Versions Compared

Version Old Version 1 New Version Current
Changes made by

Christian Vandel

Michael Rasmussen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

Variable

Default

Description

x.y.z

5.5.0

Current stable ActiveMQ version

ACTIVEMQ_HOME

/usr/local/apache-activemq-x.y.z

Installation directory

INSTANCE_NAME

broker

Name of broker - should maybe correlate with host name?

Installing ActiveMQ
  1. Download the latest stable ActiveMQ release (apache-activemq-x.y.z.tar.gz).
  2. Move to the installation root cd /usr/local.
  3. Unpack the release tar xzvf /path/to/apache-activemq-x.y.z.tar.gz
  4. Create ActiveMQ user account useradd activemq
  5. Set up key store in /usr/local/apache-activemq-x.y.z/conf/broker.ks
  6. Create trust store and import trusted certificates into /usr/local/apache-activemqOptional: -x.y.z/conf/broker.ts
  7. Edit the global configuration filesvim /usr/local/apache-activemq-x.y.z/conf/{activemq,jetty}.xml before setting up instances.
  8. Optional: Setup service script
Configuring instances

For each broker instance:

  1. Switch to activemq account su - activemq
  2. If needed, create an instance wide setup file
  3. Give the activemq user ownership of the installation directory chown -R activemq:activemq /usr/local/apache-activemq-x.y.z/bin/activemq setup ~activemq/.activemqrc. To use per instance activemqrc files (named ~/.activemqrc-instance-$(INSTANCE_NAME)) the start script used to start the instance must start with *activemq-instance-$(INSTANCE_NAME).Create broker instance configuration (or at least the data-directory which houses the log file)
  4. Make sure the keystore is only readable by the activemq user (chmod 600 /usr/local/apache-activemq-x.y.z/bin/activemq create $(INSTANCE_NAME)
  5. Configure broker vim $(INSTANCE_NAME)/conf/{activemq,jetty}.xml
  6. Optional: Set up key and trust stores in $(INSTANCE_NAME)/conf/broker.{k,t}s
  7. Optional: Add broker to the service script, so that the broker may be automatically started on reboot.conf/broker.ks)
  8. Setup service script
  9. Make sure the relevant ports are open in the firewall (8161 if the administration interface should be accessible, 61617 for SSL if this guide is followed and optionally 61616 for TCP)
Importing certificates into java trust store

Anchor
truststore
truststore

If (re-)starting from scratch remove the trust store file beforehand as duplicate aliases are not allowed.

No Format

#!/bin/bash

TRUST_STORE=broker.ts
CERTIFICATES=*.crt # This could be a list instead e.g. "clientA.crt other_file.crt"

for cert in ${CERTIFICATES};
do
        # imports each certificate under an alias that matches its file name
        keytool -alias "${cert}" -importcert -noprompt -keystore "${TRUST_STORE}" -storepass 123456 -file "${cert}"
done
Configuring ActiveMQ

Anchor
conf
conf

Allowing SSL access to the ActiveMQ broker is done by adding a suitable transport connector to the activemq.xml configuration file (NOTE: elements must occur in alphabetical order):

Code Block
xml
xml

    <transportConnectors>
        <transportConnector uri="ssl://0.0.0.0:61617?wantClientAuth=true&amp;needClientAuth=true"/>
    </transportConnectors>

If connections are allowed only over SSL the tcp transportConnector should be removed.

Specifying the location of the key and trust stores used by the server is done in the sslContext section of the same configuration file (again placed in alphabetical order, which will usually mean just before transportConnectors):

Code Block
xml
xml

    <sslContext>
        <sslContext keyStore="file://${activemq.base}/conf/broker.ks"
                    keyStorePassword="123456"
                    trustStore="file://${activemq.base}/conf/broker.ts"
                    trustStorePassword="123456"/>
    </sslContext>

To join multiple brokers into a network of brokers create suitable networkConnector-elements in the configuration file:

Code Block
xml
xml

    <networkConnectors>
        <networkConnector name="other-broker-name" uri="static:(ssl://other-host-name:61617)"/>
    </networkConnectors>
Service/Init Script

Anchor
servicescript
servicescript

For now see here

Later, something Something like this should work:

  1. Create the three files mentioned below...
  2. chmod +x /etc/init.d/activemq
  3. chkconfig --add activemq
  4. chkconfig activemq on
  5. /etc/init.d/activemq start

...

/home/activemq/activemq-start.sh
No Format
#!/bin/bash
echo Starting ActiveMQ....
sh /homeusr/activemqlocal/testapache-broker-1activemq-x.y.z/bin/test-broker-1activemq start
sh
/home/activemq

...

/

...

activemq-stop.sh
No Format
#!/bin/bash
echo Stopping ActiveMQ....
sh /homeusr/activemqlocal/testapache-broker-1activemq-x.y.z/bin/test-broker-1activemq stop
sh
/

...

etc/init.d/activemq
No Format
#!/bin/bash
#
# activemq       Starts ActiveMQ.
#
# chkconfig: 345 88 12
# description: ActiveMQ is a JMS Messaging Queue Server.
### BEGIN INIT INFO
# Provides: $activemq
### END INIT INFO

# Source function library.
. /etc/init.d/functions

[ -f /home/activemq/activemq-start.sh ] || exit 0
[ -f /home/activemq/activemq-stop.sh ] || exit 0

RETVAL=0

umask 077

start() {
       echo -n $"Starting ActiveMQ: "
       daemon su -c /home/activemq/activemq-start.sh activemq
       echo
       return $RETVAL
}
stop() {
       echo -n $"Shutting down ActiveMQ: "
       daemon su -c /home/activemq/activemq-stop.sh activemq
       echo
       return $RETVAL
}
restart() {
       stop
       start
}
case "$1" in
start)
       start
       ;;
stop)
       stop
       ;;
restart|reload)
       restart
       ;;
*)
       echo $"Usage: $0 {start|stop|restart}"
       exit 1
esac

exit $?