Enable "rabbitmq_prometheus" in RabbitMQ 3.8 by default

Author: tianon

3.7-rc/alpine/docker-entrypoint.sh

@@ -32,6 +32,10 @@ file_env() {
 : "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
+# ... and so should "prometheus"
+: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
 
 # Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
 fileEnvKeys=(
@@ -51,6 +55,9 @@ sslConfigKeys=(
 managementConfigKeys=(
 	"${sslConfigKeys[@]/#/ssl_}"
 )
+prometheusConfigKeys=(
+	"${sslConfigKeys[@]/#/ssl_}"
+)
 rabbitConfigKeys=(
 	default_pass
 	default_user
@@ -61,12 +68,16 @@ fileConfigKeys=(
 	management_ssl_cacertfile
 	management_ssl_certfile
 	management_ssl_keyfile
+	prometheus_ssl_cacertfile
+	prometheus_ssl_certfile
+	prometheus_ssl_keyfile
 	ssl_cacertfile
 	ssl_certfile
 	ssl_keyfile
 )
 allConfigKeys=(
 	"${managementConfigKeys[@]/#/management_}"
+	"${prometheusConfigKeys[@]/#/prometheus_}"
 	"${rabbitConfigKeys[@]}"
 	"${sslConfigKeys[@]/#/ssl_}"
 )
@@ -75,6 +86,9 @@ declare -A configDefaults=(
 	[management_ssl_fail_if_no_peer_cert]='false'
 	[management_ssl_verify]='verify_none'
 
+	[prometheus_ssl_fail_if_no_peer_cert]='false'
+	[prometheus_ssl_verify]='verify_none'
+
 	[ssl_fail_if_no_peer_cert]='true'
 	[ssl_verify]='verify_peer'
 )
@@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
 		case "$conf" in
 			ssl_*) haveSslConfig=1 ;;
 			management_ssl_*) haveManagementSslConfig=1 ;;
+			prometheus_ssl_*) havePrometheusSslConfig=1 ;;
 		esac
 	fi
 done
@@ -271,6 +286,7 @@ rabbit_env_config() {
 		case "$prefix" in
 			ssl) key="ssl_options.$key" ;;
 			management_ssl) key="management.ssl.$key" ;;
+			prometheus_ssl) key="prometheus.ssl.$key" ;;
 		esac
 
 		local val="${!var:-}"
@@ -374,7 +390,9 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 
 	# if management plugin is installed, generate config for it
 	# https://www.rabbitmq.com/management.html#configuration
+	managementEnabled=
 	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_management)" ]; then
+		managementEnabled=1
 		if [ "$haveManagementSslConfig" ]; then
 			rabbit_set_config 'management.ssl.port' 15671
 			rabbit_env_config 'management_ssl' "${sslConfigKeys[@]}"
@@ -390,6 +408,22 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 			rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
 		fi
 	fi
+
+	# if prometheus plugin is installed, generate config for it
+	# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
+	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
+		if [ "$havePrometheusSslConfig" ]; then
+			rabbit_set_config 'prometheus.ssl.port' 15691
+			rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
+		else
+			rabbit_set_config 'prometheus.tcp.port' 15692
+		fi
+
+		# if the management plugin is not enabled, then disable the metrics collector in the management_agent plugin (https://github.com/rabbitmq/rabbitmq-management-agent/pull/78)
+		if [ -z "$managementEnabled" ]; then
+			rabbit_set_config 'management_agent.disable_metrics_collector' 'true'
+		fi
+	fi
 fi
 
 combinedSsl='/tmp/rabbitmq-ssl/combined.pem'

3.7-rc/ubuntu/docker-entrypoint.sh

@@ -32,6 +32,10 @@ file_env() {
 : "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
+# ... and so should "prometheus"
+: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
 
 # Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
 fileEnvKeys=(
@@ -51,6 +55,9 @@ sslConfigKeys=(
 managementConfigKeys=(
 	"${sslConfigKeys[@]/#/ssl_}"
 )
+prometheusConfigKeys=(
+	"${sslConfigKeys[@]/#/ssl_}"
+)
 rabbitConfigKeys=(
 	default_pass
 	default_user
@@ -61,12 +68,16 @@ fileConfigKeys=(
 	management_ssl_cacertfile
 	management_ssl_certfile
 	management_ssl_keyfile
+	prometheus_ssl_cacertfile
+	prometheus_ssl_certfile
+	prometheus_ssl_keyfile
 	ssl_cacertfile
 	ssl_certfile
 	ssl_keyfile
 )
 allConfigKeys=(
 	"${managementConfigKeys[@]/#/management_}"
+	"${prometheusConfigKeys[@]/#/prometheus_}"
 	"${rabbitConfigKeys[@]}"
 	"${sslConfigKeys[@]/#/ssl_}"
 )
@@ -75,6 +86,9 @@ declare -A configDefaults=(
 	[management_ssl_fail_if_no_peer_cert]='false'
 	[management_ssl_verify]='verify_none'
 
+	[prometheus_ssl_fail_if_no_peer_cert]='false'
+	[prometheus_ssl_verify]='verify_none'
+
 	[ssl_fail_if_no_peer_cert]='true'
 	[ssl_verify]='verify_peer'
 )
@@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
 		case "$conf" in
 			ssl_*) haveSslConfig=1 ;;
 			management_ssl_*) haveManagementSslConfig=1 ;;
+			prometheus_ssl_*) havePrometheusSslConfig=1 ;;
 		esac
 	fi
 done
@@ -271,6 +286,7 @@ rabbit_env_config() {
 		case "$prefix" in
 			ssl) key="ssl_options.$key" ;;
 			management_ssl) key="management.ssl.$key" ;;
+			prometheus_ssl) key="prometheus.ssl.$key" ;;
 		esac
 
 		local val="${!var:-}"
@@ -374,7 +390,9 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 
 	# if management plugin is installed, generate config for it
 	# https://www.rabbitmq.com/management.html#configuration
+	managementEnabled=
 	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_management)" ]; then
+		managementEnabled=1
 		if [ "$haveManagementSslConfig" ]; then
 			rabbit_set_config 'management.ssl.port' 15671
 			rabbit_env_config 'management_ssl' "${sslConfigKeys[@]}"
@@ -390,6 +408,22 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 			rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
 		fi
 	fi
+
+	# if prometheus plugin is installed, generate config for it
+	# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
+	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
+		if [ "$havePrometheusSslConfig" ]; then
+			rabbit_set_config 'prometheus.ssl.port' 15691
+			rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
+		else
+			rabbit_set_config 'prometheus.tcp.port' 15692
+		fi
+
+		# if the management plugin is not enabled, then disable the metrics collector in the management_agent plugin (https://github.com/rabbitmq/rabbitmq-management-agent/pull/78)
+		if [ -z "$managementEnabled" ]; then
+			rabbit_set_config 'management_agent.disable_metrics_collector' 'true'
+		fi
+	fi
 fi
 
 combinedSsl='/tmp/rabbitmq-ssl/combined.pem'

3.7/alpine/docker-entrypoint.sh

@@ -32,6 +32,10 @@ file_env() {
 : "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
+# ... and so should "prometheus"
+: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
 
 # Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
 fileEnvKeys=(
@@ -51,6 +55,9 @@ sslConfigKeys=(
 managementConfigKeys=(
 	"${sslConfigKeys[@]/#/ssl_}"
 )
+prometheusConfigKeys=(
+	"${sslConfigKeys[@]/#/ssl_}"
+)
 rabbitConfigKeys=(
 	default_pass
 	default_user
@@ -61,12 +68,16 @@ fileConfigKeys=(
 	management_ssl_cacertfile
 	management_ssl_certfile
 	management_ssl_keyfile
+	prometheus_ssl_cacertfile
+	prometheus_ssl_certfile
+	prometheus_ssl_keyfile
 	ssl_cacertfile
 	ssl_certfile
 	ssl_keyfile
 )
 allConfigKeys=(
 	"${managementConfigKeys[@]/#/management_}"
+	"${prometheusConfigKeys[@]/#/prometheus_}"
 	"${rabbitConfigKeys[@]}"
 	"${sslConfigKeys[@]/#/ssl_}"
 )
@@ -75,6 +86,9 @@ declare -A configDefaults=(
 	[management_ssl_fail_if_no_peer_cert]='false'
 	[management_ssl_verify]='verify_none'
 
+	[prometheus_ssl_fail_if_no_peer_cert]='false'
+	[prometheus_ssl_verify]='verify_none'
+
 	[ssl_fail_if_no_peer_cert]='true'
 	[ssl_verify]='verify_peer'
 )
@@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
 		case "$conf" in
 			ssl_*) haveSslConfig=1 ;;
 			management_ssl_*) haveManagementSslConfig=1 ;;
+			prometheus_ssl_*) havePrometheusSslConfig=1 ;;
 		esac
 	fi
 done
@@ -271,6 +286,7 @@ rabbit_env_config() {
 		case "$prefix" in
 			ssl) key="ssl_options.$key" ;;
 			management_ssl) key="management.ssl.$key" ;;
+			prometheus_ssl) key="prometheus.ssl.$key" ;;
 		esac
 
 		local val="${!var:-}"
@@ -374,7 +390,9 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 
 	# if management plugin is installed, generate config for it
 	# https://www.rabbitmq.com/management.html#configuration
+	managementEnabled=
 	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_management)" ]; then
+		managementEnabled=1
 		if [ "$haveManagementSslConfig" ]; then
 			rabbit_set_config 'management.ssl.port' 15671
 			rabbit_env_config 'management_ssl' "${sslConfigKeys[@]}"
@@ -390,6 +408,22 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 			rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
 		fi
 	fi
+
+	# if prometheus plugin is installed, generate config for it
+	# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
+	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
+		if [ "$havePrometheusSslConfig" ]; then
+			rabbit_set_config 'prometheus.ssl.port' 15691
+			rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
+		else
+			rabbit_set_config 'prometheus.tcp.port' 15692
+		fi
+
+		# if the management plugin is not enabled, then disable the metrics collector in the management_agent plugin (https://github.com/rabbitmq/rabbitmq-management-agent/pull/78)
+		if [ -z "$managementEnabled" ]; then
+			rabbit_set_config 'management_agent.disable_metrics_collector' 'true'
+		fi
+	fi
 fi
 
 combinedSsl='/tmp/rabbitmq-ssl/combined.pem'

3.7/ubuntu/docker-entrypoint.sh

@@ -32,6 +32,10 @@ file_env() {
 : "${RABBITMQ_MANAGEMENT_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
 : "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
+# ... and so should "prometheus"
+: "${RABBITMQ_PROMETHEUS_SSL_CACERTFILE:=$RABBITMQ_SSL_CACERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
+: "${RABBITMQ_PROMETHEUS_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
 
 # Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
 fileEnvKeys=(
@@ -51,6 +55,9 @@ sslConfigKeys=(
 managementConfigKeys=(
 	"${sslConfigKeys[@]/#/ssl_}"
 )
+prometheusConfigKeys=(
+	"${sslConfigKeys[@]/#/ssl_}"
+)
 rabbitConfigKeys=(
 	default_pass
 	default_user
@@ -61,12 +68,16 @@ fileConfigKeys=(
 	management_ssl_cacertfile
 	management_ssl_certfile
 	management_ssl_keyfile
+	prometheus_ssl_cacertfile
+	prometheus_ssl_certfile
+	prometheus_ssl_keyfile
 	ssl_cacertfile
 	ssl_certfile
 	ssl_keyfile
 )
 allConfigKeys=(
 	"${managementConfigKeys[@]/#/management_}"
+	"${prometheusConfigKeys[@]/#/prometheus_}"
 	"${rabbitConfigKeys[@]}"
 	"${sslConfigKeys[@]/#/ssl_}"
 )
@@ -75,6 +86,9 @@ declare -A configDefaults=(
 	[management_ssl_fail_if_no_peer_cert]='false'
 	[management_ssl_verify]='verify_none'
 
+	[prometheus_ssl_fail_if_no_peer_cert]='false'
+	[prometheus_ssl_verify]='verify_none'
+
 	[ssl_fail_if_no_peer_cert]='true'
 	[ssl_verify]='verify_peer'
 )
@@ -126,6 +140,7 @@ for conf in "${allConfigKeys[@]}"; do
 		case "$conf" in
 			ssl_*) haveSslConfig=1 ;;
 			management_ssl_*) haveManagementSslConfig=1 ;;
+			prometheus_ssl_*) havePrometheusSslConfig=1 ;;
 		esac
 	fi
 done
@@ -271,6 +286,7 @@ rabbit_env_config() {
 		case "$prefix" in
 			ssl) key="ssl_options.$key" ;;
 			management_ssl) key="management.ssl.$key" ;;
+			prometheus_ssl) key="prometheus.ssl.$key" ;;
 		esac
 
 		local val="${!var:-}"
@@ -374,7 +390,9 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 
 	# if management plugin is installed, generate config for it
 	# https://www.rabbitmq.com/management.html#configuration
+	managementEnabled=
 	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_management)" ]; then
+		managementEnabled=1
 		if [ "$haveManagementSslConfig" ]; then
 			rabbit_set_config 'management.ssl.port' 15671
 			rabbit_env_config 'management_ssl' "${sslConfigKeys[@]}"
@@ -390,6 +408,22 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
 			rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
 		fi
 	fi
+
+	# if prometheus plugin is installed, generate config for it
+	# https://www.rabbitmq.com/prometheus.html#prometheus-configuration
+	if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_prometheus)" ]; then
+		if [ "$havePrometheusSslConfig" ]; then
+			rabbit_set_config 'prometheus.ssl.port' 15691
+			rabbit_env_config 'prometheus_ssl' "${sslConfigKeys[@]}"
+		else
+			rabbit_set_config 'prometheus.tcp.port' 15692
+		fi
+
+		# if the management plugin is not enabled, then disable the metrics collector in the management_agent plugin (https://github.com/rabbitmq/rabbitmq-management-agent/pull/78)
+		if [ -z "$managementEnabled" ]; then
+			rabbit_set_config 'management_agent.disable_metrics_collector' 'true'
+		fi
+	fi
 fi
 
 combinedSsl='/tmp/rabbitmq-ssl/combined.pem'