RabbitMQ on Kubernetes - Can't login to the management UI

Question

I'm trying to switch an existing app from docker-compose to Kubernetes (first time using it). My app is deployed on AWS EKS using Fargate nodes. It runs well, but I would like to access the RabbitMQ management UI for debugging purposes.

The rabbit deployment/services files I am using are the following:

# rabbit-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    kompose.cmd: kompose convert
    kompose.version: 1.26.0 (HEAD)
  creationTimestamp: null
  labels:
    io.kompose.service: rabbit
  name: rabbit
spec:
  replicas: 1
  selector:
    matchLabels:
      io.kompose.service: rabbit
  strategy: {}
  template:
    metadata:
      annotations:
        kompose.cmd: kompose convert
        kompose.version: 1.26.0 (HEAD)
      creationTimestamp: null
      labels:
        io.kompose.service: rabbit
    spec:
      containers:
        - image: rabbitmq:3.9.13-management
          name: rabbit
          ports:
            - containerPort: 15672
            - containerPort: 5672
            - containerPort: 8080
          resources: {}
          env:
            - name: RABBITMQ_DEFAULT_USER
              value: "guest"
            - name: RABBITMQ_DEFAULT_PASS
              value: "guest"
      restartPolicy: Always
status: {}

and

# rabbit-service.yaml
apiVersion: v1
kind: Service
metadata:
  annotations:
    kompose.cmd: kompose convert
    kompose.version: 1.26.0 (HEAD)
  creationTimestamp: null
  labels:
    io.kompose.service: rabbit
  name: rabbit
spec:
  type: NodePort
  ports:
    - name: "15672"
      port: 15672
      targetPort: 15672
    - name: "5672"
      port: 5672
      targetPort: 5672
    - name: "8080"
      port: 8080
      targetPort: 8080
  selector:
    io.kompose.service: rabbit
status:
  loadBalancer: {}

I also followed the instructions to create a new user:

kubectl exec $(kubectl get pods --selector=io.kompose.service=rabbit -o template --template="{{(index .items 0).metadata.name}}") -- rabbitmqctl add_user test test

kubectl exec $(kubectl get pods --selector=io.kompose.service=rabbit -o template --template="{{(index .items 0).metadata.name}}") -- rabbitmqctl set_user_tags test administrator

kubectl exec $(kubectl get pods --selector=io.kompose.service=rabbit -o template --template="{{(index .items 0).metadata.name}}") -- rabbitmqctl set_permissions -p / test ".*" ".*" ".*"

I can access the webUI on

http://localhost:8001/api/v1/namespaces/default/services/rabbit:15672/proxy/

after activating the proxy with kubectl proxy, however, login with test and test still gives me a Login failed message.

Answer 1

Posting the answer out of comments.

---

First what kubectl proxy is:

Creates a proxy server or application-level gateway between localhost and the Kubernetes API server. It also allows serving static content over specified HTTP path. All incoming data enters through one port and gets forwarded to the remote Kubernetes API server port, except for the path matching the static content path.

Also kubectl proxy works with HTTP requests, it does not work with TCP traffic. (this is probably the reason why it did not work).

You can read more in a good answer - kubectl proxy vs kubectl port-forward

---

Common options to access the service inside the cluster are:

• use kubectl port-forward - for local development and testing purposes

• use loadbalancer or nodeport service type - more advanced options which can be used across clusters and production environments. Find more about service types.