diff --git a/controllers/rabbitmqcluster_controller_test.go b/controllers/rabbitmqcluster_controller_test.go index d94444410..ea32c3c35 100644 --- a/controllers/rabbitmqcluster_controller_test.go +++ b/controllers/rabbitmqcluster_controller_test.go @@ -886,22 +886,28 @@ var _ = Describe("RabbitmqClusterController", func() { }, }, }, + { + ConfigMap: &corev1.ConfigMapProjection{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "rabbitmq-sts-override-server-conf", + }, + Items: []corev1.KeyToPath{ + { + Key: "operatorDefaults.conf", + Path: "operatorDefaults.conf", + }, + { + Key: "userDefinedConfiguration.conf", + Path: "userDefinedConfiguration.conf", + }, + }, + }, + }, }, DefaultMode: &defaultMode, }, }, }, - corev1.Volume{ - Name: "server-conf", - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - DefaultMode: &defaultMode, - LocalObjectReference: corev1.LocalObjectReference{ - Name: "rabbitmq-sts-override-server-conf", - }, - }, - }, - }, corev1.Volume{ Name: "plugins-conf", VolumeSource: corev1.VolumeSource{ diff --git a/internal/resource/configmap.go b/internal/resource/configmap.go index ab79d2c88..7b983ef32 100644 --- a/internal/resource/configmap.go +++ b/internal/resource/configmap.go @@ -10,8 +10,9 @@ package resource import ( - "bytes" "fmt" + "strings" + "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" @@ -80,52 +81,55 @@ func (builder *ServerConfigMapBuilder) Update(object client.Object) error { configMap := object.(*corev1.ConfigMap) ini.PrettySection = false // Remove trailing new line because rabbitmq.conf has only a default section. - cfg, err := ini.Load([]byte(defaultRabbitmqConf)) + operatorConfiguration, err := ini.Load([]byte(defaultRabbitmqConf)) if err != nil { return err } - defaultSection := cfg.Section("") + defaultSection := operatorConfiguration.Section("") if _, err := defaultSection.NewKey("cluster_name", builder.Instance.Name); err != nil { return err } + userConfiguration := ini.Empty(ini.LoadOptions{}) + userConfigurationSection := userConfiguration.Section("") + if builder.Instance.TLSEnabled() { - if err := cfg.Append([]byte(defaultTLSConf)); err != nil { + if err := userConfiguration.Append([]byte(defaultTLSConf)); err != nil { return err } if builder.Instance.DisableNonTLSListeners() { - if _, err := defaultSection.NewKey("listeners.tcp", "none"); err != nil { + if _, err := userConfigurationSection.NewKey("listeners.tcp", "none"); err != nil { return err } } else { // management plugin does not have a *.listeners.tcp settings like other plugins // management tcp listener can be disabled by setting management.ssl.port without setting management.tcp.port // we set management tcp listener only if tls is enabled and disableNonTLSListeners is false - if _, err := defaultSection.NewKey("management.tcp.port", "15672"); err != nil { + if _, err := userConfigurationSection.NewKey("management.tcp.port", "15672"); err != nil { return err } - if _, err := defaultSection.NewKey("prometheus.tcp.port", "15692"); err != nil { + if _, err := userConfigurationSection.NewKey("prometheus.tcp.port", "15692"); err != nil { return err } } if builder.Instance.AdditionalPluginEnabled("rabbitmq_mqtt") { - if _, err := defaultSection.NewKey("mqtt.listeners.ssl.default", "8883"); err != nil { + if _, err := userConfigurationSection.NewKey("mqtt.listeners.ssl.default", "8883"); err != nil { return err } if builder.Instance.DisableNonTLSListeners() { - if _, err := defaultSection.NewKey("mqtt.listeners.tcp", "none"); err != nil { + if _, err := userConfigurationSection.NewKey("mqtt.listeners.tcp", "none"); err != nil { return err } } } if builder.Instance.AdditionalPluginEnabled("rabbitmq_stomp") { - if _, err := defaultSection.NewKey("stomp.listeners.ssl.1", "61614"); err != nil { + if _, err := userConfigurationSection.NewKey("stomp.listeners.ssl.1", "61614"); err != nil { return err } if builder.Instance.DisableNonTLSListeners() { - if _, err := defaultSection.NewKey("stomp.listeners.tcp", "none"); err != nil { + if _, err := userConfigurationSection.NewKey("stomp.listeners.tcp", "none"); err != nil { return err } } @@ -133,55 +137,55 @@ func (builder *ServerConfigMapBuilder) Update(object client.Object) error { } if builder.Instance.MutualTLSEnabled() { - if _, err := defaultSection.NewKey("ssl_options.cacertfile", caCertPath); err != nil { + if _, err := userConfigurationSection.NewKey("ssl_options.cacertfile", caCertPath); err != nil { return err } - if _, err := defaultSection.NewKey("ssl_options.verify", "verify_peer"); err != nil { + if _, err := userConfigurationSection.NewKey("ssl_options.verify", "verify_peer"); err != nil { return err } - if _, err := defaultSection.NewKey("management.ssl.cacertfile", caCertPath); err != nil { + if _, err := userConfigurationSection.NewKey("management.ssl.cacertfile", caCertPath); err != nil { return err } - if _, err := defaultSection.NewKey("prometheus.ssl.cacertfile", caCertPath); err != nil { + if _, err := userConfigurationSection.NewKey("prometheus.ssl.cacertfile", caCertPath); err != nil { return err } if builder.Instance.AdditionalPluginEnabled("rabbitmq_web_mqtt") { - if _, err := defaultSection.NewKey("web_mqtt.ssl.port", "15676"); err != nil { + if _, err := userConfigurationSection.NewKey("web_mqtt.ssl.port", "15676"); err != nil { return err } - if _, err := defaultSection.NewKey("web_mqtt.ssl.cacertfile", caCertPath); err != nil { + if _, err := userConfigurationSection.NewKey("web_mqtt.ssl.cacertfile", caCertPath); err != nil { return err } - if _, err := defaultSection.NewKey("web_mqtt.ssl.certfile", tlsCertPath); err != nil { + if _, err := userConfigurationSection.NewKey("web_mqtt.ssl.certfile", tlsCertPath); err != nil { return err } - if _, err := defaultSection.NewKey("web_mqtt.ssl.keyfile", tlsKeyPath); err != nil { + if _, err := userConfigurationSection.NewKey("web_mqtt.ssl.keyfile", tlsKeyPath); err != nil { return err } if builder.Instance.DisableNonTLSListeners() { - if _, err := defaultSection.NewKey("web_mqtt.tcp.listener", "none"); err != nil { + if _, err := userConfigurationSection.NewKey("web_mqtt.tcp.listener", "none"); err != nil { return err } } } if builder.Instance.AdditionalPluginEnabled("rabbitmq_web_stomp") { - if _, err := defaultSection.NewKey("web_stomp.ssl.port", "15673"); err != nil { + if _, err := userConfigurationSection.NewKey("web_stomp.ssl.port", "15673"); err != nil { return err } - if _, err := defaultSection.NewKey("web_stomp.ssl.cacertfile", caCertPath); err != nil { + if _, err := userConfigurationSection.NewKey("web_stomp.ssl.cacertfile", caCertPath); err != nil { return err } - if _, err := defaultSection.NewKey("web_stomp.ssl.certfile", tlsCertPath); err != nil { + if _, err := userConfigurationSection.NewKey("web_stomp.ssl.certfile", tlsCertPath); err != nil { return err } - if _, err := defaultSection.NewKey("web_stomp.ssl.keyfile", tlsKeyPath); err != nil { + if _, err := userConfigurationSection.NewKey("web_stomp.ssl.keyfile", tlsKeyPath); err != nil { return err } if builder.Instance.DisableNonTLSListeners() { - if _, err := defaultSection.NewKey("web_stomp.tcp.listener", "none"); err != nil { + if _, err := userConfigurationSection.NewKey("web_stomp.tcp.listener", "none"); err != nil { return err } } @@ -189,18 +193,13 @@ func (builder *ServerConfigMapBuilder) Update(object client.Object) error { } if builder.Instance.MemoryLimited() { - if _, err := defaultSection.NewKey("total_memory_available_override_value", fmt.Sprintf("%d", removeHeadroom(builder.Instance.Spec.Resources.Limits.Memory().Value()))); err != nil { + if _, err := userConfigurationSection.NewKey("total_memory_available_override_value", fmt.Sprintf("%d", removeHeadroom(builder.Instance.Spec.Resources.Limits.Memory().Value()))); err != nil { return err } } - rmqProperties := builder.Instance.Spec.Rabbitmq - if err := cfg.Append([]byte(rmqProperties.AdditionalConfig)); err != nil { - return fmt.Errorf("failed to append spec.rabbitmq.additionalConfig: %w", err) - } - - var rmqConfBuffer bytes.Buffer - if _, err := cfg.WriteTo(&rmqConfBuffer); err != nil { + var rmqConfBuffer strings.Builder + if _, err := operatorConfiguration.WriteTo(&rmqConfBuffer); err != nil { return err } @@ -208,7 +207,20 @@ func (builder *ServerConfigMapBuilder) Update(object client.Object) error { configMap.Data = make(map[string]string) } - configMap.Data["rabbitmq.conf"] = rmqConfBuffer.String() + configMap.Data["operatorDefaults.conf"] = rmqConfBuffer.String() + + rmqConfBuffer.Reset() + + rmqProperties := builder.Instance.Spec.Rabbitmq + if err := userConfiguration.Append([]byte(rmqProperties.AdditionalConfig)); err != nil { + return fmt.Errorf("failed to append spec.rabbitmq.additionalConfig: %w", err) + } + + if _, err := userConfiguration.WriteTo(&rmqConfBuffer); err != nil { + return err + } + + configMap.Data["userDefinedConfiguration.conf"] = rmqConfBuffer.String() updateProperty(configMap.Data, "advanced.config", rmqProperties.AdvancedConfig) updateProperty(configMap.Data, "rabbitmq-env.conf", rmqProperties.EnvConfig) diff --git a/internal/resource/configmap_test.go b/internal/resource/configmap_test.go index 0abd43922..eb382c82b 100644 --- a/internal/resource/configmap_test.go +++ b/internal/resource/configmap_test.go @@ -134,34 +134,30 @@ var _ = Describe("GenerateServerConfigMap", func() { Expect(configMap.OwnerReferences[0].Name).To(Equal(instance.Name)) }) - When("additionalConfig is not provided", func() { - It("returns the default rabbitmq conf", func() { - builder.Instance.Spec.Rabbitmq.AdditionalConfig = "" + It("returns the default rabbitmq configuration", func() { + builder.Instance.Spec.Rabbitmq.AdditionalConfig = "" - expectedRabbitmqConf := defaultRabbitmqConf(builder.Instance.Name) + expectedRabbitmqConf := defaultRabbitmqConf(builder.Instance.Name) - Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) - }) + Expect(configMapBuilder.Update(configMap)).To(Succeed()) + Expect(configMap.Data).To(HaveKeyWithValue("operatorDefaults.conf", expectedRabbitmqConf)) }) - When("valid additionalConfig is provided", func() { - It("appends configurations to the default rabbitmq.conf and overwrites duplicate keys", func() { - additionalConfig := ` -cluster_formation.peer_discovery_backend = my-backend -my-config-property-0 = great-value -my-config-property-1 = better-value` + When("valid userDefinedConfiguration is provided", func() { + It("adds configurations in a new rabbitmq configuration", func() { + userDefinedConfiguration := "cluster_formation.peer_discovery_backend = my-backend\n" + + "my-config-property-0 = great-value" - instance.Spec.Rabbitmq.AdditionalConfig = additionalConfig + instance.Spec.Rabbitmq.AdditionalConfig = userDefinedConfiguration - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + additionalConfig) + expectedRabbitmqConf := iniString(userDefinedConfiguration) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) }) - When("invalid additionalConfig is provided", func() { + When("invalid userDefinedConfiguration is provided", func() { It("errors", func() { instance.Spec.Rabbitmq.AdditionalConfig = " = invalid" @@ -172,12 +168,9 @@ my-config-property-1 = better-value` Context("advanced.config", func() { It("sets data.advancedConfig when provided", func() { - instance.Spec.Rabbitmq.AdvancedConfig = ` -[ - {rabbit, [{auth_backends, [rabbit_auth_backend_ldap]}]} -].` + instance.Spec.Rabbitmq.AdvancedConfig = "[my-awesome-config]." Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("advanced.config", "\n[\n {rabbit, [{auth_backends, [rabbit_auth_backend_ldap]}]}\n].")) + Expect(configMap.Data).To(HaveKeyWithValue("advanced.config", "[my-awesome-config].")) }) It("does set data.advancedConfig when empty", func() { @@ -189,10 +182,7 @@ my-config-property-1 = better-value` Context("advanced.config is set", func() { When("new advanced.config is empty", func() { It("removes advanced.config key from configMap", func() { - instance.Spec.Rabbitmq.AdvancedConfig = ` -[ - {rabbit, [{auth_backends, [rabbit_auth_backend_ldap]}]} -].` + instance.Spec.Rabbitmq.AdvancedConfig = "[my-awesome-config]." Expect(configMapBuilder.Update(configMap)).To(Succeed()) Expect(configMap.Data).To(HaveKey("advanced.config")) @@ -243,26 +233,20 @@ CONSOLE_LOG=new` instance.ObjectMeta.Name = "rabbit-tls" instance.Spec.TLS.SecretName = "tls-secret" - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + ` -ssl_options.certfile = /etc/rabbitmq-tls/tls.crt -ssl_options.keyfile = /etc/rabbitmq-tls/tls.key -listeners.ssl.default = 5671 - -management.ssl.certfile = /etc/rabbitmq-tls/tls.crt -management.ssl.keyfile = /etc/rabbitmq-tls/tls.key -management.ssl.port = 15671 - -prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt -prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key -prometheus.ssl.port = 15691 - -management.tcp.port = 15672 -prometheus.tcp.port = 15692 - -`) + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 5671 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 + management.tcp.port = 15672 + prometheus.tcp.port = 15692`) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) When("MQTT, STOMP and AMQP 1.0 plugins are enabled", func() { @@ -273,31 +257,45 @@ prometheus.tcp.port = 15692 instance.Spec.TLS.SecretName = "tls-secret" instance.Spec.Rabbitmq.AdditionalPlugins = additionalPlugins - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + ` -ssl_options.certfile = /etc/rabbitmq-tls/tls.crt -ssl_options.keyfile = /etc/rabbitmq-tls/tls.key -listeners.ssl.default = 5671 - -management.ssl.certfile = /etc/rabbitmq-tls/tls.crt -management.ssl.keyfile = /etc/rabbitmq-tls/tls.key -management.ssl.port = 15671 - -prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt -prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key -prometheus.ssl.port = 15691 - -management.tcp.port = 15672 -prometheus.tcp.port = 15692 - -mqtt.listeners.ssl.default = 8883 - -stomp.listeners.ssl.1 = 61614 -`) + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 5671 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 + management.tcp.port = 15672 + prometheus.tcp.port = 15692 + mqtt.listeners.ssl.default = 8883 + stomp.listeners.ssl.1 = 61614`) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) }) + + It("preserves user configuration over Operator generated settings", func() { + instance.ObjectMeta.Name = "rabbit-tls-with-user-conf" + instance.Spec.TLS.SecretName = "tls-secret" + instance.Spec.Rabbitmq.AdditionalConfig = "listeners.ssl.default = 12345" + + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 12345 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 + management.tcp.port = 15672 + prometheus.tcp.port = 15692`) + + Expect(configMapBuilder.Update(configMap)).To(Succeed()) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) + }) }) Context("Mutual TLS", func() { @@ -306,32 +304,24 @@ stomp.listeners.ssl.1 = 61614 instance.Spec.TLS.SecretName = "tls-secret" instance.Spec.TLS.CaSecretName = "tls-mutual-secret" - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + ` -ssl_options.certfile = /etc/rabbitmq-tls/tls.crt -ssl_options.keyfile = /etc/rabbitmq-tls/tls.key -listeners.ssl.default = 5671 - -management.ssl.certfile = /etc/rabbitmq-tls/tls.crt -management.ssl.keyfile = /etc/rabbitmq-tls/tls.key -management.ssl.port = 15671 - -prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt -prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key -prometheus.ssl.port = 15691 - -management.tcp.port = 15672 - -prometheus.tcp.port = 15692 - -ssl_options.cacertfile = /etc/rabbitmq-tls/ca.crt -ssl_options.verify = verify_peer -management.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt -prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt - -`) + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 5671 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 + management.tcp.port = 15672 + prometheus.tcp.port = 15692 + ssl_options.cacertfile = /etc/rabbitmq-tls/ca.crt + ssl_options.verify = verify_peer + management.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt`) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) When("Web MQTT and Web STOMP are enabled", func() { @@ -343,42 +333,38 @@ prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt instance.Spec.TLS.CaSecretName = "tls-mutual-secret" instance.Spec.Rabbitmq.AdditionalPlugins = additionalPlugins - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + ` - ssl_options.certfile = /etc/rabbitmq-tls/tls.crt - ssl_options.keyfile = /etc/rabbitmq-tls/tls.key - listeners.ssl.default = 5671 + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 5671 - management.ssl.certfile = /etc/rabbitmq-tls/tls.crt - management.ssl.keyfile = /etc/rabbitmq-tls/tls.key - management.ssl.port = 15671 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 - prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt - prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key - prometheus.ssl.port = 15691 - - management.tcp.port = 15672 - prometheus.tcp.port = 15692 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 - ssl_options.cacertfile = /etc/rabbitmq-tls/ca.crt - ssl_options.verify = verify_peer - management.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt - - prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + management.tcp.port = 15672 + prometheus.tcp.port = 15692 - web_mqtt.ssl.port = 15676 - web_mqtt.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt - web_mqtt.ssl.certfile = /etc/rabbitmq-tls/tls.crt - web_mqtt.ssl.keyfile = /etc/rabbitmq-tls/tls.key + ssl_options.cacertfile = /etc/rabbitmq-tls/ca.crt + ssl_options.verify = verify_peer + management.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt - web_stomp.ssl.port = 15673 - web_stomp.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt - web_stomp.ssl.certfile = /etc/rabbitmq-tls/tls.crt - web_stomp.ssl.keyfile = /etc/rabbitmq-tls/tls.key + web_mqtt.ssl.port = 15676 + web_mqtt.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + web_mqtt.ssl.certfile = /etc/rabbitmq-tls/tls.crt + web_mqtt.ssl.keyfile = /etc/rabbitmq-tls/tls.key - `) + web_stomp.ssl.port = 15673 + web_stomp.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + web_stomp.ssl.certfile = /etc/rabbitmq-tls/tls.crt + web_stomp.ssl.keyfile = /etc/rabbitmq-tls/tls.key`) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) }) }) @@ -397,24 +383,22 @@ prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt }, } - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + ` -ssl_options.certfile = /etc/rabbitmq-tls/tls.crt -ssl_options.keyfile = /etc/rabbitmq-tls/tls.key -listeners.ssl.default = 5671 + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 5671 -management.ssl.certfile = /etc/rabbitmq-tls/tls.crt -management.ssl.keyfile = /etc/rabbitmq-tls/tls.key -management.ssl.port = 15671 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 -prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt -prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key -prometheus.ssl.port = 15691 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 -listeners.tcp = none -`) + listeners.tcp = none`) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) It("disables non tls listeners for mqtt and stomp when enabled", func() { @@ -436,30 +420,28 @@ listeners.tcp = none }, } - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + ` -ssl_options.certfile = /etc/rabbitmq-tls/tls.crt -ssl_options.keyfile = /etc/rabbitmq-tls/tls.key -listeners.ssl.default = 5671 + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 5671 -management.ssl.certfile = /etc/rabbitmq-tls/tls.crt -management.ssl.keyfile = /etc/rabbitmq-tls/tls.key -management.ssl.port = 15671 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 -prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt -prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key -prometheus.ssl.port = 15691 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 -listeners.tcp = none + listeners.tcp = none -mqtt.listeners.ssl.default = 8883 -mqtt.listeners.tcp = none + mqtt.listeners.ssl.default = 8883 + mqtt.listeners.tcp = none -stomp.listeners.ssl.1 = 61614 -stomp.listeners.tcp = none - `) + stomp.listeners.ssl.1 = 61614 + stomp.listeners.tcp = none`) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) It("disables non tls listeners for web mqtt and web stomp when enabled", func() { @@ -482,41 +464,39 @@ stomp.listeners.tcp = none }, } - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + ` -ssl_options.certfile = /etc/rabbitmq-tls/tls.crt -ssl_options.keyfile = /etc/rabbitmq-tls/tls.key -listeners.ssl.default = 5671 + expectedRabbitmqConf := iniString(`ssl_options.certfile = /etc/rabbitmq-tls/tls.crt + ssl_options.keyfile = /etc/rabbitmq-tls/tls.key + listeners.ssl.default = 5671 -management.ssl.certfile = /etc/rabbitmq-tls/tls.crt -management.ssl.keyfile = /etc/rabbitmq-tls/tls.key -management.ssl.port = 15671 + management.ssl.certfile = /etc/rabbitmq-tls/tls.crt + management.ssl.keyfile = /etc/rabbitmq-tls/tls.key + management.ssl.port = 15671 -prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt -prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key -prometheus.ssl.port = 15691 + prometheus.ssl.certfile = /etc/rabbitmq-tls/tls.crt + prometheus.ssl.keyfile = /etc/rabbitmq-tls/tls.key + prometheus.ssl.port = 15691 -listeners.tcp = none + listeners.tcp = none -ssl_options.cacertfile = /etc/rabbitmq-tls/ca.crt -ssl_options.verify = verify_peer -management.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt -prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + ssl_options.cacertfile = /etc/rabbitmq-tls/ca.crt + ssl_options.verify = verify_peer + management.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + prometheus.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt -web_mqtt.ssl.port = 15676 -web_mqtt.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt -web_mqtt.ssl.certfile = /etc/rabbitmq-tls/tls.crt -web_mqtt.ssl.keyfile = /etc/rabbitmq-tls/tls.key -web_mqtt.tcp.listener = none + web_mqtt.ssl.port = 15676 + web_mqtt.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + web_mqtt.ssl.certfile = /etc/rabbitmq-tls/tls.crt + web_mqtt.ssl.keyfile = /etc/rabbitmq-tls/tls.key + web_mqtt.tcp.listener = none -web_stomp.ssl.port = 15673 -web_stomp.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt -web_stomp.ssl.certfile = /etc/rabbitmq-tls/tls.crt -web_stomp.ssl.keyfile = /etc/rabbitmq-tls/tls.key -web_stomp.tcp.listener = none - `) + web_stomp.ssl.port = 15673 + web_stomp.ssl.cacertfile = /etc/rabbitmq-tls/ca.crt + web_stomp.ssl.certfile = /etc/rabbitmq-tls/tls.crt + web_stomp.ssl.keyfile = /etc/rabbitmq-tls/tls.key + web_stomp.tcp.listener = none`) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) }) @@ -526,10 +506,10 @@ web_stomp.tcp.listener = none instance.ObjectMeta.Name = "rabbit-mem-limit" instance.Spec.Resources.Limits = map[corev1.ResourceName]k8sresource.Quantity{corev1.ResourceMemory: k8sresource.MustParse("10Gi")} - expectedRabbitmqConf := iniString(defaultRabbitmqConf(builder.Instance.Name) + fmt.Sprintf("total_memory_available_override_value = %d", 8*GiB)) + expectedRabbitmqConf := iniString(fmt.Sprintf("total_memory_available_override_value = %d", 8*GiB)) Expect(configMapBuilder.Update(configMap)).To(Succeed()) - Expect(configMap.Data).To(HaveKeyWithValue("rabbitmq.conf", expectedRabbitmqConf)) + Expect(configMap.Data).To(HaveKeyWithValue("userDefinedConfiguration.conf", expectedRabbitmqConf)) }) }) diff --git a/internal/resource/statefulset.go b/internal/resource/statefulset.go index 0085ade84..5a6832e26 100644 --- a/internal/resource/statefulset.go +++ b/internal/resource/statefulset.go @@ -307,16 +307,6 @@ func (builder *StatefulSetBuilder) podTemplateSpec(previousPodAnnotations map[st } volumes := []corev1.Volume{ - { - Name: "server-conf", - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: builder.Instance.ChildResourceName(ServerConfigMapName), - }, - }, - }, - }, { Name: "plugins-conf", VolumeSource: corev1.VolumeSource{ @@ -345,6 +335,23 @@ func (builder *StatefulSetBuilder) podTemplateSpec(previousPodAnnotations map[st }, }, }, + { + ConfigMap: &corev1.ConfigMapProjection{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: builder.Instance.ChildResourceName(ServerConfigMapName), + }, + Items: []corev1.KeyToPath{ + { + Key: "operatorDefaults.conf", + Path: "operatorDefaults.conf", + }, + { + Key: "userDefinedConfiguration.conf", + Path: "userDefinedConfiguration.conf", + }, + }, + }, + }, }, }, }, @@ -386,6 +393,16 @@ func (builder *StatefulSetBuilder) podTemplateSpec(previousPodAnnotations map[st }, } + if builder.Instance.Spec.Rabbitmq.AdvancedConfig != "" || builder.Instance.Spec.Rabbitmq.EnvConfig != "" { + volumes = append(volumes, corev1.Volume{ + Name: "server-conf", + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: builder.Instance.ChildResourceName(ServerConfigMapName), + }}}}) + } + rabbitmqContainerVolumeMounts := []corev1.VolumeMount{ { Name: "rabbitmq-erlang-cookie", @@ -400,15 +417,20 @@ func (builder *StatefulSetBuilder) podTemplateSpec(previousPodAnnotations map[st MountPath: "/operator", }, { - Name: "server-conf", - MountPath: "/etc/rabbitmq/rabbitmq.conf", - SubPath: "rabbitmq.conf", + Name: "rabbitmq-confd", + MountPath: "/etc/rabbitmq/conf.d/10-operatorDefaults.conf", + SubPath: "operatorDefaults.conf", }, { Name: "rabbitmq-confd", - MountPath: "/etc/rabbitmq/conf.d/default_user.conf", + MountPath: "/etc/rabbitmq/conf.d/11-default_user.conf", SubPath: "default_user.conf", }, + { + Name: "rabbitmq-confd", + MountPath: "/etc/rabbitmq/conf.d/90-userDefinedConfiguration.conf", + SubPath: "userDefinedConfiguration.conf", + }, { Name: "pod-info", MountPath: "/etc/pod-info/", diff --git a/internal/resource/statefulset_test.go b/internal/resource/statefulset_test.go index fb66e94c7..a23ea731b 100644 --- a/internal/resource/statefulset_test.go +++ b/internal/resource/statefulset_test.go @@ -1008,8 +1008,9 @@ var _ = Describe("StatefulSet", func() { {Name: "persistence", MountPath: "/var/lib/rabbitmq/mnesia/"}, {Name: "rabbitmq-erlang-cookie", MountPath: "/var/lib/rabbitmq/"}, {Name: "pod-info", MountPath: "/etc/pod-info/"}, - {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/default_user.conf", SubPath: "default_user.conf"}, - {Name: "server-conf", MountPath: "/etc/rabbitmq/rabbitmq.conf", SubPath: "rabbitmq.conf"}, + {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/10-operatorDefaults.conf", SubPath: "operatorDefaults.conf"}, + {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/11-default_user.conf", SubPath: "default_user.conf"}, + {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/90-userDefinedConfiguration.conf", SubPath: "userDefinedConfiguration.conf"}, {Name: "rabbitmq-plugins", MountPath: "/operator"}, } @@ -1041,45 +1042,56 @@ var _ = Describe("StatefulSet", func() { ) }) - It("defines the expected volumes", func() { - stsBuilder := builder.StatefulSet() - Expect(stsBuilder.Update(statefulSet)).To(Succeed()) + Context("Volumes", func() { + DescribeTable("Volumes based on user configuration", func(rabbitmqEnv, advancedConfig string) { + stsBuilder := builder.StatefulSet() + stsBuilder.Instance.Spec.Rabbitmq.EnvConfig = rabbitmqEnv + stsBuilder.Instance.Spec.Rabbitmq.AdvancedConfig = advancedConfig + Expect(stsBuilder.Update(statefulSet)).To(Succeed()) - Expect(statefulSet.Spec.Template.Spec.Volumes).To(ConsistOf( - corev1.Volume{ - Name: "server-conf", - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: instance.ChildResourceName("server-conf"), - }, - }, - }, - }, - corev1.Volume{ - Name: "plugins-conf", - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: instance.ChildResourceName("plugins-conf"), + expectedVolumes := []corev1.Volume{ + { + Name: "plugins-conf", + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: instance.ChildResourceName("plugins-conf"), + }, }, }, }, - }, - corev1.Volume{ - Name: "rabbitmq-confd", - VolumeSource: corev1.VolumeSource{ - Projected: &corev1.ProjectedVolumeSource{ - Sources: []corev1.VolumeProjection{ - { - Secret: &corev1.SecretProjection{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: builder.Instance.ChildResourceName("default-user"), + { + Name: "rabbitmq-confd", + VolumeSource: corev1.VolumeSource{ + Projected: &corev1.ProjectedVolumeSource{ + Sources: []corev1.VolumeProjection{ + { + Secret: &corev1.SecretProjection{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: builder.Instance.ChildResourceName("default-user"), + }, + Items: []corev1.KeyToPath{ + { + Key: "default_user.conf", + Path: "default_user.conf", + }, + }, }, - Items: []corev1.KeyToPath{ - { - Key: "default_user.conf", - Path: "default_user.conf", + }, + { + ConfigMap: &corev1.ConfigMapProjection{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: builder.Instance.ChildResourceName("server-conf"), + }, + Items: []corev1.KeyToPath{ + { + Key: "operatorDefaults.conf", + Path: "operatorDefaults.conf", + }, + { + Key: "userDefinedConfiguration.conf", + Path: "userDefinedConfiguration.conf", + }, }, }, }, @@ -1087,43 +1099,61 @@ var _ = Describe("StatefulSet", func() { }, }, }, - }, - corev1.Volume{ - Name: "rabbitmq-erlang-cookie", - VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{}, + { + Name: "rabbitmq-erlang-cookie", + VolumeSource: corev1.VolumeSource{ + EmptyDir: &corev1.EmptyDirVolumeSource{}, + }, }, - }, - corev1.Volume{ - Name: "erlang-cookie-secret", - VolumeSource: corev1.VolumeSource{ - Secret: &corev1.SecretVolumeSource{ - SecretName: instance.ChildResourceName("erlang-cookie"), + { + Name: "erlang-cookie-secret", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: instance.ChildResourceName("erlang-cookie"), + }, }, }, - }, - corev1.Volume{ - Name: "rabbitmq-plugins", - VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{}, + { + Name: "rabbitmq-plugins", + VolumeSource: corev1.VolumeSource{ + EmptyDir: &corev1.EmptyDirVolumeSource{}, + }, }, - }, - corev1.Volume{ - Name: "pod-info", - VolumeSource: corev1.VolumeSource{ - DownwardAPI: &corev1.DownwardAPIVolumeSource{ - Items: []corev1.DownwardAPIVolumeFile{ - { - Path: "skipPreStopChecks", - FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: "metadata.labels['skipPreStopChecks']", + { + Name: "pod-info", + VolumeSource: corev1.VolumeSource{ + DownwardAPI: &corev1.DownwardAPIVolumeSource{ + Items: []corev1.DownwardAPIVolumeFile{ + { + Path: "skipPreStopChecks", + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.labels['skipPreStopChecks']", + }, }, }, }, }, }, - }, - )) + } + + if rabbitmqEnv != "" || advancedConfig != "" { + expectedVolumes = append(expectedVolumes, corev1.Volume{ + Name: "server-conf", + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: instance.ChildResourceName("server-conf"), + }}}}) + } + + Expect(statefulSet.Spec.Template.Spec.Volumes).To(ConsistOf(expectedVolumes)) + + }, + Entry("Both env and advanced configs are set", "rabbitmq-env-is-set", "advanced-config-is-set"), + Entry("Only env config is set", "rabbitmq-env-is-set", ""), + Entry("Only advanced config is set", "", "advanced-config-is-set"), + Entry("No configs are set", "", ""), + ) }) It("uses the correct service account", func() { @@ -1476,6 +1506,7 @@ var _ = Describe("StatefulSet", func() { "prometheus.io/port": "15692", })) }) + It("Overrides PodSpec", func() { instance.Spec.Override.StatefulSet = &rabbitmqv1beta1.StatefulSet{ Spec: &rabbitmqv1beta1.StatefulSetSpec{ @@ -1611,9 +1642,19 @@ var _ = Describe("StatefulSet", func() { }, corev1.VolumeMount{ Name: "rabbitmq-confd", - MountPath: "/etc/rabbitmq/conf.d/default_user.conf", + MountPath: "/etc/rabbitmq/conf.d/10-operatorDefaults.conf", + SubPath: "operatorDefaults.conf", + }, + corev1.VolumeMount{ + Name: "rabbitmq-confd", + MountPath: "/etc/rabbitmq/conf.d/11-default_user.conf", SubPath: "default_user.conf", }, + corev1.VolumeMount{ + Name: "rabbitmq-confd", + MountPath: "/etc/rabbitmq/conf.d/90-userDefinedConfiguration.conf", + SubPath: "userDefinedConfiguration.conf", + }, corev1.VolumeMount{ Name: "rabbitmq-erlang-cookie", MountPath: "/var/lib/rabbitmq/", @@ -1622,17 +1663,13 @@ var _ = Describe("StatefulSet", func() { Name: "pod-info", MountPath: "/etc/pod-info/", }, - corev1.VolumeMount{ - Name: "server-conf", - MountPath: "/etc/rabbitmq/rabbitmq.conf", - SubPath: "rabbitmq.conf", - }, corev1.VolumeMount{ Name: "rabbitmq-plugins", MountPath: "/operator", }, )) }) + Context("Rabbitmq Container volume mounts", func() { It("Overrides the volume mounts list while making sure that '/var/lib/rabbitmq/' mounts before '/var/lib/rabbitmq/mnesia/' ", func() { instance.Spec.Override.StatefulSet = &rabbitmqv1beta1.StatefulSet{ @@ -1665,8 +1702,9 @@ var _ = Describe("StatefulSet", func() { {Name: "persistence", MountPath: "/var/lib/rabbitmq/mnesia/"}, {Name: "rabbitmq-erlang-cookie", MountPath: "/var/lib/rabbitmq/"}, {Name: "pod-info", MountPath: "/etc/pod-info/"}, - {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/default_user.conf", SubPath: "default_user.conf"}, - {Name: "server-conf", MountPath: "/etc/rabbitmq/rabbitmq.conf", SubPath: "rabbitmq.conf"}, + {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/10-operatorDefaults.conf", SubPath: "operatorDefaults.conf"}, + {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/11-default_user.conf", SubPath: "default_user.conf"}, + {Name: "rabbitmq-confd", MountPath: "/etc/rabbitmq/conf.d/90-userDefinedConfiguration.conf", SubPath: "userDefinedConfiguration.conf"}, {Name: "rabbitmq-plugins", MountPath: "/operator"}, {Name: "test", MountPath: "test"}, } diff --git a/system_tests/system_tests.go b/system_tests/system_tests.go index 7d145e7da..9a4ae82a3 100644 --- a/system_tests/system_tests.go +++ b/system_tests/system_tests.go @@ -164,7 +164,7 @@ var _ = Describe("Operator", func() { Expect(err).ToNot(HaveOccurred()) }) - By("updating the rabbitmq.conf file when additionalConfig are modified", func() { + By("updating the userDefinedConfiguration.conf file when additionalConfig are modified", func() { Expect(updateRabbitmqCluster(ctx, rmqClusterClient, cluster.Name, cluster.Namespace, func(cluster *rabbitmqv1beta1.RabbitmqCluster) { cluster.Spec.Rabbitmq.AdditionalConfig = `vm_memory_high_watermark_paging_ratio = 0.5 cluster_partition_handling = ignore @@ -175,7 +175,7 @@ cluster_keepalive_interval = 10000` waitForRabbitmqUpdate(cluster) // verify that rabbitmq.conf contains provided configurations - cfgMap := getConfigFileFromPod(namespace, cluster, "/etc/rabbitmq/rabbitmq.conf") + cfgMap := getConfigFileFromPod(namespace, cluster, "/etc/rabbitmq/conf.d/90-userDefinedConfiguration.conf") Expect(cfgMap).To(SatisfyAll( HaveKeyWithValue("vm_memory_high_watermark_paging_ratio", "0.5"), HaveKeyWithValue("cluster_keepalive_interval", "10000"), @@ -418,7 +418,7 @@ CONSOLE_LOG=new` By("disabling non TLS listeners", func() { // verify that rabbitmq.conf contains listeners.tcp = none - cfgMap := getConfigFileFromPod(namespace, cluster, "/etc/rabbitmq/rabbitmq.conf") + cfgMap := getConfigFileFromPod(namespace, cluster, "/etc/rabbitmq/conf.d/90-userDefinedConfiguration.conf") Expect(cfgMap).To(SatisfyAll( HaveKeyWithValue("listeners.tcp", "none"), HaveKeyWithValue("stomp.listeners.tcp", "none"),