Skip to main content

Rabbit MQ Access

To access rabbit mq, you need to have the following:

  • ensure you have your aws credentials set up
  • find the rabbit mq credentials
  • create a proxy job in the environments eks cluster
  • port forward to that pod to access the instance

AWS Credentials

We cover this in the AWS Credentials documentation. You must also have your k8s contexts setup for each environment. This is done like so: aws --profile dev-rw eks update-kubeconfig --region eu-west-2 --name euw2-dev-k8s --alias dev Change the above command for each environment.

Rabbit MQ Credentials

There are root credentials stored in the terraform state, or there are application credentials stored in the sops secrets in the repo, or secrets in k8s. You can grab these from any of these places, but they all require elevated access to get to them. Either:

aws sso login
cd platform-terraform
cd components/application/development
export AWS_PROFILE=development-rw
terraform init
terraform output application

Then search for rabbitmq root user/password. Substitute development for the environment you are in.

Alternatively you can use the sops secrets in the repo:

cd backend
cd deploy/kustomize/overlays/account/development
sops -d secrets.yaml

Then search for rabbitmq root user/password. Substitute development for the environment you are in.

Once you have credentials you can create a tunnel to the db.

Create a Proxy Job

We are using kubernetes jobs to create an ephemeral proxy to the rabbit mq instance. Write the following yaml to a file named rabbitmq-proxy-job.yaml

apiVersion: batch/v1
kind: Job
metadata:
  name: rabbitmq-port-forward
  namespace: default
spec:
  template:
    spec:
      containers:
      - name: port-forward
        image: ubuntu:20.04
        command:
          - /bin/bash
          - -c
          - |
            apt-get update && \
            apt-get install -y socat && \
            socat TCP4-LISTEN:8443,fork TCP4:$RABBITMQ_ENDPOINT:443,forever,interval=10,fork && \
            sleep 3600
        env:
        - name: RABBITMQ_ENDPOINT
          valueFrom:
            configMapKeyRef:
              name: datastore-endpoints
              key: rabbitmq
      restartPolicy: Never
  backoffLimit: 4

Now create the job, find the pod name, and port forward to it.

kubectl apply -f rabbitmq-proxy-job.yaml
kubectl get pods
kubectl port-forward rabbitmq-proxy-<pod-id> 8443:8443

Then you can connect to the rabbit mq web interface instance on https://localhost:8443