docs(roadmap): add rabbitmq network aliases for consistent hashing

- Configured 'iklimco-net' aliases for RabbitMQ nodes in prod overlay documentation. - Updated Step 6 and Step 8 stack snippets to include network aliases and definitions. - Added a technical note to Step 7 explaining DNS requirements for sticky sessions.
2026-05-18 10:22:14 +03:00 · 2026-05-18 10:22:14 +03:00 · 507e3a11a1
commit 507e3a11a1
parent 52bd6a59ac
1 changed files with 27 additions and 1 deletions
--- a/roadmap/prod-env/03-infra-stack-changes.md
+++ b/roadmap/prod-env/03-infra-stack-changes.md
@ -103,6 +103,14 @@ Swarm distributes SWAG requests to APISIX replicas via VIP (IPVS round-robin).
 With `policy:local`, each APISIX instance counts independently → the global limit effectively becomes 3× with 3 replicas.
 Switch to `policy:redis` for `PROFILE=prod`.
 Keep the following APISIX plugin limits in `init/apisix-core/init.sh` for `test/prod` unless stated otherwise:
 | Scope | Plugin | Target limit |
 |-------|--------|--------------|
 | WebSocket `/ws` | `limit-conn` | `conn: 5` per `remote_addr` |
 | Auth routes `/v1/auth/*`, `/v1/users/*` | `limit-count` | `count: 12`, `time_window: 60` per `remote_addr` |
 | Global rule | `limit-count` | `count: 60`, `time_window: 60` per `remote_addr` |
 Update the global rate limit block in `init/apisix-core/init.sh`:
 ```bash
@ -117,7 +125,7 @@ if [[ "$PROFILE" != "dev" ]]; then
  call_api "global rate limit" -X PUT "$APISIX_ADMIN_URL/global_rules/1" \
    -H "X-API-KEY: $API_KEY" -H "Content-Type: application/json" \
-    -d '{"plugins":{"limit-count":{"count":300,"time_window":60,"key_type":"var","key":"remote_addr","rejected_code":429,"policy":"'"$RATE_POLICY"'","allow_degradation":true'"$RATE_REDIS"'}}}'
+    -d '{"plugins":{"limit-count":{"count":60,"time_window":60,"key_type":"var","key":"remote_addr","rejected_code":429,"policy":"'"$RATE_POLICY"'","allow_degradation":true'"$RATE_REDIS"'}}}'
 fi
 ```
@ -326,6 +334,10 @@ services:
      RABBITMQ_NODENAME: "rabbit@rabbitmq-{{.Node.Hostname}}"
    secrets:
      - rabbitmq_erlang_cookie
    networks:
      iklimco-net:
        aliases:
          - "rabbitmq-{{.Node.Hostname}}"
    deploy:
      mode: replicated
      replicas: 3
@ -342,6 +354,10 @@ services:
 secrets:
  rabbitmq_erlang_cookie:
    external: true
 networks:
  iklimco-net:
    external: true
 ```
 ### Cluster join procedure (first setup)
@ -411,6 +427,8 @@ call_api "upstream rabbitmq" -X PUT "$APISIX_ADMIN_URL/upstreams/rabbitmq-upstre
 Consistent hashing by `remote_addr` requires APISIX to see the actual client IP, not the internal IP of the SWAG (Nginx) proxy.
 > **DNS Note:** For `chash` to work with node-specific names, the RabbitMQ service must have network aliases configured for each node (e.g., `rabbitmq-{{.Node.Hostname}}`) as shown in Step 6.
 Update `template/apisix-core/config.yaml.template`:
 ```yaml
@ -549,6 +567,10 @@ services:
      RABBITMQ_NODENAME: "rabbit@rabbitmq-{{.Node.Hostname}}"
    secrets:
      - rabbitmq_erlang_cookie
    networks:
      iklimco-net:
        aliases:
          - "rabbitmq-{{.Node.Hostname}}"
    deploy:
      mode: replicated
      replicas: 3
@ -565,6 +587,10 @@ services:
 secrets:
  rabbitmq_erlang_cookie:
    external: true
 networks:
  iklimco-net:
    external: true
 ```
 ## Step 8 — Monitoring Data Persistence (StorageBox)