How To Deploy RabbitMQ On Public IP?
How To Deploy RabbitMQ On Public IP?

How To Deploy RabbitMQ On Public IP?

https://www.nilebits.com/blog/2024/08/how-to-deploy-rabbitmq-on-public-ip/

Anyone working with distributed systems, microservices, or wanting a dependable message broker accessible from several networks may find it useful to know how to deploy RabbitMQ on a public IP. You will be able to set up RabbitMQ on a public IP address by following this tutorial, which covers installation, setup, security concerns, and monitoring. You will have a stable RabbitMQ configuration that you can access from any location by the conclusion of this tutorial.

Prerequisites

Before diving into the deployment, ensure you have the following prerequisites:

  1. A Virtual Private Server (VPS) or a Cloud Instance: Choose a provider like AWS, Google Cloud, Azure, or DigitalOcean. This guide assumes you are using a Unix-based server (e.g., Ubuntu).
  2. A Public IP Address: Assigned to your VPS or cloud instance.
  3. Basic Knowledge of Unix Commands: Familiarity with command-line interface (CLI) operations.
  4. Root or Sudo Access: Required for installing and configuring RabbitMQ.

Step 1: Setting Up the Server

Start by setting up your server. This includes updating the package list, upgrading installed packages, and installing necessary dependencies.

sudo apt update
sudo apt upgrade -y
sudo apt install curl gnupg -y        

Step 2: Installing RabbitMQ

RabbitMQ requires Erlang, a programming language and runtime system. Install Erlang first, followed by RabbitMQ.

Installing Erlang

curl -fsSL https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc | sudo apt-key add -
echo "deb https://packages.erlang-solutions.com/ubuntu $(lsb_release -cs) contrib" | sudo tee /etc/apt/sources.list.d/erlang.list
sudo apt update
sudo apt install erlang -y        

Installing RabbitMQ

Add the RabbitMQ repository and install RabbitMQ:

curl -fsSL https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey | sudo apt-key add -
echo "deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/rabbitmq.list
sudo apt update
sudo apt install rabbitmq-server -y        

Start and enable RabbitMQ to run on startup:

sudo systemctl start rabbitmq-server
sudo systemctl enable rabbitmq-server        

Step 3: Configuring RabbitMQ

Enabling the Management Plugin

RabbitMQ comes with a management plugin that provides a web-based UI for managing and monitoring your RabbitMQ instance. Enable it with:

sudo rabbitmq-plugins enable rabbitmq_management        

The management interface is available at https://your_public_ip:15672. The default username and password are both guest. For security reasons, create a new user and disable the guest user.

Creating a New User

sudo rabbitmqctl add_user yourusername yourpassword
sudo rabbitmqctl set_user_tags yourusername administrator
sudo rabbitmqctl set_permissions -p / yourusername ".*" ".*" ".*"        

Disable the guest user:

sudo rabbitmqctl delete_user guest        

Step 4: Configuring Firewall and Network

To allow access to RabbitMQ from the internet, configure your firewall to open the necessary ports. RabbitMQ uses several ports:

  • 5672: AMQP (main protocol)
  • 15672: HTTP management UI
  • 25672: Erlang distribution
  • 4369: EPMD (Erlang Port Mapper Daemon)
  • 1883: MQTT
  • 61613: STOMP

Use the ufw firewall to open these ports:

sudo ufw allow 5672/tcp
sudo ufw allow 15672/tcp
sudo ufw allow 25672/tcp
sudo ufw allow 4369/tcp
sudo ufw allow 1883/tcp
sudo ufw allow 61613/tcp
sudo ufw enable        

Step 5: Configuring RabbitMQ for Public Access

Edit the RabbitMQ configuration to bind it to the public IP address. Open the RabbitMQ configuration file:

sudo nano /etc/rabbitmq/rabbitmq.conf        

Add the following lines, replacing your_public_ip with your actual public IP:

listeners.tcp.default = your_public_ip:5672
management.listener.port = 15672
management.listener.ip   = your_public_ip        

Restart RabbitMQ for the changes to take effect:

sudo systemctl restart rabbitmq-server        

Step 6: Securing RabbitMQ

SSL/TLS Configuration

To secure communication, configure SSL/TLS for RabbitMQ. First, generate the necessary certificates. You can use OpenSSL for this:

openssl genrsa -out server-key.pem 2048
openssl req -new -key server-key.pem -out server-req.pem
openssl x509 -req -in server-req.pem -signkey server-key.pem -out server-cert.pem        

Place the certificates in a secure directory and update the RabbitMQ configuration:

sudo nano /etc/rabbitmq/rabbitmq.conf        

Add the following lines:

listeners.ssl.default = your_public_ip:5671
ssl_options.cacertfile = /path/to/ca-cert.pem
ssl_options.certfile   = /path/to/server-cert.pem
ssl_options.keyfile    = /path/to/server-key.pem
ssl_options.verify     = verify_peer
ssl_options.fail_if_no_peer_cert = true        

Restart RabbitMQ:

sudo systemctl restart rabbitmq-server        

Enabling Firewall Rules for SSL/TLS

sudo ufw allow 5671/tcp        

Step 7: Monitoring RabbitMQ

Use the management interface at https://your_public_ip:15672 to monitor RabbitMQ. Additionally, consider integrating Prometheus and Grafana for advanced monitoring and alerting.

Prometheus Integration

Install the RabbitMQ Prometheus plugin:

sudo rabbitmq-plugins enable rabbitmq_prometheus        

Prometheus metrics will be available at https://your_public_ip:15692/metrics.

Grafana Setup

  1. Install Grafana and configure it to pull data from Prometheus.
  2. Create dashboards to visualize RabbitMQ metrics.

Step 8: Scaling RabbitMQ

For high availability and load balancing, consider clustering RabbitMQ nodes. Configure multiple RabbitMQ nodes to join the same cluster and use a load balancer to distribute traffic.

Clustering RabbitMQ

On each node, install RabbitMQ and configure clustering:

sudo rabbitmqctl stop_app
sudo rabbitmqctl reset
sudo rabbitmqctl join_cluster rabbit@<main-node>
sudo rabbitmqctl start_app        

Replace <main-node> with the hostname of the main node.

Step 9: Backing Up RabbitMQ

Regularly back up RabbitMQ data to prevent data loss. Use RabbitMQ's built-in tools or third-party solutions.

Backup Script

Create a backup script to export RabbitMQ definitions:

#!/bin/bash
timestamp=$(date +"%F")
backup_dir="/path/to/backup/dir"
mkdir -p $backup_dir
sudo rabbitmqctl export_definitions $backup_dir/rabbitmq-backup-$timestamp.json        

Set up a cron job to run the script daily:

crontab -e        

Add the following line:

0 2 * * * /path/to/backup/script.sh        

Conclusion

Deploying RabbitMQ on a public IP involves careful planning and configuration to ensure secure and efficient operation. By following the steps outlined in this guide, you can set up RabbitMQ to be accessible from anywhere, securely handle messages, and monitor its performance. Remember to regularly update and secure your RabbitMQ installation to protect against vulnerabilities.

References

https://www.nilebits.com/blog/2024/08/how-to-deploy-rabbitmq-on-public-ip/

Marcelo Grebois

? Infrastructure Engineer ? DevOps ? SRE ? MLOps ? AIOps ? Helping companies scale their platforms to an enterprise grade level

7 个月

Setting up RabbitMQ on a public IP involves addressing installation, configuration, and security protocols. It's vital to ensure robust monitoring for reliable operations. Would you be sharing insights from your experiences as well?

要查看或添加评论,请登录

Amr Saafan的更多文章

社区洞察

其他会员也浏览了