RabbitMQ - Features
Topologies
Single instance
RabbitMQ can be provisioned as a single instance on self-service using ITCare.
Properties
A single instance will have the following properties :
| Component | Value |
|---|---|
AMQP listening port |
|
Prometheus endpoint | http://my-instance.hosting.cegedim.cloud:15692/metrics |
Administration URL | http://my-instance.hosting.cegedim.cloud:15672/ |
REST API endpoint | http://my-instance.hosting.cegedim.cloud:15672/api |
Cluster
RabbitMQ can be provisioned as a cluster on self-service using ITCare.
A RabbitMQ cluster can be deployed in 3 nodes or 5 nodes topology tailored for quorum queues use.
Nodes will be spread on all availability zones available in the targeted area.
Properties
Once deployed the cluster will have the following properties :
| Component | Value |
|---|---|
AMQP listening port |
|
Prometheus endpoint | http://nodex.hosting.cegedim.cloud:15692/metrics |
Administration URL | https://cluster-name.rmq.hosting.cegedim.cloud/ |
REST API endpoint | https://cluster-name.rmq.hosting.cegedim.cloud/api |
Quorum queues
Quorum queues are highly recommended with RabbitMQ clusters issued from the cegedim.cloud PaaS for maximum resiliency !
A quorum queue will natively be replicated to all nodes participating in the cluster.
Classic mirroring is not advised on a RabbitMQ cluster since quorum queue is its natural enhancement.
Features
This section is to list which feature / capabilities are available to customer, and how to request / perform them :
Self Service | Customer can perform action autonomously. |
On Request | Customer can request for the action to be done to cegedim.cloud support team. |
| Feature | Self Service | On Request | Comments |
|---|---|---|---|
SSH access | SSH access is disabled and reserved to cegedim.cloud administrators. | ||
Settings management | Modification of rabbitmq.conf and other internal settings are performed by cegedim.cloud on request. | ||
RabbitMQ Admin access | Customer can log in with an administrator account to the RabbitMQ Management UI (password defined by customer in the provisioning wizard). Some objects are required and reserved to cegedim.cloud operations. Enforcements can be applied. | ||
Export, Import RabbitMQ definitions | Available in Self Service using the Management UI or the API. | ||
Manage RabbitMQ plugins | RabbitMQ plugins are managed by cegedim.cloud and can be installed on request by our support team. |
Security
Authentication
Authentication uses RabbitMQ internal database.
Authorization and passwords
This section list the password management for the PaaS RabbitMQ :
| Account | Stored by cegedim.cloud | Stored by customer | Enforced | Hashing algorithm |
|---|---|---|---|---|
admin account password | sha256 | |||
ANY other account password | sha256 | |||
cgdm_admin account password | sha256 | |||
monitoring account password | sha256 |
Secured Transport
TLS/SSL can be activated for AMQP protocol at provisioning or afterwards.
By default, it is disabled to avoid unnecessary overhead.
Policies
This section list the policies management for the PaaS RabbitMQ :
| Policies | Default | Enforced | Comments |
|---|---|---|---|
TTL | Messages older than 28 days will expire automatically | ||
HA | ha-mode configured to ALL |
Please open a request ticket if you need these policies modified.
Data location
Datas for cegedim.cloud's RabbitMQ PaaS are stored on the dedicated virtual machines created upon requesting a PaaS.
These virtual machines and the storage associated are hosted and managed in cegedim.cloud's own data centers.
Last updated
