Chapter 2. Installing and deploying AMQ Broker on OpenShift Container Platform

2.1. Installing AMQ Broker on OpenShift Container Platform image streams and application templates

The AMQ Broker on OpenShift Container Platform images are not available in the service catalog. You must manually install them by using the procedures in this section.

Procedure

  1. Log in to OpenShift as a cluster administrator (or as a user that has project administrator access to the global openshift project), for example: 

    $ oc login -u system:admin

  2. At the command line, run the following commands to update the AMQ Broker on OpenShift Container Platform image stream in the openshift project: 

    $ oc replace --force  -f \
https://raw.githubusercontent.com/jboss-container-images/jboss-amq-7-broker-openshift-image/72-1.0.GA/amq-broker-7-image-streams.yaml

$ oc replace --force -f \
https://raw.githubusercontent.com/jboss-container-images/jboss-amq-7-broker-openshift-image/72-1.0.GA/amq-broker-7-scaledown-controller-image-streams.yaml

$ oc import-image amq-broker-72-openshift:1.0

$ oc import-image amq-broker-72-scaledown-controller-openshift:1.0
    Note

    AMQ Broker on OpenShift Container Platform leverages StatefulSets and Deployments resources for use with the *-persistence templates. These are Kubernetes-native resources that can consume image streams only from a local namespace, not the shared openshift namespace. This is because the image streams must be created in the same namespace where the template will be instantiated. Also, -n openshift is an optional parameter to use if you need to create a template in the shared namespace.

  3. Run the following command to update the AMQ Broker templates. Using the --force option with the oc replace command creates or updates the resources 

    $ for template in amq-broker-72-basic.yaml \
amq-broker-72-ssl.yaml \
amq-broker-72-custom.yaml \
amq-broker-72-persistence.yaml \
amq-broker-72-persistence-ssl.yaml \
amq-broker-72-persistence-clustered.yaml \
amq-broker-72-persistence-clustered-ssl.yaml;
 do
 oc replace --force -f \
https://raw.githubusercontent.com/jboss-container-images/jboss-amq-7-broker-openshift-image/72-1.0.GA/templates/${template}
 done

2.2. Deploying AMQ Broker on OpenShift Container Platform image

The AMQ Broker on OpenShift Container Platform image requires a service account for deployments. Service accounts are API objects that exist within each project. Three service accounts are created automatically in every project:

  • builder: This service account is used by build pods. It contains the system:image-builder role from which you can push images to any image stream in the project using the internal Docker registry.
  • deployer: This service account is used by deployment pods. It contains the system:deployer role from which you can view and modify replication controllers and pods in the project.
  • default: This service account is used to run all other pods unless you specify a different service account.

Service accounts can be created or deleted like any other API object. For multiple-node deployments, the service account must have the view role enabled so the various pods in the cluster can be discovered and managed.

In addition, you must configure SSL to enable connections to AMQ Broker from outside of the OpenShift Container Platform instance. The type of discovery protocol that is used for discovering AMQ Broker mesh endpoints is JGroups with OpenShift.dns ping protocol.

Procedure

  • Add the view role to the service account: 
$ oc policy add-role-to-user view -z default

Additional resources