joemiller/gist:1617930

## gistfile1.txt
#### install rabbitmq
We will use the rabbit install guide from: http://www.rabbitmq.com/install-rpm.html

The EPEL-5 yum repo contains the older R12B version of Erlang which would work fine ok with rabbit except we wouldn't have access to some of the nice management plugins nor SSL. Thus, we'll be installing a newer Erlang from the `epel-erlang` repo. We still need the EPEL-5 repo for some dependencies so we will install both repos.

    sudo rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
    sudo wget -O /etc/yum.repos.d/epel-erlang.repo http://repos.fedorapeople.org/repos/peter/erlang/epel-erlang.repo
    sudo yum install erlang

Download rabbitmq rpm from rabbitmq and install:

    sudo rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
    sudo rpm -Uvh http://www.rabbitmq.com/releases/rabbitmq-server/v2.7.1/rabbitmq-server-2.7.1-1.noarch.rpm

We need to make some SSL certs for our rabbitmq server and the sensu clients. I put a simple script up on github (#TODO# url) to help with this. It's fairly simple and you'll want to change a few things in the `openssl.cnf` to tweak to your organization if you use this in production. The script will generate a few files that we'll need throughout the guide, so keep them nearby.

    sudo yum install git
    git clone git://github.com/joemiller/joemiller.me-intro-to-sensu.git
    cd joemiller.me-intro-to-sensu/
    ./ssl_certs.sh clean
    ./ssl_certs.sh generate

Configure RabbitMQ to use these SSL certs

    mkdir /etc/rabbitmq/ssl
    cp server_key.pem /etc/rabbitmq/ssl/
    cp server_cert.pem /etc/rabbitmq/ssl/
    cp testca/cacert.pem /etc/rabbitmq/ssl/

Create file `/etc/rabbitmq/rabbitmq.conf` with contents:

    [
      {rabbit, [
        {ssl_listeners, [5671]},
        {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},
                       {certfile,"/etc/rabbitmq/ssl/server_cert.pem"},
                       {keyfile,"/etc/rabbitmq/ssl/server_key.pem"},
                       {verify,verify_peer},
                       {fail_if_no_peer_cert,true}]}
      ]}
    ].

Install the RabbitMQ webUI management console:

    rabbitmq-plugins enable rabbitmq_management

Set RabbitMQ to start on boot and start it up immediately:

    sudo /sbin/chkconfig rabbitmq-server on
    sudo /etc/init.d/rabbitmq-server start

Verify operation with the RabbitMQ Web UI: Username is "guest", password is "guest" - http://<IP ADDRESS>:55672. Protocol amqp should be bound to port 5672 and amqp/ssl on port 5671.

#TODO# vhost, user/pass
	#### install rabbitmq
	We will use the rabbit install guide from: http://www.rabbitmq.com/install-rpm.html

	The EPEL-5 yum repo contains the older R12B version of Erlang which would work fine ok with rabbit except we wouldn't have access to some of the nice management plugins nor SSL. Thus, we'll be installing a newer Erlang from the `epel-erlang` repo. We still need the EPEL-5 repo for some dependencies so we will install both repos.

	sudo rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
	sudo wget -O /etc/yum.repos.d/epel-erlang.repo http://repos.fedorapeople.org/repos/peter/erlang/epel-erlang.repo
	sudo yum install erlang

	Download rabbitmq rpm from rabbitmq and install:

	sudo rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
	sudo rpm -Uvh http://www.rabbitmq.com/releases/rabbitmq-server/v2.7.1/rabbitmq-server-2.7.1-1.noarch.rpm

	We need to make some SSL certs for our rabbitmq server and the sensu clients. I put a simple script up on github (#TODO# url) to help with this. It's fairly simple and you'll want to change a few things in the `openssl.cnf` to tweak to your organization if you use this in production. The script will generate a few files that we'll need throughout the guide, so keep them nearby.

	sudo yum install git
	git clone git://github.com/joemiller/joemiller.me-intro-to-sensu.git
	cd joemiller.me-intro-to-sensu/
	./ssl_certs.sh clean
	./ssl_certs.sh generate

	Configure RabbitMQ to use these SSL certs

	mkdir /etc/rabbitmq/ssl
	cp server_key.pem /etc/rabbitmq/ssl/
	cp server_cert.pem /etc/rabbitmq/ssl/
	cp testca/cacert.pem /etc/rabbitmq/ssl/

	Create file `/etc/rabbitmq/rabbitmq.conf` with contents:

	[
	{rabbit, [
	{ssl_listeners, [5671]},
	{ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},
	{certfile,"/etc/rabbitmq/ssl/server_cert.pem"},
	{keyfile,"/etc/rabbitmq/ssl/server_key.pem"},
	{verify,verify_peer},
	{fail_if_no_peer_cert,true}]}
	]}
	].

	Install the RabbitMQ webUI management console:

	rabbitmq-plugins enable rabbitmq_management

	Set RabbitMQ to start on boot and start it up immediately:

	sudo /sbin/chkconfig rabbitmq-server on
	sudo /etc/init.d/rabbitmq-server start

	Verify operation with the RabbitMQ Web UI: Username is "guest", password is "guest" - http://<IP ADDRESS>:55672. Protocol amqp should be bound to port 5672 and amqp/ssl on port 5671.

	#TODO# vhost, user/pass