Today we're announcing a Chainguard Image for RabbitMQ. RabbitMQ is an open-source message broker that’s commonly used as part of cloud-native applications. It has over 10k stars on GitHub and we even use it as part of our Chainguard Enforce platform.
The Chainguard build of RabbitMQ is based on the Wolfi undistro – meaning we bootstrap the entire toolchain ourselves. If you know much about RabbitMQ, you’ll quickly realize this means that we also had to build our own versions of Erlang and OTP, which form the memory-safe, high-performance backend that powers the RabbitMQ server. These are built using Wolfi’s best-in-class compiler hardening features and performance optimizations, providing a solid foundation for RabbitMQ itself.
As always, the Chainguard RabbitMQ Image is continuously patched to ensure it has minimal CVEs, instead of hundreds like some of the others.
To get started, you can run the image with:
-- CODE language-bash --
docker run -p 5672:5672 --rm cgr.dev/chainguard/rabbitmq
2023-01-02 00:11:37.199274+00:00 [notice] <0.44.0> Application syslog exited with reason: stopped
2023-01-02 00:11:37.206489+00:00 [notice] <0.229.0> Logging: switching to configured handler(s); following messages may not be visible in this log output
## ## RabbitMQ 3.11.5
## ##
########## Copyright (c) 2007-2022 VMware, Inc. or its affiliates.
###### ##
########## Licensed under the MPL 2.0. Website: https://rabbitmq.com
Erlang: 25.2 [jit]
TLS Library: OpenSSL - OpenSSL 3.0.7 1 Nov 2022
Release series support status: supported
Doc guides: https://rabbitmq.com/documentation.html
Support: https://rabbitmq.com/contact.html
Tutorials: https://rabbitmq.com/getstarted.html
Monitoring: https://rabbitmq.com/monitoring.html
Logs: /var/log/rabbitmq/rabbit@02bee2143fb7.log
/var/log/rabbitmq/rabbit@02bee2143fb7_upgrade.log
Config file(s): (none)
Starting broker... completed with 0 plugins.
The image also supports the standard configuration files and environment variables:
As always, the binaries in our Images are built from source and come with comprehensive and SBOMs from the start. These SBOMs contain the package metadata for everything in the image and can be used for vulnerability scanning or license compliance. You can download the SBOMs for these containers with cosign:
Get started using Chainguard’s RabbitMQ Image today at github.com/chainguard-images, or get started with our RabbitMQ image using documentation in Chainguard Academy. All Chainguard Images minimize the software components included, helping shrink your image size by 80% on average, reducing your attack surface. Chainguard Images are now available for Bazel, curl, Git, Go, Jenkins, Postgres, Ruby and more. If you’re interested in support contracts, SLAs for vulnerabilities, FIPS-enabled images, or support for custom images or older versions, please reach out.
We are always looking for ways to improve our end user experience. If you have feedback or would like to submit a support issue you can reach out to us directly or file it here.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.