Chapter 6. Reference

6.1. Application Template Parameters for Persistent Configuration

Configuration of the A-MQ for OpenShift image is performed by specifying values of application template parameters. Different A-MQ images require different subsets of these parameters. The following parameters can be configured:

AMQ_ADMIN_PASSWORD
The password used for authentication to the broker. If no value is specified, a random password is generated.
AMQ_ADMIN_USERNAME
The user name used as an admin authentication to the broker. If no value is specified, a random user name is generated.
AMQ_KEYSTORE
The SSL keyStore filename. If no value is specified, a random password is generated but SSL will not be configured.
AMQ_KEYSTORE_PASSWORD
The password used to decrypt the SSL keyStore (optional).
AMQ_MESH_DISCOVERY_TYPE
The discovery agent type to use for discovering mesh endpoints. 'dns' will use the OpenShift DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role.
AMQ_MESH_SERVICE_NAME
Name of service used for mesh creation.
AMQ_MESH_SERVICE_NAMESPACE
The namespace in which the service resides. Must be specified if using kube discovery.
AMQ_QUEUE_MEMORY_LIMIT
Specifies the memory limit set on a destination (limits the amount of memory on each queue listed in the MQ_QUEUES environment variable). The value of AMQ_QUEUE_MEMORY_LIMIT can be a string, such as 10 MB or 512 KB.
AMQ_RELEASE
The A-MQ release version. This determines which A-MQ image will be used as a basis for the application.
AMQ_SECRET
The name of a secret containing SSL related files. If no value is specified, a random password is generated.
AMQ_SPLIT
Boolean. Setting to ‘true’ partitions the persistent volume, allowing for multiple A-MQ pods for scalability.
AMQ_STORAGE_USAGE_LIMIT
The A-MQ storage usage limit.
AMQ_TRUSTSTORE
The SSL trustStore filename. If no value is specified, a random password is generated but SSL will not be configured.
AMQ_TRUSTSTORE_PASSWORD
The password used to decrypt the SSL trustStore (optional).
APPLICATION_NAME
The name of the application used internally in OpenShift. It is used in names of services, pods, and other objects within the application.
MQ_PASSWORD
The password used for authentication to the broker. In a standard non-containerized JBoss A-MQ, you would specify the password in the <amq-home>/opt/user.properties file. If no value is specified, a random password is generated.
MQ_PROTOCOL
Comma-separated list of the messaging protocols used by the broker. Available options are amqp, mqtt, openwire, and stomp. If left empty, all available protocols will be available. Please note that for integration of the image with Red Hat JBoss Enterprise Application Platform, the OpenWire protocol must be specified, while other protocols can be optionally specified as well.
MQ_QUEUES
Comma-separated list of queues available by default on the broker on its startup.
MQ_TOPICS
Comma-separated list of topics available by default on the broker on its startup.
MQ_USERNAME
The user name used for authentication to the broker. In a standard non-containerized JBoss A-MQ, you would specify the user name in the <amq-home>/opt/user.properties file. If no value is specified, a random user name is generated.
VOLUME_CAPACITY
The size of the persistent storage for database volumes.

6.2. Configuration using S2I

You can modify the configuration of the A-MQ for OpenShift image using the Source-to-image feature, described in full detail at S2I Requirements.

To specify a custom A-MQ broker configuration, create a new folder called configuration inside the root directory of your project. Then specify your custom A-MQ configuration by creating an openshift-activemq.xml file inside the 'configuration' folder. On each commit, this file gets copied to the conf directory in the A-MQ root and its contents are used to configure the broker.

Note

Please be careful when making a changes to the openshift-activemq.xml file and do not remove the placeholders, as automated configuration may not work properly.

6.3. Security

Only SSL connections can connect from outside of the OpenShift instance, regardless of the protocol specified in the MQ_PROTOCOL property of the A-MQ application templates. The non-SSL version of the protocols can only be used inside the OpenShift instance.

For security reasons, using the default keyStore and trustStore generated by the system is discouraged. Generate your own keyStore and trustStore and supply them to the image using the OpenShift secrets mechanism or S2I.

6.4. Logging

In addition to viewing the OpenShift logs, you can troubleshoot a running A-MQ image by viewing the A-MQ logs that are outputted to the container’s console: 

$ oc logs -f <pod-name> <container-name>
Note

By default, the A-MQ for OpenShift image does not have a file log handler configured. Logs are only sent to the console.