diff --git a/deploy/deploy.md b/deploy/deploy.md
index 27e27bb..18f14b9 100644
--- a/deploy/deploy.md
+++ b/deploy/deploy.md
@@ -640,6 +640,12 @@ openssl x509 -in eventrt_client_cert.pem -noout -subject
 
 将服务器端三个证书文件打包为 K8s Secret（在证书文件所在目录执行）：
 
+```bash
+sh deploy/k8s/rabbitmq-certs-secret.sh
+```
+
+该脚本等价于：
+
 ```bash
 kubectl create secret generic rabbitmq-certs \
   --from-file=ca_certificate.pem=./ca_certificate.pem \
diff --git a/deploy/k8s/rabbitmq-certs-secret.sh b/deploy/k8s/rabbitmq-certs-secret.sh
new file mode 100644
index 0000000..404617c
--- /dev/null
+++ b/deploy/k8s/rabbitmq-certs-secret.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+# Create the rabbitmq server certificate secret.
+# Run this script from the directory that contains the three cert files,
+# or adjust the paths below to point at the actual files.
+#
+# Expected files (generated during RabbitMQ TLS setup):
+#   ca_certificate.pem
+#   server_certificate.pem
+#   server_key.pem
+
+kubectl create secret generic rabbitmq-certs \
+  --from-file=ca_certificate.pem=./ca_certificate.pem \
+  --from-file=server_certificate.pem=./server_certificate.pem \
+  --from-file=server_key.pem=./server_key.pem
diff --git a/deploy/k8s/rabbitmq-deployment.yaml b/deploy/k8s/rabbitmq-deployment.yaml
index f8762cf..3dd645f 100644
--- a/deploy/k8s/rabbitmq-deployment.yaml
+++ b/deploy/k8s/rabbitmq-deployment.yaml
@@ -1,7 +1,7 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: eventrt-rabbitmq
+  name: rabbitmq
 spec:
   replicas: 1
   selector:
diff --git a/deploy/k8s/rabbitmq-plugins-config.yaml b/deploy/k8s/rabbitmq-plugins-config.yaml
new file mode 100644
index 0000000..f6fe7d9
--- /dev/null
+++ b/deploy/k8s/rabbitmq-plugins-config.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: rabbit-plugins-conf
+data:
+  enabled_plugins: |
+    [rabbitmq_auth_mechanism_ssl, rabbitmq_management, rabbitmq_management_agent, rabbitmq_prometheus, rabbitmq_web_dispatch].