JMS server: ActiveMQ
Contents
Manual installation
Installation
Get Apache Active MQ
Get the latest binary version from: http://activemq.apache.org/download.html
Program setup
- Copy archive to /opt/ directory:
mv apache-activemq-5.9.1-bin.zip /opt/
cd /opt/
- Unzip and create simlink
unzip apache-activemq-5.9.1-bin.zip
ln -s /opt/apache-activemq-5.9.1/ /opt/activemq/
- Set executable flag and symlinks
chmod 755 /opt/activemq/bin/activemq
ln -s /opt/activemq/bin/activemq /usr/bin/activemq
ln -s /opt/activemq/bin/activemq /etc/init.d/activemq
Rights adjustments
- Add non privileged account
adduser -system activemq
addgroup -system activemq
- Adjust user shell
Edit:
vim /etc/passwd
Adjust the user SHELL
activemq:x:116:65534::/home/activemq:/bin/bash
- Adjust user group
Edit:
vim /etc/group
Adjust the group membership
activemq:x:1001:activemq
- Set MQ folder privileges
chown -R activemq:activemq /opt/apache-activemq-5.9.1/
chown -R activemq:activemq /opt/activemq/
Basic configuration
Home + User
- Set home and user
Edit
vim /opt/activemq/bin/activemq
Set after "Configuration" (line ~ 40)
ACTIVEMQ_HOME=”/opt/activemq”
ACTIVEMQ_USER=”activemq”
Runtime configuration
- Create runtime configuration. Generate default settings
/opt/activemq/bin/activemq setup /etc/default/activemq
- Adjust configuration rights
chown root:nogroup /etc/default/activemq
chmod 600 /etc/default/activemq
Add ActiveMQ to boot sequence
cd /etc/init.d
update-rc.d activemq defaults
Remove ActiveMq from boot sequence
update-rc.d -f activemq remove
rm /etc/init.d/activemq
Setup firewall
This is the list of ports that are used by ActiveMQ:
- port 61616 = JMS queue access
- port 11099 = JMX remote console (connector port)
- port 8161 = HTTP manager
- port 8162 = HTTPS manager
- port 5672 = AMQP port
Edit your firewall script:
vim /etc/firewall/firewall-start.sh
# INPUT
$IPTABLES -A INPUT -p tcp -m state --state NEW --dport 5672 -j ACCEPT # AMQP port
$IPTABLES -A INPUT -p tcp -m state --state NEW --dport 8161 -j ACCEPT # HTTP web-console. Not required if you're using Apache2 proxy
$IPTABLES -A INPUT -p tcp -m state --state NEW --dport 8162 -j ACCEPT # HTTPs web-console. Not required if you're using Apache2 proxy
$IPTABLES -A INPUT -p tcp -m state --state NEW --dport 11099 -j ACCEPT # JMX standalone port. Not required if you're using default JVM JMX connector on TCP 1616
$IPTABLES -A INPUT -p tcp -m state --state NEW --dport 61616 -j ACCEPT # JMS port
# Output
$IPTABLES -A OUTPUT -p tcp -m state --state NEW --dport 5672 -j ACCEPT
$IPTABLES -A OUTPUT -p tcp -m state --state NEW --dport 8161 -j ACCEPT
$IPTABLES -A OUTPUT -p tcp -m state --state NEW --dport 8162 -j ACCEPT
$IPTABLES -A OUTPUT -p tcp -m state --state NEW --dport 11099 -j ACCEPT
$IPTABLES -A OUTPUT -p tcp -m state --state NEW --dport 61616 -j ACCEPT
Advanced Configuration (all O.S)
Broker settings
Edit configuration file
- Linux ~ manual
vim /opt/activemq/conf/activemq.xml
- Linux ~ auto
vim /etc/activemq/instances-enabled/main/activemq.xml
- Windows
$ACTIVEMQ/conf/activemq.xml
Adjust broker setting
- Set broker name
<broker xmlns="http://activemq.apache.org/schema/core"
brokerName="myServerName"
dataDirectory="${activemq.base}/data">
- Set listener to all interfaces (0.0.0.0)
<transportConnectors>
<transportConnector name="openwire" uri="tcp://0.0.0.0:61616"/>
</transportConnectors>
- Limit queues size
<systemUsage>
<systemUsage>
<memoryUsage>
<memoryUsage limit="64 mb"/>
</memoryUsage>
<storeUsage>
<storeUsage limit="100 gb"/>
</storeUsage>
<tempUsage>
<tempUsage limit="50 gb"/>
</tempUsage>
</systemUsage>
</systemUsage>
Enable HTTP web console
Edit your jetty configuration
Linux ~ Manual
vim /opt/activemq/conf/jetty.xml
- Windows
$ACTIVEMQ/conf/jetty.xml
Adjust broker name and listening port
At the bottom, edit connector :
<property name="connectors">
<list>
<bean id="Connector" class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<property name="port" value="8161" />
<property name="host" value="0.0.0.0" />
</bean>
...
</list>
</property>
Change root context for Web-Console
Edit "jetty.xml" [look to the previous §]
Add a new securityConstraintMapping (line 40), " /activemq/* "
<bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="securityConstraint" />
<property name="pathSpec" value="/api/*,/activemq/*,/admin/*,*.jsp" />
</bean>
Change the WebAppContext.contextpath value to " /activemq " instead of " /admin "
<property name="handler">
<bean id="sec" class="org.eclipse.jetty.server.handler.HandlerCollection">
<property name="handlers">
<list>
<bean class="org.eclipse.jetty.webapp.WebAppContext">
<!-- property name="contextPath" value="/admin" / -->
<property name="contextPath" value="/activemq" />
<property name="resourceBase" value="${activemq.home}/webapps/admin" />
<property name="logUrlOnStart" value="true" />
</bean>
...
Manage web-users
vim /opt/activemq/conf/jetty-realm.properties
Edit last line
admin: admin, admin
Apache 2 mod proxy
If you like to use Apache 2 mod_proxy instead of opening your ports:
Edit either your Virtual Host configuration of mod_proxy.conf :
ProxyPass /activemq http://localhost:8161/activemq/
ProxyPassReverse /activemq http://localhost:8161/activemq
Enable JMX remote management and monitoring
Official documentation: http://activemq.apache.org/jmx.html
Add JMX support
Edit configuration:
vim /opt/activemq/conf/activemq.xml
Adjust the broker tag (line 35), add useJmx="true"
<broker xmlns="http://activemq.apache.org/schema/core" useJmx="true" brokerName="preprodrtd.vehco.com" dataDirectory="${activemq.data}">
...
</broker>
Make sure that you're using the default JVM connector (line 65):
<broker xmlns="http://activemq.apache.org/schema/core" useJmx="true" brokerName="preprodrtd.vehco.com" dataDirectory="${activemq.data}">
...
<managementContext>
<managementContext createConnector="false" />
</managementContext>
...
</broker>
Create JMX users
- User creation
vim /opt/activemq/conf/jmx.access
Add some users. As a reminder:
userMq readonly
adminMq readwrite
- User password
vim /opt/activemq/conf/jmx.password
Set passwords. Usernames must match!
userMq abc123
adminMq abcd1234
JMX settings
Edit activemq launcher
vim /opt/activemq/bin/activemq
Search for ACTIVEMQ_JMX and adjust the lines to:
# ACTIVEMQ_SUNJMX_START="-Dcom.sun.management.jmxremote.port=11099 "
ACTIVEMQ_SUNJMX_START="-Dcom.sun.management.jmxremote.port=1616 "
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.password.file=${ACTIVEMQ_CONF}/jmx.password"
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.access.file=${ACTIVEMQ_CONF}/jmx.access"
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.ssl=false"
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote"
!! Note that the right port to use is 1616 !!
Automatic installation
!! Depending on your distro, you might not have the web console !! This is NOT recommended.
Get binary
apt-get install activemq
Enable instance
- Check instance
cd /etc/activemq/instances-enabled/
ls
... By default you should have an instance enable.
If not:
ln -s /etc/activemq/instances-available/main /etc/activemq/instances-enabled/main
cp /usr/share/activemq/activemq-options /etc/activemq/instances-available/main/options
- Edit settings
vim /etc/activemq/instances-available/main/options
- Adjust $INSTANCE (use 'main')
ACTIVEMQ_BASE="/var/lib/activemq/main"
Create directories
mkdir -p /var/lib/activemq/main/data
mkdir -p /var/lib/activemq/main/data/kahadb
chown -R activemq:activemq /var/lib/activemq/main
chmod -R 755 /var/lib/activemq/main
Kahadb == MQ embedded DB