Updated on 2023-11-29 GMT+08:00

Preparing Required Resources

Overview

Before purchasing a RocketMQ instance, prepare the required resources, including a virtual private cloud (VPC), subnet, and security group with proper rules. Each RocketMQ instance is deployed in a VPC and bound to a specific subnet and security group, which provide an isolated virtual network environment and allow you to easily configure and manage security protection policies.

Required Resources

Table 1 lists the resources required by a RocketMQ instance.

Table 1 RocketMQ resources

Resource

Requirement

Operations

VPC and subnet

Different RocketMQ instances can use the same or different VPCs and subnets based on site requirements. Note the following when creating a VPC and subnet:

  • The VPC and the RocketMQ instance must be in the same region.
  • Use the default settings when creating a VPC and subnet.

For details on how to create a VPC and subnet, see Creating a VPC. If you need to create and use a new subnet in an existing VPC, see Creating a Subnet for the VPC.

Security group

Different RocketMQ instances can use the same security group or different security groups. Note the following when creating a security group:

  • Set Template to Custom.
  • To use RocketMQ instances, add the security group rules described in Table 2. You can also add other rules based on site requirements.
    NOTE:

    After a security group is created, its default inbound rule allows communication among ECSs within the security group and its default outbound rule allows all outbound traffic. In this case, you can access a RocketMQ instance within a VPC, and do not need to add rules according to Table 2.

For details on how to create a security group, see Creating a Security Group. For details on how to add rules to a security group, see Adding a Security Group Rule.

EIP

Note the following when creating EIPs:

  • The EIPs must be created in the same region as the RocketMQ instance.

For details about how to create an EIP, see Assigning an EIP.

Table 2 Security group rules

Direction

Protocol

Port

Source

Description

Inbound

TCP

8100

0.0.0.0/0

The port is used for intra-VPC access to metadata nodes.

Inbound

TCP

8200

0.0.0.0/0

The port is used for public access to metadata nodes.

Inbound

TCP

10100-10199

0.0.0.0/0

The port is used for accessing service nodes.