diff options
Diffstat (limited to 'doc/book/src/java-broker/Java-Broker-Configuring-And-Managing-Config-Files.xml')
-rw-r--r-- | doc/book/src/java-broker/Java-Broker-Configuring-And-Managing-Config-Files.xml | 178 |
1 files changed, 178 insertions, 0 deletions
diff --git a/doc/book/src/java-broker/Java-Broker-Configuring-And-Managing-Config-Files.xml b/doc/book/src/java-broker/Java-Broker-Configuring-And-Managing-Config-Files.xml new file mode 100644 index 0000000000..66d471fb37 --- /dev/null +++ b/doc/book/src/java-broker/Java-Broker-Configuring-And-Managing-Config-Files.xml @@ -0,0 +1,178 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. + +--> + +<section id="Java-Broker-Configuring-And-Managing-Config-Files"> +<title>Config Files</title> + + <para> + This section shows how to configure and manage broker. + </para> + + <section role="h2" id="Java-Broker-Configuring-And-Managing-Config-Files-Configuration"> + <title>Configuration file</title> + <para>Broker can be configured using XML configuration files. By default, broker is looking for configuration file at ${QPID_HOME}/etc/config.xml. The default configuration location can be overridden by specifying command line option <emphasis>-c <path to configuration></emphasis> on broker start up.</para> + </section> + + <section role="h2" id="Java-Broker-Configuring-And-Managing-Config-Files-Management"> + <title>Management Configuration</title> + <para> + Management interfaces can be configured in <emphasis>management</emphasis> section of broker configuration file. The example of the management section is provided below. + </para> + <example> + <title>Management configuration</title> + <programlisting><![CDATA[ + <broker> + ... + <management> + <enabled>true</enabled> + <jmxport> + <registryServer>8999</registryServer> + </jmxport> + <ssl> + <enabled>false</enabled> + <keyStorePath>${conf}/qpid.keystore</keyStorePath> + <keyStorePassword>password</keyStorePassword> + </ssl> + <http> + <enabled>true</enabled> + </http> + <https> + <enabled>false</enabled> + </https> + </management> + ... + </broker>]]></programlisting> + </example> + </section> + <section role="h2" id="Java-Broker-Configuring-And-Managing-Config-Files-JMX-Management"> + <title>JMX Management Configuration</title> + <para> + JMX management can be configured in <emphasis>management</emphasis> section of broker configuration file. + </para> + <para>An <emphasis>enabled</emphasis> element in the <emphasis>management</emphasis> section is used to enable or disable the JMX interfaces. Setting it to <emphasis>true</emphasis> causes the broker to start the management plugin if such is available on the broker classpath.</para> + <para>JMX management requires two ports which can be configured in <emphasis>jmxport</emphasis> sub-section of <emphasis>management</emphasis>: + <itemizedlist> + <listitem><para>RMI port (8999 by default) can be configured in an element <emphasis>jmxport/registryServer</emphasis></para></listitem> + <listitem><para>Connector port can be configured in an element <emphasis>jmxport/connectorServer</emphasis>. If configuration element <emphasis>connectorServer</emphasis> is not provided than the connector port defaults to <emphasis>100 + registryServer port</emphasis>.</para></listitem> + </itemizedlist> + </para> + <example> + <title>Enabling JMX Management and configuring JMX ports</title> + <programlisting> +<broker> +... +<management> + <emphasis><enabled>true</enabled></emphasis> <co id="java-broker-example-jmx-management-0"/> + <jmxport> + <emphasis><registryServer>7999</registryServer></emphasis> <co id="java-broker-example-jmx-management-1"/> + <emphasis><connectorServer>7998</connectorServer></emphasis> <co id="java-broker-example-jmx-management-2"/> + </jmxport> +</management> +... +</broker></programlisting> + </example> + <para>In the snippet above the following is configured:</para> + <calloutlist> + <callout arearefs="java-broker-example-jmx-management-0"><para>Enable JMX management</para></callout> + <callout arearefs="java-broker-example-jmx-management-1"><para>Set RMI port to 7999</para></callout> + <callout arearefs="java-broker-example-jmx-management-2"><para>Set connector port to 7998</para></callout> + </calloutlist> + <para>SSL can be configured to use on the connector port in the sub-section <emphasis>ssl</emphasis> of the <emphasis>management</emphasis> section. See <xref linkend="Java-Broker-Configuring-And-Managing-Config-Files-SSL-keystore-configuration"/> for details.</para> + <para>In order to use SSL with JMX management an element <emphasis>ssl/enabled</emphasis> needs to be set to <emphasis>true</emphasis>.</para> + </section> + <section role="h2" id="Java-Broker-Configuring-And-Managing-Config-Files-SSL-keystore-configuration"> + <title>Management SSL key store configuration</title> + <para> + This section describes how to configure the key store to use in SSL connections in both JMX and Web management interfaces. + </para> + <para>The following examples demonstrates how to configure keystore for management</para> + <example> + <title>Management key store configuration</title> + <programlisting> +<broker> +... +<management> +... + <ssl> + <enabled>true</enabled> <co id="java-broker-example-management-keystore-0"/> + <keyStorePath>${conf}/qpid.keystore</keyStorePath> <co id="java-broker-example-management-keystore-1"/> + <keyStorePassword>password</keyStorePassword> <co id="java-broker-example-management-keystore-2"/> + </ssl> +... +</management> +... +</broker></programlisting> + </example> + <calloutlist> + <callout arearefs="java-broker-example-management-keystore-0"><para>Enable SSL on JMX connector port only. This setting does not effect the web management interfaces.</para></callout> + <callout arearefs="java-broker-example-management-keystore-1"><para>Set path to the key store file</para></callout> + <callout arearefs="java-broker-example-management-keystore-2"><para>Set keystore password</para></callout> + </calloutlist> + </section> + <section role="h2" id="Java-Broker-Configuring-And-Managing-Config-Files-Web-Management"> + <title>Web Management Configuration</title> + <para> + Web management can be configured in <emphasis>management</emphasis> section of broker configuration file. + </para> + <para>Sub-section <emphasis>http</emphasis> is used to enable web management on http port.</para> + <para>Sub-section <emphasis>https</emphasis> is used to enable web management on https port.</para> + <para>The following example shows how to configure http and https ports</para> + <example> + <title>Enabling web management</title> + <programlisting> +<broker> +... +<management> +... + <http> + <enabled>true</enabled> <co id="java-broker-example-management-web-0"/> + <port>9090</port> <co id="java-broker-example-management-web-1"/> + <basic-auth>false</basic-auth> <co id="java-broker-example-management-web-2"/> + <sasl-auth>true</sasl-auth> <co id="java-broker-example-management-web-3"/> + <session-timeout>600</session-timeout> <co id="java-broker-example-management-web-4"/> + </http> + + <https> + <enabled>true</enabled> <co id="java-broker-example-management-web-5"/> + <port>9443</port> <co id="java-broker-example-management-web-6"/> + <sasl-auth>true</sasl-auth> <co id="java-broker-example-management-web-7"/> + <basic-auth>true</basic-auth> <co id="java-broker-example-management-web-8"/> + </https> +... +</management> +... +</broker></programlisting> + </example> + <calloutlist> + <callout arearefs="java-broker-example-management-web-0"><para>Enable web management on http port. Default is true.</para></callout> + <callout arearefs="java-broker-example-management-web-1"><para>Set web management http port to 9090. Default is 8080.</para></callout> + <callout arearefs="java-broker-example-management-web-2"><para>Disable basic authentication on http port for REST services only. Default is false.</para></callout> + <callout arearefs="java-broker-example-management-web-3"><para>Enable SASL authentication on http port for REST services and web console. Default is true.</para></callout> + <callout arearefs="java-broker-example-management-web-4"><para>Set session timeout in seconds. Default is 15 minutes.</para></callout> + <callout arearefs="java-broker-example-management-web-5"><para>Enable web management on https port. Default is false.</para></callout> + <callout arearefs="java-broker-example-management-web-6"><para>Set web management https port to 9443. Default is 8443.</para></callout> + <callout arearefs="java-broker-example-management-web-7"><para>Enable SASL authentication on https port for REST services and web console. Default is true.</para></callout> + <callout arearefs="java-broker-example-management-web-8"><para>Enable basic authentication on https port for REST services only. Default is true.</para></callout> + </calloutlist> + <note><para>Please configure the keystore to use with the https web management port. See <xref linkend="Java-Broker-Configuring-And-Managing-Config-Files-SSL-keystore-configuration"/> for details.</para></note> + </section> +</section> |