Vultr DocsLatest Articles

How to Install RabbitMQ on Rocky Linux 9

RabbitMQRocky Linux
sd
Updated on October 4, 2024
How to Install RabbitMQ on Rocky Linux 9 header image

Introduction

RabbitMQ is an open-source message broker that uses the Advanced Message Queuing Protocol (AMQP) to exchange messages between applications. RabbitMQ works as a distributed system that handles high-throughput workloads to efficiently improve applications' performance and stability.

In this article, you'll install RabbitMQ on Rocky Linux 9 and manage message queues on the server.

Prerequisites

Before you begin:

Install RabbitMQ on Rocky Linux 9

RabbitMQ is not available in the default package repositories on Rocky Linux 9. Follow the steps below to install the RabbitMQ repository information and dependency packages.

  1. Import the RabbitMQ primary signing keys.

    console 
    $ sudo rpm --import 'https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc'

  2. Import the Erlang signing keys.

    console 
    $ sudo rpm --import 'https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key'

  3. Import the RabbitMQ server signing keys.

    console 
    $ sudo rpm --import 'https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key'

  4. Create a new /etc/yum.repos.d/rabbitmq.repo RabbitMQ repository file using a text editor like nano.

    console 
    $ sudo nano /etc/yum.repos.d/rabbitmq.repo

  5. Add the following contents to the file.

    ini 
    # In /etc/yum.repos.d/rabbitmq.repo

##
## Zero dependency Erlang RPM
##

[modern-erlang]
name=modern-erlang-el9
# Use a set of mirrors maintained by the RabbitMQ core team.
# The mirrors have significantly higher bandwidth quotas.
baseurl=https://yum1.rabbitmq.com/erlang/el/9/$basearch
        https://yum2.rabbitmq.com/erlang/el/9/$basearch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md

[modern-erlang-noarch]
name=modern-erlang-el9-noarch
# Use a set of mirrors maintained by the RabbitMQ core team.
# The mirrors have significantly higher bandwidth quotas.
baseurl=https://yum1.rabbitmq.com/erlang/el/9/noarch
        https://yum2.rabbitmq.com/erlang/el/9/noarch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key
       https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md

[modern-erlang-source]
name=modern-erlang-el9-source
# Use a set of mirrors maintained by the RabbitMQ core team.
# The mirrors have significantly higher bandwidth quotas.
baseurl=https://yum1.rabbitmq.com/erlang/el/9/SRPMS
        https://yum2.rabbitmq.com/erlang/el/9/SRPMS
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key
       https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1


##
## RabbitMQ Server
##

[rabbitmq-el9]
name=rabbitmq-el9
baseurl=https://yum2.rabbitmq.com/rabbitmq/el/9/$basearch
        https://yum1.rabbitmq.com/rabbitmq/el/9/$basearch
repo_gpgcheck=1
enabled=1
# Cloudsmith's repository key and RabbitMQ package signing key
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key
       https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md

[rabbitmq-el9-noarch]
name=rabbitmq-el9-noarch
baseurl=https://yum2.rabbitmq.com/rabbitmq/el/9/noarch
        https://yum1.rabbitmq.com/rabbitmq/el/9/noarch
repo_gpgcheck=1
enabled=1
# Cloudsmith's repository key and RabbitMQ package signing key
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key
       https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md

[rabbitmq-el9-source]
name=rabbitmq-el9-source
baseurl=https://yum2.rabbitmq.com/rabbitmq/el/9/SRPMS
        https://yum1.rabbitmq.com/rabbitmq/el/9/SRPMS
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key
gpgcheck=0
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md

    Save and close the file.

    The above configuration enables access to the RabbitMQ and Erlang repositories for Rocky Linux 9.

  6. Update the server's package information index to apply the new repository.

    console 
    $ sudo dnf update -y

  7. Install the socat and logrotate RabbitMQ dependency packages.

    console 
    $ sudo dnf install -y socat logrotate

  8. Install RabbitMQ and Erlang.

    console 
    $ sudo dnf install -y erlang rabbitmq-server

  9. Enable the RabbitMQ service to automatically start at boot.

    console 
    $ sudo systemctl enable rabbitmq-server

  10. Start the RabbitMQ service.

    console 
    $ sudo systemctl start rabbitmq-server

  11. View the RabbitMQ service status and verify it's running.

    console 
    $ sudo systemctl status rabbitmq-server

    Output:

    ● rabbitmq-server.service - RabbitMQ broker
     Loaded: loaded (/usr/lib/systemd/system/rabbitmq-server.service; enabled; preset: disabled)
     Active: active (running) since Wed 2024-08-14 17:57:40 IST; 1 day 20h ago
   Main PID: 995 (beam.smp)
      Tasks: 32 (limit: 48585)
     Memory: 178.0M
        CPU: 37.462s
     CGroup: /system.slice/rabbitmq-server.service
         ├─ 995 /usr/lib64/erlang/erts-14.2.5/bin/beam.smp -W w -MBas ageffcbf -MHas ageffcbf -MBlmbcs 512 -MHlmbcs 512 -MMmcs 30>
         ├─1048 erl_child_setup 32768
         ├─1366 sh -s disksup
         ├─1368 /usr/lib64/erlang/lib/os_mon-2.9.1/priv/bin/memsup
         ├─1369 /usr/lib64/erlang/lib/os_mon-2.9.1/priv/bin/cpu_sup
         ├─1669 /usr/lib64/erlang/erts-14.2.5/bin/inet_gethost 4
         ├─1671 /usr/lib64/erlang/erts-14.2.5/bin/inet_gethost 4
         ├─1687 /usr/lib64/erlang/erts-14.2.5/bin/epmd -daemon
         └─2043 /bin/sh -s rabbit_disk_monitor

    The RabbitMQ service is active and running on your server based on the active (running) message in the above output.

Configure RabbitMQ

RabbitMQ uses a web console to manage application processes on the server. Follow the steps below to create a new RabbitMQ user, install rabbitmqadmin, and run the web console on the default port 15672.

  1. Get the latest RabbitMQ server version and assign the value to a new LATEST_VERSION variable.

    console 
    $ LATEST_VERSION=$(curl -s https://api.github.com/repos/rabbitmq/rabbitmq-server/releases/latest | grep -Po '"tag_name": "\K.*?(?=")')

  2. Download the latest rabbitmqadmin version from the RabbitMQ GitHub repository.

    console 
    $ curl -O https://raw.githubusercontent.com/rabbitmq/rabbitmq-server/${LATEST_VERSION}/deps/rabbitmq_management/bin/rabbitmqadmin

  3. Set the execute permissions on the rabbitmqadmin binary.

    console 
    $ chmod +x rabbitmqadmin

  4. Move the rabbitmqadmin binary to the /usr/local/bin directory to enable system-wide access to the tool.

    console 
    $ sudo mv rabbitmqadmin /usr/local/bin/

  5. Enable the RabbitMQ management plugin.

    console 
    $ sudo rabbitmq-plugins enable rabbitmq_management

  6. Create a new RabbitMQ user and set a strong password for the user. Replace exampleuser and strong_password with your desired user details.

    console 
    $ sudo rabbitmqctl add_user exampleuser strong_password

  7. Grant the user access privileges to the RabbitMQ console.

    console 
    $ sudo rabbitmqctl set_permissions -p / exampleuser ".*" ".*" ".*"

  8. Assign the user to a specific role, such as administrator.

    console 
    $ sudo rabbitmqctl set_user_tags exampleuser administrator

Secure RabbitMQ

By default, RabbitMQ creates a guest user with full administrative privileges. Disable the user and enable secure access to the RabbitMQ console using valid SSL certificates to enable encrypted HTTPS connections. Follow the steps below to configure Nginx as a reverse proxy for RabbitMQ, disable the default guest user, and generate trusted Let's Encrypt SSL certificates to secure the RabbitMQ console.

  1. Disable the RabbitMQ guest user.

    console 
    $ sudo rabbitmqctl delete_user guest

  2. Start the default firewalld utility.

    console 
    $ sudo systemctl start firewalld

  3. Allow network connections to the HTTP port 80 through the firewall to enable Let's Encrypt validations.

    console 
    $ sudo firewall-cmd --zone=public --permanent --add-port=80/tcp

  4. Allow network connections to the HTTPS port 443 through the firewall.

    console 
    $ sudo firewall-cmd --zone=public --permanent --add-port=443/tcp

  5. Reload firewalld to apply the configuration changes.

    console 
    $ sudo firewall-cmd --reload

  6. Install Nginx.

    console 
    $ sudo dnf install nginx -y

  7. Create a new virtual host for RabbitMQ. For example, rabbitmq.conf.

    console 
    $ sudo nano /etc/nginx/conf.d/rabbitmq.conf

  8. Add the following contents to the file. Replace rabbitmq.example.com with your domain name.

    nginx 
    server {
       listen 80;
       listen [::]:80;

       server_name rabbitmq.example.com;

       location / {
       proxy_pass http://localhost:15672;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
  }

  location /mqtt {
      proxy_pass http://localhost:15675;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
  }
}

    Save and close the file.

    The above Nginx configuration creates a new reverse proxy connection to the RabbitMQ port 15672 and serves the web console using the rabbitmq.example.com domain on the HTTP port 80.

  9. Test the Nginx configuration for errors.

    console 
    $ sudo nginx -t

  10. Enable Nginx to connect to localhost ports through the default SELinux configuration.

    console 
    $ sudo setsebool -P httpd_can_network_connect 1

  11. Restart Nginx to apply the new changes.

    console 
    $ sudo systemctl restart nginx

  12. Install the Certbot Let's Encrypt client tool and plugin for Nginx.

    console 
    $ sudo dnf install -y certbot python3-certbot-nginx -y

  13. Generate a new SSL certificate for your virtual host domain. Replace rabbitmq.example.com with your domain and hello@example.com with your active email address.

    console 
    $ sudo certbot --nginx -d rabbitmq.example.com -m hello@example.com --agree-tos

  14. Test the Certbot automatic SSL certificate renewal process.

    console 
    $ sudo certbot renew --dry-run

  15. Restart RabbitMQ to apply the new changes.

    console 
    $ sudo systemctl restart rabbitmq-server

Access RabbitMQ

Follow the steps below to test access to the RabbitMQ CLI and web console on your server.

  1. Create a new queue in RabbitMQ to store and manage messages.

    console 
    $ rabbitmqadmin -u exampleuser -p strong_password declare queue name=testqueue durable=true

  2. Publish a new message to the queue.

    console 
    $ rabbitmqadmin -u exampleuser -p strong_password publish routing_key=testqueue payload="Greetings from Vultr"

  3. Retrieve and view a message from the queue.

    console 
    $ rabbitmqadmin -u exampleuser -p strong_password get queue=testqueue

    Output:

    +-------------+----------+---------------+----------------+---------------+------------------+------------+-------------+
| routing_key | exchange | message_count |    payload     | payload_bytes | payload_encoding | properties | redelivered |
+-------------+----------+---------------+----------------+---------------+------------------+------------+-------------+
| testqueue   |          | 0             | Greetings from Vultr | 14            | string     |            | False       |
+-------------+----------+---------------+----------------+---------------+------------------+------------+-------------+

  4. Access your domain using a web browser such as Chrome to manage queues using the RabbitMQ web console.

    https://app.example.com

    Enter the administrative user's details you created earlier and click Login to acccess the web console.

    Login to the RabbitMQ Web Console

  5. Expand the Nodes group to view your RabbitMQ node information.

    Access the RabbitMQ Dashboard

  6. Navigate to the Queues and Streams tab to manage RabbitMQ queues.

    Manage RabbitMQ Queues and Streams

Conclusion

You have installed RabbitMQ on a Rocky Linux 9 and enabled access to the web console. RabbitMQ securely handles message exchanges between microservices. For more information and advanced configuration options, visit the RabbitMQ Documentation.