What is the best way to configure tls on rabbitmq to connect it using perf tool of pivotal?
1,091 views
Skip to first unread message
Arpan Gupta
Dec 19, 2019, 2:36:09 AM12/19/19
to rabbitmq-users
What is the best way to configure tls on rabbitmq to connect it using perf tool of pivotal?
I am not that much familiar with tls. Can anyone help me with that?
Wesley Peng
Dec 19, 2019, 2:37:40 AM12/19/19
to rabbitm...@googlegroups.com
Hi
on 2019/12/19 15:36, Arpan Gupta wrote:
>
> I am not that much familiar with tls. Can anyone help me with that?
You might want to check with this:
https://www.rabbitmq.com/troubleshooting-ssl.html
regards.
on 2019/12/19 15:36, Arpan Gupta wrote:
>
> I am not that much familiar with tls. Can anyone help me with that?
https://www.rabbitmq.com/troubleshooting-ssl.html
regards.
Arpan Gupta
Dec 19, 2019, 4:33:44 AM12/19/19
to rabbitmq-users
Is there any other way to connect to rabbitmq nodes except tls through the perf tool?
Arnaud Cogoluègnes
Dec 19, 2019, 5:04:55 AM12/19/19
to rabbitm...@googlegroups.com
PerfTest can connect to RabbitMQ with and without TLS, the default
being without (meaning plain, non-encrypted connection).
What do you want to do? Do you want information about connecting
PerfTest to RabbitMQ with TLS or without TLS?
> --
> You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/0525f3bb-471f-4c30-994a-a3c8f51fb1d2%40googlegroups.com.
being without (meaning plain, non-encrypted connection).
What do you want to do? Do you want information about connecting
PerfTest to RabbitMQ with TLS or without TLS?
> You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/0525f3bb-471f-4c30-994a-a3c8f51fb1d2%40googlegroups.com.
Message has been deleted
Arpan Gupta
Dec 19, 2019, 6:59:06 AM12/19/19
to rabbitmq-users
Yes, I am sorry if I am asking some very trivial questions. But yes, I want to run this perf tool on both a node where rabbitmq cluster is running and also from a remote location. What are the different ways I can do that?
I tried using this tool directly on the node running rabbitmq cluster on a docker container and I got this error -
Command:
./runjava com.rabbitmq.perf.PerfTest -x 1 -y 2 -u "throughput-test-1" -a --id "test 1"
Errors:
Main thread caught exception: com.rabbitmq.client.AuthenticationFailureException: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
11:39:55.289 [main] ERROR com.rabbitmq.perf.PerfTest - Main thread caught exception
com.rabbitmq.client.AuthenticationFailureException: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
I know we have a configured username and password to access Rabbitmq, but how do I provide that in the command?
I also tried to run it from a remote node using tls but I couldn't probably configure it in the right way and I got this error:
Command: runjava com.rabbitmq.perf.PerfTest -h amqps://<RemoteHostFQDN>:5671
Main thread caught exception: java.net.ConnectException: Connection refused: connect
12:01:57.786 [main] ERROR com.rabbitmq.perf.PerfTest - Main thread caught exception
java.net.ConnectException: Connection refused: connect
Can you please help me out here?
On Thursday, December 19, 2019 at 3:34:55 PM UTC+5:30, Arnaud Cogoluègnes wrote:
PerfTest can connect to RabbitMQ with and without TLS, the default
being without (meaning plain, non-encrypted connection).
What do you want to do? Do you want information about connecting
PerfTest to RabbitMQ with TLS or without TLS?
On Thu, Dec 19, 2019 at 10:33 AM Arpan Gupta <arpa...@gmail.com> wrote:
>
> Is there any other way to connect to rabbitmq nodes except tls through the perf tool?
>
> On Thursday, December 19, 2019 at 1:07:40 PM UTC+5:30, Wesley Peng wrote:
>>
>> Hi
>>
>> on 2019/12/19 15:36, Arpan Gupta wrote:
>> >
>> > I am not that much familiar with tls. Can anyone help me with that?
>>
>> You might want to check with this:
>> https://www.rabbitmq.com/troubleshooting-ssl.html
>>
>> regards.
>
> --
> You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitm...@googlegroups.com.
Wesley Peng
Dec 19, 2019, 7:02:34 AM12/19/19
to Arpan Gupta, rabbitmq-users
You need to set your username and password, if your have created any or you can use the default user "guest" with password "guest", which can be accessible only from localhost.
Regards
2019年12月19日 19:44:27,від "Arpan Gupta" <arpa...@gmail.com>:
Yes, I am sorry if I am asking some very trivial questions. But yes, I want to run this perf tool on both a node where rabbitmq cluster is running and also from a remote location. What are the different ways I can do that?I tried using this tool directly on the node running rabbitmq cluster on a docker container and I got this error -
Main thread caught exception: com.rabbitmq.client.AuthenticationFailureException: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.11:39:55.289 [main] ERROR com.rabbitmq.perf.PerfTest - Main thread caught exceptioncom.rabbitmq.client.AuthenticationFailureException: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
I also tried to run it from a remote node using tls but I couldn't probably configure it in the right way.
Can you please help me out here?
On Thursday, December 19, 2019 at 3:34:55 PM UTC+5:30, Arnaud Cogoluègnes wrote:
PerfTest can connect to RabbitMQ with and without TLS, the default
being without (meaning plain, non-encrypted connection).
What do you want to do? Do you want information about connecting
PerfTest to RabbitMQ with TLS or without TLS?
On Thu, Dec 19, 2019 at 10:33 AM Arpan Gupta <arpa...@gmail.com> wrote:
>
> Is there any other way to connect to rabbitmq nodes except tls through the perf tool?
>
> On Thursday, December 19, 2019 at 1:07:40 PM UTC+5:30, Wesley Peng wrote:
>>
>> Hi
>>
>> on 2019/12/19 15:36, Arpan Gupta wrote:
>> >
>> > I am not that much familiar with tls. Can anyone help me with that?
>>
>> You might want to check with this:
>> https://www.rabbitmq.com/troubleshooting-ssl.html
>>
>> regards.
>
> --
> You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitm...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/0525f3bb-471f-4c30-994a-a3c8f51fb1d2%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/c6ce8fe4-2377-4432-b1c1-f05276631b9b%40googlegroups.com.
Arpan Gupta
Dec 19, 2019, 7:13:20 AM12/19/19
to rabbitmq-users
And how do I specify the user name and password in the command? I don't see an argument for that. I see one "SASL_EXTERNAL" but I can't find any documentation on how to use that.
To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/c6ce8fe4-2377-4432-b1c1-f05276631b9b%40googlegroups.com.
Arnaud Cogoluègnes
Dec 19, 2019, 8:12:57 AM12/19/19
to rabbitm...@googlegroups.com
Don't feel sorry for asking trivial questions, we're here to help, we
just need meaningful information like commands and error messages to
do so.
You can specify the username and password in the URL:
runjava com.rabbitmq.perf.PerfTest -h amqps://login:password@localhost:5671
There are examples of AMQP URLs on this page [1] (at the bottom). You
may want to try without TLS first.
You need to use a user that can access the default virtual host. Note
the default user (guest) is not allowed to connect remotely. Read more
about permissions here [2].
[1] https://www.rabbitmq.com/uri-spec.html
[2] https://www.rabbitmq.com/access-control.html
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/770eb2d6-b117-4e54-8aab-203e964ae33f%40googlegroups.com.
just need meaningful information like commands and error messages to
do so.
You can specify the username and password in the URL:
runjava com.rabbitmq.perf.PerfTest -h amqps://login:password@localhost:5671
There are examples of AMQP URLs on this page [1] (at the bottom). You
may want to try without TLS first.
You need to use a user that can access the default virtual host. Note
the default user (guest) is not allowed to connect remotely. Read more
about permissions here [2].
[1] https://www.rabbitmq.com/uri-spec.html
[2] https://www.rabbitmq.com/access-control.html
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/770eb2d6-b117-4e54-8aab-203e964ae33f%40googlegroups.com.
Arpan Gupta
Dec 19, 2019, 8:46:00 AM12/19/19
to rabbitmq-users
Even after running on the same node, it is giving error : Connection Refused (I am using the admin user which has access to all vhosts and users)
./runjava com.rabbitmq.perf.PerfTest -h amqps://<myusername>:<mypassword>@localhost:5671
Point to be noted, I am running it on the same node where the rabbitmq server is running on a docker container
Following are the error logs:
13:39:37.291 [main] WARN c.r.c.TrustEverythingTrustManager - SECURITY ALERT: this trust manager trusts every certificate, effectively disabling peer verification. This is convenient for local development but offers no protection against man-in-the-middle attacks. Please see https://www.rabbitmq.com/ssl.html to learn more about peer certificate verification.
13:39:37.306 [main] WARN c.r.c.TrustEverythingTrustManager - SECURITY ALERT: this trust manager trusts every certificate, effectively disabling peer verification. This is convenient for local development but offers no protection against man-in-the-middle attacks. Please see https://www.rabbitmq.com/ssl.html to learn more about peer certificate verification.
Main thread caught exception: java.net.ConnectException: Connection refused (Connection refused)
13:39:37.330 [main] ERROR com.rabbitmq.perf.PerfTest - Main thread caught exception
java.net.ConnectException: Connection refused (Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668)
at com.rabbitmq.client.impl.SocketFrameHandlerFactory.create(SocketFrameHandlerFactory.java:60)
at com.rabbitmq.client.impl.recovery.RecoveryAwareAMQConnectionFactory.newConnection(RecoveryAwareAMQConnectionFactory.java:62)
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/770eb2d6-b117-4e54-8aab-203e964ae33f%40googlegroups.com.
Fuzzy Pics
Dec 19, 2019, 8:48:56 AM12/19/19
to rabbitm...@googlegroups.com
create user name and password and and assign full rights , dont use
the guest username and password
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/98f9239d-49a4-456c-9120-fb5f0c1cac9e%40googlegroups.com.
the guest username and password
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/98f9239d-49a4-456c-9120-fb5f0c1cac9e%40googlegroups.com.
Arnaud Cogoluègnes
Dec 19, 2019, 9:11:07 AM12/19/19
to rabbitm...@googlegroups.com
It's pretty obvious from the stack trace PerfTest cannot connect, so
it's likely RabbitMQ is not listening on port 5671. How did you start
the RabbitMQ container? Please share the command you used. This may
due to the server container not sharing the same network as PerfTest.
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/98f9239d-49a4-456c-9120-fb5f0c1cac9e%40googlegroups.com.
it's likely RabbitMQ is not listening on port 5671. How did you start
the RabbitMQ container? Please share the command you used. This may
due to the server container not sharing the same network as PerfTest.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/98f9239d-49a4-456c-9120-fb5f0c1cac9e%40googlegroups.com.
Arpan Gupta
Dec 19, 2019, 10:00:51 AM12/19/19
to rabbitmq-users
0.0.0.0:4369->4369/tcp, 0.0.0.0:5672->5672/tcp, 0.0.0.0:15672->15672/tcp, 0.0.0.0:25672->25672/tcp
These are the ports of the container running rabbitmq.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/98f9239d-49a4-456c-9120-fb5f0c1cac9e%40googlegroups.com.
Arnaud Cogoluègnes
Dec 19, 2019, 10:07:45 AM12/19/19
to rabbitm...@googlegroups.com
So the container does not expose port 5671, the one you used in the
command. Try 5672, without TLS:
./runjava com.rabbitmq.perf.PerfTest -h
amqp://<myusername>:<mypassword>@localhost:5672
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/44bc45f6-272b-4225-afd6-7684c9e90b02%40googlegroups.com.
command. Try 5672, without TLS:
./runjava com.rabbitmq.perf.PerfTest -h
amqp://<myusername>:<mypassword>@localhost:5672
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/44bc45f6-272b-4225-afd6-7684c9e90b02%40googlegroups.com.
Arpan Gupta
Dec 19, 2019, 10:21:49 AM12/19/19
to rabbitmq-users
Yes, I got the program running. Thanks a lot for such detailed answers.
> To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/44bc45f6-272b-4225-afd6-7684c9e90b02%40googlegroups.com.
Arpan Gupta
Dec 20, 2019, 4:51:21 AM12/20/19
to rabbitmq-users
Hi,
Can you help me running perf tool on a particular scenario?
Currently, the given program runs and makes a queue on vhost "/".
My scenario is that I have to measure latency and throughput for two cases:
- Single Vhost: 6 queues on a single vhost and publish and consume messages to the 6 queues and measure latency and throughput.
- Multiple Vhosts: 3 vhosts and 2 queues on each vhost(6 total queues) and consume and produce message in the same way as above and measure latency and throughput.
I know how to make different queues and also different vhosts and assign queues to them.
I want to modify the perf tool commands to replicate the above 2 scenarios. How can I do that? specify on which vhost the queues are being made and also the second case where I am publishing to 6 queues in 3 different vhosts at the same time !
Reply all
Reply to author
Forward
0 new messages