RabbitMQ - Getting Started with Erlang Cookie

The Erlang cookie is a string of alphanumeric characters that is used for communication between nodes in a RabbitMQ cluster and for various RabbitMQ CLI tool, such as the rabbitmqctl command, and is stored in a file. For example, on a Linux system, the global erlang cookie file is typically /var/lib/rabbitmq/.erlang.cookie. Here is an example of an Erlang cookie.

~]# cat /var/lib/rabbitmq/.erlang.cookie


Global / Shared .erlang.cookie file

Technically, the global .erlang.cookie file will be located in the RabbitMQ home directory, which is defined in the main RabbitMQ log file. The global .erlang.cookie file is used by the RabbitMQ node and should be created when RabbitMQ is installed. The Erlang cookie value should not change when RabbitMQ is restarted.

=INFO REPORT==== 14-Oct-2020::20:47:15 ===
node           : rabbit@server1
home dir       : /var/lib/rabbitmq


The .erlang.cookie file should only be readable and writeable by the owner of the file, which means on a Linux system, the .erlang.cookie file should have -rw------- permission (0600). It is also OK for the .erlang.cookie file to have -r-------- (0400) permissions (read only).

~]# ls -la /var/lib/rabbitmq/
-rw-------.  1 rabbitmq rabbitmq       20 Apr  4  2019 .erlang.cookie


CLI tools and local .erlang.cookie file

When using CLI tool, such as the rabbitmqctl command, the .erlang.cookie file must be located in the users home directory. If you are SSH onto the RabbitMQ system as the rabbitmq user, then you would would using the /var/lib/rabbitmq/.erlang.cookie file, since the rabbitmq user's home directory is /var/lib/rabbitmq.

On the other hand, if you are connecting to the system as any other user, such as root or john.doe, you will need to copy the /var/lib/rabbitmq/.erlang.cookie file into the users home directory such as /root/.erlang.cookie or /home/john.doe/.erlang.cookie in order for the user to be able to use CLI tools, such as the rabbitmqctl command, and the users local .erlang.cookie file must contain the same exact alphanumeric string as the /var/lib/rabbitmq/.erlang.cookie file and also must have 0400 (read only) or 0600 (read/write) permissions.




The erlang cookie can be defined using the RABBITMQ_ERLANG_COOKIE variable. For example, if RabbitMQ is running on a Linux system, the export command can be used to define the erlang cookie.



Or if running RabbitMQ on Docker, the -e or --env option can be used to define the Erlang cookie. Whatever value is defined in RABBITMQ_ERLANG_COOKIE is what should be written to the .erlang.cookie file in the RabbitMQ Docker container.

docker run --env RABBITMQ_ERLANG_COOKIE=itsasecret rabbitmq:management


--erlang-cookie command line option

The --erlang-cookie command line option can be used, and will take precedence over the hidden .erlang.cookie files.

rabbitmqctl status --erlang-cookie itsasecret


rabbitmq-diagnostics erlang_cookie_sources

The rabbitmq-diagnostics erlang_cookie_sources command can be used to display Erlang cookie information.

~]# rabbitmq-diagnostics erlang_cookie_sources
Effective user: rabbitmq
Effective home directory: /var/lib/rabbitmq
Cookie file path: /var/lib/rabbitmq/.erlang.cookie
Cookie file exists? true
Cookie file type: regular
Cookie file access: read
Cookie file size: 21

Cookie CLI Switch

--erlang-cookie value set? false
--erlang-cookie value length: 0

Env variable (Deprecated)




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee

Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter ada91 in the box below so that we can be sure you are a human.