Help Center> Distributed Message Service for RabbitMQ> User Guide> Preparing Required Resources
Updated on 2024-05-06 GMT+08:00
View PDF

Preparing Required Resources

Before creating RabbitMQ instances, you must create a VPC and configure security groups and subnets for it. A VPC creates an isolated virtual network environment for you to configure and manage RabbitMQ instances, improving resource security and simplifying network deployment.

Once you have created a VPC, you can use it for all instances you subsequently create.

Preparing Required Resources

Table 1 lists the resources required by a RabbitMQ instance.

Table 1 RabbitMQ resources

Resource

Requirements

Operations

VPC and subnet

Configure the VPC and subnet for RabbitMQ instances as required. You can use the current account's existing VPC and subnet or shared ones, or create new ones.

VPC owners can share the subnets in a VPC with one or multiple accounts through Resource Access Manager (RAM). Through VPC sharing, you can easily configure, operate, and manage multiple accounts' resources at low costs. For more information about VPC and subnet sharing, see VPC Sharing.

Note the following when creating a VPC and a subnet:

  • The VPC must be created in the same region as the RabbitMQ instance.
  • Use the default settings when creating a VPC and subnet.

For details on how to create a VPC and subnet, see Creating a VPC. If you need to create and use a new subnet in an existing VPC, see Creating a Subnet for the VPC.

Security group

Different RabbitMQ instances can use the same security group or different security groups.

To use RabbitMQ instances, add the security group rules described in Table 2. Other rules can be added based on site requirements.
NOTE:

After a security group is created, its default inbound rule allows communication among ECSs within the security group and its default outbound rule allows all outbound traffic. In this case, you can access a RabbitMQ instance within a VPC, and do not need to add rules according to Table 2.

For details on how to create a security group, see Creating a Security Group. For details on how to add rules to a security group, see Adding a Security Group Rule.

EIP

Note the following when creating EIPs:

  • The EIPs must be created in the same region as the RabbitMQ instance.
  • The number of EIPs must be the same as the number of RabbitMQ instance brokers.
  • The RabbitMQ console cannot identify IPv6 EIPs.

For details about how to create an EIP, see Assigning an EIP.
Table 2 Security group rules

Direction

Protocol

Port

Source

Description

Inbound

TCP

5672

0.0.0.0/0

Access a RabbitMQ instance (without SSL encryption).

Inbound

TCP

5671

0.0.0.0/0

Access a RabbitMQ instance (with SSL encryption).

Inbound

TCP

15672

0.0.0.0/0

Access the management UI (without SSL encryption).

Inbound

TCP

15671

0.0.0.0/0

Access the management UI (with SSL encryption).