Product Docs
- Overview
- FAQs
- Verifying Images
- How to Use
- Going Distroless
- local-volume-node-cleanup
- datadog-cluster-agent
- karpenter-fips
- local-volume-provisioner
- gha-runner-scale-set-controller
- gha-runner-scale-set-controller-fips
- kube-rbac-proxy
- valkey
- grafana-operator
- grafana-operator-fips
- kubeflow-katib-suggestion-nas-darts
- litestream
- step-issuer
- step-issuer-fips
- vertical-pod-autoscaler-fips-admission-controller
- vertical-pod-autoscaler-fips-recommender
- vertical-pod-autoscaler-fips-updater
- prometheus-pushgateway-bitnami-bitnami
- redis-bitnami-cluster-bitnami
- redis-bitnami-sentinel-bitnami
- redis-bitnami-server-bitnami
- tesseract-fips
- kubernetes-autoscaler-addon-resizer
- kubernetes-autoscaler-addon-resizer-fips
- node-feature-discovery
- laravel
- argocd-extension-installer-fips
- cortex-fips
- hubble-ui-backend
- step-ca
- step-cli
- tekton-chains-fips
- tekton-cli-fips
- tekton-controller-fips
- tekton-entrypoint-fips
- tekton-events-fips
- tekton-nop-fips
- tekton-resolvers-fips
- tekton-sidecarlogresults-fips
- tekton-webhook-fips
- tekton-workingdirinit-fips
- kyverno-fips-background-controller
- kyverno-fips-cleanup-controller
- kyverno-fips-cli
- kyverno-fips-reports-controller
- kyverno-fipspre
- aws-volume-modifier-for-k8s-fips
- azure-aad-pod-identity-mic
- azure-aad-pod-identity-nmi
- chainguard-base
- chainguard-base-fips
- configurable-http-proxy-fips
- dex-k8s-authenticator
- eks-distro-coredns
- eks-distro-kubernetes-csi-external-attacher
- eks-distro-kubernetes-csi-external-provisioner
- eks-distro-kubernetes-csi-external-resizer
- eks-distro-kubernetes-csi-external-snapshot-controller
- eks-distro-kubernetes-csi-external-snapshot-validation-webhook
- eks-distro-kubernetes-csi-external-snapshotter
- eks-distro-kubernetes-csi-livenessprobe
- eks-distro-kubernetes-csi-node-driver-registrar
- elasticsearch
- glibc-openssl
- glibc-openssl-fips
- gpu-operator
- grafana-operator-fips-bitnami
- hubble-ui
- hubble-ui-backend-fips
- hubble-ui-fips
- jdk-fips
- jre-fips
- jupyterhub-k8s-hub-fips
- k8ssandra-system-logger-fips
- keycloak-fips
- kiam
- kots
- kube-oidc-proxy
- kube-rbac-proxy-fips
- kubeflow-pipelines
- kubernetes-csi-external-snapshotter-snaphot-validation-webhook
- kubernetes-dashboard-metrics-scraper
- kubernetes-event-exporter-bitnami
- kyvernopre
- memcached-bitnami
- mongodb-bitnami
- mysql
- postgres-bitnami
- postgres-bitnami-fips
- prometheus-beat-exporter-fips
- prometheus-bitnami
- prometheus-elasticsearch-exporter-bitnami
- prometheus-mongodb-exporter-bitnami
- prometheus-node-exporter-bitnami
- prometheus-postgres-exporter-bitnami
- prometheus-pushgateway-exporter
- prometheus-pushgateway-exporter-bitnami
- prometheus-pushgateway-fips
- pulumi-kubernetes-operator
- python-fips
- rabbitmq-fips
- renovate
- spark-bitnami
- vault-k8s-fips
- wavefront-collector-for-kubernetes
- zookeeper-bitnami
- apko
- argo-cli
- argo-cli-fips
- argo-exec
- argo-exec-fips
- argo-workflowcontroller
- argo-workflowcontroller-fips
- argocd
- argocd-extension-installer
- argocd-fips
- argocd-fips-repo-server
- argocd-repo-server
- aspnet-runtime
- aspnet-runtime-fips
- atlantis
- atlantis-fips
- aws-cli
- aws-cli-fips
- aws-cli-v2
- aws-cli-v2-fips
- aws-ebs-csi-driver
- aws-ebs-csi-driver-fips
- aws-efs-csi-driver
- aws-for-fluent-bit
- aws-load-balancer-controller
- aws-load-balancer-controller-fips
- az
- az-fips
- bank-vaults
- bank-vaults-fips
- bash
- bazel
- bincapz
- boring-registry
- boring-registry-fips
- buck2
- buildkit
- bun
- busybox
- busybox-fips
- caddy
- caddy-fips
- cadvisor
- cadvisor-fips
- calico
- calico-calicoctl
- calico-calicoctl-fips
- calico-cni
- calico-cni-fips
- calico-csi
- calico-csi-fips
- calico-kube-controllers
- calico-kube-controllers-fips
- calico-node
- calico-node-driver-registrar
- calico-node-driver-registrar-fips
- calico-node-fips
- calico-pod2daemon
- calico-pod2daemon-flexvol
- calico-pod2daemon-flexvol-fips
- calico-typha
- calico-typha-fips
- calicoctl
- cass-config-builder
- cass-operator
- cass-operator-fips
- cassandra
- cassandra-medusa
- cassandra-medusa-fips
- cassandra-reaper
- cc-dynamic
- cedar
- cert-exporter
- cert-exporter-fips
- cert-manager-acmesolver
- cert-manager-acmesolver-fips
- cert-manager-cainjector
- cert-manager-cainjector-fips
- cert-manager-cmctl
- cert-manager-cmctl-fips
- cert-manager-controller
- cert-manager-controller-fips
- cert-manager-webhook
- cert-manager-webhook-fips
- cert-manager-webhook-pdns
- cert-manager-webhook-pdns-fips
- cfssl
- chromium
- cilium-agent
- cilium-agent-fips
- cilium-hubble-relay
- cilium-hubble-relay-fips
- cilium-hubble-ui
- cilium-hubble-ui-backend
- cilium-hubble-ui-backend-fips
- cilium-hubble-ui-fips
- cilium-operator-generic
- cilium-operator-generic-fips
- clang
- clickhouse
- cluster-autoscaler
- cluster-autoscaler-fips
- cluster-proportional-autoscaler
- conda
- conda-fips
- configmap-reload
- configmap-reload-fips
- confluent-kafka
- consul
- consul-fips
- coredns
- coredns-fips
- cortex
- cosign
- cosign-fips
- crane
- crossplane
- crossplane-aws
- crossplane-aws-cloudfront
- crossplane-aws-cloudwatchlogs
- crossplane-aws-dynamodb
- crossplane-aws-ec2
- crossplane-aws-eks
- crossplane-aws-firehose
- crossplane-aws-iam
- crossplane-aws-kms
- crossplane-aws-lambda
- crossplane-aws-rds
- crossplane-aws-s3
- crossplane-aws-sns
- crossplane-aws-sqs
- crossplane-azure
- crossplane-azure-authorization
- crossplane-azure-managedidentity
- crossplane-azure-sql
- crossplane-azure-storage
- crossplane-xfn
- ctlog-trillian-ctserver
- ctlog-trillian-ctserver-fips
- curl
- dask-gateway
- dask-gateway-dask-gateway
- dask-gateway-dask-gateway-server
- dask-gateway-server
- datadog-agent
- datadog-agent-fips
- deno
- dependency-track
- dex
- dex-fips
- dive
- docker-cli
- docker-selenium
- doppler-kubernetes-operator
- dotnet-runtime
- dotnet-runtime-fips
- dotnet-sdk
- dotnet-sdk-fips
- dragonfly
- dynamic-localpv-provisioner
- envoy
- envoy-fips
- envoy-ratelimit
- envoy-ratelimit-fips
- erlang
- erlang-fips
- etcd
- etcd-fips
- external-dns
- external-dns-fips
- external-secrets
- external-secrets-fips
- falco-no-driver
- falco-no-driver-fips
- falcoctl
- falcoctl-fips
- falcosidekick
- falcosidekick-fips
- ffmpeg
- filebeat
- filebeat-fips
- fluent-bit
- fluent-bit-fips
- fluentd
- fluentd-fips
- flux
- flux-helm-controller
- flux-image-automation-controller
- flux-image-reflector-controller
- flux-kustomize-controller
- flux-notification-controller
- flux-source-controller
- fulcio
- fulcio-fips
- gatekeeper
- gatekeeper-fips
- gcc-glibc
- git
- gitlab-exporter
- gitlab-kas
- gitlab-pages
- gitlab-shell
- gitness
- glibc-dynamic
- go
- go-fips
- go-ipfs
- go-ipfs-fips
- google-cloud-sdk
- gotenberg
- gptscript
- graalvm-native
- gradle
- grafana
- grafana-agent-operator
- grafana-fips
- grype
- guacamole-server
- haproxy
- haproxy-fips
- haproxy-ingress
- harbor-core
- harbor-fips-core
- harbor-fips-jobservice
- harbor-fips-portal
- harbor-fips-registry
- harbor-fips-registryctl
- harbor-fips-trivy-adapter
- harbor-jobservice
- harbor-portal
- harbor-registry
- harbor-registryctl
- harbor-trivy-adapter
- helm
- helm-chartmuseum
- helm-fips
- helm-operator
- helm-operator-fips
- http-echo
- hugo
- influxdb
- ingress-nginx-controller
- ingress-nginx-controller-fips
- ip-masq-agent
- istio-install-cni
- istio-install-cni-fips
- istio-operator
- istio-operator-fips
- istio-pilot
- istio-pilot-fips
- istio-proxy
- istio-proxy-fips
- jdk
- jdk-lts
- jellyfin
- jenkins
- jre
- jre-lts
- k3s
- k3s-allinone
- k8s-sidecar
- k8s-sidecar-fips
- k8sgpt
- k8sgpt-operator
- k8ssandra-operator
- k8ssandra-operator-fips
- kafka
- karpenter
- keda
- keda-adapter
- keda-adapter-fips
- keda-admission-webhooks
- keda-admission-webhooks-fips
- keda-fips
- keycloak
- ko
- kor
- kube-bench
- kube-bench-fips
- kube-downscaler
- kube-fluentd-operator
- kube-logging-operator
- kube-logging-operator-fluentd
- kube-state-metrics
- kube-state-metrics-fips
- kube-webhook-certgen
- kubectl
- kubectl-fips
- kubeflow-centraldashboard
- kubeflow-jupyter-web-app
- kubeflow-katib-controller
- kubeflow-katib-db-manager
- kubeflow-katib-earlystopping-medianstop
- kubeflow-katib-file-metrics-collector
- kubeflow-katib-suggestion-darts
- kubeflow-katib-suggestion-goptuna
- kubeflow-katib-suggestion-hyperband
- kubeflow-katib-suggestion-hyperopt
- kubeflow-katib-suggestion-optuna
- kubeflow-katib-suggestion-pbt
- kubeflow-katib-suggestion-skopt
- kubeflow-pipelines-api-server
- kubeflow-pipelines-cache-deployer
- kubeflow-pipelines-cache-server
- kubeflow-pipelines-frontend
- kubeflow-pipelines-metadata-envoy
- kubeflow-pipelines-metadata-writer
- kubeflow-pipelines-persistenceagent
- kubeflow-pipelines-scheduledworkflow
- kubeflow-pipelines-viewer-crd-controller
- kubeflow-pipelines-visualization-server
- kubeflow-volumes-web-app
- kuberay-operator
- kubernetes-csi-external-attacher
- kubernetes-csi-external-attacher-fips
- kubernetes-csi-external-provisioner
- kubernetes-csi-external-resizer
- kubernetes-csi-external-resizer-fips
- kubernetes-csi-external-snapshot-controller
- kubernetes-csi-external-snapshot-validation-webhook
- kubernetes-csi-external-snapshotter
- kubernetes-csi-livenessprobe
- kubernetes-csi-livenessprobe-fips
- kubernetes-csi-node-driver-registrar
- kubernetes-csi-node-driver-registrar-fips
- kubernetes-dashboard
- kubernetes-dashboard-fips
- kubernetes-dns-node-cache
- kubernetes-event-exporter
- kubernetes-ingress-defaultbackend
- kubewatch
- kyverno
- kyverno-background-controller
- kyverno-background-controller-fips
- kyverno-cleanup-controller
- kyverno-cleanup-controller-fips
- kyverno-cli
- kyverno-cli-fips
- kyverno-fips
- kyverno-policy-reporter
- kyverno-policy-reporter-plugin
- kyverno-policy-reporter-reporter
- kyverno-policy-reporter-ui
- kyverno-pre-fips
- kyverno-reports-controller
- kyverno-reports-controller-fips
- logstash-oss-with-opensearch-output-plugin
- loki
- management-api-for-apache-cassandra
- mariadb
- maven
- mdbook
- meilisearch
- melange
- memcached
- memcached-exporter
- memcached-exporter-bitnami
- metacontroller
- metallb-controller
- metallb-controller-fips
- metallb-speaker
- metallb-speaker-fips
- metrics-server
- metrics-server-fips
- min-toolkit-debug
- minio
- minio-client
- minio-client-fips
- minio-fips
- ml-metadata-store-server
- mongodb
- mongodb-fips
- multus-cni
- multus-cni-fips
- nats
- nemo
- netcat
- neuvector-prometheus-exporter
- neuvector-prometheus-exporter-fips
- newrelic-fluent-bit-output
- newrelic-infrastructure-bundle
- newrelic-infrastructure-k8s
- newrelic-k8s-events-forwarder
- newrelic-kube-events
- newrelic-kubernetes
- newrelic-nri-statsd
- newrelic-prometheus
- newrelic-prometheus-configurator
- nfs-subdir-external-provisioner
- nfs-subdir-external-provisioner-fips
- nginx
- nginx-fips
- node
- node-fips
- node-lts
- node-problem-detector
- nodetaint
- ntia-conformance-checker
- ntpd-rs
- nvidia-device-plugin
- oauth2-proxy
- openai
- opensearch
- opensearch-dashboards
- opensearch-dashboards-fips
- opentelemetry-collector-contrib
- opentelemetry-collector-contrib-fips
- opentf
- opentofu
- paranoia
- pgbouncer
- pgbouncer-fips
- php
- php-fpm_exporter
- postgres
- postgres-fips
- postgres-helm-compat
- postgres-operator
- postgres-operator-fips
- powershell
- prometheus
- prometheus-adapter
- prometheus-adapter-fips
- prometheus-alertmanager
- prometheus-alertmanager-fips
- prometheus-blackbox-exporter
- prometheus-cloudwatch-exporter
- prometheus-config-reloader
- prometheus-config-reloader-fips
- prometheus-elasticsearch-exporter
- prometheus-elasticsearch-exporter-fips
- prometheus-fips
- prometheus-logstash-exporter
- prometheus-logstash-exporter-fips
- prometheus-mongodb-exporter
- prometheus-mongodb-exporter-fips
- prometheus-mysqld-exporter
- prometheus-node-exporter
- prometheus-node-exporter-fips
- prometheus-operator
- prometheus-operator-fips
- prometheus-postgres-exporter
- prometheus-postgres-exporter-fips
- prometheus-pushgateway
- prometheus-pushgateway-bitnami
- prometheus-redis-exporter
- prometheus-redis-exporter-fips
- prometheus-statsd-exporter
- prometheus-statsd-exporter-fips
- promtail
- proxysql
- pulumi
- python
- pytorch-cuda12
- qdrant
- r-base
- rabbitmq
- rabbitmq-cluster-operator
- rabbitmq-messaging-topology-operator
- redis
- redis-cluster-bitnami
- redis-fips
- redis-sentinel
- redis-sentinel-bitnami
- redis-server-bitnami
- rekor-backfill-redis
- rekor-backfill-redis-fips
- rekor-cli
- rekor-cli-fips
- rekor-server
- rekor-server-fips
- rqlite
- rstudio
- rstudio-fips
- ruby
- rust
- secrets-store-csi-driver
- secrets-store-csi-driver-provider-gcp
- semgrep
- shadowsocks-rust-sslocal
- shadowsocks-rust-ssserver
- sigstore-policy-controller
- sigstore-policy-controller-fips
- sigstore-scaffolding-cloudsqlproxy
- sigstore-scaffolding-cloudsqlproxy-fips
- sigstore-scaffolding-ctlog-createctconfig
- sigstore-scaffolding-ctlog-createctconfig-fips
- sigstore-scaffolding-ctlog-managectroots
- sigstore-scaffolding-ctlog-managectroots-fips
- sigstore-scaffolding-ctlog-verifyfulcio
- sigstore-scaffolding-ctlog-verifyfulcio-fips
- sigstore-scaffolding-fulcio-createcerts
- sigstore-scaffolding-fulcio-createcerts-fips
- sigstore-scaffolding-getoidctoken
- sigstore-scaffolding-getoidctoken-fips
- sigstore-scaffolding-rekor-createsecret
- sigstore-scaffolding-rekor-createsecret-fips
- sigstore-scaffolding-trillian-createdb
- sigstore-scaffolding-trillian-createdb-fips
- sigstore-scaffolding-trillian-createtree
- sigstore-scaffolding-trillian-createtree-fips
- sigstore-scaffolding-trillian-updatetree
- sigstore-scaffolding-trillian-updatetree-fips
- sigstore-scaffolding-tsa-createcertchain
- sigstore-scaffolding-tsa-createcertchain-fips
- sigstore-scaffolding-tuf-createsecret
- sigstore-scaffolding-tuf-createsecret-fips
- sigstore-scaffolding-tuf-server
- sigstore-scaffolding-tuf-server-fips
- skaffold
- slim-toolkit-debug
- smarter-device-manager
- smarter-device-manager-fips
- solr
- spark-operator
- spire-agent
- spire-agent-fips
- spire-oidc-discovery-provider
- spire-oidc-discovery-provider-fips
- spire-server
- spire-server-fips
- sqlpad
- sqlpad-fips
- squid-proxy
- squid-proxy-fips
- stakater-reloader
- static
- statsd
- stunnel
- tekton-chains
- tekton-cli
- tekton-controller
- tekton-entrypoint
- tekton-events
- tekton-nop
- tekton-resolvers
- tekton-sidecarlogresults
- tekton-webhook
- tekton-workingdirinit
- telegraf
- tempo
- temporal-admin-tools
- temporal-admin-tools-fips
- temporal-server
- temporal-server-fips
- temporal-ui-server
- temporal-ui-server-fips
- terraform
- tesseract
- thanos
- thanos-fips
- thanos-operator
- thanos-operator-fips
- tigera-operator
- tigera-operator-fips
- timestamp-authority-cli
- timestamp-authority-server
- timoni
- tomcat
- traefik
- traefik-fips
- trillian-logserver
- trillian-logserver-fips
- trillian-logsigner
- trillian-logsigner-fips
- trino
- trust-manager
- trust-manager-fips
- vault
- vault-fips
- vault-k8s
- vector
- vela-cli
- velero
- velero-fips
- velero-plugin-for-aws
- velero-plugin-for-aws-fips
- velero-plugin-for-csi
- velero-plugin-for-csi-fips
- velero-restore-helper
- velero-restore-helper-fips
- vertical-pod-autoscaler-admission-controller
- vertical-pod-autoscaler-recommender
- vertical-pod-autoscaler-updater
- vt
- wait-for-it
- wasmer
- wasmtime
- wavefront-proxy
- wazero
- weaviate
- wolfi-base
- yara
- zig
- zookeeper
- zot
- How Images are Tested
- Product Release Lifecycle
- Debugging
- chainctl
- chainctl auth
- chainctl auth configure-docker
- chainctl auth login
- chainctl auth logout
- chainctl auth status
- chainctl config
- chainctl config edit
- chainctl config reset
- chainctl config save
- chainctl config set
- chainctl config unset
- chainctl config validate
- chainctl config view
- chainctl events
- chainctl events subscriptions
- chainctl events subscriptions create
- chainctl events subscriptions delete
- chainctl events subscriptions list
- chainctl iam
- chainctl iam account-associations
- chainctl iam account-associations check
- chainctl iam account-associations check aws
- chainctl iam account-associations check gcp
- chainctl iam account-associations describe
- chainctl iam account-associations set
- chainctl iam account-associations set aws
- chainctl iam account-associations set gcp
- chainctl iam account-associations unset
- chainctl iam account-associations unset aws
- chainctl iam account-associations unset gcp
- chainctl iam folders
- chainctl iam folders delete
- chainctl iam folders describe
- chainctl iam folders list
- chainctl iam folders update
- chainctl iam identities
- chainctl iam identities create
- chainctl iam identities create github
- chainctl iam identities create gitlab
- chainctl iam identities delete
- chainctl iam identities describe
- chainctl iam identities list
- chainctl iam identities update
- chainctl iam identity-providers
- chainctl iam identity-providers create
- chainctl iam identity-providers delete
- chainctl iam identity-providers list
- chainctl iam identity-providers update
- chainctl iam invites
- chainctl iam invites create
- chainctl iam invites delete
- chainctl iam invites list
- chainctl iam organizations
- chainctl iam organizations describe
- chainctl iam organizations list
- chainctl iam role-bindings
- chainctl iam role-bindings create
- chainctl iam role-bindings delete
- chainctl iam role-bindings list
- chainctl iam role-bindings update
- chainctl iam roles
- chainctl iam roles capabilities
- chainctl iam roles capabilities list
- chainctl iam roles create
- chainctl iam roles delete
- chainctl iam roles list
- chainctl iam roles update
- chainctl images
- chainctl images diff
- chainctl images list
- chainctl images repos
- chainctl images repos list
- chainctl update
- chainctl version
Open Source
Education
Image Overview: rabbitmq-fips
Overview: rabbitmq-fips Chainguard Image
Using rabbitmq in FIPS mode
To use this image in FIPS mode, the rabbitmq server application needs to load an extra configuration file containing the following (in the old Rabbitmq config format):
[
{crypto, [
{fips_mode, true}
]}
].
The file is located in /etc/erlang/releases/26/sys.config
in this image.
The file can be loaded by setting an environment variable that points to the file:
RABBITMQ_ADVANCED_CONFIG_FILE=/etc/erlang/releases/26/sys.config
Verifying rabbitmq is in FIPS mode
To verify if rabbitmq is running with FIPS enabled, use the following command:
/usr/lib/rabbitmq/bin/rabbitmqctl environment |grep fips
If FIPS is enabled, the result will look like the following:
{crypto,[{fips_mode,true},{rand_cache_size,896}]},
The rabbitmqctl
command also outputs JSON, which can be parsed like this:
/usr/lib/rabbitmq/bin/rabbitmqctl environment --formatter json |jq '.crypto .fips_mode'
The result will be true
if FIPS is enabled, or false
if it is not.
Last updated: 2024-02-29 16:25