Leek says my broker isnt reachable due to broker_management is_alive check failure #86
Description
Describe the bug
Not 100% sure this is a bug, but the celery user by default does not have access to the aliveness-check api. so When the broker_management client calls is_alive it seems to fail and claim that my broker is not reachable.
I tried it from inside the running leek container
>>> import kombu
>>> c = kombu.connection.Connection("amqp://celery:<redacted>@rabbitmq.service.consul:5672/celery")
>>>
>>> c.ensure_connection(max_retries=2)
<Connection: amqp://celery:**@rabbitmq.service.consul:5672/celery at 0x7f415ae0f7f0>
>>> c.release()
>>> c = AMQPClient("rabbitmq.service.consul:15672", "celery", <redacted>, scheme="http", verify=False)
>>> c.is_alive()
Traceback (most recent call last):
File "/opt/venv/lib/python3.8/site-packages/pyrabbit2/api.py", line 124, in _call
resp = self.http.do_call(path, method, body, headers, params)
File "/opt/venv/lib/python3.8/site-packages/pyrabbit2/http.py", line 110, in do_call
raise HTTPError(content, resp.status_code, resp.text, path, body)
pyrabbit2.http.HTTPError: 401 - {"error":"not_authorised","reason":"User not authorised to access virtual host"} (User not authorised to access virtual host) (aliveness-test/%2F) (None)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/venv/lib/python3.8/site-packages/pyrabbit2/api.py", line 260, in is_alive
resp = self._call(uri, 'GET')
File "/opt/venv/lib/python3.8/site-packages/pyrabbit2/api.py", line 127, in _call
raise PermissionError('Insufficient permissions to query ' +
pyrabbit2.api.PermissionError: Insufficient permissions to query aliveness-test/%2F with user celery :401 - {"error":"not_authorised","reason":"User not authorised to access virtual host"} liveness-test/%2F) (None)
Is there any workaround / other way to check if the broker_management_url is reeachable that wouldnt involve giving my production celery user more vhost access?
Additionally, the responses in the ui dont indicate if its the broker_management that is unreachable or the broker, it seems to return a generic "broker" unreachable message.