Skip to main content

Overview

RabbitMQ is a widely-used open-source message broker supporting AMQP and other messaging protocols. This template deploys a single-replica RabbitMQ instance with persistent storage and a built-in management UI.
This template does not create a GVC. You must deploy it into an existing GVC.

What Gets Created

  • Stateful Workload — A single-replica RabbitMQ container with the management plugin enabled.
  • Volume Set — Persistent storage for RabbitMQ node data at /var/lib/rabbitmq.
  • Secret — An opaque secret containing the rabbitmq.conf configuration file, mounted into the container at startup.
  • Identity & Policy — An identity bound to the workload with reveal access to the config secret.

Installation

To install, follow the instructions for your preferred method:

UI

Browse, install, and manage templates visually

CLI

Manage templates from your terminal

Terraform

Declare templates in your Terraform configurations

Pulumi

Declare templates in your Pulumi programs

Configuration

The default values.yaml for this template: 
image:
  repository: rabbitmq:3-management

memory: 250Mi
cpu: 200m

firewall:
  internal_inboundAllowType: same-gvc # Options: same-gvc, same-org
  # external_inboundAllowCIDR: 0.0.0.0/0
  # external_outboundAllowCIDR: 0.0.0.0/0

rabbitmq_conf:
  listeners_tcp_default: 5672
  default_user: user
  default_pass: changeMe

env:
  RABBITMQ_CONFIG_FILE: /etc/rabbitmq/rabbitmq.conf

volumeset:
  volume:
    initialCapacity: 10 # In GiB. For high-throughput-ssd minimum is 1000
    fileSystemType: ext4 # ext4 / xfs
    performanceClass: general-purpose-ssd # general-purpose-ssd / high-throughput-ssd

Credentials

  • rabbitmq_conf.default_user — RabbitMQ admin username. Change before deploying to production.
  • rabbitmq_conf.default_pass — RabbitMQ admin password. Change before deploying to production.
These values are only applied on first startup when there is no existing node data. Updating them after the initial deployment will have no effect on the running instance. To change credentials on an existing instance, use RabbitMQ’s management commands (e.g. rabbitmqctl change_password).

Resources

  • cpu — CPU allocated to the RabbitMQ workload.
  • memory — Memory allocated to the RabbitMQ workload.

Storage

  • volumeset.volume.initialCapacity — Initial volume size in GiB. For high-throughput-ssd, the minimum is 1000 GiB.
  • volumeset.volume.fileSystemTypeext4 or xfs.
  • volumeset.volume.performanceClassgeneral-purpose-ssd or high-throughput-ssd.

Firewall

  • firewall.internal_inboundAllowType — Controls which workloads can connect to RabbitMQ internally:
ValueDescription
same-gvcAllow access from all workloads in the same GVC (recommended)
same-orgAllow access from all workloads in the same organization
  • firewall.external_inboundAllowCIDR — Optional. Comma-separated list of CIDR ranges allowed to reach RabbitMQ from the internet (e.g. 0.0.0.0/0).
  • firewall.external_outboundAllowCIDR — Optional. Comma-separated list of CIDR ranges RabbitMQ is allowed to reach externally.

Connecting to RabbitMQ

Once deployed, connect to RabbitMQ from within the same GVC using: 
RELEASE_NAME-rabbitmq.GVC_NAME.cpln.local:5672
The management UI is available on port 15672 via the workload’s external endpoint (requires firewall.external_inboundAllowCIDR to be set).

Ports

PortProtocolDescription
5672AMQPPrimary messaging port (configurable via rabbitmq_conf.listeners_tcp_default)
15672HTTPManagement UI
15692HTTPPrometheus metrics

External References

RabbitMQ Documentation

Official RabbitMQ documentation

RabbitMQ Template

View the source files, default values, and chart definition