DEV Community

Cover image for How To Deploy RabbitMQ On Public IP?
Amr Saafan for Nile Bits

Posted on • Originally published at nilebits.com

How To Deploy RabbitMQ On Public IP?

Anyone working with distributed systems, microservices, or wanting a dependable message broker accessible from several networks may find it useful to know how to deploy RabbitMQ on a public IP. You will be able to set up RabbitMQ on a public IP address by following this tutorial, which covers installation, setup, security concerns, and monitoring. You will have a stable RabbitMQ configuration that you can access from any location by the conclusion of this tutorial.

Prerequisites

Before diving into the deployment, ensure you have the following prerequisites:

A Virtual Private Server (VPS) or a Cloud Instance: Choose a provider like AWS, Google Cloud, Azure, or DigitalOcean. This guide assumes you are using a Unix-based server (e.g., Ubuntu).

A Public IP Address: Assigned to your VPS or cloud instance.

Basic Knowledge of Unix Commands: Familiarity with command-line interface (CLI) operations.

Root or Sudo Access: Required for installing and configuring RabbitMQ.

Step 1: Setting Up the Server

Start by setting up your server. This includes updating the package list, upgrading installed packages, and installing necessary dependencies.

sudo apt update
sudo apt upgrade -y
sudo apt install curl gnupg -y
Enter fullscreen mode Exit fullscreen mode

Step 2: Installing RabbitMQ

RabbitMQ requires Erlang, a programming language and runtime system. Install Erlang first, followed by RabbitMQ.

Installing Erlang

curl -fsSL https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc | sudo apt-key add -
echo "deb https://packages.erlang-solutions.com/ubuntu $(lsb_release -cs) contrib" | sudo tee /etc/apt/sources.list.d/erlang.list
sudo apt update
sudo apt install erlang -y
Enter fullscreen mode Exit fullscreen mode

Installing RabbitMQ

Add the RabbitMQ repository and install RabbitMQ:

curl -fsSL https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey | sudo apt-key add -
echo "deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/rabbitmq.list
sudo apt update
sudo apt install rabbitmq-server -y
Enter fullscreen mode Exit fullscreen mode

Start and enable RabbitMQ to run on startup:

sudo systemctl start rabbitmq-server
sudo systemctl enable rabbitmq-server
Enter fullscreen mode Exit fullscreen mode

Step 3: Configuring RabbitMQ

Enabling the Management Plugin

RabbitMQ comes with a management plugin that provides a web-based UI for managing and monitoring your RabbitMQ instance. Enable it with:

sudo rabbitmq-plugins enable rabbitmq_management
Enter fullscreen mode Exit fullscreen mode

The management interface is available at http://your_public_ip:15672. The default username and password are both guest. For security reasons, create a new user and disable the guest user.

Creating a New User

sudo rabbitmqctl add_user yourusername yourpassword
sudo rabbitmqctl set_user_tags yourusername administrator
sudo rabbitmqctl set_permissions -p / yourusername ".*" ".*" ".*"
Enter fullscreen mode Exit fullscreen mode

Disable the guest user:

sudo rabbitmqctl delete_user guest
Enter fullscreen mode Exit fullscreen mode

Step 4: Configuring Firewall and Network

To allow access to RabbitMQ from the internet, configure your firewall to open the necessary ports. RabbitMQ uses several ports:

5672: AMQP (main protocol)

15672: HTTP management UI

25672: Erlang distribution

4369: EPMD (Erlang Port Mapper Daemon)

1883: MQTT

61613: STOMP

Use the ufw firewall to open these ports:

sudo ufw allow 5672/tcp
sudo ufw allow 15672/tcp
sudo ufw allow 25672/tcp
sudo ufw allow 4369/tcp
sudo ufw allow 1883/tcp
sudo ufw allow 61613/tcp
sudo ufw enable
Enter fullscreen mode Exit fullscreen mode

Step 5: Configuring RabbitMQ for Public Access

Edit the RabbitMQ configuration to bind it to the public IP address. Open the RabbitMQ configuration file:

sudo nano /etc/rabbitmq/rabbitmq.conf
Enter fullscreen mode Exit fullscreen mode

Add the following lines, replacing your_public_ip with your actual public IP:

listeners.tcp.default = your_public_ip:5672
management.listener.port = 15672
management.listener.ip   = your_public_ip
Enter fullscreen mode Exit fullscreen mode

Restart RabbitMQ for the changes to take effect:

sudo systemctl restart rabbitmq-server
Enter fullscreen mode Exit fullscreen mode

Step 6: Securing RabbitMQ

SSL/TLS Configuration

To secure communication, configure SSL/TLS for RabbitMQ. First, generate the necessary certificates. You can use OpenSSL for this:

openssl genrsa -out server-key.pem 2048
openssl req -new -key server-key.pem -out server-req.pem
openssl x509 -req -in server-req.pem -signkey server-key.pem -out server-cert.pem
Enter fullscreen mode Exit fullscreen mode

Place the certificates in a secure directory and update the RabbitMQ configuration:

sudo nano /etc/rabbitmq/rabbitmq.conf
Enter fullscreen mode Exit fullscreen mode

Add the following lines:

listeners.ssl.default = your_public_ip:5671
ssl_options.cacertfile = /path/to/ca-cert.pem
ssl_options.certfile   = /path/to/server-cert.pem
ssl_options.keyfile    = /path/to/server-key.pem
ssl_options.verify     = verify_peer
ssl_options.fail_if_no_peer_cert = true
Enter fullscreen mode Exit fullscreen mode

Restart RabbitMQ:

sudo systemctl restart rabbitmq-server
Enter fullscreen mode Exit fullscreen mode

Enabling Firewall Rules for SSL/TLS

sudo ufw allow 5671/tcp
Enter fullscreen mode Exit fullscreen mode

Step 7: Monitoring RabbitMQ

Use the management interface at https://your_public_ip:15672 to monitor RabbitMQ. Additionally, consider integrating Prometheus and Grafana for advanced monitoring and alerting.

Prometheus Integration

Install the RabbitMQ Prometheus plugin:

sudo rabbitmq-plugins enable rabbitmq_prometheus

Prometheus metrics will be available at http://your_public_ip:15692/metrics.

Grafana Setup

Install Grafana and configure it to pull data from Prometheus.

Create dashboards to visualize RabbitMQ metrics.

Step 8: Scaling RabbitMQ

For high availability and load balancing, consider clustering RabbitMQ nodes. Configure multiple RabbitMQ nodes to join the same cluster and use a load balancer to distribute traffic.

Clustering RabbitMQ

On each node, install RabbitMQ and configure clustering:

sudo rabbitmqctl stop_app
sudo rabbitmqctl reset
sudo rabbitmqctl join_cluster rabbit@<main-node>
sudo rabbitmqctl start_app
Enter fullscreen mode Exit fullscreen mode

Replace with the hostname of the main node.

Step 9: Backing Up RabbitMQ

Regularly back up RabbitMQ data to prevent data loss. Use RabbitMQ's built-in tools or third-party solutions.

Backup Script

Create a backup script to export RabbitMQ definitions:

#!/bin/bash
timestamp=$(date +"%F")
backup_dir="/path/to/backup/dir"
mkdir -p $backup_dir
sudo rabbitmqctl export_definitions $backup_dir/rabbitmq-backup-$timestamp.json
Enter fullscreen mode Exit fullscreen mode

Set up a cron job to run the script daily:

crontab -e

Enter fullscreen mode Exit fullscreen mode

Add the following line:

0 2 * * * /path/to/backup/script.sh

Enter fullscreen mode Exit fullscreen mode

Conclusion

Deploying RabbitMQ on a public IP involves careful planning and configuration to ensure secure and efficient operation. By following the steps outlined in this guide, you can set up RabbitMQ to be accessible from anywhere, securely handle messages, and monitor its performance. Remember to regularly update and secure your RabbitMQ installation to protect against vulnerabilities.

References

RabbitMQ Official Documentation

Erlang Solutions

OpenSSL Documentation

Prometheus Documentation

Grafana Documentation

DigitalOcean Guides

Top comments (0)