VOOZH about

URL: https://dev.to/vultr/deploying-nats-high-performance-messaging-on-ubuntu-2404-3235

⇱ Deploying NATS High-Performance Messaging on Ubuntu 24.04 - DEV Community

NATS is a high-performance, open-source messaging system built for cloud-native and edge workloads, with JetStream providing durable streams and key-value storage. This guide deploys NATS using Docker Compose with JetStream persistence and hashed-password authentication, then verifies connectivity with the NATS CLI. By the end, you'll have a NATS server accepting authenticated clients on your server.

Set Up the Directory Structure

1. Create the project directory structure:

$mkdir -p ~/nats-stack/{data,config}
$cd ~/nats-stack

2. Create the environment file:

$nano .env

NATS_CLIENT_PORT=4222
NATS_CLUSTER_PORT=6222

Install the NATS CLI and Generate Password Hashes

1. Install the NATS CLI:

$curl -sf https://binaries.nats.dev/nats-io/natscli/nats@latest | sh
$sudo mv nats /usr/local/bin/
$nats --version

2. Generate hashed passwords for the system and admin users:

$nats server passwd
$nats server passwd

Save each hash output — they're needed in nats.conf below.

3. Create the NATS configuration file:

$nano config/nats.conf

# Client port
port: 4222
monitor_port: 8222
server_name: "NATS_SERVER_NAME"

# System account
system_account: SYS

accounts {
 SYS {
 users = [
 { user: "sysadmin", password: "SYSTEM_PASSWORD_HASH" }
 ]
 }
}

# JetStream
jetstream {
 store_dir: "/data/jetstream"
 max_mem_store: 1GB
 max_file_store: 5GB
}

authorization {
 default_permissions = {
 publish = "SANDBOX.*"
 subscribe = ["PUBLIC.>", "_INBOX.>"]
 }
 ADMIN = {
 publish = ">"
 subscribe = ">"
 }
 users = [
 {user: USERNAME, password: "USER_PASSWORD_HASH", permissions: $ADMIN}
 ]
}

Replace SYSTEM_PASSWORD_HASH, USER_PASSWORD_HASH, USERNAME, and NATS_SERVER_NAME with your values.

Deploy with Docker Compose

1. Create the Docker Compose manifest:

$nano docker-compose.yaml

services:
 nats:
 image: nats:2.12
 container_name: nats
 command:
 - "-c"
 - "/etc/nats/nats.conf"

 ports:
 - "${NATS_CLIENT_PORT}:4222"
 - "${NATS_CLUSTER_PORT}:6222"

 volumes:
 - "./data:/data"
 - "./config/nats.conf:/etc/nats/nats.conf:ro"

 restart: unless-stopped

 healthcheck:
 test: ["CMD", "nats", "server", "ping"]
 interval: 10s
 timeout: 5s
 retries: 5

2. Start the service:

$docker compose up -d

3. Verify the service is running:

$docker compose ps
$docker compose logs

Verify Connectivity

Ping the server with the CLI using the system account credentials:

$nats --server nats://sysadmin:SYS_USER_PASSWORD@SERVER_IP:4222 server ping

A PONG response confirms NATS is accepting authenticated clients.

Next Steps

NATS is running with JetStream persistence and authentication. From here you can:

  • Create JetStream streams and consumers with nats stream add and nats consumer add
  • Add TLS by mounting certificates and enabling the tls block in nats.conf
  • Cluster multiple NATS servers by setting cluster routes for high availability

For the full guide with additional tips, visit the original article on Vultr Docs.