yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
6c66276520e47c70b027b1b0967a8bbda3805ead
doc-exports/docs/dms_rocketmq/umn/hrm-ug-002.html
chenjunjie 6c66276520 RocketMQ UMN 20250911 version 
Reviewed-by: Liudmila Denisova <ldenisov@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: chenjunjie <chenjunjie@huawei.com>
Co-committed-by: chenjunjie <chenjunjie@huawei.com>
2026-03-18 14:47:34 +00:00

20 KiB
Raw Blame History

Creating a RocketMQ Instance

RocketMQ instances are physically isolated and exclusively occupied by each tenant. You can customize specifications and storage space of a RocketMQ instance as required.

Preparing Required Resources

Before creating a RocketMQ instance, prepare the required resources, including a virtual private cloud (VPC), subnet, and security group with proper rules. Each RocketMQ instance is deployed in a specific VPC and bound to a specific subnet and security group, which provide an isolated virtual network environment and allow you to easily configure and manage security protection policies.

Table 1 lists the resources required by a RocketMQ instance.

Table 1 RocketMQ resources

Resource

Requirement

Operations

VPC and subnet

Configure the VPC and subnet for RocketMQ instances as required. You can use the current account's existing VPC and subnet or create new ones.

Note the following when creating a VPC and a subnet:

  • The VPC and the RocketMQ instance must be in the same region.
  • Use the default settings when creating a VPC and subnet.

For details on how to create a VPC and subnet, see . If you need to create and use a new subnet in an existing VPC, see Creating a Subnet for the VPC.

Security group

Different RocketMQ instances can use the same security group or different security groups.

To use RocketMQ instances, add the security group rules described in Table 2. Other rules can be added as required.

After a security group is created, its default inbound rule allows communication among ECSs within the security group and its default outbound rule allows all outbound traffic. In this case, you can access a RocketMQ instance within a VPC, and do not need to add rules according to Table 2.

For details on how to create a security group, see . For details on how to add rules to a security group, see Adding a Security Group Rule.

EIP

This parameter is required to enable public access.

Note the following when creating EIPs:

  • The EIPs must be created in the same region as the RocketMQ instance.
  • The RocketMQ console cannot identify IPv6 EIPs.

For details about how to create an EIP, see Assigning an EIP.
Table 2 Security group rules

Direction

Protocol

Port

Source

Description

Inbound

TCP

8100

IP address or IP address group of the RocketMQ client

The port is used for private network access to instances using TCP.

Inbound

TCP

8200

The port is used for public network access to instances using TCP.

Inbound

TCP

8080

The port is used for private network access to instances using gRPC.

Inbound

TCP

8081

The port is used for public network access to instances using gRPC.

Inbound

TCP

10100

The port is used for private access to service nodes using TCP.

Inbound

TCP

10101

The port is used for public access to service nodes using TCP.

Creating a RocketMQ Instance

  1. Log in to the console.
  2. Click in the upper left corner to select a region.

    DMS for RocketMQ instances in different regions cannot communicate with each other over an intranet. Select a nearest region for low latency and fast access.

  3. Click and choose Application > Distributed Message Service for RocketMQ to open the console of DMS for RocketMQ.
  4. Click Create RocketMQ Instance in the upper right corner of the page.
  5. Select a Region.

    DMS for RocketMQ instances in different regions cannot communicate with each other over an intranet. Select a nearest location for low latency and fast access.

  6. Select a Project.

    Projects isolate compute, storage, and network resources across geographical regions. For each region, a preset project is available.

  7. Select an AZ.

    An AZ is a physical region where resources use independent power supply and networks. AZs are physically isolated but interconnected through an internal network.

    Select AZs as prompted based on the instance version.

  8. Enter an Instance Name.

    You can customize a name that complies with the rules: 464 characters; starts with a letter; can contain only letters, digits, hyphens (-), and underscores (_).

  9. Select an Enterprise Project.

    This parameter is for enterprise users. An enterprise project manages cloud resources. The enterprise project management service unifies cloud resources in projects, and resources and members in a project. The default project is default.

  10. Configure the following instance parameters:

    1. Version: Only 5.x is available.
    2. Architecture: Retain the default value. Single-node and Cluster are available.
      • Single-node: There is only one RocketMQ broker. The single-node architecture can only be used for testing.
      • Cluster: There are multiple RocketMQ brokers.
    3. Flavor: Select the required flavor.
    4. Storage Space: Disk type and total storage space of each broker.

      The disk type is fixed once the instance is created.

      The disk type can be high I/O, ultra-high I/O, general-purpose SSD, and extreme SSD. For details about how to select a disk type, see Disk Types and Performance.

  11. Configure the instance network parameters.

    1. Select the created VPC and subnet from the VPC drop-down list.

      A VPC provides an isolated virtual network for your RocketMQ instances. You can configure and manage the network.

      After the RocketMQ instance is created, its VPC and subnet cannot be changed.

    2. Select a security group.

      A security group is a set of rules for accessing a RocketMQ instance.

  12. Configure SSL.

    • SSL: Ciphertext access with high security, but lower performance.
    • PLAINTEXT: Plaintext access with high performance, but lower security.
    • PERMISSIVE: Both ciphertext and plaintext access, depending on the client.

    The SSL setting can be changed after the instance is created. Select a transmission mode as required.

  13. Configure ACL.

    After ACL is enabled, the permissions for each user are exclusive.

  14. Click More Settings to configure more parameters.

    • Configure Public Access.

      Public access is disabled by default. You can enable or disable it as required. After public access is enabled, configure an IPv4 EIP for the RocketMQ instance.

    • Specify tags.

      Tags are used to identify cloud resources. When you have many cloud resources of the same type, you can use tags to classify cloud resources by dimension (for example, usage, owner, or environment).

      • If you have created predefined tags, select a predefined pair of tag key and value. To view or create predefined tags, click View predefined tags on the right. You will then be directed to the TMS console.
      • You can also create new tags by entering Tag key and Tag value.

      Up to 20 tags can be added to each RocketMQ instance. For details about the requirements on tags, see Configuring Tags for a RocketMQ Instance.

    • Enter a description of the instance.

  15. Click Create Now.
  16. Confirm the instance information, and click Submit.
  17. Return to the instance list and check whether the instance has been created.

    It takes 3 to 15 minutes to create an instance. During this period, the instance status is Creating.

    • If the instance is created successfully, its status changes to Running.
    • If the instance is in the Failed state, delete it by referring to Deleting a RocketMQ Instance and try creating another one. If the instance creation fails again, contact customer service.