Create additionals vhost/user/pass for RabbitMQ at helm chart for Kubernetes

10/31/2018

Edit: I need to set some additionals rabbit vhost/users/pass at helm charts for a rabbitMQ we use in K8s, I tried via curl in a lifecyle postStart hook:

Here's an example:

lifecycle:
  postStart:
    exec:
      command: ["'/bin/sh', '-c','curl -i -u guest:guest -H ''content-type:application/json'' -XPUT -d '''{'password':'1234','tags':'monitoring'}''' http://localhost:15672/api/users/deleteme'"]

But fails :

Killing container with id docker://rabbitmq:FailedPostStartHook

I tried changing quotation and also setting it like:

command:
 - "sh":
 - "-c":
 - etc....

With no success, it's the first time I'm using hooks, any advice, please? Thanks!

full statefulset:

apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
  name: {{ .Chart.Name }}
  labels:
    app: {{ .Chart.Name }}
spec:
  serviceName: {{ .Chart.Name }}
  replicas: {{ .Values.replicaCount }}
  updateStrategy:
    type: {{ .Values.updateStrategy }}
  template:
    metadata:
      labels:
        app: {{ .Chart.Name }}
    spec:
      terminationGracePeriodSeconds: 10
      containers:
        - name: {{ .Chart.Name }}
          image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
            - name: epmd
              protocol: TCP
              containerPort: 4369
            - name: amqp
              protocol: TCP
              containerPort: 5672
            - name: http
              protocol: TCP
              containerPort: 15672
          livenessProbe:
            exec:
              command:
                - rabbitmqctl
                - status
            initialDelaySeconds: 30
            timeoutSeconds: 5
          readinessProbe:
            exec:
              command:
                - rabbitmqctl
                - status
            initialDelaySeconds: 10
            timeoutSeconds: 5
          env:
            - name: MY_POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            - name: RABBITMQ_USE_LONGNAME
              value: "true"
            - name: RABBITMQ_NODENAME
              value: "rabbit@$(MY_POD_IP)"
            - name: K8S_SERVICE_NAME
              value: {{ .Chart.Name }}
            - name: RABBITMQ_ERLANG_COOKIE
              valueFrom:
                secretKeyRef:
                  name: {{ .Chart.Name }}
                  key: rabbitmq-erlang-cookie
            - name: RABBITMQ_DEFAULT_USER
              value: {{ .Values.rabbitmqUsername | quote }}
            - name: RABBITMQ_DEFAULT_PASS
              valueFrom:
                secretKeyRef:
                  name: {{ .Chart.Name }}
                  key: rabbitmq-password
            - name: RABBITMQ_DEFAULT_VHOST
              value: {{ .Values.rabbitmqVhost | quote }}
          volumeMounts:
            - name: data
              mountPath: /var/lib/rabbitmq
            - name: config
              mountPath: /etc/rabbitmq
          lifecycle:
              postStart:
                exec:
                  command:
                  - "sh"
                  - "-c"
                  - "curl -i -u guest:guest -H \"content-type:application/json\" -XPUT -d \"{\"password\":\"1234\",\"tags\":\"monitoring\"}\" http://rabbitmq:15672/api/users/deleteme"
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 1
              podAffinityTerm:
                topologyKey: kubernetes.io/hostname
                labelSelector:
                  matchLabels:
                    app: {{ .Chart.Name }}
      volumes:
        - name: config
          configMap:
            name: {{ .Chart.Name }}
        - name: data
          emptyDir: {}

I might ending up using values or trying to set it up at configmap: https://github.com/helm/charts/tree/master/stable/rabbitmq-ha

If there's a better way, would be great.

-- Rancor
docker
kubernetes
kubernetes-helm
rabbitmq

1 Answer

11/2/2018

I would recommend to look at Helm Hooks. They consist with various options to interpose at certain phases of the development life cycle. Hooks represent themselves as regular templates, however they require a special annotations to be set in order Helm to interpret them correctly.

apiVersion: ...
kind: ....
metadata:
  annotations:
    "helm.sh/hook": "pre-install"
# ...

You can consider to run a Job with post-install hook which executes after all resources are loaded into Kubernetes.

-- mk_sta
Source: StackOverflow