The purpose of this spec is to adjust our current RabbitMQ setup to better use the available system resources by creating a vhost and user per-consumer service within RabbitMQ.
Presently all services use the single root virtual host within RabbitMQ and while this is “OK” for small to mid sized deployments however it would be better to divide services into logical resource groups within RabbitMQ which will bring with it additional security.
All services that utilize RabbitMQ should have their own virtual host, user, and password.
Leave RabbitMQ the way it is.
The playbooks will have no impact. The changes being proposed are being done within roles. Ideally this would be a simple default addition, two new tasks, and a simple change within the oslo_messaging section in the service configuration files.
There will be an upgrade impact as the user will need to add the new secret entries to the user_secrets.yml file. If this was to be accepted as a backport to kilo this would have to be targeted to a major version.
Serpentining the services into different vhosts with different users and passwords should improve security. And brings our project more inline with what is described in the OpenStack Messaging Security documentation.
The separation of service into logical vhosts has been not been reported to have any noticeable performance impact.
The deployer will need to ensure they have passwords entries set within the user_secrets.yml file. This should not impact greenfield deployments however it will need to be something covered in an upgrade.
The testing of this change is a convergence test. The gate job will utilize the the changes on every commit.
Docs will need to be updated in terms of upgrades to add the new variables.