1. RabbitMQ Plugins使用
RabbitMQ自帶插件管理系統,可以使用工具[rabbitmq-plugins]進行管理和使用。查看當前插件狀態啓用插件[tRabbitMQ@iZ250x18mnzZ ~]$ rabbitmq-plugins list Configured: E = explicitly enabled; e = implicitly enabled | Status: [failed to contact rabbit@iZ250x18mnzZ - status not shown] |/ [e ] amqp_client 3.6.0 [ ] cowboy 1.0.3 [ ] cowlib 1.0.1 [e ] mochiweb 2.13.0 [ ] rabbitmq_amqp1_0 3.6.0 [ ] rabbitmq_auth_backend_ldap 3.6.0 [ ] rabbitmq_auth_mechanism_ssl 3.6.0 [ ] rabbitmq_consistent_hash_exchange 3.6.0 [ ] rabbitmq_event_exchange 3.6.0 [ ] rabbitmq_federation 3.6.0 [ ] rabbitmq_federation_management 3.6.0 [E ] rabbitmq_management 3.6.0 [e ] rabbitmq_management_agent 3.6.0 [ ] rabbitmq_management_visualiser 3.6.0 [ ] rabbitmq_mqtt 3.6.0 [ ] rabbitmq_recent_history_exchange 1.2.1 [ ] rabbitmq_sharding 0.1.0 [ ] rabbitmq_shovel 3.6.0 [ ] rabbitmq_shovel_management 3.6.0 [ ] rabbitmq_stomp 3.6.0 [ ] rabbitmq_tracing 3.6.0 [e ] rabbitmq_web_dispatch 3.6.0 [ ] rabbitmq_web_stomp 3.6.0 [ ] rabbitmq_web_stomp_examples 3.6.0 [ ] sockjs 0.3.4 [e ] webmachine git
[tRabbitMQ@iZ250x18mnzZ ~]$ sudo rabbitmq-plugins enable rabbitmq_management The following plugins have been enabled: mochiweb webmachine rabbitmq_web_dispatch amqp_client rabbitmq_management_agent rabbitmq_management Applying plugin configuration to rabbit@iZ250x18mnzZ... started 6 plugins.
停用插件[tRabbitMQ@iZ250x18mnzZ ~]$ sudo rabbitmq-plugins disable rabbitmq_management The following plugins have been disabled: mochiweb webmachine rabbitmq_web_dispatch amqp_client rabbitmq_management_agent rabbitmq_management Applying plugin configuration to rabbit@iZ250x18mnzZ... stopped 6 plugins.
具體的命令使用參考官網資料:https://www.rabbitmq.com/man/rabbitmq-plugins.1.man.html除系統安裝自帶的插件,RabbtiMQ還提供了一些其他插件可下載使用:https://www.rabbitmq.com/community-plugins.html不再對其他的插件相關內容做分析,大家有興趣的可以點擊以下鏈接到官網學習
2. Management Plugin
管理插件在安裝RabbtiMQ時就已經同步安裝,只需使用上面的啓動命令啓動插件即可。
管理插件提供了一套對RabbitMQ服務的管理及監控的HTTP API,以及基於瀏覽器服的用戶界面、命令行工具以及rabbitmqadmin(工具)。
主要有以下功能:
1、 聲明、查詢、刪除交換機、隊列、bindings、用戶、虛擬機以及權限
2、 監控隊列、通道、數據連接等信息
3、 發送和接收消息
4、 監控Erlang進程、內存使用、文件描述符
5、 導入或導出json對象
6、 強制關閉連接,清理隊列
按照上述方式啓動之後。
1、web訪問地址:http://server-name:15672/ 端口可自定義配置
2、http api訪問地址:http://server-name:15672/api/ 也可以參考官網:https://raw.githack.com/rabbitmq/rabbitmq-management/rabbitmq_v3_6_1/priv/www/api/index.html
3、下載工具rabbitmqadmin:http://server-name:15672/cli/ 關於客戶端使用方法:https://www.rabbitmq.com/management-cli.html
其他相關使用方法,參考官網:https://www.rabbitmq.com/management.html
安裝RabbitMQ自帶的用戶guest,只能在本地使用,所以公網中用戶guest無法登錄management提供的插件,下面是新建用戶並增加。
3. 用戶及權限管理
3.1.用戶管理
創建用戶[tRabbitMQ@iZ250x18mnzZ ~]$ sudo rabbitmqctl add_user rabbitmq rabbitmq Creating user "rabbitmq" ...
刪除用戶[tRabbitMQ@iZ250x18mnzZ ~]$ sudo rabbitmqctl delete_user rabbitmq Deleting user "rabbitmq" ...
查看用戶[tRabbitMQ@iZ250x18mnzZ ~]$ sudo rabbitmqctl list_users Listing users ... rabbitmq [] guest [administrator]
修改用戶密碼[tRabbitMQ@iZ250x18mnzZ ~]$ sudo rabbitmqctl change_password rabbitmq rabbitmq Changing password for user "rabbitmq" ... [tRabbitMQ@iZ250x18mnzZ ~]$
命令參考資料:http://www.rabbitmq.com/man/rabbitmqctl.1.man.html
3.2. 用戶角色管理
創建用戶之後,還需要給用戶添加權限,在插件management中基於RabbitMQ權限模型進行了封裝與擴展,對用戶指定類似標籤的方式決定用戶的權限,提供以下幾類標籤:
標籤 功能 (None) No access to the management plugin management Anything the user could do via AMQP plus:
- List virtual hosts to which they can log in via AMQP
- View all queues, exchanges and bindings in "their" virtual hosts
- View and close their own channels and connections
- View "global" statistics covering all their virtual hosts, including activity by other users within them
policymaker Everything "management" can plus:
- View, create and delete policies and parameters for virtual hosts to which they can log in via AMQP
monitoring Everything "management" can plus:
- List all virtual hosts, including ones they could not log in to via AMQP
- View other users's connections and channels
- View node-level data such as memory use and clustering
- View truly global statistics for all virtual hosts
administrator Everything "policymaker" and "monitoring" can plus:
- Create and delete virtual hosts
- View, create and delete users
- View, create and delete permissions
- Close other users's connections
給用戶設置標籤也可以給用戶設置多個角色,除上述系統內置角色外,還可以自定義角色,具體可參考官網給出的命令[tRabbitMQ@iZ250x18mnzZ ~]$ sudo rabbitmqctl set_user_tags rabbitmq administrator Setting tags for user "rabbitmq" to [administrator] ... [tRabbitMQ@iZ250x18mnzZ ~]$
管理工具角色參考官網:http://www.rabbitmq.com/management.html3.3. 權限管理
權限大致分爲兩個級別:1. 訪問權限
決定是否可以連接上相應的服務
按照前兩步的方法,創建用戶,給用戶設置用戶角色,我就可以登錄到web2. 操作權限操作權限又分爲兩類,配置權限和讀寫權限,只要針對資源(queue、exchange)配置權限影響資源的創建和刪除。讀寫權限影響消息的讀取和寫入,例如發送消息要有可寫權限,接收消息要有可讀權限。具體說明可見官網資料,而給用戶設置相應的權限,使用rabbitmqctl執行即可,下面也有提供具體的手機用方法。RabbitMQ權限模型說明參考資料:http://www.rabbitmq.com/access-control.html