写在最前
1. docker 部署
2. kubernetes 部署
2.1 configmap
apiVersion: v1
kind: ConfigMap
metadata:
name: rabbitmq-config
namespace: bx
data:
enabled_plugins: |
[rabbitmq_management,rabbitmq_peer_discovery_k8s].
rabbitmq.conf: |
## Cluster formation. See https://www.rabbitmq.com/cluster-formation.html to learn more.
cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
## Should RabbitMQ node name be computed from the pod's hostname or IP address?
## IP addresses are not stable, so using [stable] hostnames is recommended when possible.
## Set to "hostname" to use pod hostnames.
## When this value is changed, so should the variable used to set the RABBITMQ_NODENAME
## environment variable.
cluster_formation.k8s.address_type = hostname
## How often should node cleanup checks run?
cluster_formation.node_cleanup.interval = 30
## Set to false if automatic removal of unknown/absent nodes
## is desired. This can be dangerous, see
## * https://www.rabbitmq.com/cluster-formation.html#node-health-checks-and-cleanup
## * https://groups.google.com/forum/#!msg/rabbitmq-users/wuOfzEywHXo/k8z_HWIkBgAJ
cluster_formation.node_cleanup.only_log_warning = true
cluster_partition_handling = autoheal
## See https://www.rabbitmq.com/ha.html#master-migration-data-locality
queue_master_locator=min-masters
## This is just an example.
## This enables remote access for the default user with well known credentials.
## Consider deleting the default user and creating a separate user with a set of generated
## credentials instead.
## Learn more at https://www.rabbitmq.com/access-control.html#loopback-users
loopback_users.guest = false
2.2 secret
admin:8D2303DC-431D-447E-8EC5-3B68BEA19984
kind: Secret
apiVersion: v1
metadata:
name: rabbitmq-secret
namespace: bx
annotations:
kubesphere.io/creator: admin
data:
RABBITMQ_DEFAULT_PASS: OEQyMzAzREMtNDMxRC00NDdFLThFQzUtM0I2OEJFQTE5OTg0
RABBITMQ_DEFAULT_USER: YWRtaW4=
type: Opaque
2.2 service
开启nodeport调试,生产禁止开启要使用ingress来访问。
kind: Service
apiVersion: v1
metadata:
namespace: bx
name: rabbitmq
labels:
app: rabbitmq
spec:
type: NodePort
ports:
- name: http
protocol: TCP
port: 15672
targetPort: 15672 # 管理界面端口
nodePort: 31672
- name: amqp
protocol: TCP
port: 5672
targetPort: 5672 # mq服务端口
nodePort: 30672
selector:
app: rabbitmq
2.3 rbac
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: rabbitmq
namespace: bx
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rabbitmq-peer-discovery-rbac
namespace: bx
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rabbitmq-peer-discovery-rbac
namespace: bx
subjects:
- kind: ServiceAccount
name: rabbitmq
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rabbitmq-peer-discovery-rbac
2.4 statefulset
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: rabbitmq
namespace: bx
annotations:
kubesphere.io/creator: admin
spec:
replicas: 3
selector:
matchLabels:
app: rabbitmq
template:
metadata:
creationTimestamp: null
labels:
app: rabbitmq
annotations:
kubesphere.io/creator: admin
kubesphere.io/imagepullsecrets: '{}'
logging.kubesphere.io/logsidecar-config: '{}'
spec:
volumes:
- name: config
configMap:
name: rabbitmq-config
items:
- key: rabbitmq.conf
path: rabbitmq.conf
- key: enabled_plugins
path: enabled_plugins
defaultMode: 420
containers:
- name: rabbitmq
image: 'rabbitmq:3.8'
ports:
- name: http
containerPort: 15672
protocol: TCP
- name: amqp
containerPort: 5672
protocol: TCP
env:
- name: MY_POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: RABBITMQ_USE_LONGNAME
value: 'true'
- name: K8S_SERVICE_NAME
value: rabbitmq
- name: RABBITMQ_NODENAME
value: >-
rabbit@$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
- name: K8S_HOSTNAME_SUFFIX
value: .$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
- name: RABBITMQ_ERLANG_COOKIE
value: mycookie
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
name: rabbitmq-secret
key: RABBITMQ_DEFAULT_PASS
- name: RABBITMQ_DEFAULT_USER
valueFrom:
secretKeyRef:
name: rabbitmq-secret
key: RABBITMQ_DEFAULT_USER
resources: {}
volumeMounts:
- name: config
mountPath: /etc/rabbitmq
- name: data
mountPath: /var/lib/rabbitmq/mnesia
livenessProbe:
exec:
command:
- rabbitmq-diagnostics
- status
initialDelaySeconds: 60
timeoutSeconds: 15
periodSeconds: 60
successThreshold: 1
failureThreshold: 3
readinessProbe:
exec:
command:
- rabbitmq-diagnostics
- ping
initialDelaySeconds: 20
timeoutSeconds: 10
periodSeconds: 60
successThreshold: 1
failureThreshold: 3
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 10
dnsPolicy: ClusterFirst
serviceAccountName: rabbitmq
serviceAccount: rabbitmq
securityContext: {}
schedulerName: default-scheduler
volumeClaimTemplates:
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: data
namespace: bx
creationTimestamp: null
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: nfs-client
volumeMode: Filesystem
status:
phase: Pending
serviceName: rabbitmq
podManagementPolicy: OrderedReady
updateStrategy:
type: RollingUpdate
revisionHistoryLimit: 10
persistentVolumeClaimRetentionPolicy:
whenDeleted: Retain
whenScaled: Retain