DEV Community

Cover image for Deploying NATS High-Performance Messaging on Ubuntu 24.04
Vultr profile image Sanskriti Harmukh
Sanskriti Harmukh for Vultr

Posted on with Aashish Chaurasiya • Originally published at docs.vultr.com

Deploying NATS High-Performance Messaging on Ubuntu 24.04

#messaging #docker #devops #nats

NATS is a high-performance, open-source messaging system built for cloud-native and edge workloads, with JetStream providing durable streams and key-value storage. This guide deploys NATS using Docker Compose with JetStream persistence and hashed-password authentication, then verifies connectivity with the NATS CLI. By the end, you'll have a NATS server accepting authenticated clients on your server.

Set Up the Directory Structure

1. Create the project directory structure:

$ mkdir -p ~/nats-stack/{data,config}
$ cd ~/nats-stack
Enter fullscreen mode Exit fullscreen mode

2. Create the environment file:

$ nano .env
Enter fullscreen mode Exit fullscreen mode 
NATS_CLIENT_PORT=4222
NATS_CLUSTER_PORT=6222
Enter fullscreen mode Exit fullscreen mode

Install the NATS CLI and Generate Password Hashes

1. Install the NATS CLI:

$ curl -sf https://binaries.nats.dev/nats-io/natscli/nats@latest | sh
$ sudo mv nats /usr/local/bin/
$ nats --version
Enter fullscreen mode Exit fullscreen mode

2. Generate hashed passwords for the system and admin users:

$ nats server passwd
$ nats server passwd
Enter fullscreen mode Exit fullscreen mode

Save each hash output — they're needed in nats.conf below.

3. Create the NATS configuration file:

$ nano config/nats.conf
Enter fullscreen mode Exit fullscreen mode 
# Client port
port: 4222
monitor_port: 8222
server_name: "NATS_SERVER_NAME"

# System account
system_account: SYS

accounts {
  SYS {
    users = [
      { user: "sysadmin", password: "SYSTEM_PASSWORD_HASH" }
    ]
  }
}

# JetStream
jetstream {
  store_dir: "/data/jetstream"
  max_mem_store: 1GB
  max_file_store: 5GB
}

authorization {
  default_permissions = {
    publish = "SANDBOX.*"
    subscribe = ["PUBLIC.>", "_INBOX.>"]
  }
  ADMIN = {
    publish = ">"
    subscribe = ">"
  }
  users = [
    {user: USERNAME, password: "USER_PASSWORD_HASH", permissions: $ADMIN}
  ]
}
Enter fullscreen mode Exit fullscreen mode

Replace SYSTEM_PASSWORD_HASH, USER_PASSWORD_HASH, USERNAME, and NATS_SERVER_NAME with your values.

Deploy with Docker Compose

1. Create the Docker Compose manifest:

$ nano docker-compose.yaml
Enter fullscreen mode Exit fullscreen mode 
services:
  nats:
    image: nats:2.12
    container_name: nats
    command:
      - "-c"
      - "/etc/nats/nats.conf"

    ports:
      - "${NATS_CLIENT_PORT}:4222"
      - "${NATS_CLUSTER_PORT}:6222"

    volumes:
      - "./data:/data"
      - "./config/nats.conf:/etc/nats/nats.conf:ro"

    restart: unless-stopped

    healthcheck:
      test: ["CMD", "nats", "server", "ping"]
      interval: 10s
      timeout: 5s
      retries: 5
Enter fullscreen mode Exit fullscreen mode

2. Start the service:

$ docker compose up -d
Enter fullscreen mode Exit fullscreen mode

3. Verify the service is running:

$ docker compose ps
$ docker compose logs
Enter fullscreen mode Exit fullscreen mode

Verify Connectivity

Ping the server with the CLI using the system account credentials:

$ nats --server nats://sysadmin:SYS_USER_PASSWORD@SERVER_IP:4222 server ping
Enter fullscreen mode Exit fullscreen mode

A PONG response confirms NATS is accepting authenticated clients.

Next Steps

NATS is running with JetStream persistence and authentication. From here you can:

  • Create JetStream streams and consumers with nats stream add and nats consumer add
  • Add TLS by mounting certificates and enabling the tls block in nats.conf
  • Cluster multiple NATS servers by setting cluster routes for high availability

For the full guide with additional tips, visit the original article on Vultr Docs.

Top comments (0)