This section contains the examples for creating RabbitMQ users.
Messaging Topology Operator creates users with generated credentials by default. To create RabbitMQ users with provided credentials, you can reference a kubernetes secret object with the following keys in its Data field:
username– Must be present or the import will fail.passwordHash– The SHA-512 hash of the password, as described in RabbitMQ Docs. If the hash is an empty string, a passwordless user will be created.password– Plain-text password. Will be used only if thepasswordHashkey is missing.
See userPreDefinedCreds.yaml, userWithPasswordHash.yaml, passwordlessUser.yaml and publish-consume-user.yaml as examples.
From Messaging Topology Operator v1.10.0, you can provide a username and reply on the Operator to generate its password for you. See setUsernamewithGenPass.yaml as an example.
Note that Messaging Topology Operator does not watch the provided secret and updating the secret object won't update actual user credentials.
The User controller will generate a new secret from the provided secret named by appending the suffix -user-credentials to the username. For example, if your User is named user-test the controller will generate a secret user-test-user-credentials.
If you wish to update User credentials, you can update the secret generated by the controller and then add a label or annotation to the User object to trigger a reconcile loop.