我对rabbitmq学习还不深入,这些翻译仅仅做资料保存,希望不要误导大家。
With exchanges, bindings, and queues under your belt, you might think you have all
the coolness that is Rabbit figured out. But if you’ve played around much with Rabbit,
you know there’s one nagging concept we haven’t talked about yet: the vhost. Within
every RabbitMQ server is the ability to create virtual message brokers called virtual
hosts (vhosts).
vhost:每个rabbitmq服务器内部创建的虚拟的消息broker被称为vhost。
Each one is essentially a mini-RabbitMQ server with its own queues,
exchanges, and bindings … and, more important, its own permissions. This lets you
safely use one RabbitMQ server for multiple applications without worrying that your
Sudoku app might delete queues used by your lost Fido tracker. Vhosts are to Rabbit
what virtual machines are to physical servers: they allow you to run data for multiple
applications safely and securely by providing logical separation between instances.
This is useful for anything from separating multiple customers on the same Rabbit to
avoiding naming collisions on queues and exchanges.
vhost对于rabbit相当于虚拟机对于物理机:
通过逻辑上的分隔,允许你的程序安全的运行数据。
隔离在同一个rabbit上的多consumer来避免queue和exchange的重名,这很有用。
Where otherwise you might
have to run multiple Rabbits and gain all the management headaches that come with
that, you can instead run one Rabbit and build up or tear down vhosts on demand.
Vhosts are so fundamental to the concept of AMQP that you have to specify one
when you connect. RabbitMQ makes it easy to get started by including a default vhost
called / right out of the box. If you don’t need multiple vhosts, just use the default one.
It’s accessible using the default guest username with password guest, though you should
change the password for security (more on this in chapter 3).
否则你必须允许多个rabbit。
你可以只启动一个rabbit,在需要的时候创建或者销毁vhost。
Vhosts are so fundamental to the concept of AMQP that you have to specify one
when you connect.
rabbitmq包含一个名为"/"的默认vhost。
如果你不需要多个vhost,就使用这个默认的。
默认的账号密码为guset:guest,为了安全,最好修改。
An interesting property
of AMQP is that it doesn’t specify whether permissions are per vhost or server-wide.
This is left up to the broker developer and in RabbitMQ’s case permissions are per vhost.
When you create a user in Rabbit, it’s usually assigned to at least one vhost and will
only be able to access queues, exchanges, and bindings on those assigned vhosts. Also,
when you’re designing your messaging architecture, keep in mind that separation
between vhosts is absolute. You can’t bind an exchange on vhost banana_tree to a
queue on vhost oak_tree. This is actually a good thing, not only for security, but also
for portability. Imagine for a second that you’ve designed the check cashing tier of
your magnificent banking app to use its own vhost. You might initially put this vhost
on the same Rabbit that houses the vhosts for other tiers of your app.
AMQP有一个有趣的特性,权限范围并没有指定是vhost还是整个服务器。
这取决于broker开发者,在rabbitmq中权限范围是vhost。
当你在rabbitmq中创建了一个用户,通常被分配到最晚创建的vhost中,并且只能
访问整个vhost上的queue,exchange,binding。
同样,当你在设置你的消息体系时,记得vhost之间是绝对隔离的。
你不能绑定一个vhost上的exchange到另外一个vhost的queue上。
这是好事,并不只是为了安全,同样是为了可移植性。
But one day
your customers start cashing millions of checks—good for you but bad for the Rabbit
server. Check cashing needs to be on a Rabbit server with less load. If the check cashing
tier had used the default vhost, you would have to worry about naming collisions
(queues and exchanges) when you point it to the new Rabbit server. But since it has its
own vhost, you can safely move everything to any other Rabbit server and instantly
start handling the new load without any name collisions. Hence, we highly recommend
identifying the common functionality groups in your infrastructure (such as
web logging) and giving each one its own vhost. Also, keep in mind that when you create
a vhost on a RabbitMQ cluster, it’s created across the entire cluster. Just as vhosts
eliminate needing to run a RabbitMQ server for every tier in your infrastructure, they
also avoid making you create different clusters for each tier.
记住当你在一个rabbitmq cluster上创建一个vhost,整个vhost会横跨所有的cluster。
to do:
We’ve talked about all of the great benefits of vhosts, but how do you create them?
Vhosts and permissions are unique in that they’re the only primitives in AMQP (unlike
queues, exchanges, and bindings) that can’t be created using the AMQP protocol. For
RabbitMQ they’re created using the rabbitmqctl utility found in the ./sbin/ directory
of your RabbitMQ installation. To create a vhost simply run rabbitmqctl
add_vhost [vhost_name], where [vhost_name] is the vhost you want to create. Deleting
a vhost is similarly simple: rabbitmqctl delete_vhost [vhost_name]. Once a vhost
has been created, you can connect to it and start adding your queues and exchanges.
If you need to find out what vhosts are running on a particular Rabbit server, run
rabbitmqctl list_vhosts and voila! There they are:
$ ./sbin/rabbitmqctl list_vhosts
Listing vhosts ...
/
oak
sycamore
...done.
我们已经说完了所有vhost的优点,但是如何创建他?
vhost和权限都是唯一存在的,他们是AMQP中无法通过AMQP协议创建的元件。
在rabbitmq中使用rabbitmqctl创建,rabbitmqctl在rabbitmq的安装目录的sbin中。
创建一个vhost只需要执行 rabbitmqctl add_vhost [vhost_name]。
如果一个vhost已经被创建了,你可以连接上去,添加queue和exchange。
如果你需要查看rabbitmq服务器上有哪些vhost,执行rabbitmqctl list_vhosts。
NOTE
Typically you’ll run rabbitmqctl directly on the server with the
RabbitMQ node you want to manage. But you can also pass the -n
rabbit@[server_name] option before any command to manage a remote
RabbitMQ node. The node identifier (rabbit@[server_name]) is split into
two parts at the @: the left half is the Erlang application name and will almost
always be rabbit, and the right half is the server hostname or IP address. You
need to make sure the server running the Rabbit node and the workstation
you’re running rabbitmqctl on have the same Erlang cookie installed. For
more info on Erlang cookies, check out section 3.4.1.
Now that you’ve secured your queues and exchanges with vhosts, it’s time to talk
about making sure critical messages don’t disappear when Rabbit crashes or reboots.
须知
你可以在rabbitmq节点上直接运行rabbitmqctl来管理,也可以通过传入-n rabbit@[server_name]
参数来管理一个远程的rabbitmq节点。节点标识(rabbit@[server_name])分为2部分,
由"@"分隔:左边是erlang程序名,一定是填写rabbit;右边是服务器名或者IP地址。