RabbitMQ is used to exchange messages within a vCloud Director environment.

If you have already installed RabbitMQ, make sure that the host is configured to support SSL connections.

For test and development environments, you can optionally skip this procedure and follow the instructions at Create Containers for Test and Development Environments to have RabbitMQ run in a Docker container instead.

The following is an example of the process of installing and configuring a RabbitMQ host.

Download an Install RabbitMQ

# wget https://www.rabbitmq.com/releases/erlang/erlang-18.3-1.el6.x86_64.rpm
# rpm -i erlang-18.3-1.el6.x86_64.rpm
# wget http://www.rabbitmq.com/releases/rabbitmq-server/v3.6.1/rabbitmq-server-3.6.1-1.noarch.rpm
# rpm --import https://www.rabbitmq.com/rabbitmq-signing-key-public.asc
# rpm -i rabbitmq-server-3.6.1-1.noarch.rpm

Create Self-Signed Certificates

# wget https://github.com/michaelklishin/tls-gen/archive/master.zip 
# unzip master.zip
# cd tls-get-master/basic

Replace vcd-db.gcp.local with your domain:

# CN=vcd-db.gcp.local PASSWORD=vmware make
# mv testca/ /etc/rabbitmq/
# mv server/ /etc/rabbitmq/
# mv client/ /etc/rabbitmq/

Set Owner:

# chown -R rabbitmq: /etc/rabbitmq/testca
# chown -R rabbitmq: /etc/rabbitmq/server
# chown -R rabbitmq: /etc/rabbitmq/client

Create the file /etc/rabbitmq/rabbitmq.config with the following content.

[
  {ssl, [{versions, ['tlsv1.2', 'tlsv1.1', tlsv1]}]},
  {rabbit, [
     {ssl_listeners, [5671]},
     {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"},
                    {certfile,"/etc/rabbitmq/server/cert.pem"},
                    {keyfile,"/etc/rabbitmq/server/key.pem"},
		    {versions, ['tlsv1.2', 'tlsv1.1', tlsv1]},
		    {ciphers,  ["ECDHE-ECDSA-AES256-GCM-SHA384","ECDHE-RSA-AES256-GCM-SHA384",
		     "ECDHE-ECDSA-AES256-SHA384","ECDHE-RSA-AES256-SHA384",
		     "ECDH-ECDSA-AES256-GCM-SHA384","ECDH-RSA-AES256-GCM-SHA384",
		     "ECDH-ECDSA-AES256-SHA384","ECDH-RSA-AES256-SHA384",
		     "DHE-RSA-AES256-GCM-SHA384","DHE-DSS-AES256-GCM-SHA384",
		     "DHE-RSA-AES256-SHA256","DHE-DSS-AES256-SHA256","AES256-GCM-SHA384",
		     "AES256-SHA256","ECDHE-ECDSA-AES128-GCM-SHA256",
		     "ECDHE-RSA-AES128-GCM-SHA256","ECDHE-ECDSA-AES128-SHA256",
		     "ECDHE-RSA-AES128-SHA256","ECDH-ECDSA-AES128-GCM-SHA256",
		     "ECDH-RSA-AES128-GCM-SHA256","ECDH-ECDSA-AES128-SHA256",
		     "ECDH-RSA-AES128-SHA256","DHE-RSA-AES128-GCM-SHA256",
		     "DHE-DSS-AES128-GCM-SHA256","DHE-RSA-AES128-SHA256","DHE-DSS-AES128-SHA256",
		     "AES128-GCM-SHA256","AES128-SHA256","ECDHE-ECDSA-AES256-SHA",
		     "ECDHE-RSA-AES256-SHA","DHE-RSA-AES256-SHA","DHE-DSS-AES256-SHA",
		     "ECDH-ECDSA-AES256-SHA","ECDH-RSA-AES256-SHA","AES256-SHA",
		     "ECDHE-ECDSA-DES-CBC3-SHA","ECDHE-RSA-DES-CBC3-SHA","EDH-RSA-DES-CBC3-SHA",
 		     "EDH-DSS-DES-CBC3-SHA","ECDH-ECDSA-DES-CBC3-SHA","ECDH-RSA-DES-CBC3-SHA",
		     "DES-CBC3-SHA","ECDHE-ECDSA-AES128-SHA","ECDHE-RSA-AES128-SHA",
 		     "DHE-RSA-AES128-SHA","DHE-DSS-AES128-SHA","ECDH-ECDSA-AES128-SHA",
 		     "ECDH-RSA-AES128-SHA","AES128-SHA","EDH-RSA-DES-CBC-SHA","DES-CBC-SHA"]},
		     {verify,verify_none},
                     {fail_if_no_peer_cert,false}]}]}
].

Start RabbitMQ

# service rabbitmq-server start

Enable RabbitMQ UI

To enable the UI on http://server-name:15672/

# rabbitmq-plugins enable rabbitmq_management

Create admin user to log in:

# rabbitmqctl add_user admin vmware
# rabbitmqctl set_permissions -p / admin ".*" ".*" ".*"
# rabbitmqctl set_user_tags admin administrator