Menu

Installing RabbitMQ Messaging Topology Operator

Overview

This guide covers the installation of the RabbitMQ Messaging Topology Operator in a Kubernetes cluster.

Compatibility

The Operator requires

  • Kubernetes 1.18 or above
  • RabbitMQ Cluster Operator 1.7.0+ (if not, RabbitMQ Messaging Topology Operator will fail to start)

Installation

There are two options for installing the Operator:

  1. Install with cert-manager
  2. Install generated certificates

Install with cert-manager

First, install cert-manager version 1.2.0+ on your cluster. For example, for version 1.3.1, run:

kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml

Then, to install the Operator, run the following command:

kubectl apply -f https://github.com/rabbitmq/messaging-topology-operator/releases/latest/download/messaging-topology-operator-with-certmanager.yaml

Install with generated certificates

Without cert-manager installed, you will need to generate certificates used by admission webhooks yourself and include them in the operator and webhooks manifests.

Download the latest release manifest https://github.com/rabbitmq/messaging-topology-operator/releases/latest/download/messaging-topology-operator.yaml.

The Messaging Topology Operator has multiple admission webhooks. You need to generate the webhook certificate and place it in multiple places in the downloaded release manifest:

  1. Generate certificates for the Webhook. Certificates must be valid for webhook-service.rabbitmq-system.svc. webhook-service is the name of the webhook service object defined in release manifest messaging-topology-operator.yml. rabbitmq-system is the namespace of the service.
  2. Create a k8s secret object with the name webhook-server-cert in namespace rabbitmq-system. The secret object must contain following keys: ca.crt, tls.key, and tls.key, and it will be mounted to the operator container, where all webhooks will run from. For example:
    apiVersion: v1
    kind: Secret
    type: kubernetes.io/tls
    metadata:
      name: webhook-server-cert
      namespace: rabbitmq-system
    data:
      ca.crt: # ca cert that can be used to validate the webhook's server certificate
      tls.crt: # generated certificate
      tls.key: # generated key

Then, to install the Operator, run the following command:

kubectl apply -f messaging-topology-operator.yaml

At this point, the RabbitMQ Messaging Topology Operator is successfully installed.

If you want to install a specific version of the Operator, you will have to obtain the manifest link from the Operator Releases. We strongly recommend installing the latest version.

Getting Help and Providing Feedback

If you have questions about the contents of this guide or any other topic related to RabbitMQ, don't hesitate to ask them on the RabbitMQ mailing list.

Help Us Improve the Docs <3

If you'd like to contribute an improvement to the site, its source is available on GitHub. Simply fork the repository and submit a pull request. Thank you!