Try It Out
In this example we will deploy RabbitMQ on a Minikube cluster using the Minimus Helm chart. To test the deployment, we will connect to RabbitMQ, publish messages, and verify the management interface.
Step 1: Start Cluster
If you have a cluster to work with, skip this step. Otherwise, start a Minikube cluster. Deployment instructions
Step 2: Create Namespace
Create a namespace:
kubectl create ns rabbitmq-advanced-fips
Step 3: Save Values File Locally
Go to the Values tab and save a copy of the it locally. You will need to add the flag -f values.yaml to override the defaults when you deploy the chart in the next step.
Note: The values.yaml uses default metrics configurations. If you need ServiceMonitor for an external Prometheus, you can add the metrics configuration to your values file.
Step 4: Deploy the Helm Chart
Deploy the Minimus Helm chart with the values.yaml file you saved in the previous step.
Run the following command:
helm install my-rabbitmq-advanced-fips oci://helm.mini.dev/rabbitmq-advanced-fips \
--version 0.1.1 \
-f values.yaml \
-n rabbitmq-advanced-fips
Step 5: Verify RabbitMQ is Running
To check that the pod was successfully created run:
kubectl get pods -n rabbitmq-advanced-fips -l app.kubernetes.io/name=rabbitmq
You should see output similar to:
NAME READY STATUS RESTARTS AGE
my-rabbitmq-0 1/1 Running 0 2m
Step 6: Access Management Interface
Port forward to access the RabbitMQ management interface:
kubectl port-forward -n rabbitmq-advanced-fips svc/my-rabbitmq-advanced-fips 15672:15672
Open your browser and navigate to http://localhost:15672
Login with the following:
- Username:
rmquser
- Password:
rmqpass123
Step 7: Test TLS Message Publishing
Create a test job to verify RabbitMQ TLS functionality:
cat <<EOF | kubectl apply -n rabbitmq-advanced-fips -f -
apiVersion: batch/v1
kind: Job
metadata:
name: rabbitmq-tls-test
spec:
template:
spec:
containers:
- name: test
image: reg.mini.dev/rabbitmq-advanced-fips:4.1.4
command:
- /bin/bash
- -c
- |
# Wait for RabbitMQ to be ready
until rabbitmq-diagnostics -q ping; do
echo "Waiting for RabbitMQ..."
sleep 5
done
# Test TLS connection and publishing
echo "Testing TLS AMQP connection on port 5671..."
python3 -c "
import pika
import ssl
import sys
# Create SSL context for TLS connection
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
try:
connection = pika.BlockingConnection(
pika.ConnectionParameters(
host='my-rabbitmq-advanced-fips',
port=5671,
credentials=pika.PlainCredentials('rmquser', 'rmqpass123'),
ssl_options=pika.SSLOptions(ssl_context),
connection_attempts=3,
retry_delay=2
)
)
channel = connection.channel()
channel.queue_declare(queue='test_tls_queue')
# Publish test messages
for i in range(1, 11):
channel.basic_publish(exchange='', routing_key='test_tls_queue', body=f'Hello TLS RabbitMQ {i}')
connection.close()
print('Successfully published 10 messages over TLS')
except Exception as e:
print(f'TLS test failed: {e}')
sys.exit(1)
"
restartPolicy: Never
backoffLimit: 3
EOF
Check the job status:
kubectl get jobs -n rabbitmq-advanced-fips
kubectl logs -n rabbitmq-advanced-fips job/rabbitmq-tls-test
Step 8: Access Metrics (Optional)
RabbitMQ metrics are available by default. You can access them via port-forwarding:
kubectl port-forward -n rabbitmq-advanced-fips svc/my-rabbitmq-advanced-fips 9419:9419
In another terminal, test the metrics endpoint:
curl http://localhost:9419/metrics
Step 9: Cleanup
To clean up the deployment:
helm uninstall my-rabbitmq-advanced-fips -n rabbitmq-advanced-fips
kubectl delete namespace rabbitmq-advanced-fips
Terms & Info
Trademark
This catalog is published by Minimus. All product names, logos, and marks, other than those belonging to Minimus, shown are owned by their respective rights holders and appear here only to identify the open source software each image contains. Minimus claims no ownership of those marks and implies no affiliation with, endorsement by, certification by, or sponsorship by any rights holder.
Disclaimer
Images are provided "as-is" without warranty of any kind. "Hardened" refers to the security configuration applied at the time of build and does not constitute a guarantee of ongoing security or absence of vulnerabilities. The free tier is provided without support, SLA, or guaranteed patching timelines. Security updates may be applied to paid subscriptions before or instead of free tier images. By pulling or using any image you agree to our Terms of Use.
os-shell-advanced-fips 1.0