How VPS - How to use/setup VPS
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
How VPS - How to use/setup VPS
No Result
View All Result
Home Operating System CentOS

Clustering RabbitMQ on CentOS 7

How VPS by How VPS
October 1, 2019
in CentOS
0
0
SHARES
14
VIEWS
Share on FacebookShare on Twitter

Contents

  1. Prerequisites
  2. Configure the firewall
  3. Install rabbitmqadmin
  4. Configure DNS
  5. Cluster the nodes
  6. Create a high-availability policy
  7. Testing the setup
  8. Delete the guest user
  9. Want to contribute?


RabbitMQ is an open-source message broker that supports AMQP, STOMP and other communication technologies. It’s widely used in enterprise applications and modern micro-service architectures where it acts as an asynchronous message channel between different micro-services.
This guide will describe how you can cluster RabbitMQ on multiple CentOS 7 servers to form a high-availability message broker. In this tutorial, one server will act as a master server and the other servers will act as mirror servers in case the master server becomes unavailable.

Prerequisites

  • At least two freshly deployed and updated CentOS 7 instances in the same subnet with private networking enabled
  • RabbitMQ installed with the management console enabled on each server (see How to Install RabbitMQ on CentOS 7)
  • A non-admin user with sudo rights (See How to Use Sudo on Debian, CentOS, and FreeBSD)

Configure the firewall

The CentOS firewall, (firewalld), does not permit any incoming traffic by default. To make RabbitMQ available for other systems in and outside the network, and to allow us to access the management console, we must first open some ports.

The web interface management console of RabbitMQ listens by default on port 15672. We would like to make the management console publicly available so that we can access it from our computer. We therefore will instruct firewalld to permanently open port 15672 in the public zone (which is the default and active zone on a Vultr instance).

sudo firewall-cmd --zone=public --add-port=15672/tcp --permanent

The RabbitMQ nodes need to be able to communicate with each other. We would like to open the necessary ports, but only over the internal network. We don’t want anyone on the internet to be able to administer or directly contact our servers. The following commands assume that our servers are on the 192.168.0.100/24 subnet.

The first service is the epmd peer discovery service which listens by default on port 4369.

sudo firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.0.100/24"
  port protocol="tcp" port="4369" accept'

For internode and CLI communication, RabbitMQ needs to be able to communicate over port 25672.

sudo firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.0.100/24"
  port protocol="tcp" port="25672" accept'

The CLI tools communicate over the ports range 35672-35682.

sudo firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.0.100/24"
  port protocol="tcp" port="35672-35682" accept'

If your applications need the AMQP protocol, you will also need to open ports 5671 and 5672. If you need to be able to communicate over another protocol, you can find the necessary information about the networking requirements of RabbitMQ on the official RabbitMQ documentation.

sudo firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.0.100/24"
  port protocol="tcp" port="5672" accept'

sudo firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.0.100/24"
  port protocol="tcp" port="5671" accept'

Now that firewalld is configured, we need to instruct it to reload the configuration.

sudo firewall-cmd --reload

Repeat the steps from this section on all servers.

Install rabbitmqadmin

The management plugin comes with a Python tool called rabbitmqadmin which can be easily installed on the system once the management plugin is enabled.

sudo wget http://localhost:15672/cli/rabbitmqadmin
sudo mv rabbitmqadmin /usr/local/bin/
sudo chmod +x /usr/local/bin/rabbitmqadmin

Configure DNS

You must use the server’s hostnames to identify the servers when clustering. By default, the servers have no DNS record assigned and the connection will fail. To quickly overcome this, add the master and mirror host name to the /etc/hosts file using your favourite editor.

For example, your master’s hosts file might look like the following. Notice the last two records, which allow the servers to identify each other by their hostname. Be sure to change the IP addresses to your own.

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

127.0.0.1 guest
::1       guest

127.0.0.1 YOUR_MASTER_SERVER_HOST_NAME
::1       YOUR_MASTER_SERVER_HOST_NAME


192.168.0.101 YOUR_MASTER_SERVER_HOST_NAME
192.168.0.102 YOUR_MIRROR_SERVER_HOST_NAME

Cluster the nodes

An import prerequisite to allow nodes to join each other is that the Erlang cookie of all nodes are identical. By default, each node will be assigned a unique Erlang cookie, so you must reconfigure it on all nodes.

The following command will set the Erlang cookie to “WE<3COOKIES“, but feel free to change this to your liking. Do this on all servers.

sudo sh -c "echo 'WE<3COOKIES' > /var/lib/rabbitmq/.erlang.cookie"

Restart RabbitMQ on all servers to make sure that the Erlang cookie is properly reloaded.

sudo systemctl restart rabbitmq-server.service

Execute the following commands on all servers except on the master server. This will let the nodes join the master server and form a cluster.

sudo rabbitmqctl stop_app
sudo rabbitmqctl join_cluster "[email protected]<YOUR_MASTER_SERVER_HOST_NAME>"
sudo rabbitmqctl start_app

Verify that the nodes have joined the cluster by running the following command.

sudo rabbitmqctl cluster_status

All of your nodes will appear in the nodes and running_nodes section of the output. From now on, you no longer need to repeat steps on each server, configuration will automatically be mirrored to the other nodes.

Create a high-availability policy

Now that we have a cluster of RabbitMQ nodes, we can use this to make high-availability queues and exchanges by setting up a new policy. This policy can be added through the RabbitMQ Management Console or using the command line interface.

sudo rabbitmqctl set_policy -p "/" --priority 1 --apply-to "all" ha ".*" '{ "ha-mode": "exactly", "ha-params": 2, "ha-sync-mode": "automatic"}'

The following list will explain what each part of the command means.

  • -p "/": Use this policy on the "/" vhost (the default after installation)
  • --priority 1: The order in which to apply policies
  • --apply-to "all": Can be "queues", "exchanges" or "all"
  • ha: The name we give to our policy
  • ".*": The regular expression which is used to decide to which queues or exchanges this policy is applied. ".*" will match anything
  • '{ "ha-mode": "exactly", "ha-params": 2, "ha-sync-mode": "automatic"}': The JSON representation of the policy. This document describes that we want – exactly 2 nodes on which the data is automatically synchronized

In short, this policy will ensure that we will always have 2 copies of the data on a queue or exchange as long as we have at least 2 nodes up and running. If you have more nodes you can increase the value of ha-params. A quorum, (N/2 + 1), of nodes is advised. Having more copies of your data would result in higher disk, i/o and net usage which could result in a degraded performance.

If you would like to mirror the data to all the nodes in the cluster, you could use the following JSON document.

'{ "ha-mode": "all", "ha-sync-mode": "automatic"}'

If you would like to mirror the data only to specific nodes, (for example: node-1 and node-2), you could use the following.

'{ "ha-mode": "nodes", "ha-params" :["[email protected]", "[email protected]"], "ha-sync-mode": "automatic"}'

You can change the regular expression to assign different policies to different queues. Say we have the following three nodes:

  • [email protected]
  • [email protected]
  • [email protected]

We can then create two policies which will result in queues having a name that starts with “client” to be mirrored to the [email protected] node and all queues that have a name which starts with “product” to be mirrored to the [email protected] node.

sudo rabbitmqctl set_policy -p "/" --priority 1 --apply-to "queues" ha-client "client.*" '{ "ha-mode": "nodes", "ha-params": ["[email protected]", "[email protected]"], "ha-sync-mode": "automatic"}
sudo rabbitmqctl set_policy -p "/" --priority 1 --apply-to "queues" ha-product "product.*" '{ "ha-mode": "nodes", "ha-params": ["[email protected]", "[email protected]"], "ha-sync-mode": "automatic"}

A small remark here: exclusive queues are never mirrored or durable in RabbitMQ, even if this policy would match such queues. Exclusive queues are automatically destroyed once a client disconnects and, as such, it would be of no use to replicate it to another server. If the server were to fail, the client would disconnect from it and the queue would be destroyed automatically. Mirrored instances would be destroyed as well.

Testing the setup

In order to test the clustered setup we can create a new queue using the command line interface through the management console.

sudo rabbitmqadmin declare queue --vhost "/" name=my-ha-queue durable=true

This will create a durable queue on the default / vhost with the name my-ha-queue.

Run the following command and verify in the output that the queue has our ‘ha’ policy assigned and has pid’s on the master and on a mirror node.

sudo rabbitmqctl list_queues name policy state pid slave_pids

We can now publish a message to the queue from the master node and stop RabbitMQ on the master node.

sudo rabbitmqadmin -u user_name -p password  publish routing_key=my-ha-queue payload="hello world"
sudo systemctl rabbitmqctl shutdown

Now get it back by connecting to the mirror node.

 sudo rabbitmqadmin -H MIRROR_NODE_IP_OR_DNS -u user_name -p password get queue=my-ha-queue

Finally, we can restart our master node.

sudo systemctl start rabbitmq-server.service

Delete the guest user

As mentioned before, RabbitMQ automatically creates a guest user with a default guest password. It would be bad practice to leave this default user on a publicly exposed system.

sudo rabbitmqctl delete_user guest

Want to contribute?

You could earn up to $300 by adding new articles

Submit your article
Suggest an update
Request an article
How VPS

How VPS

Related Posts

Failed to download metadata for repo 'appstream' on Centos 8
CentOS

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

February 25, 2022
How to Install BoltWire CMS on CentOS 7
CentOS

How to Install BoltWire CMS on CentOS 7

February 14, 2020
Showterm.io – A Terminal/Shell Recording, Upload and Share Tool for Linux
CentOS

Setup HTTP Authentication With Nginx on CentOS 7

February 14, 2020
Next Post

Install the H2O Web Server on CentOS 7

How to Install YOURLS on CentOS 7

How to Install Concrete5 on CentOS 7

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 121 Followers
  • 87.2k Followers

Recommended

How to Install Kanboard on CentOS 7

3 years ago

Force Apt-Get to IPv4 or IPv6 on Ubuntu or Debian

3 years ago

How to Install PHP 7.3 on an Arch Linux Webserver

4 years ago

Installing ownCloud 6 on CentOS 6

3 years ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

Topics

Apache Web Server Bluehost Review 2019 Bluehost Review 2020 Bluehost Review 2021 Centmin Mod CentminMod centos install htop fsck htop install HTTP DoS attack Install Snort on an Ubuntu install Zabbix on CentOS install Zabbix on CentOS 7 Linux Commands linux guide linux install htop linux vps setup guide MariaDB MariaDB Error Mysql mysqld error optimize MariaDB optimize Mysql snort Ubuntu
No Result
View All Result

Highlights

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Webmin Reviews

Virtualmin Reviews

CentOS Web Panel Reviews

Ajenti Reviews

ISPConfig Reviews

Trending

Failed to download metadata for repo 'appstream' on Centos 8
CentOS

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

by How VPS
February 25, 2022
0

I tried to update some extensions by use yum on centOs which I specified in Dockerfile. After...

How to Fix MySQL Error "Plugin 'InnoDB' registration as a STORAGE ENGINE failed"?

How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”?

November 17, 2020
How to optimize Mysql or MariaDB

How to optimize Mysql or MariaDB

November 3, 2020
Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

February 17, 2020
Webmin Reviews

Webmin Reviews

February 17, 2020
How VPS – How to use/setup VPS

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8 February 25, 2022
  • How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”? November 17, 2020
  • How to optimize Mysql or MariaDB November 3, 2020

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

[mc4wp_form]

© 2018 JNews - City News Magazine WordPress theme. All rights belong to their respective owners.
JNews is a top selling 2018 WordPress News, Blog, Newspaper & Magazine Theme.

No Result
View All Result
  • Home

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.