rabbitmq: Deploy RabbitMQ Server
RabbitMQ is an AMQP message broker. It will be used by `xactmon` to pass messages between the components. Although RabbitMQ can be deployed in a high-availability cluster, we don't really need that level of robustness for `xactmon`, so we will just run a single instance. Deploying a single-host RabbitMQ server is pretty straightforward. We're using mTLS authentication; clients need to have a certificate issued by the *RabbitMQ CA* in order to connect to the message broker. The `rabbitmq-ca` _cert-manager_ ClusterIssuer issues these certificates for in-cluster services like `xactmon`.
This commit is contained in:
17
rabbitmq/openssl.cnf
Normal file
17
rabbitmq/openssl.cnf
Normal file
@@ -0,0 +1,17 @@
|
||||
[req]
|
||||
distinguished_name = root_ca_dn
|
||||
prompt = no
|
||||
default_md = sha512
|
||||
x509_extensions = root_ca
|
||||
string_mask = utf8only
|
||||
|
||||
[root_ca_dn]
|
||||
countryName = US
|
||||
organizationName = Dustin C. Hatch
|
||||
organizationalUnitName = RabbitMQ
|
||||
commonName = RabbitMQ CA
|
||||
|
||||
[root_ca]
|
||||
subjectKeyIdentifier = hash
|
||||
basicConstraints = critical,CA:true,pathlen:0
|
||||
keyUsage = cRLSign, keyCertSign
|
||||
Reference in New Issue
Block a user