Applications AWS

RabbitMQ 4 on AWS

Last updated: 2026-05-27

RabbitMQ 4 on AWS

RabbitMQ is a widely-used open source message broker that implements the AMQP protocol. This image provides RabbitMQ 4.3.0 with Erlang/OTP 27, the management web interface, and a dedicated data volume for queue persistence. A unique admin password and Erlang cookie are generated on first boot.

Prerequisites

AWS account with an EC2 key pair
Security group allowing TCP 22 (SSH), 5672 (AMQP), and 15672 (Management UI)
The instance ships with a 20 GiB EBS data volume mounted at /var/lib/rabbitmq

Connecting via SSH

ssh -i /path/to/your-key.pem ubuntu@<instance-public-ip>

The default login user is ubuntu.

Retrieve credentials

On first boot, a unique admin password and Erlang cookie are generated and written to /root/rabbitmq-credentials.txt. Only the root user can read this file.

sudo cat /root/rabbitmq-credentials.txt

Expected output:

# RabbitMQ 4 -- Per-VM Credentials
# Generated: Wed May 27 19:50:54 UTC 2026
rabbitmq.admin.user=admin
rabbitmq.admin.password=bs23dAET6VIH768vJ9mb
rabbitmq.management.url=http://172.31.84.6:15672
rabbitmq.amqp.url=amqp://admin:bs23dAET6VIH768vJ9mb@172.31.84.6:5672

The credentials file contains:

Key	Description
`rabbitmq.admin.user`	Management UI and AMQP username (always `admin`)
`rabbitmq.admin.password`	Per-instance generated password
`rabbitmq.management.url`	Management API and UI base URL
`rabbitmq.amqp.url`	AMQP connection URL for client libraries

Service status

systemctl status rabbitmq.service

Expected output:

● rabbitmq.service - RabbitMQ 4 Message Broker (cloudimg)
     Loaded: loaded (/etc/systemd/system/rabbitmq.service; enabled; preset: enabled)
     Active: active (running) since Wed 2026-05-27 19:50:54 UTC; 2min 18s ago
   Main PID: 33742 (docker)
      Tasks: 15 (limit: 4586)
     Memory: 16.2M (peak: 17.4M)
        CPU: 130ms
     CGroup: /system.slice/rabbitmq.service
             ├─33742 /usr/bin/docker compose -f /opt/rabbitmq/docker-compose.yml up
             └─33764 /usr/libexec/docker/cli-plugins/docker-compose compose -f /opt/rabbitmq/docker-compose.yml up

Check that the rabbitmq container is running:

sudo docker ps

Expected output:

NAMES      IMAGE                       STATUS          PORTS
rabbitmq   rabbitmq:4.3.0-management   Up 36 seconds   4369/tcp, 5671/tcp, 0.0.0.0:5672->5672/tcp, [::]:5672->5672/tcp, 15671/tcp, 15691-15692/tcp, 25672/tcp, 0.0.0.0:15672->15672/tcp, [::]:15672->15672/tcp

RabbitMQ diagnostics

sudo docker exec rabbitmq rabbitmq-diagnostics status | head -20

Expected output:

Status of node rabbit@rabbitmq ...
Runtime

OS PID: 1
OS: Linux
Uptime (seconds): 153
Is under maintenance?: false
RabbitMQ version: 4.3.0
RabbitMQ release series support status: see https://www.rabbitmq.com/release-information
Node name: rabbit@rabbitmq
Erlang configuration: Erlang/OTP 27 [erts-15.2.7.8] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [jit:ns]
Crypto library: OpenSSL 3.5.6 7 Apr 2026
Erlang processes: 401 used, 1048576 limit
Scheduler run queue: 1
Cluster heartbeat timeout (net_ticktime): 60

Management console (web UI)

Browse to http://<instance-public-ip>:15672 and sign in with the admin username and password from the credentials file.

RabbitMQ management UI overview

The Overview tab shows real-time message rates, connection counts, and cluster status.

RabbitMQ queues tab

The Queues and Streams tab lists all queues with their message counts and rates.

Check the aliveness API

Verify the broker is healthy using the aliveness-test endpoint:

PASS=$(sudo grep '^rabbitmq.admin.password=' /root/rabbitmq-credentials.txt | cut -d= -f2-)
curl -su "admin:${PASS}" http://127.0.0.1:15672/api/aliveness-test/%2F

Expected output:

{"status":"ok"}

Creating a queue via the API

PASS=$(sudo grep '^rabbitmq.admin.password=' /root/rabbitmq-credentials.txt | cut -d= -f2-)
curl -s -X PUT -u "admin:${PASS}" http://127.0.0.1:15672/api/queues/%2F/my-queue \
  -H "Content-Type: application/json" \
  -d '{"auto_delete":false,"durable":true}'

Expected output:

{}

An empty JSON object indicates the queue was created successfully.

Publishing a message

PASS=$(sudo grep '^rabbitmq.admin.password=' /root/rabbitmq-credentials.txt | cut -d= -f2-)
curl -s -X POST -u "admin:${PASS}" http://127.0.0.1:15672/api/exchanges/%2F/amq.default/publish \
  -H "Content-Type: application/json" \
  -d '{"properties":{},"routing_key":"my-queue","payload":"Hello RabbitMQ","payload_encoding":"string"}'

Expected output:

{"routed":true}

Listing queues

PASS=$(sudo grep '^rabbitmq.admin.password=' /root/rabbitmq-credentials.txt | cut -d= -f2-)
curl -s -u "admin:${PASS}" http://127.0.0.1:15672/api/queues/%2F | python3 -c \
  "import sys,json; [print(f\"{q['name']}: {q.get('messages',0)} messages\") for q in json.load(sys.stdin)]"

Expected output:

my-queue: 1 messages

Consuming a message

PASS=$(sudo grep '^rabbitmq.admin.password=' /root/rabbitmq-credentials.txt | cut -d= -f2-)
curl -s -X POST -u "admin:${PASS}" http://127.0.0.1:15672/api/queues/%2F/my-queue/get \
  -H "Content-Type: application/json" \
  -d '{"count":1,"encoding":"auto","ackmode":"ack_requeue_false"}' | python3 -c \
  "import sys,json; msgs=json.load(sys.stdin); print(msgs[0]['payload'])"

Expected output:

Hello RabbitMQ

Connecting with an AMQP client (Python example)

Install the pika client library:

pip install pika

Publish a message:

import pika
conn = pika.BlockingConnection(
    pika.URLParameters("amqp://admin:<RABBITMQ_ADMIN_PASSWORD>@<instance-ip>:5672/"))
ch = conn.channel()
ch.queue_declare(queue="orders", durable=True)
ch.basic_publish(exchange="", routing_key="orders", body="order-12345")
conn.close()

Restarting the service

sudo systemctl restart rabbitmq.service

Data persistence

Queue data, Erlang mnesia, and the node identity are stored on /var/lib/rabbitmq, which is a separate 20 GiB EBS volume. This volume survives instance stop/start cycles and can be resized independently from the OS disk in the EC2 console.

Log access

sudo docker logs rabbitmq --tail 50

Or via journald:

journalctl -u rabbitmq.service --no-pager -n 50

First-boot log

sudo cat /var/log/cloudimg-firstboot.log

Security notes

Access ports 5672 and 15672 only from trusted networks. Use AWS security group rules to restrict inbound access.
The management UI shares the admin credentials with the AMQP broker. Rotate the password via the management API or rabbitmqctl if needed.
To enable TLS, mount a certificate bundle into the container and update /etc/rabbitmq/rabbitmq.conf.

Screenshots

RabbitMQ management UI overview

The RabbitMQ management web interface overview page showing broker status and connection counts.

RabbitMQ queues tab

The RabbitMQ queues tab in the management UI showing queue names, message counts, and rates.

RabbitMQ service status

Terminal output showing systemctl status rabbitmq and docker diagnostics confirming the broker is running.

Support

For technical support, email support@cloudimg.co.uk or visit cloudimg.co.uk.