with the old cloud connector api - everything was picked up automatically and was working fine.

VCAP_SERVICES details: on run.pivotal.io, service provided by cloudamqp: 

...
"cloudamqp": [
        {
          "label": "cloudamqp",
          "provider": null,
          "plan": "tiger",
          "name": "rabbit",
          "tags": [
            "amqp",
            "rabbitmq"
          ],
          "instance_name": "rabbit",
          "binding_name": null,
          "credentials": {
            "uri": "amqp://xxxxx:pppppppppp@clam.rmq.cloudamqp.com/xxxxx",
            "http_api_uri": "https://xxxxx:pppppppppp@clam.rmq.cloudamqp.com/api/"
          },
          "syslog_drain_url": null,
          "volume_mounts": []
        }
      ]
    }
...

swisscom, service provided by swisscom:

    "rabbitmqent": [
      {
        "label": "rabbitmqent",
        "provider": null,
        "plan": "usage",
        "name": "rabbit",
        "tags": [
          "rabbitmq"
        ],
        "instance_name": "rabbit",
        "binding_name": null,
        "credentials": {
          "uri": "amqp://xxxxx:pppppppppp@rabbitmq.service.consul/vvvvvvvvvvvv",
          "uris": [
            "amqp://xxxxx:pppppppppp@node-0.service.consul/vvvvvvvvvvvv",
            "amqp://xxxxx:pppppppppp@node-1.service.consul/vvvvvvvvvvvv",
            "amqp://xxxxx:pppppppppp@node-2.service.consul/vvvvvvvvvvvv"
          ],
          "vhost": "vvvvvvvvvvvv",
          "username": "xxxxx",
          "password": "pppppppppp",
          "hostname": "rabbitmq.service.consul",
          "hostnames": [
            "node-0.service.consul",
            "node-1.service.consul",
            "node-2.service.consul"
          ],
          "port": 5672,
          "amqp_port": 5672,
          "mqtt_port": 1883,
          "stomp_port": 61613,
          "management_port": 15672,
          "http_api_uri": "http://xxxxx:pppppppppp@rabbitmq.service.consul:15672/api",
          "http_api_uris": [
            "http://xxxxx:pppppppppp@node-0.service.consul:15672/api",
            "http://xxxxx:pppppppppp@node-1.service.consul:15672/api",
            "http://xxxxx:pppppppppp@node-2.service.consul:15672/api"
          ],
          "protocols": {
            "amqp": {
              "username": "xxxxx",
              "password": "pppppppppp",
              "port": 5672,
              "host": "rabbitmq.service.consul",
              "hosts": [
                "node-0.service.consul",
                "node-1.service.consul",
                "node-2.service.consul"
              ],
              "uri": "amqp://xxxxx:pppppppppp@rabbitmq.service.consul/vvvvvvvvvvvv",
              "uris": [
                "amqp://xxxxx:pppppppppp@node-0.service.consul/vvvvvvvvvvvv",
                "amqp://xxxxx:pppppppppp@node-1.service.consul/vvvvvvvvvvvv",
                "amqp://xxxxx:pppppppppp@node-2.service.consul/vvvvvvvvvvvv"
              ],
              "vhost": "vvvvvvvvvvvv"
            },
            "http": {
              "username": "xxxxx",
              "password": "pppppppppp",
              "port": 15672,
              "host": "rabbitmq.service.consul",
              "hosts": [
                "node-0.service.consul",
                "node-1.service.consul",
                "node-2.service.consul"
              ],
              "uri": "http://xxxxx:pppppppppp@rabbitmq.service.consul/vvvvvvvvvvvv",
              "uris": [
                "http://xxxxx:pppppppppp@node-0.service.consul/vvvvvvvvvvvv",
                "http://xxxxx:pppppppppp@node-1.service.consul/vvvvvvvvvvvv",
                "http://xxxxx:pppppppppp@node-2.service.consul/vvvvvvvvvvvv"
              ],
              "vhost": "vvvvvvvvvvvv"
            },
            "mqtt": {
              "username": "vvvvvvvvvvvv:xxxxx",
              "password": "pppppppppp",
              "port": 1883,
              "host": "rabbitmq.service.consul",
              "hosts": [
                "node-0.service.consul",
                "node-1.service.consul",
                "node-2.service.consul"
              ],
              "uri": "mqtt://vvvvvvvvvvvv%3Axxxxx:pppppppppp@rabbitmq.service.consul",
              "uris": [
                "mqtt://vvvvvvvvvvvv%3Axxxxx:pppppppppp@node-0.service.consul",
                "mqtt://vvvvvvvvvvvv%3Axxxxx:pppppppppp@node-1.service.consul",
                "mqtt://vvvvvvvvvvvv%3Axxxxx:pppppppppp@node-2.service.consul"
              ]
            },
            "stomp": {
              "username": "xxxxx",
              "password": "pppppppppp",
              "port": 61613,
              "host": "rabbitmq.service.consul",
              "hosts": [
                "node-0.service.consul",
                "node-1.service.consul",
                "node-2.service.consul"
              ],
              "uri": "stomp://xxxxx:pppppppppp@rabbitmq.service.consul",
              "uris": [
                "stomp://xxxxx:pppppppppp@node-0.service.consul",
                "stomp://xxxxx:pppppppppp@node-1.service.consul",
                "stomp://xxxxx:pppppppppp@node-2.service.consul"
              ],
              "vhost": "vvvvvvvvvvvv"
            },
            "management": {
              "uri": "http://xxxxx:pppppppppp@rabbitmq.service.consul:15672/api",
              "uris": [
                "http://xxxxx:pppppppppp@node-0.service.consul:15672/api",
                "http://xxxxx:pppppppppp@node-1.service.consul:15672/api",
                "http://xxxxx:pppppppppp@node-2.service.consul:15672/api"
              ],
              "username": "xxxxx",
              "password": "pppppppppp",
              "host": "rabbitmq.service.consul",
              "hosts": [
                "node-0.service.consul",
                "node-1.service.consul",
                "node-2.service.consul"
              ],
              "port": 15672,
              "path": "/api",
            }
          }
markpollack commented 5 years ago

Great feedback, thanks, will address!

imod commented 5 years ago

something along CfEnvJdbc for Rabbit would be great :)

markpollack commented 5 years ago

It is going to take a bit longer to figure this one out, so removing the assigned milestone 1.1.0.RC1

pivotal-david-osullivan commented 2 years ago

@imod Revisiting this issue, since the run.pivotal.io service is no longer active, is there any problem accessing the vhost on Swisscom or other providers?

imod commented 2 years ago

@pivotal-david-osullivan thanks for asking - we moved away from CF, so I don't have the issue anymore