Dustin C. Hatch
0a5af84778
Clients outside the cluster can now communicate with RabbitMQ directly on port 5671 by using its dedicated external IP address. This address is automatically assigned to the node where RabbitMQ is running by `keepalived`.
106 lines
2.5 KiB
YAML
106 lines
2.5 KiB
YAML
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: rabbitmq
|
|
app.kubernetes.io/component: rabbitmq
|
|
name: rabbitmq
|
|
spec:
|
|
ports:
|
|
- name: amqps
|
|
port: 5671
|
|
selector:
|
|
app.kubernetes.io/name: rabbitmq
|
|
app.kubernetes.io/component: rabbitmq
|
|
type: ClusterIP
|
|
externalIPs:
|
|
- 172.30.0.149
|
|
externalTrafficPolicy: Local
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: rabbitmq
|
|
labels:
|
|
app.kubernetes.io/name: rabbitmq
|
|
app.kubernetes.io/component: rabbitmq
|
|
spec:
|
|
serviceName: rabbitmq
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: rabbitmq
|
|
app.kubernetes.io/component: rabbitmq
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: rabbitmq
|
|
app.kubernetes.io/component: rabbitmq
|
|
spec:
|
|
containers:
|
|
- name: rabbitmq
|
|
image: docker.io/library/rabbitmq:4.0-alpine
|
|
ports:
|
|
- name: amqps
|
|
containerPort: 5671
|
|
- name: metrics
|
|
containerPort: 15692
|
|
readinessProbe: &probe
|
|
tcpSocket:
|
|
port: amqps
|
|
periodSeconds: 60
|
|
successThreshold: 1
|
|
failureThreshold: 2
|
|
startupProbe:
|
|
<<: *probe
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 1
|
|
timeoutSeconds: 1
|
|
failureThreshold: 10
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
volumeMounts:
|
|
- mountPath: /etc/rabbitmq
|
|
name: rabbitmq-config
|
|
readOnly: true
|
|
- mountPath: /run/secrets/rabbitmq/cert
|
|
name: rabbitmq-cert
|
|
readOnly: true
|
|
- mountPath: /tmp
|
|
name: tmp
|
|
subPath: tmp
|
|
- mountPath: /var/lib/rabbitmq
|
|
name: data
|
|
subPath: data
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 5672
|
|
runAsGroup: 5762
|
|
fsGroup: 5672
|
|
fsGroupChangePolicy: OnRootMismatch
|
|
volumes:
|
|
- name: rabbitmq-cert
|
|
secret:
|
|
secretName: rabbitmq-cert
|
|
defaultMode: 0440
|
|
- name: rabbitmq-config
|
|
configMap:
|
|
name: rabbitmq
|
|
- name: tmp
|
|
emptyDir:
|
|
medium: Memory
|
|
volumeClaimTemplates:
|
|
- apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: data
|
|
labels:
|
|
app.kubernetes.io/name: rabbitmq
|
|
app.kubernetes.io/component: rabbitmq
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 1Gi
|