- To expose RabbitMQ via NodePort, we would need to change type: ClusterIP to type: NodePort.
osctl edit service rabbitmq
..
sessionAffinity: None
type: ClusterIP <<<<
status:
..
- Check that the service is exposed
root@vio7 [ ~ ]# osctl describe service rabbitmq
Name: rabbitmq
Namespace: openstack
Labels: <none>
Annotations: <none>
Selector: application=rabbitmq,component=server,release_group=rabbitmq1
Type: NodePort
IP: 172.16.0.222
Port: amqp 5672/TCP
TargetPort: 5672/TCP
NodePort: amqp 5928/TCP
Endpoints: 180.10.14.60:5672
Port: clustering 25672/TCP
TargetPort: 25672/TCP
NodePort: clustering 26986/TCP
Endpoints: 180.10.14.60:25672
Port: http 15672/TCP
TargetPort: 15672/TCP
NodePort: http 18716/TCP
Endpoints: 180.10.14.60:15672
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
If you set the type field to NodePort, the Kubernetes control plane allocates port from a range specified by --service-node-port-range flag (default: 30000-32767).
- Check the service port range in VIO run:
cat /etc/kubernetes/manifests/kube-apiserver.yaml | grep service-node-port-range
- --service-node-port-range=53-35357
- To use a specific port in the in the 53-35357 range edit the service definition again.
Example: To change http service port to 30000 from 18716:
osctl edit service rabbitmq
- name: http
nodePort: 30000
port: 15672
protocol: TCP
targetPort: 15672
root@vio7 [ ~ ]# osctl get service rabbitmq
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
rabbitmq NodePort 172.16.0.222 <none> 5672:5928/TCP,25672:26986/TCP,15672:30000/TCP 34d
- To verify configuration we can use netcat to send a CONNECT message, we should see an AMQP connection close since that's actually not a valid AMQP header:
Example:
toolbox
[root@vioadmin1-vioshim-847ff7cb6f-c7k7n /]# nc -v 192.168.30.90 5928
192-168-30-90.ingress.openstack.svc.cluster.local [192.168.30.90] 5928 open
CONNECT
AMQP read(net): Connection reset by peer
Type CONNECT upon connection.
- Check logs:
root@vio7 [ ~ ]# osctl logs rabbitmq1-rabbitmq-0 | tail -3
2021-06-23 10:27:47.388 [info] <0.3561.12> accepting AMQP connection <0.3561.12> (169.254.169.10:56287 -> 180.10.14.60:5672)
2021-06-23 10:27:47.389 [error] <0.3561.12> closing AMQP connection <0.3561.12> (169.254.169.10:56287 -> 180.10.14.60:5672):
{bad_header,<<"CONNECT\n">>}
- Add RabbitMQ admin user to login to the UI:
osctl -it exec rabbitmq1-rabbitmq-0 bash
rabbitmqctl add_user <username> <password>
rabbitmqctl set_user_tags <username> administrator
rabbitmqctl set_permissions -p / <username> ".*" ".*" ".*"
- Access the RabbitMQ management UI via the external public IP:
Example
http://192.168.30.90:30000/
Workaround:
-