![](/img/trans.png)
[英]How to use the rabbitmq docker compose yml file to build docker image?
[英]How to use SSL on RabbitMQ with Docker Compose?
我正在使用此 docker-compose.yml 在 Docker 上運行 RabbitMQ 實例,沒問題,它正在工作:
version: '3.7'
services:
my-rabbit:
image: imageAddress
hostname: my-rabbit
ports:
- "5672:5672"
- "15672:15672"
networks:
- testNetwork
networks:
testNetwork:
external: true
但是我必須使用帶有證書的 RabbitMQ 來獲得通過 TLS 的連接。
我嘗試過這種方式,並且 certs 文件夾包含證書但出現錯誤:
version: '3.7'
services:
my-rabbit:
tty: true
image: imageAddress
environment:
- RABBITMQ_SSL_CERTFILE=/cert_rabbitmq/testca/cacert.pem
- RABBITMQ_SSL_KEYFILE=/cert_rabbitmq/server/cert.pem
- RABBITMQ_SSL_CACERTFILE=/cert_rabbitmq/server/key.pem
hostname: my-rabbit
ports:
- "5672:5672"
- "15672:15672"
volumes:
- /home/ilkaygunel/Desktop/certs:/cert_rabbitmq
networks:
- testNetwork
networks:
testNetwork:
external: true
錯誤如下所示。 它說舊式配置文件存在,但我不知道該怎么做。
my-rabbit_1 | error: Docker configuration environment variables specified, but old-style (Erlang syntax) configuration file '/etc/rabbitmq/rabbitmq.config' exists
my-rabbit_1 | Suggested fixes: (choose one)
my-rabbit_1 | - remove '/etc/rabbitmq/rabbitmq.config'
my-rabbit_1 | - remove any Docker-specific 'RABBITMQ_...' environment variables
my-rabbit_1 | - convert '/etc/rabbitmq/rabbitmq.config' to the newer sysctl format ('/etc/rabbitmq/rabbitmq.conf'); see https://www.rabbitmq.com/configure.html#config-file
我應該怎么做才能使用該證書文件?
嘗試這樣的事情。 此外,您似乎指向了錯誤的文件。 certfile 應該是cert.pem
, keyfile 應該是key.pem
並且 cacertfile 應該是cacert
或者如果你想像你一樣使用 3.7,它應該是:-
version: '3.7'
services:
my-rabbit:
tty: true
image: imageAddress
environment:
- RABBITMQ_SSL_CERTFILE=/cert_rabbitmq/testca/cert.pem
- RABBITMQ_SSL_KEYFILE=/cert_rabbitmq/server/key.pem
- RABBITMQ_SSL_CACERTFILE=/cert_rabbitmq/server/cacert.pem
hostname: my-rabbit
ports:
- "5672:5672"
- "15672:15672"
volumes:
- /home/ilkaygunel/Desktop/certs:/cert_rabbitmq
networks:
- testNetwork
networks:
testNetwork:
external: true
或者,只需使用如下新格式設置 rabbitmq 配置文件:-
#A new style format snippet. This format is used by rabbitmq.conf files.
ssl_options.cacertfile = /path/to/ca_certificate.pem
ssl_options.certfile = /path/to/server_certificate.pem
ssl_options.keyfile = /path/to/server_key.pem
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = true
從文檔中看起來,使用這種配置格式,您甚至可能不需要在 docker 撰寫文件中使用 RABBITMQ... 樣式的環境變量。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.