Currently rabbitmq services are running on the cloudcontrol nodes along with many openstack services.
Rabbitmq is the messaging service that all of our openstack services use. Currently rabbitmq runs on the cloudcontrol notes, which also host many openstack services. We've been having ongoing issues with those services being in the same servers: performance issues with rabbit, and also issues with needing to do openstack maintenance and that causing rabbit issues. Rabbitmq is generally the weak point of our infra, it's somewhat touchy and unstable.
The reason it has public IPs is
This task tracks the setup and implementation of dedicated rabbitmq notes in eqiad: cloudrabbit100[1-3]. These servers will use public IPs so that services that run on-cloud (orchestration things like Trove and Magnum) which can talk to rabbit in order to coordinate with the openstack services. Rabbitmq is requires persistent low-latency connections so isn't a great candidate for proxying.