Article directory
Reprinted from the article of cpolar Intranet Penetration: No public network IP, remote access to RabbitMQ service "Intranet Penetration" from the public network
foreword
RabbitMQ is a reusable enterprise message system based on AMQP (Advanced Message Queuing Protocol), and it is one of the most mainstream message middleware at present.
The open source implementation of AMQP (Advanced Message Queue Advanced Message Queuing Protocol) developed by erlang, due to the high concurrency of the erlang language, has better performance. In the environment of ubuntu+cpolar+rabbitMQ, remote access to the mq server is realized.
1. Install the erlang language
Since rabbitMQ is implemented in erlang language, we need to install erlang
sudo apt-get install erlang-nox
2. Install rabbitMQ
Install the latest version of rabbitMQ
sudo apt-get install rabbitmq-server
Check the status of rabbitMQ, active(running)
it means online
sudo systemctl status rabbitmq-server
Set access MQ user name account and password, admin means account (customizable), 123456 means password (customizable)
sudo rabbitmqctl add_user admin 123456
Set the role of the above admin user, administrator means the highest administrator
sudo rabbitmqctl set_user_tags admin administrator
Set admin role permissions
sudo rabbitmqctl set_permissions -p "/" admin ".*" ".*" ".*"
After the above information is set, let's go down.
3. Intranet penetration
Then we use cpolar to penetrate the local MQ service, so that remote access can be connected. cpolar supports http/https/tcp protocol, does not limit traffic, and is easy to operate. It does not need public network IP or router.
cpolar official website: https://www.cpolar.com/
3.1 Install cpolar intranet penetration (support one-click automatic installation script)
- cpolar installation (domestic use)
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- Or cpolar short link installation method: (for foreign use)
curl -sL https://git.io/cpolar | sudo bash
- View version number
cpolar version
- token authentication
Log in to the background of the cpolar official website, click the verification on the left to view your authentication token, and then paste the token in the command line
cpolar authtoken xxxxxxx
- Add a service to the system
sudo systemctl enable cpolar
- Start the cpolar service
sudo systemctl start cpolar
If it is normally displayed as active
, it means that the service is in the normal online startup state
3.2 Create an HTTP tunnel
After locally installing cpolar intranet penetration in the ubuntu system, visit the local port 9200 on the ubuntu browser, and open the cpolar web ui interface: http://127.0.0.1:9200 .
Click Tunnel Management on the left dashboard - Create Tunnel. Since the default port in rabbitMQ is 5672, we need to create an http tunnel pointing to port 5672:
- Tunnel name: customizable, be careful not to repeat
- protocol: tcp
- Local address: 5672
- Domain Type: Choose a random domain name
- Region: Select China VIP
click创建
Open the online tunnel list, check the random public network tcp address, use the following random tcp public network address, you can connect to MQ remotely
4. Remote connection via public network
maven coordinates
<dependency>
<groupId>com.rabbitmq</groupId>
<artifactId>amqp-client</artifactId>
<version>5.10.0</version>
</dependency>
Here use java test to use the above public network address to connect, write the publisher
ConnectionFactory factory = new ConnectionFactory();
//cpolar公网地址
factory.setHost("1.tcp.cpolar.cn");
//公网地址对于的端口号
factory.setPort(24889);
//用户名和密码
factory.setUsername("admin");
factory.setPassword("123456");
Connection connection = null;
Channel channel = null;
try {
// 1.创建连接和通道
connection = factory.newConnection();
channel = connection.createChannel();
// 2.为通道声明exchange和exchange的类型
channel.exchangeDeclare(EXCHANGE_NAME, BuiltinExchangeType.FANOUT);
String msg = " hello world";
// 3.发送消息到指定的exchange,队列指定为空,由exchange根据情况判断需要发送到哪些队列
channel.basicPublish(EXCHANGE_NAME, "", null, msg.getBytes());
System.out.println("product send a msg: " + msg);
} catch (IOException e) {
e.printStackTrace();
} catch (TimeoutException e) {
e.printStackTrace();
} finally {
// 4.关闭连接
if (channel != null) {
try {
channel.close();
} catch (IOException e) {
e.printStackTrace();
} catch (TimeoutException e) {
e.printStackTrace();
}
}
if (connection != null) {
try {
connection.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
write consumer
ConnectionFactory factory = new ConnectionFactory();
//cpolar公网地址
factory.setHost("1.tcp.cpolar.cn");
//公网地址对于的端口号
factory.setPort(24889);
//用户名和密码
factory.setUsername("admin");
factory.setPassword("123456");
Connection connection = null;
Channel channel = null;
try {
// 1.创建连接和通道
connection = factory.newConnection();
channel = connection.createChannel();
// 2.为通道声明exchange以及exchange类型
channel.exchangeDeclare("exchange", BuiltinExchangeType.FANOUT);
// 3.创建随机名字的队列
String queueName = channel.queueDeclare().getQueue();
// 4.建立exchange和队列的绑定关系
channel.queueBind(queueName, "exchange", "");
System.out.println(" **** Consumer1 keep alive ,waiting for messages, and then deal them");
// 5.通过回调生成消费者并进行监听
Consumer consumer = new DefaultConsumer(channel) {
@Override
public void handleDelivery(String consumerTag, Envelope envelope,
com.rabbitmq.client.AMQP.BasicProperties properties, byte[] body) throws IOException {
// 获取消息内容然后处理
String msg = new String(body, "UTF-8");
System.out.println("*********** Consumer1" + " get message :[" + msg + "]");
}
};
// 6.消费消息
channel.basicConsume(queueName, true, consumer);
} catch (IOException e) {
e.printStackTrace();
} catch (TimeoutException e) {
e.printStackTrace();
}
First start the consumer, then start the publisher, and then the consumer console outputs the message sent by the consumer to indicate success. We have implemented remote access to MQ.
5. Fixed public network TCP address
Since the tunnel created above uses a random address tunnel, the address will change within 24 hours. In order to make the connection more stable, we also need to fix the tcp address.
5.1 Reserve a fixed public network TCP port address
Log in to the background of the cpolar official website, click Reserved on the left, and select the reserved TCP address.
- Region: Select China VIP
- Description: Remarks, which can be customized
click保留
After the address is successfully reserved, the system will generate a corresponding fixed public network address and copy it down
5.2 Configure a fixed public network TCP port address
Access port 9200 on the browser, log in to the cpolar web ui management interface, click Tunnel Management on the left dashboard - Tunnel List, find the tunnel created above, and click Edit on the right
Modify the tunnel information and configure the successfully reserved fixed tcp address into the tunnel
- Port type: modified to fixed tcp port
- Reserved tcp address: fill in the successfully reserved address
click更新
After the tunnel is successfully updated, click the status online tunnel list on the left dashboard, find the tunnel to be edited, and you can see that the public network address has been updated to a fixed TCP address.
After the update, we modify the two parameters in the code
//cpolar公网地址,改为我们固定的地址
factory.setHost("5.tcp.vip.cpolar.cn");
//固定地址对应的端口号
factory.setPort(13630);
Then we restart the consumer, then restart the producer, and publish and consume messages normally to indicate success