Updated on 2023-11-29 GMT+08:00

Configuring Public Access

To access a RocketMQ instance over a public network, enable public access and configure EIPs for the instance. If you no longer need public access to the instance, disable it.

Prerequisites

You can change the public access setting only when the RocketMQ instance is in the Running state.

Enabling Public Access

  1. Log in to the management console.
  2. Click in the upper left corner to select a region.

    Select the region where your RocketMQ instance is located.

  3. Click and choose Application > Distributed Message Service for RocketMQ to open the console of DMS for RocketMQ.
  4. Click a RocketMQ instance to go to the instance details page.
  5. Click next to Public Access.
  6. Click , in the Elastic IP Address area, select the required number of IP addresses, and click .

    • Only IPv4 EIPs can be bound to RocketMQ instances.
    • If no EIP exists in the Elastic IP Address drop-down list box, or the EIPs are insufficient, click Create Elastic IP to create an EIP on the page that is displayed. After the EIP is created, return to the RocketMQ console, click next to Elastic IP Address, and select the new EIP from the drop-down list.
    Figure 1 Enabling public access

    After public access is enabled, Metadata Address (Public) and Service Address (Public) will be displayed.

    Figure 2 Instance Address (Public Network)

    After public access is enabled, modify security group rules before attempting to access the RocketMQ instance.

    Table 1 Security group rules

    Direction

    Protocol

    Port

    Source

    Description

    Inbound

    TCP

    8200

    0.0.0.0/0

    The port is used for public access to metadata nodes.

    Inbound

    TCP

    10100-10199

    0.0.0.0/0

    The port is used for accessing service nodes.

Disabling Public Access

  1. Log in to the management console.
  2. Click in the upper left corner to select a region.

    Select the region where your RocketMQ instance is located.

  3. Click and choose Application > Distributed Message Service for RocketMQ to open the console of DMS for RocketMQ.
  4. Click a RocketMQ instance to go to the instance details page.
  5. Click next to Public Access.
  6. Click and then to disable public access.

    After public access is disabled, modify security group rules before attempting to access the RocketMQ instance over the private network.
    Table 2 Security group rules

    Direction

    Protocol

    Port

    Source

    Description

    Inbound

    TCP

    8100

    0.0.0.0/0

    The port is used for intra-VPC access to metadata nodes.

    Inbound

    TCP

    10100-10199

    0.0.0.0/0

    The port is used for accessing service nodes.