From 23bc2dab9f5f290740f646af44a494c33140c3c7 Mon Sep 17 00:00:00 2001
From: douxu <dou921247973@outlook.com>
Date: Wed, 4 Feb 2026 17:43:52 +0800
Subject: [PATCH] add rabbitmq deploy files

---
 deploy/rabbitmq-config.yaml     | 30 ++++++++++++++++
 deploy/rabbitmq-deployment.yaml | 63 +++++++++++++++++++++++++++++++++
 deploy/rabbitmq-secret.yaml     |  9 +++++
 deploy/rabbitmq-service.yaml    | 29 +++++++++++++++
 mq/mq_init.go                   |  2 +-
 5 files changed, 132 insertions(+), 1 deletion(-)
 create mode 100644 deploy/rabbitmq-config.yaml
 create mode 100644 deploy/rabbitmq-deployment.yaml
 create mode 100644 deploy/rabbitmq-secret.yaml
 create mode 100644 deploy/rabbitmq-service.yaml

diff --git a/deploy/rabbitmq-config.yaml b/deploy/rabbitmq-config.yaml
new file mode 100644
index 0000000..cc96b56
--- /dev/null
+++ b/deploy/rabbitmq-config.yaml
@@ -0,0 +1,30 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: rabbitmq-config
+data:
+  rabbitmq.conf: |
+    # 确保允许PLAIN认证
+    auth_mechanisms.1 = PLAIN
+    auth_mechanisms.2 = AMQPLAIN
+    # 允许admin用户通过远程方式连接
+    loopback_users.admin = false
+    # 默认心跳和监听配置可在此扩展
+    # ssl 新增部分
+    # 确定 ssl 连接时验证使用的用户名
+    ssl_cert_login_from = common_name
+    # 开启此项配置会导致只能通过TLS端口访问
+    listeners.tcp = none
+    listeners.ssl.default = 5671
+    # ssl config
+    ssl_options.cacertfile = /etc/rabbitmq/certs/ca_certificate.pem
+    ssl_options.certfile   = /etc/rabbitmq/certs/server_certificate.pem
+    ssl_options.keyfile    = /etc/rabbitmq/certs/server_key.pem
+    # management ssl config
+    management.ssl.port       = 15671
+    management.ssl.cacertfile = /etc/rabbitmq/certs/ca_certificate.pem
+    management.ssl.certfile   = /etc/rabbitmq/certs/server_certificate.pem
+    management.ssl.keyfile    = /etc/rabbitmq/certs/server_key.pem
+    # 启用双向认证
+    ssl_options.verify     = verify_peer
+    ssl_options.fail_if_no_peer_cert = true
diff --git a/deploy/rabbitmq-deployment.yaml b/deploy/rabbitmq-deployment.yaml
new file mode 100644
index 0000000..5a9cb5e
--- /dev/null
+++ b/deploy/rabbitmq-deployment.yaml
@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: eventrt-rabbitmq
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: rabbitmq
+  template:
+    metadata:
+      labels:
+        app: rabbitmq
+    spec:
+      containers:
+        - name: rabbitmq
+          image: rabbitmq:4.1.1-management-alpine
+          ports:
+            - containerPort: 4369
+            - containerPort: 5671
+            - containerPort: 5672 # AMQP
+            - containerPort: 15671
+            - containerPort: 15672 # Management UI
+            - containerPort: 15691
+            - containerPort: 15692
+            - containerPort: 25672
+          env:
+            - name: RABBITMQ_DEFAULT_USER
+              valueFrom:
+                secretKeyRef:
+                  name: rabbitmq-secret
+                  key: rabbitmq-user
+            - name: RABBITMQ_DEFAULT_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: rabbitmq-secret
+                  key: rabbitmq-pass
+            - name: RABBITMQ_ERLANG_COOKIE
+              valueFrom:
+                secretKeyRef:
+                  name: rabbitmq-secret
+                  key: erlang-cookie
+            - name: RABBITMQ_DEFAULT_VHOST
+              value: "/"
+          volumeMounts:
+            - name: rabbitmq-certs-volume
+              mountPath: /etc/rabbitmq/certs
+              readOnly: true
+            - name: rabbitmq-config-volume
+              mountPath: /etc/rabbitmq/rabbitmq.conf
+              subPath: rabbitmq.conf
+              readOnly: true
+            - name: rabbitmq-data
+              mountPath: /var/lib/rabbitmq
+      volumes:
+        - name: rabbitmq-certs-volume
+          secret:
+            secretName: rabbitmq-certs
+        - name: rabbitmq-config-volume
+          configMap:
+            name: rabbitmq-config
+        - name: rabbitmq-data
+          emptyDir: {}
diff --git a/deploy/rabbitmq-secret.yaml b/deploy/rabbitmq-secret.yaml
new file mode 100644
index 0000000..eae46a1
--- /dev/null
+++ b/deploy/rabbitmq-secret.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: rabbitmq-secret
+type: Opaque
+stringData:
+  rabbitmq-user: "coslight"
+  rabbitmq-pass: "coslight@tj"
+  erlang-cookie: "secret-erlang-cookie"
diff --git a/deploy/rabbitmq-service.yaml b/deploy/rabbitmq-service.yaml
new file mode 100644
index 0000000..6cdb259
--- /dev/null
+++ b/deploy/rabbitmq-service.yaml
@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: rabbitmq-service
+spec:
+  type: NodePort # 在 Minikube 中使用 NodePort 方便外部访问
+  selector:
+    app: rabbitmq
+  ports:
+    - name: amqp-ssl
+      protocol: TCP
+      port: 5671
+      targetPort: 5671
+      nodePort: 30671
+    - name: amqp
+      protocol: TCP
+      port: 5672
+      targetPort: 5672
+      nodePort: 30672
+    - name: management-ssl
+      protocol: TCP
+      port: 15671
+      targetPort: 15671
+      nodePort: 31671
+    - name: management
+      protocol: TCP
+      port: 15672
+      targetPort: 15672
+      nodePort: 31672
diff --git a/mq/mq_init.go b/mq/mq_init.go
index 682d3ce..56ad1bb 100644
--- a/mq/mq_init.go
+++ b/mq/mq_init.go
@@ -57,7 +57,7 @@ func initRabbitMQ(ctx context.Context, rabbitMQURI string) *amqp.Connection {
 func (p *RabbitMQProxy) handleReconnect(ctx context.Context, rabbitMQURI string) {
 	for {
 		closeChan := make(chan *amqp.Error)
-		p.Conn.NotifyClose(closeChan)
+		GetConn().NotifyClose(closeChan)
 
 		err, ok := <-closeChan