Public Repository

Last pushed: 3 years ago
Short Description
Ubuntu 14.04.2 LTS / RabbitMQ 3.5.3-1 from RabbitMQ "testing" Repo
Full Description

Ubuntu 14.04.2 LTS / RabbitMQ 3.5.3-1 from RabbitMQ "testing" Repo

config is set up to use SSL


FROM keks/ubuntu

# Install RabbitMQ.
RUN apt-key adv --keyserver --recv-keys F7B8CEA6056E8E56 && \
      echo "deb testing main" > /etc/apt/sources.list.d/rabbitmq.list && \
      apt-get update && \
      DEBIAN_FRONTEND=noninteractive && \
      apt-get install -y rabbitmq-server && \
      rm -rf /var/lib/apt/lists/*
RUN rabbitmq-plugins enable rabbitmq_management && \
      echo "[ {rabbit, [ {ssl_listeners, [5671]}, {ssl_options, [{cacertfile,\"/cert/rootCA.pem\"}, {certfile,\"/cert/rabbitmq.pem\"}, {keyfile,\"/cert/rabbitmq-key.pem\"}, {verify,verify_peer}, {fail_if_no_peer_cert,true}]} ]} ]." > /etc/rabbitmq/rabbitmq.config

# Define environment variables.

# Define mount points.
VOLUME ["/data/log", "/data/mnesia", "/cert"]

# Define working directory.

# set erlang cookie # randomly generated in this case
RUN echo "2FFUV5Vtm4pkHO74nd82WjQ5exHeB45T" > /var/lib/rabbitmq/.erlang.cookie
RUN chown rabbitmq:rabbitmq /var/lib/rabbitmq/.erlang.cookie
RUN chmod 400 /var/lib/rabbitmq/.erlang.cookie
# Add files.
RUN chown -R rabbitmq:rabbitmq /data && \
     chown -R rabbitmq:rabbitmq /cert && \
     chown -R rabbitmq:rabbitmq /etc/rabbitmq/rabbitmq.config && \
    chown -R rabbitmq:rabbitmq /var/lib/rabbitmq

# Expose ports:
# erlang port mapper && rabbitmq ssl && rabbitmq && rabbitmq-management console && rabbitmq-cluster port
EXPOSE 4369 5671 5672 15672 25672
USER rabbitmq

# Define default command.
ENTRYPOINT ["/usr/lib/rabbitmq/bin/rabbitmq-server"]

Logs and mnesia (persistence) as well as the /cert folder are meant to be mounted from the outside - runs as user rabbitmq. The initial .erlang.cookie is randomly generated and should be replaced before running (for example using docker cp) and has to be identical on all nodes in a cluster setup. Sadly this makes docker run commands a bit complex:

 docker run -d -i -t -v /data/rabbitmq/log:/data/log -v /data/rabbitmq/mnesia:/data/mnesia -v /data/rabbitmq/cert:/cert --restart=always -e RABBITMQ_USE_LONGNAME=true -e HOSTNAME=rabbit0.mydomain.local -e RABBITMQ_NODE_PORT=5672 -e RABBITMQ_DIST_PORT=25672 -p 4369:4369 -p 5671:5671 -p 5672:5672 -p 15672:15672 -p 25672:25672 --name rabbitmq keks/rabbitmq

The forwarded Ports are
4369 erlang port mapper
5671 rabbitmq SSL port
5672 rabbitmq default port (envvar RABBITMQ_NODE_PORT)
15672 rabbitmq management plugin interface (html, no envvar)
25672 rabbitmq cluster port (envvar RABBITMQ_DIST_PORT)

I'm hoping to switch to linked containers with the necessary certificates and working data included - so far i explicitly want all the files on a RAID volume mounted to /data/rabbitmq on the host system (collecting logs to /data/rabbitmq/logs, the mnesia persistence data in /data/rabbitmq/mnesia and the certificates with the specific names rabbitmq.pem (cert), rabbitmq-key.pem (private key) and my own signing cert which was used to sign client aswell as server (rootCA.pem) certificates in /data/rabbitmq/cert.
Help with RabbitMQ and SSL can be found on the official RabbiMQ Site:
and here

there's also 3.5.1 (buggy) and 3.5.3 tagged

Docker Pull Command