From commits-return-46516-archive-asf-public=cust-asf.ponee.io@qpid.apache.org Sun Aug 12 16:44:15 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 8888E18077A for ; Sun, 12 Aug 2018 16:44:13 +0200 (CEST) Received: (qmail 17021 invoked by uid 500); 12 Aug 2018 14:44:12 -0000 Mailing-List: contact commits-help@qpid.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@qpid.apache.org Delivered-To: mailing list commits@qpid.apache.org Received: (qmail 16988 invoked by uid 99); 12 Aug 2018 14:44:12 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 12 Aug 2018 14:44:12 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 9B569E0AE9; Sun, 12 Aug 2018 14:44:11 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: gmurthy@apache.org To: commits@qpid.apache.org Date: Sun, 12 Aug 2018 14:44:14 -0000 Message-Id: In-Reply-To: <49b7289c2dfa4400a4fdd29f338c24a4@git.apache.org> References: <49b7289c2dfa4400a4fdd29f338c24a4@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [4/7] qpid-site git commit: Doc updates for Qpid Dispatch router 1.3.0 release http://git-wip-us.apache.org/repos/asf/qpid-site/blob/f17c8263/content/releases/qpid-dispatch-1.3.0/user-guide/index.html ---------------------------------------------------------------------- diff --git a/content/releases/qpid-dispatch-1.3.0/user-guide/index.html b/content/releases/qpid-dispatch-1.3.0/user-guide/index.html new file mode 100644 index 0000000..656dcc8 --- /dev/null +++ b/content/releases/qpid-dispatch-1.3.0/user-guide/index.html @@ -0,0 +1,8003 @@ + + + + + Using Qpid Dispatch - Apache Qpid™ + + + + + + + + + + + + + +
+
+ Menu + + Search + + +
+ + + + + +
+ + +
+

Using Qpid Dispatch

+
+
Table of Contents
+ +
+
+

1. Introduction

+
+
+

1.1. Overview

+
+

The Dispatch Router is an AMQP message router that provides +advanced interconnect capabilities. It allows flexible routing of +messages between any AMQP-enabled endpoints, whether they be clients, +servers, brokers or any other entity that can send or receive standard +AMQP messages.

+
+
+

A messaging client can make a single AMQP connection into a messaging +bus built of Dispatch Router routers and, over that connection, exchange +messages with one or more message brokers, and at the same time exchange +messages directly with other endpoints without involving a broker at +all.

+
+
+

The router is an intermediary for messages but it is not a broker. It +does not take responsibility for messages. It will, however, propagate +settlement and disposition across a network such that delivery +guarantees are met. In other words: the router network will deliver the +message, possibly via several intermediate routers, and it will route +the acknowledgement of that message by the ultimate receiver back across +the same path. This means that responsibility for the message is +transfered from the original sender to the ultimate receiver as if +they were directly connected. However this is done via a flexible +network that allows highly configurable routing of the message +transparent to both sender and receiver.

+
+
+

There are some patterns where this enables "brokerless messaging" +approaches that are preferable to brokered approaches. In other cases a +broker is essential (in particular where you need the separation of +responsibility and/or the buffering provided by store-and-forward) but a +dispatch network can still be useful to tie brokers and clients together +into patterns that are difficult with a single broker.

+
+
+

For a "brokerless" example, consider the common brokered implementation +of the request-response pattern, a client puts a request on a queue and +then waits for a reply on another queue. In this case the broker can be +a hindrance - the client may want to know immediately if there is nobody +to serve the request, but typically it can only wait for a timeout to +discover this. With a Dispatch Router network, the client can be informed +immediately if its message cannot be delivered because nobody is +listening. When the client receives acknowledgement of the request it +knows not just that it is sitting on a queue, but that it has actually +been received by the server.

+
+
+

For an exampe of using Dispatch Router to enhance the use of brokers, consider +using an array of brokers to implement a scalable distributed work +queue. A dispatch network can make this appear as a single queue, with +senders publishing to a single address and receivers subscribing to a +single address. The dispatch network can distribute work to any broker +in the array and collect work from any broker for any receiver. Brokers +can be shut down or added without affecting clients. This elegantly +solves the common difficulty of "stuck messages" when implementing this +pattern with brokers alone. If a receiver is connected to a broker that +has no messages, but there are messages on another broker, you have to +somehow transfer them or leave them "stuck". With a Dispatch Router network, +all the receivers are connected to all the brokers. If there is a +message anywhere it can be delivered to any receiver.

+
+
+

Dispatch Router is meant to be deployed in topologies of multiple routers, +preferably with redundant paths. It uses link-state routing protocols +and algorithms (similar to OSPF or IS-IS from the networking world) to +calculate the best path from every point to every other point and to +recover quickly from failures. It does not need to use clustering for +high availability; rather, it relies on redundant paths to provide +continued connectivity in the face of system or network failure. Because +it never takes responsibility for messages it is effectively stateless. +Messages not delivered to their final destination will not be +acknowledged to the sender and therefore the sender can re-send such +messages if it is disconnected from the network.

+
+
+
+

1.2. Benefits

+
+

Simplifies connectivity

+
+
+
    +
  • +

    An endpoint can do all of its messaging through a single transport +connection

    +
    • +
  • +

    Avoid opening holes in firewalls for incoming connections

    +
    • +
+
+
+

Provides messaging connectivity where there is no TCP/IP connectivity

+
+
+
    +
  • +

    A server or broker can be in a private IP network (behind a NAT +firewall) and be accessible by messaging endpoints in other networks +(learn more).

    +
    • +
+
+
+

Simplifies reliability

+
+
+
    +
  • +

    Reliability and availability are provided using redundant topology, +not server clustering

    +
    • +
  • +

    Reliable end-to-end messaging without persistent stores

    +
    • +
  • +

    Use a message broker only when you need store-and-forward semantics

    +
    • +
+
+
+
+

1.3. Features

+
+
    +
  • +

    Can be deployed stand-alone or in a network of routers

    +
    +
      +
    • +

      Supports arbitrary network topology - no restrictions on redundancy

      +
      +
        +
      • +

        Automatic route computation - adjusts quickly to changes in topology

        +
        • +
      +
      +
      • +
    +
    +
    • +
  • +

    Provides remote access to brokers or other AMQP servers

    +
    • +
  • +

    Security

    +
    • +
+
+
+
+
+
+

2. Theory of Operation

+
+
+

This section introduces some key concepts about the router.

+
+
+

2.1. Overview

+
+

The Dispatch Router is an application layer program running as a normal +user program or as a daemon.

+
+
+

Dispatch Router accepts AMQP connections from clients and creates AMQP +connections to brokers or AMQP-based services. Dispatch Router classifies +incoming AMQP messages and routes the +messages between message producers and message consumers.

+
+
+

Dispatch Router is meant to be deployed in topologies of multiple routers, +preferably with redundant paths. It uses link-state routing protocols +and algorithms similar to OSPF or IS-IS from the networking world to +calculate the best path from every message source to every message +destination and to recover quickly from failures. Dispatch Router relies on +redundant network paths to provide continued connectivity in the face +of system or network failure.

+
+
+

A messaging client can make a single AMQP connection into a messaging +bus built with routers and, over that connection, exchange messages +with one or more message brokers connected to any router in the +network. At the same time the client can exchange messages directly +with other endpoints without involving a broker at all.

+
+
+
+

2.2. Connections

+
+

Dispatch Router connects clients, servers, AMQP services, and other +routers through network connections.

+
+
+

2.2.1. Listener

+
+

Dispatch Router provides listeners that accept client connections. +A client connecting to a router listener uses the +same methods that it would use to connect to a broker. From the +client’s perspective the router connection and link establishment are +identical to broker connection and link establishment.

+
+
+

Several types of listeners are defined by their role.

+
+ ++++ + + + + + + + + + + + + + + + + + + +

Role

Description

normal

The connection is used for AMQP clients using normal message delivery.

inter-router

The connection is assumed to be to another router in the network. Inter-router discovery and routing protocols can only be used over inter-router connections.

route-container

The connection is a broker or other resource that holds known addresses. The router will use this connection to create links as necessary. The addresses are available for routing only after the remote resource has created a connection.

+
+
+

2.2.2. Connector

+
+

Dispatch Router can also be configured to create outbound connections to +messaging brokers or other AMQP entities using connectors. A +connector is defined with the network address of the broker and the +name or names of the resources that are available in that broker. When +a router connects to a broker through a connector it uses the same +methods a normal messaging client would use when connecting to the +broker.

+
+
+

Several types of connectors are defined by their role.

+
+ ++++ + + + + + + + + + + + + + + + + + + +

Role

Description

normal

The connection is used for AMQP clients using normal message delivery. On this connector the router will initiate the connection but it will never create any links. Links are to be created by the peer that accepts the connection.

inter-router

The connection is assumed to be to another router in the network. Inter-router discovery and routing protocols can only be used over inter-router connections.

route-container

The connection is to a broker or other resource that holds known addresses. The router will use this connection to create links as necessary. The addresses are available for routing only after the router has created a connection to the remote resource.

+
+
+
+

2.3. Addresses

+
+

AMQP addresses are used to control the flow of messages across a +network of routers. Addresses are used in a number of different places +in the AMQP 1.0 protocol. They can be used in a specific message in +the to and reply-to fields of a message’s properties. They are also +used during the creation of links in the address field of a source or +a target.

+
+
+ + + + + +
+
Note
+		 +
+

Addresses in this discussion refer to AMQP protocol addresses and not +to TCP/IP network addresses. TCP/IP network addresses are used by +messaging clients, brokers, and routers to create AMQP connections. +AMQP protocol addresses are the names of source and destination +endpoints for messages within the messaging network.

+
+
+
+
+

Addresses designate various kinds of entities in a messaging network:

+
+
+
    +
  • +

    Endpoint processes that consume data or offer a service

    +
    • +
  • +

    Topics that match multiple consumers to multiple producers

    +
    • +
  • +

    Entities within a messaging broker:

    +
    +
      +
    • +

      Queues

      +
      • +
    • +

      Durable Topics

      +
      • +
    • +

      Exchanges

      +
      • +
    +
    +
    • +
+
+
+

The syntax of an AMQP address is opaque as far as the router network +is concerned. A syntactical structure may be used by the administrator +who creates addresses but the router treats them as opaque +strings.

+
+
+

Dispatch Router maintains several classes of address based on how the address is +configured or discovered.

+
+ ++++ + + + + + + + + + + + + + + +

Address Type

Description

mobile

The address is a rendezvous point between senders and receivers. The router aggregates and serializes messages from senders and distributes messages to receivers.

link route

The address defines a private messaging path between a sender and a receiver. The router simply passes messages between the end points.

+
+

2.3.1. Mobile Addresses

+
+

Routers consider addresses to be mobile such that any users of an +address may be directly connected to any router in a network and may +move around the topology. In cases where messages are broadcast to or +balanced across multiple consumers, the address users may be connected +to multiple routers in the network.

+
+
+

Mobile addresses are rendezvous points for senders and receivers. +Messages arrive at the mobile address and are dispatched to their +destinations according to the routing defined for the mobile address. +The details of these routing patterns are discussed later.

+
+
+

Mobile addresses may be discovered during normal router operation or +configured through management settings.

+
+
+
Discovered Mobile Addresses
+
+

Mobile addresses are created when a client creates a link to a source +or destination address that is unknown to the router network.

+
+
+

Suppose a service provider wants to offer my-service that clients +may use. The service provider must open a receiver link with source +address my-service. The router creates a mobile address +my-service and propagates the address so that it is known to every +router in the network.

+
+
+

Later a client wants to use the service and creates a sending link +with target address my-service. The router matches the service +provider’s receiver having source address my-service to the client’s +sender having target address my-service and routes messages between +the two.

+
+
+

Any number of other clients can create links to the service as +well. The clients do not have to know where in the router network the +service provider is physically located nor are the clients required to +connect to a specific router to use the service. Regardless of how +many clients are using the service the service provider needs only a +single connection and link into the router network.

+
+
+

Another view of this same scenario is when a client tries to use the +service before service provider has connected to the network. In this +case the router network creates the mobile address my-service as +before. However, since the mobile address has only client sender links +and no receiver links the router stalls the clients and prevents them +from sending any messages. Later, after the service provider connects +and creates the receiver link, the router will issue credits to the +clients and the messages will begin to flow between the clients and +the service.

+
+
+

The service provider can connect, disconnect, and reconnect from a +different location without having to change any of the clients or +their connections. Imagine having the service running on a +laptop. One day the connection is from corporate headquarters and the +next day the connection is from some remote location. In this case the +service provider’s computer will typically have different host IP +addresses for each connection. Using the router network the service +provider connects to the router network and offers the named service +and the clients connect to the router network and consume from the +named service. The router network routes messages between the mobile +addresses effectively masking host IP addresses of the service +provider and the client systems.

+
+
+
+
Configured Mobile Addresses
+
+

Mobile addresses may be configured using the router autoLink +object. An address created via an autoLink represents a queue, +topic, or other service in an external broker. Logically the +autoLink addresses are treated by the router network as if the +broker had connected to the router and offered the services itself.

+
+
+

For each configured mobile address the router will create a single +link to the external resource. Messages flow between sender links and +receiver links the same regardless if the mobile address was +discovered or configured.

+
+
+

Multiple autoLink objects may define the same address on multiple +brokers. In this case the router network creates a sharded resource +split between the brokers. Any client can seamlessly send and receive +messages from either broker.

+
+
+

Note that the brokers do not need to be clustered or federated to +receive this treatment. The brokers may even be from different vendors +or be different versions of the same broker yet still work together to +provide a larger service platform.

+
+
+
+
+ +
+

Link route addresses may be configured using the router linkRoute +object. An link route address represents a queue, topic, or other +service in an external broker similar to addresses configured by +autoLink objects. For link route addresses the router propagates a +separate link attachment to the broker resource for each incoming +client link. The router does not automatically create any links to the +broker resource.

+
+
+

Using link route addresses the router network does not participate in +aggregated message distribution. The router simply passes message +delivery and settlement between the two end points.

+
+
+
+
+

2.4. Message Routing

+
+

Addresses have semantics associated with them that are assigned when +the address is provisioned or discovered. The semantics of an address +control how routers behave when they see the address being +used. Address semantics include the following considerations:

+
+
+
    +
  • +

    Routing pattern - balanced, closest, multicast

    +
    • +
  • +

    Routing mechanism - message routed, link routed

    +
    • +
+
+
+

2.4.1. Routing Patterns

+
+

Routing patterns define the paths that a message with a mobile address +can take across a network. These routing patterns can be used for both +direct routing, in which the router distributes messages between +clients without a broker, and indirect routing, in which the router +enables clients to exchange messages through a broker.

+
+
+

Note that the routing patterns fall into two categories: Anycast +(Balanced and Closest) and Multicast. There is no concept of +"unicast" in which there is only one consumer for an address.

+
+
+

Anycast distribution delivers each message to one consumer whereas +multicast distribution delivers each message to all consumers.

+
+
+

Anycast delivery is reliable when the message deliveries are +unsettled. There is a reliability contract that the router network +abides by when delivering unsettled messages to anycast addresses. +For every such delivery sent by a producer, the router network +guarantees that one of the following outcomes will occur:

+
+
+
    +
  • +

    The delivery shall be settled with ACCEPTED or REJECTED disposition +where the disposition is supplied by the consumer.

    +
    • +
  • +

    The delivery shall be settled with RELEASED disposition, meaning +that the message was not delivered to any consumer.

    +
    • +
  • +

    The delivery shall be settled with MODIFIED disposition, meaning +that the message may have been delivered to a consumer but should be +considered in-doubt and re-sent.

    +
    • +
  • +

    The connection to the producer shall be dropped, signifying that all +unsettled deliveries should now be considered in-doubt by the +producer and later re-sent.

    +
    • +
+
+
+

Multicast delivery is not reliable. If a producer sends an unsettled +delivery, the ingress router shall settle the delivery with ACCEPTED +disposition regardless of whether the message was delivered to any +consumers.

+
+
+
Balanced
+
+

An anycast method which allows multiple receivers to use the same +address. In this case, messages (or links) are routed to exactly one +of the receivers and the network attempts to balance the traffic load +across the set of receivers using the same address. This routing +delivers messages to receivers based on how quickly they settle the +deliveries. Faster receivers get more messages.

+
+
+
+
Closest
+
+

An anycast method in which even if there are more receivers for the +same address, every message is sent along the shortest path to reach +the destination. This means that only one receiver will get the +message. Each message is delivered to the closest receivers in terms +of topology cost. If there are multiple receivers with the same lowest +cost, deliveries will be spread evenly among those receivers.

+
+
+
+
Multicast
+
+

Having multiple consumers on the same address at the same time, +messages are routed such that each consumer receives one copy of the +message.

+
+
+
+
+

2.4.2. Routing Mechanisms

+
+

The fact that addresses can be used in different ways suggests that +message routing can be accomplished in different ways. Before going +into the specifics of the different routing mechanisms, it would be +good to first define what is meant by the term routing:

+
+
+
+
In a network built of multiple, interconnected routers 'routing'
+determines which connection to use to send a message directly
+to its destination or one step closer to its destination.
+
+
+
+

Each router serves as the terminus of a collection of incoming and +outgoing links. Some of the links are designated for message routing, +and others are designated for link routing. In both cases, the links +either connect directly to endpoints that produce and consume +messages, or they connect to other routers in the network along +previously established connections.

+
+
+
Message Routed
+
+

Message routing occurs upon delivery of a message and is done based on +the address in the message’s to field.

+
+
+

When a delivery arrives on an incoming message-routing link, the +router extracts the address from the delivered message’s to field and +looks the address up in its routing table. The lookup results in zero +or more outgoing links onto which the message shall be resent.

+
+
+

Message routing can also occur without an address in the +message’s to field if the incoming link has a target address. In +fact, if the sender uses a link with a target address, the to field +shall be ignored even if used.

+
+
+
+ +
+

Link routing occurs when a new link is attached to the router across +one of its AMQP connections. It is done based on the target.address +field of an inbound link and the source.address field of an outbound +link.

+
+
+

Link routing uses the same routing table that message routing +uses. The difference is that the routing occurs during the link-attach +operation, and link attaches are propagated along the appropriate path +to the destination. What results is a chain of links, connected +end-to-end, from source to destination. It is similar to a virtual +circuit in a telecom system.

+
+
+

Each router in the chain holds pairs of link termini that are tied +together. The router then simply exchanges all deliveries, delivery +state changes, and link state changes between the two termini.

+
+
+

The endpoints that use the link chain do not see any difference in +behavior between a link chain and a single point-to-point link. All of +the features available in the link protocol (flow control, +transactional delivery, etc.) are available over a routed link-chain.

+
+
+
+
+

2.4.3. Message Settlement

+
+

Messages may be delivered with varying degrees of reliability.

+
+
+
    +
  • +

    At most once

    +
    • +
  • +

    At least once

    +
    • +
  • +

    Exactly once

    +
    • +
+
+
+

The reliability is negotiated between the client and server during +link establishment. The router handles all levels of reliability by treating +messages as either pre-settled or unsettled.

+
+ ++++ + + + + + + + + + + + + + + +

Delivery

Handling

pre-settled

If the arriving delivery is pre-settled (i.e., fire and forget), the incoming delivery shall be settled by the router, and the outgoing deliveries shall also be pre-settled. In other words, the pre-settled nature of the message delivery is propagated across the network to the message’s destination.

unsettled

Unsettled delivery is also propagated across the network. Because unsettled delivery records cannot be discarded, the router tracks the incoming deliveries and keeps the association of the incoming deliveries to the resulting outgoing deliveries. This kept association allows the router to continue to propagate changes in delivery state (settlement and disposition) back and forth along the path which the message traveled.

+
+
+
+

2.5. Security

+
+

Dispatch Router uses the SSL protocol and related certificates and SASL +protocol mechanisms to encrypt and authenticate remote peers. Router +listeners act as network servers and router connectors act as network +clients. Both connection types may be configured securely with SSL +and SASL.

+
+
+

The router policy module is an optional authorization mechanism +enforcing user connection restrictions and AMQP resource access +control.

+
+
+
+
+
+

3. Getting Started

+
+
+

Before configuring Dispatch Router, you should understand how to start the router, how it is configured by default, and how to use it in a simple peer-to-peer configuration.

+
+
+

3.1. Starting the Router

+
+
Procedure
+
    +
  1. +

    To start the router, use the qdrouterd command.

    +
    +
    +
    +

    This example uses the default configuration to start the router as a daemon:

    +
    +
    +
    +
    $ qdrouterd -d
    +
    +
    +
    +
    +
    + + + + + +
    +
    Note
    +    		 +
    +

    You can specify a different configuration file with which to start the router. For more information, see Changing a Router’s Configuration.

    +
    +
    +
    +
    +

    The router starts, using the default configuration file stored at /etc/qpid-dispatch/qdrouterd.conf.

    +
    +
    2. +
  2. +

    View the log to verify the router status:

    +
    +
    +
    $ qdstat --log
    +
    +
    +
    +

    This example shows that the router was correctly installed, is running, and is ready to route traffic between clients:

    +
    +
    +
    +
    $ qdstat --log
+Fri May 20 09:38:03 2017 SERVER (info) Container Name: Router.A (1)
+Fri May 20 09:38:03 2017 ROUTER (info) Router started in Standalone mode (2)
+Fri May 20 09:38:03 2017 ROUTER_CORE (info) Router Core thread running. 0/Router.A
+Fri May 20 09:38:03 2017 ROUTER_CORE (info) In-process subscription M/$management
+Fri May 20 09:38:03 2017 AGENT (info) Activating management agent on $_management_internal (3)
+Fri May 20 09:38:03 2017 ROUTER_CORE (info) In-process subscription L/$management
+Fri May 20 09:38:03 2017 ROUTER_CORE (info) In-process subscription L/$_management_internal
+Fri May 20 09:38:03 2017 DISPLAYNAME (info) Activating DisplayNameService on $displayname
+Fri May 20 09:38:03 2017 ROUTER_CORE (info) In-process subscription L/$displayname
+Fri May 20 09:38:03 2017 CONN_MGR (info) Configured Listener: 0.0.0.0:amqp proto=any role=normal (4)
+Fri May 20 09:38:03 2017 POLICY (info) Policy configured maximumConnections: 0, policyFolder: '', access rules enabled: 'false'
+Fri May 20 09:38:03 2017 POLICY (info) Policy fallback defaultApplication is disabled
+Fri May 20 09:38:03 2017 SERVER (info) Operational, 4 Threads Running (5)
    +
    +
    +
    +
      +
    1. +

      The name of this router instance.

      +
      2. +
    2. +

      By default, the router starts in standalone mode, which means that it cannot connect to other routers or be used in a router network.

      +
      3. +
    3. +

      The management agent. It provides the $management address, through which management tools such as qdmanage and qdstat can perform create, read, update, and delete (CRUD) operations on the router. As an AMQP endpoint, the management agent supports all operations defined by the AMQP management specification (Draft 9).

      +
      4. +
    4. +

      A listener is started on all available network interfaces and listens for connections on the standard AMQP port (5672, which is not encrypted).

      +
      5. +
    5. +

      Threads for handling message traffic and all other internal operations.

      +
      6. +
    +
    +
    3. +
+
+
+
+

3.2. Routing Messages in a Peer-to-Peer Configuration

+
+

This example demonstrates how the router can connect clients by receiving and sending messages between them. It uses the router’s default configuration file and does not require a broker.

+
+
+
+Peer-to-peer Communication +
+
Figure 1. Peer-to-peer Communication
+
+
+

As the diagram indicates, the configuration consists of an Dispatch Router component with two clients connected to it: a sender and a receiver. The receiver wants to receive messages on a specific address, and the sender sends +messages to that address.

+
+
+

A broker is not used in this example, so there is no "store and forward" mechanism in the middle. Instead, the messages flow from sender to receiver only if the receiver is online, and the sender can confirm that the messages have arrived at their destination.

+
+
+

This example uses a Apache Qpid Proton Python client to start a receiver client, and then send five messages from the sender client.

+
+
+
Prerequisites
+

Apache Qpid Proton Python must be installed before you can complete the peer-to-peer routing example. For more information, see https://qpid.apache.org/proton/.

+
+
+
Procedure
+
    +
  1. +

    Start the receiver client.

    +
    2. +
  2. +

    Send messages.

    +
    3. +
+
+
+

3.2.1. Starting the Receiver Client

+
+

In this example, the receiver client is started first. This means that the messages will be sent as soon as the sender client is started.

+
+
+ + + + + +
+
Note
+		 +
+

In practice, the order in which you start senders and receivers does not matter. In both cases, messages will be sent as soon as the receiver comes online.

+
+
+
+
+
Procedure
+
    +
  • +

    To start the receiver by using the Python receiver client, navigate to the Python examples directory and run the simple_recv.py example:

    +
    +
    +
    +
    +
    $ cd INSTALL_DIR/examples/python/
+$ python simple_recv.py -a 127.0.0.1:5672/examples -m 5
    +
    +
    +
    +

    This command starts the receiver and listens on the default address (127.0.0.1:5672/examples). The receiver is also set to receive a maximum of five messages.

    +
    +
    +
    +
    • +
+
+
+
+

3.2.2. Sending Messages

+
+

After starting the receiver client, you can send messages from the sender. These messages will travel through the router to the receiver.

+
+
+
Procedure
+
    +
  • +

    In a new terminal window, navigate to the Python examples directory and run the simple_send.py example:

    +
    +
    +
    +
    +
    $ cd INSTALL_DIR/examples/python/
+$ python simple_send.py -a 127.0.0.1:5672/examples -m 5
    +
    +
    +
    +

    This command sends five auto-generated messages to the default address (127.0.0.1:5672/examples) and then confirms that they were delivered and acknowledged by the receiver:

    +
    +
    +
    +
    all messages confirmed
    +
    +
    +
    +

    The receiver client receives the messages and displays their content:

    +
    +
    +
    +
    {u'sequence': 1L}
+{u'sequence': 2L}
+{u'sequence': 3L}
+{u'sequence': 4L}
+{u'sequence': 5L}
    +
    +
    +
    +
    +
    • +
+
+
+
+
+
+
+

4. Configuration

+
+
+

Before starting Dispatch Router, you should understand where the router’s configuration file is stored, how the file is structured, and the methods you can use to modify it.

+
+
+

4.1. Accessing the Router Configuration File

+
+

The router’s configuration is defined in the router configuration file. You can access this file to view and modify that configuration.

+
+
+
Procedure
+
    +
  • +

    Open the following file: /etc/qpid-dispatch/qdrouterd.conf.

    +
    +
    +
    +

    When Dispatch Router is installed, qdrouterd.conf is installed in this directory by default. When the router is started, it runs with the settings defined in this file.

    +
    +
    +

    For more information about the router configuration file (including available entities and attributes), see the qdrouterd man page.

    +
    +
    +
    +
    • +
+
+
+
+

4.2. How the Router Configuration File is Structured

+
+

Before you can make changes to a router configuration file, you should understand how the file is structured.

+
+
+

The configuration file contains sections. A section is a configurable entity, and it contains a set of attribute name-value pairs that define the settings for that entity. The syntax is as follows:

+
+
+
+
sectionName {
+    attributeName: attributeValue
+    attributeName: attributeValue
+    ...
+}
+
+
+
+
+

4.3. Methods for Using Pattern Matching and Wildcards

+
+

The router configuration file supports pattern matching and wildcards to enable you to match multiple values for certain attributes. However, the syntax varies based on the type of entity that you are configuring.

+
+
+

4.3.1. Pattern Matching for Addresses

+
+

In some router configuration scenarios, you might need to use pattern matching to match a range of addresses rather than a single, literal address. Address patterns match any address that corresponds to the pattern.

+
+
+

An address pattern is a sequence of tokens (typically words) that are delimited by either . or / characters. They also can contain special wildcard characters that represent words:

+
+
+
    +
  • +

    * represents exactly one word

    +
    • +
  • +

    # represents zero or more words

    +
    • +
+
+
+
Example 1. Address Pattern
+
+
+

This address contains two tokens, separated by the / delimiter:

+
+
+

my/address

+
+
+
+
+
Example 2. Address Pattern with Wildcard
+
+
+

This address contains three tokens. The * is a wildcard, representing any single word that might be between my and address:

+
+
+

my/*/address

+
+
+
+
+

The following table shows some address patterns and examples of the addresses that would match them:

+
+ +++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
This pattern…​Matches…​But not…​
+

news/*

+
+

news/europe

+
+
+

news/usa

+
+

news

+
+
+

news/usa/sports

+
+

news/#

+
+

news

+
+
+

news/europe

+
+
+

news/usa/sports

+
+

europe

+
+
+

usa

+
+

news/europe/#

+
+

news/europe

+
+
+

news/europe/sports

+
+
+

news/europe/politics/fr

+
+

news/usa

+
+
+

europe

+
+

news/*/sports

+
+

news/europe/sports

+
+
+

news/usa/sports

+
+

news

+
+
+

news/europe/fr/sports

+
+
+
+

4.3.2. Pattern Matching for Vhost Policy Hostnames

+
+

In a vhost policy, vhost hostnames can be either literal hostnames or patterns that cover a range of hostnames.

+
+
+

A hostname pattern is a sequence of words with one or more of the following wildcard characters:

+
+
+
    +
  • +

    * represents exactly one word

    +
    • +
  • +

    # represents zero or more words

    +
    • +
+
+
+

The following table shows some examples of hostname patterns:

+
+ +++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
This pattern…​Matches…​But not…​
+

*.example.com

+
+

www.example.com

+
+

example.com +srv2.www.example.com

+
+

#.example.com

+
+

example.com +www.example.com +a.b.c.d.example.com

+
+

myhost.com

+
+

www.*.test.example.com

+
+

www.a.test.example.com

+
+

www.test.example.com +www.a.b.c.test.example.com

+
+

www.#.test.example.com

+
+

www.test.example.com +www.a.test.example.com +www.a.b.c.test.example.com

+
+

test.example.com

+
+
+

Vhost hostname pattern matching applies the following precedence rules:

+
+ ++++ + + + + + + + + + + + + + + + + + + + + +
Policy patternPrecedence

Exact match

High

*

Medium

#

Low

+
+ + + + + +
+
Note
+		 +
+

Dispatch Router does not permit you to create vhost hostname patterns that conflict with existing patterns. This includes patterns that can be reduced to be the same as an existing pattern. For example, you would not be able to create the #.#.#.#.com pattern if #.com already exists.

+
+
+
+
+
+
+

4.4. Changing a Router’s Configuration

+
+

You can use different methods for changing a router’s configuration based on whether the router is currently running, and whether you want the change to take effect immediately.

+
+
+
Choices
+ +
+
+

4.4.1. Making a Permanent Change to the Router’s Configuration

+
+

You can make a permanent change to the router’s configuration by editing the router’s configuration file directly. You must restart the router for the changes to take effect, but the changes will be saved even if the router is stopped.

+
+
+
Procedure
+
    +
  1. +

    Do one of the following:

    +
    +
      +
    • +

      Edit the default configuration file (/etc/qpid-dispatch/qdrouterd.conf).

      +
      • +
    • +

      Create a new configuration file.

      +
      • +
    +
    +
    2. +
  2. +

    Start (or restart) the router.

    +
    +

    If you created a new configuration file, you must specify the path using the --conf parameter. For example, the following command starts the router with a non-default configuration file:

    +
    +
    +
    +
    $ sudo qdrouterd -d --conf /etc/qpid-dispatch/new-configuration-file.conf
    +
    +
    +
    3. +
+
+
+
+

4.4.2. Changing the Configuration for a Running Router

+
+

If the router is running, you can change its configuration on the fly. The changes you make take effect immediately, but are lost if the router is stopped.

+
+
+
Procedure
+ +
+
+
+
+

4.5. Default Configuration Settings

+
+

The router’s configuration file controls the way in which the router functions. The default configuration file contains the minimum number of settings required for the router to run. As you become more familiar with the router, you can add to or change these settings, or create your own configuration files.

+
+
+

When you installed Dispatch Router, the default configuration file was added at the following path: /etc/qpid-dispatch/qdrouterd.conf. It includes some basic configuration settings that define the router’s operating mode, how it listens for incoming connections, and routing patterns for the message routing mechanism.

+
+
+
Default Configuration File
+
+
router {
+    mode: standalone (1)
+    id: Router.A (2)
+}
+
+listener { (3)
+    host: 0.0.0.0 (4)
+    port: amqp (5)
+    authenticatePeer: no (6)
+}
+
+address { (7)
+    prefix: closest
+    distribution: closest
+}
+
+address {
+    prefix: multicast
+    distribution: multicast
+}
+
+address {
+    prefix: unicast
+    distribution: closest
+}
+
+address {
+    prefix: exclusive
+    distribution: closest
+}
+
+address {
+    prefix: broadcast
+    distribution: multicast
+}
+
+
+
+
    +
  1. +

    By default, the router operates in standalone mode. This means that it can only communicate with endpoints that are directly connected to it. It cannot connect to other routers, or participate in a router network.

    +
    2. +
  2. +

    The unique identifier of the router. This ID is used as the container-id (container name) at the AMQP protocol level. It is required, and the router will not start if this attribute is not defined.

    +
    3. +
  3. +

    The listener entity handles incoming connections from client endpoints.

    +
    4. +
  4. +

    The IP address on which the router will listen for incoming connections. By default, the router is configured to listen on all network interfaces.

    +
    5. +
  5. +

    The port on which the router will listen for incoming connections. By default, the default AMQP port (5672) is specified with a symbolic service name.

    +
    6. +
  6. +

    Specifies whether the router should authenticate peers before they can connect to the router. By default, peer authentication is not required.

    +
    7. +
  7. +

    By default, the router is configured to use the message routing mechanism. Each address entity defines how messages that are received with a particular address prefix should be distributed. For example, all messages with addresses that start with closest will be distributed using the closest distribution pattern.

    +
    8. +
+
+
+ + + + + +
+
Note
+		 +
+

If a client requests a message with an address that is not defined in the router’s configuration file, the balanced distribution pattern will be used automatically.

+
+
+
+
+
+

4.6. Setting Essential Configuration Properties

+
+

The router’s default configuration settings enable the router to run with minimal configuration. However, you may need to change some of these settings for the router to run properly in your environment.

+
+
+
Procedure
+
    +
  1. +

    Open the router’s configuration file.

    +
    +

    If you are changing the router’s default configuration file, the file is located at /etc/qpid-dispatch/qdrouterd.conf.

    +
    +
    2. +
  2. +

    To define essential router information, change the following attributes as needed in the router section:

    +
    +
    +
    +
    +
    router {
+    mode: STANDALONE/INTERIOR
+    id: ROUTER_ID
+}
    +
    +
    +
    +
    +
    mode
    +
    +

    Specify one of the following modes:

    +
    +
      +
    • +

      standalone - Use this mode if the router does not communicate with other routers and is not part of a router network. When operating in this mode, the router only routes messages between directly connected endpoints.

      +
      • +
    • +

      interior - Use this mode if the router is part of a router network and needs to collaborate with other routers.

      +
      • +
    +
    +
    +
    id
    +
    +

    The unique identifier for the router. This ID will also be the container name at the AMQP protocol level.

    +
    +
    +
    +
    +

    For information about additional attributes, see router in the qdrouterd.conf man page.

    +
    +
    +
    +
    3. +
  3. +

    If necessary for your environment, secure the router.

    +
    +
    +
    + +
    +
    +
    +
    4. +
  4. +

    Connect the router to other routers, clients, and brokers.

    +
    +
    +
    + +
    +
    +
    +
    5. +
  5. +

    Set up routing for your environment:

    +
    +
    +
    + +
    +
    +
    +
    6. +
  6. +

    Set up logging.

    +
    7. +
+
+
+
+
+
+

5. Network Connections

+
+
+

Connections define how the router communicates with clients, other routers, and brokers. You can configure incoming connections to define how the router listens for data from clients and other routers, and you can configure outgoing connections to define how the router sends data to other routers and brokers.

+
+
+

5.1. Listening for Incoming Connections

+
+

Listening for incoming connections involves setting the host and port on which the router should listen for traffic.

+
+
+
Procedure
+
    +
  1. +

    In the router’s configuration file, add a listener:

    +
    +
    +
    +
    +
    listener {
+    host: HOST_NAME/ADDRESS
+    port: PORT_NUMBER/NAME
+    ...
+}
    +
    +
    +
    +
    +
    host
    +
    +

    Either an IP address (IPv4 or IPv6) or hostname on which the router should listen for incoming connections.

    +
    +
    port
    +
    +

    The port number or symbolic service name on which the router should listen for incoming connections.

    +
    +
    +
    +
    +

    For information about additional attributes, see listener in the qdrouterd.conf man page.

    +
    +
    +
    +
    2. +
  2. +

    If necessary, secure the connection.

    +
    +

    If you have set up SSL/TLS or SASL in your environment, you can configure the router to only accept encrypted or authenticated communication on this connection.

    +
    +
    3. +
  3. +

    If you want the router to listen for incoming connections on additional hosts or ports, configure an additional listener entity for each host and port.

    +
    4. +
+
+
+
+

5.2. Adding Outgoing Connections

+
+

Configuring outgoing connections involves setting the host and port on which the router connects to other routers and brokers.

+
+
+

When a router connects to a broker, the broker might provide backup connection data that the router can use if the primary connection fails. If the primary connection fails, the router attempts to reconnect by using a combination of the primary and — if provided — backup connections in round-robin fashion until the connection is successful. For more information about viewing the backup connection data provided by the broker, see Managing Connectors.

+
+
+
Procedure
+
    +
  1. +

    In the router’s configuration file, add a connector:

    +
    +
    +
    +
    +
    connector {
+    name: NAME
+    host: HOST_NAME/ADDRESS
+    port: PORT_NUMBER/NAME
+    ...
+}
    +
    +
    +
    +
    +
    name
    +
    +

    The name of the connector. You should specify a name that describes the entity to which the connector connects. This name is used by configured addresses (for example, a linkRoute entity) in order to specify which connection should be used for them.

    +
    +
    host
    +
    +

    Either an IP address (IPv4 or IPv6) or hostname on which the router should connect.

    +
    +
    port
    +
    +

    The port number or symbolic service name on which the router should connect.

    +
    +
    +
    +
    +

    For information about additional attributes, see connector in the qdrouterd.conf man page.

    +
    +
    +
    +
    2. +
  2. +

    If necessary, secure the connection.

    +
    +

    If you have set up SSL/TLS or SASL in your environment, you can configure the router to only send encrypted or authenticated communication on this connection.

    +
    +
    3. +
  3. +

    For each remaining router or broker to which this router should connect, configure an additional connector entity.

    +
    4. +
+
+
+
+
+
+

6. Security

+
+
+

Securing your router network involves configuring authentication and authorization. You can authenticate and encrypt the router’s connections using SSL/TLS or SASL. Additionally, you can authorize access to messaging resources by setting user connection restrictions and defining AMQP resource access control.

+
+
+

6.1. Authenticating Remote Peers

+
+

You can configure Dispatch Router to communicate with clients, routers, and brokers in a secure way by authenticating and encrypting the router’s connections. Dispatch Router supports the following security protocols:

+
+
+
    +
  • +

    SSL/TLS for certificate-based encryption and mutual authentication

    +
    • +
  • +

    SASL for authentication and payload encryption

    +
    • +
+
+
+

6.1.1. Setting Up SSL/TLS for Encryption and Authentication

+
+

Before you can secure incoming and outgoing connections using SSL/TLS encryption and authentication, you must first set up the SSL/TLS profile in the router’s configuration file.

+
+
+
Prerequisites
+

You must have the following files in PEM format:

+
+
+
    +
  • +

    An X.509 CA certificate (used for signing the router certificate for the SSL/TLS server authentication feature).

    +
    • +
  • +

    A private key (with or without password protection) for the router.

    +
    • +
  • +

    An X.509 router certificate signed by the X.509 CA certificate.

    +
    • +
+
+
+
Procedure
+
    +
  • +

    In the router’s configuration file, add an sslProfile section:

    +
    +
    +
    +
    +
    sslProfile {
+    name: NAME
+    ciphers: CIPHERS
+    protocols: PROTOCOL
+    caCertFile: PATH.pem
+    certFile: PATH.pem
+    privateKeyFile: PATH.pem
+    password: PASSWORD/PATH_TO_PASSWORD_FILE
+    ...
+}
    +
    +
    +
    +
    +
    name
    +
    +

    A name for the SSL/TLS profile. You can use this name to refer to the profile from the incoming and outgoing connections.

    +
    +

    For example:

    +
    +
    +
    +
    name: router-ssl-profile
    +
    +
    +
    +
    ciphers
    +
    +

    The SSL cipher suites that can be used by this SSL/TLS profile. If certain ciphers are unsuitable for your environment, you can use this attribute to restrict them from being used.

    +
    +

    To enable a cipher list, enter one or more cipher strings separated by colons (:).

    +
    +
    +
    Example 3. Enabling a Cipher List
    +
    +
    +
    +
    ciphers: ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
    +
    +
    +
    +
    +
    +

    To see the full list of available ciphers, use the openssl ciphers command. For more information about each cipher, see the ciphers man page.

    +
    +
    +
    protocols
    +
    +

    The SSL/TLS protocols that this router can use. You can specify a list of one or more of the following values: TLSv1, TLSv1.1, or TLSv1.2.

    +
    +

    To specify multiple protocols, separate the protocols with a space.

    +
    +
    +
    Example 4. Specifying Multiple Protocols
    +
    +
    +

    This example permits the SSL/TLS profile to use TLS v1.1 and TLS v1.2 only:

    +
    +
    +
    +
    protocols: TLSv1.1 TLSv1.2
    +
    +
    +
    +
    +
    +

    If you do not specify a value, the router will use the TLS protocol specified by the system-wide configuration.

    +
    +
    + + + + + +
    +
    Note
    +    		 +
    +

    When setting the TLS protocol versions for the router, you should also consider the TLS protocol version (or versions) used by your client applications. If a subset of TLS protocol versions does not exist between a client and the router, the client will not be able to connect to the router.

    +
    +
    +
    +
    +
    caCertFile
    +
    +

    The absolute path to the file that contains the public certificates of trusted certificate authorities (CA).

    +
    +

    For example:

    +
    +
    +
    +
    caCertFile: /qdrouterd/ssl_certs/ca-cert.pem
    +
    +
    +
    +
    certFile
    +
    +

    The absolute path to the file containing the PEM-formatted public certificate to be used on the local end of any connections using this profile.

    +
    +

    For example:

    +
    +
    +
    +
    certFile: /qdrouterd/ssl_certs/router-cert-pwd.pem
    +
    +
    +
    +
    privateKeyFile
    +
    +

    The absolute path to the file containing the PEM-formatted private key for the above certificate.

    +
    +

    For example:

    +
    +
    +
    +
    privateKeyFile: /qdrouterd/ssl_certs/router-key-pwd.pem
    +
    +
    +
    +
    passwordFile or password
    +
    +

    --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org For additional commands, e-mail: commits-help@qpid.apache.org