qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Godfrey <rob.j.godf...@gmail.com>
Subject Re: java broker startup properties file
Date Fri, 08 Apr 2016 17:26:06 GMT
Hi Ram,

so one approach to this would be to define you authentication providers up
from in your config file, so you have an an Anonymous provider named
"anonymous" and a password file provider named "passwordFile" or
something.  Then in the port sections (AMQP, HTTP, JMX, etc) you can
parameterise the value they have for the name of the auth provider they are
using.  So your initial JSON config file could contain something like:

"ports" : [  {
  "name" : "AMQP",
  "port" : "${qpid.amqp_port}",
  "authenticationProvider" : "${qpid.amqp_port_authenticationProvider}",


and then you could override which provider to use at runtime by setting the
property qpid.amqp_port_authenticationProvider to anonymous or passwordFile
(or the name of any other authentication provider that is defined in your
JSON config.

The only thing you can't do with properties is to add new entities into the
config - that you have to do either by editing the file, or by using the
REST api to modify the broker configuration while it is running.

Hope this helps,
Rob

On 8 April 2016 at 18:04, rammohan ganapavarapu <rammohanganap@gmail.com>
wrote:

> Rob,
>
> Thanks for detailed explanation, i wanted to restart with the changed
> properties if any for example today i have Anonymous SASL and later i may
> want to use password file. How do i pass SASL mechanism as -prop?
>
> Thanks,
> Ram
>
> On Fri, Apr 8, 2016 at 2:10 AM, Rob Godfrey <rob.j.godfrey@gmail.com>
> wrote:
>
> > Hi Ram,
> >
> > The initial config file is only used when there is no broker config - the
> > idea is that it is used to populate the broker config on first startup.
> > Once there is a broker config file then this is used (since it may have
> > been updated by creating or modifying entities through the management
> > functions).  The broker ships with a default initial config which is
> > contained within its jar files, however we allow people to provide there
> > own.  Records in the config file a copied verbatim into the config store
> -
> > the only difference being that ids are generated for each entity.  The
> > interpolation from property names to values is done each time the broker
> > reads the config.  If the broker finds there is config in the store path
> > then it completely ignores the initial config - it does not examine any
> > differences.
> >
> > Are you looking to start a completely fresh broker each time, or merely
> to
> > be able to change certain properties (such as port numbers) on each
> > restart?  If you do not want to retain any changes to the broker
> > configuration made while the broker is actually running, then you could
> use
> > a "memory" config store rather than a Json one.  If you want to retain
> any
> > changes made through management, but desire the ability to change certain
> > properties (like ports) on each startup, then you don't need to worry
> about
> > the fact that the initial configuration is only loaded the first time -
> you
> > just need to pass in the property values you want on startup.
> >
> > In terms of an example system properties file...  The default
> > initial-config.json defines the amqp port to be ${qpid.amqp_port} and the
> > http port to run on ${qpid.http_port}, so if I create a properties file
> > called rob.properties which contains
> >
> > qpid.http_port=8888
> > qpid.amqp_port=5555
> >
> > and then run qpid with the argument -props rob.properties then I get...
> >
> > [Broker] BRK-1002 : Starting : Listening on TCP port 5555
> > [Broker] MNG-1001 : Web Management Startup
> > [Broker] MNG-1002 : Starting : HTTP : Listening on TCP port 8888
> >
> >
> > So, when you use your initial or stored config you just need to ensure
> all
> > the variables you use in your config are set in your properties file
> (some
> > properties have defaults within the code if they are not otherwise set -
> > e.g. qpid.amqp_port will default to 5672 if it is not set elsewhere).
> >
> > Hope this helps,
> > Rob
> >
> > On 8 April 2016 at 00:41, rammohan ganapavarapu <rammohanganap@gmail.com
> >
> > wrote:
> >
> > > Rob,
> > >
> > > Thank you, one more question on -icp and -sp, so what if i have updated
> > icp
> > > with some property change  and restarted broker with icp (every time i
> > > restart broker i am using initial config
> > > "/opt/qpid-java-broker/bin/qpid-server -icp
> > > /opt/qpid-java-broker/etc/config.json" not sure if its is right way or
> > > not), does it automatically update config file in -sp? i my case it did
> > not
> > > updated the config file in store-path upon restart. What will happened
> > if i
> > > have differences in initial config file that i use to start broker and
> > the
> > > config file under store-path?
> > >
> > > Thanks,
> > > Ram
> > >
> > > On Thu, Apr 7, 2016 at 3:59 PM, Rob Godfrey <rob.j.godfrey@gmail.com>
> > > wrote:
> > >
> > > > This looks like a client error to me... the line which says:
> > > >
> > > >  Client restricted itself to : PLAIN
> > > >
> > > > Out of interest what happens if you remove the
> &sasl_mechs='ANONYMOUS'
> > > from
> > > > your connection URL?  Without any sort of restriction I'd expect the
> > > client
> > > > to do the right thing.
> > > >
> > > > I need to get to sleep now (1am here :-) )... I'll have deeper look
> in
> > > the
> > > > morning.
> > > >
> > > > -- Rob
> > > >
> > > > On 7 April 2016 at 23:51, rammohan ganapavarapu <
> > rammohanganap@gmail.com
> > > >
> > > > wrote:
> > > >
> > > > > Rob,
> > > > >
> > > > > thanks for the explanation, do you have a sample
> > > > --system-properties-file?
> > > > > that i can take a look?
> > > > >
> > > > > Also i just tried 6.0.1 but my client/app is throwing this error,
i
> > am
> > > > not
> > > > > a developer, i am ops guy and i dont want to change the existing
> code
> > > but
> > > > > wanted to make java qpid work. This is the error i am getting with
> > > > 6.0.1v..
> > > > >
> > > > > 2016-04-07 22:32:36,726
> > > > > QPIDConnectionManager-80478ba7-b31e-483a-823e-f726104ac1db ERROR
> > > > > S.QUEUECLIENTSERVICE - ConnectionImpl.openConnection() : Error
> > > connecting
> > > > > to Connection : 0 Host = qphost01
> > > > >
> > > > >
> > > >
> > >
> >
> url=amqp://null:********@qphost011460067563391/?brokerlist='tcp://localhost:5672?connecttimeout='5000'&sasl_mechs='ANONYMOUS''
> > > > > error Unknown virtualhost '' username=null
> > > > > 2016-04-07 22:32:36,731
> > > > > QPIDConnectionManager-80478ba7-b31e-483a-823e-f726104ac1db ERROR
> > > > > S.QUEUECLIENTSERVICE - ConnectionImpl.openConnection() : Error
> > > connecting
> > > > > to Connection : 0 Host = qphost01
> > > > >
> > > > >
> > > >
> > >
> >
> url=amqp://null:********@qphost011460067563391/?brokerlist='tcp://localhost:5672?connecttimeout='5000'&sasl_mechs='ANONYMOUS''
> > > > > error Client and broker have no SASL mechanisms in common. Broker
> > > allows
> > > > :
> > > > > ANONYMOUS Client has : [EXTERNAL, GSSAPI, CRAM-MD5-HASHED,
> CRAM-MD5,
> > > > > AMQPLAIN, PLAIN, ANONYMOUS] Client restricted itself to : PLAIN
> > > > > username=guest
> > > > >
> > > > >
> > > > > And here is my sasl mechanism.
> > > > >
> > > > > curl -s 0:10001/service/sasl
> > > > > {
> > > > >   "user" : "ANONYMOUS",
> > > > >   "mechanisms" : [ "ANONYMOUS" ]
> > > > >
> > > > > Same SASL with 0.28 works fine with my app but 6.0.1 is not
> working.
> > > > >
> > > > >
> > > > > Thanks,
> > > > > Ram
> > > > >
> > > > >
> > > > >
> > > > > On Thu, Apr 7, 2016 at 3:39 PM, Rob Godfrey <
> rob.j.godfrey@gmail.com
> > >
> > > > > wrote:
> > > > >
> > > > > > On 7 April 2016 at 23:16, rammohan ganapavarapu <
> > > > rammohanganap@gmail.com
> > > > > >
> > > > > > wrote:
> > > > > >
> > > > > > > Rob,
> > > > > > >
> > > > > > > Does v6.0.1 support Anonymous or no authentication? last
time
> > when
> > > i
> > > > > try
> > > > > > to
> > > > > > > use .32 it was not working with Anonymous.
> > > > > > >
> > > > > >
> > > > > > Yes, Anonymous is supported.  Which AMQP protocol are you using
> > > (0-9-1,
> > > > > > 0-10, or 1.0)... I would expect that Anonymous should work on
> 0.32
> > > > > however
> > > > > > I think in 0.32 the "no authentication layer at all" option
for
> > AMQP
> > > > 1.0
> > > > > > probably didn't work (this is different to an authentication
> layer
> > > > which
> > > > > > allows anonymous).
> > > > > >
> > > > > >
> > > > > > >
> > > > > > > Sorry i was not clear in my previous email, i was taking
about
> > > > > properties
> > > > > > > file not broker storage format, the use case is if i wanted
to
> > > > override
> > > > > > > some of these properties and i have my own custom tool/script
> > that
> > > > > goes
> > > > > > > through the properties files and replace with the override
i
> > > defined,
> > > > > so
> > > > > > i
> > > > > > > want to use the same tool/script for qpid config as well.
My
> tool
> > > > only
> > > > > > > support key:value but if we have json array it wont work.
So
> if i
> > > > want
> > > > > to
> > > > > > > pass overrides as "-prop"  command line arguments what
are the
> > > > > properties
> > > > > > > that java qpid support as command line?
> > > > > > >
> > > > > > > Below if my config, is it possible to pass all these as
command
> > > line
> > > > > > > arguments?
> > > > > > >
> > > > > > > {
> > > > > > >   "authenticationproviders" : [ {
> > > > > > >     "id" : "7050933f-3485-4866-95d2-1f1b258ea3ac",
> > > > > > >     "name" : "Anonymous",
> > > > > > >     "type" : "Anonymous"
> > > > > > >   } ],
> > > > > > >   "defaultVirtualHost" : "default",
> > > > > > >   "id" : "c433a66c-e6dc-4c48-be01-268295f580bc",
> > > > > > >   "modelVersion" : "1.3",
> > > > > > >   "name" : "Broker",
> > > > > > >   "plugins" : [ {
> > > > > > >     "id" : "58889cb7-9b9b-4866-bab2-4cfd63266dbf",
> > > > > > >     "name" : "httpManagement",
> > > > > > >     "pluginType" : "MANAGEMENT-HTTP"
> > > > > > >   }, {
> > > > > > >     "id" : "67282f5e-ebab-4341-9ff5-27a58fd2df89",
> > > > > > >     "name" : "jmxManagement",
> > > > > > >     "pluginType" : "MANAGEMENT-JMX"
> > > > > > >   } ],
> > > > > > >   "ports" : [ {
> > > > > > >     "authenticationProvider" : "Anonymous",
> > > > > > >     "id" : "99e13356-080a-4abe-852e-8c452149cdae",
> > > > > > >     "name" : "JMX_CONNECTOR",
> > > > > > >     "port" : "9099",
> > > > > > >     "protocols" : [ "JMX_RMI" ]
> > > > > > >   }, {
> > > > > > >     "authenticationProvider" : "Anonymous",
> > > > > > >     "id" : "12813407-62ae-429f-8bee-75802f3b6553",
> > > > > > >     "name" : "RMI_REGISTRY",
> > > > > > >     "port" : "8999",
> > > > > > >     "protocols" : [ "RMI" ]
> > > > > > >   }, {
> > > > > > >     "authenticationProvider" : "Anonymous",
> > > > > > >     "id" : "3b107675-edd7-40a3-86c2-3113b46157f9",
> > > > > > >     "name" : "AMQP",
> > > > > > >     "port" : "5672"
> > > > > > >   }, {
> > > > > > >     "authenticationProvider" : "Anonymous",
> > > > > > >     "id" : "6dff5ecf-1a4b-46ad-b93d-f2606b5e4f6e",
> > > > > > >     "name" : "HTTP",
> > > > > > >     "port" : "10001",
> > > > > > >     "protocols" : [ "HTTP" ]
> > > > > > >   } ],
> > > > > > >   "storeVersion" : 1,
> > > > > > >   "virtualhosts" : [ {
> > > > > > >     "createdTime" : 1439482250329,
> > > > > > >     "id" : "eef20ba0-33d3-4b37-93a7-fe2b34e54503",
> > > > > > >     "name" : "default",
> > > > > > >     "storePath" : "/ebs//derbystore/default",
> > > > > > >     "storeType" : "DERBY",
> > > > > > >     "type" : "STANDARD"
> > > > > > >   } ]
> > > > > > > }
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > In 6.0 you can replace any value in the JSON with a reference
to
> a
> > > > > > property, for example
> > > > > >
> > > > > > "name" : "${myPortName}",
> > > > > >
> > > > > > this will then interpolate the value from the property, so if
you
> > set
> > > > the
> > > > > > property myPortName to "RobsPort" that will be the value used.
> > Type
> > > > > > conversions will be performed, so if the required value is an
> > integer
> > > > it
> > > > > > will convert to an integer.  If the value required is a list
then
> > you
> > > > can
> > > > > > use a String representation of a list in Json format.
> > > > > >
> > > > > > You can set the properties individually, or you can pass in
a
> > > > properties
> > > > > > file using -props or --system-properties-file (so if you have
a
> > > > > properties
> > > > > > file already maybe you can just pass this in).
> > > > > >
> > > > > >
> > > > > > > One more question or may be clarification is,
> > > > > > >
> > > > > > >
> > > > > > > *-sp (--store-path) is the path of config file that will
> > generated
> > > by
> > > > > > qpidd
> > > > > > > from the initial config right? what is the use of store-path?*
> > > > > > >
> > > > > > >
> > > > > > That is correct.  Some people just like to have config files
in a
> > > > > > non-default location :-)
> > > > > >
> > > > > > Hope this helps,
> > > > > > Rob
> > > > > >
> > > > > >
> > > > > > > *Thanks,*
> > > > > > >
> > > > > > > *Ram*
> > > > > > >
> > > > > > > On Thu, Apr 7, 2016 at 3:02 PM, Rob Godfrey <
> > > rob.j.godfrey@gmail.com
> > > > >
> > > > > > > wrote:
> > > > > > >
> > > > > > > > Firstly, 0.28 is quite old now - I would recommend
updating
> to
> > > > v6.0.1
> > > > > > if
> > > > > > > > you can.
> > > > > > > >
> > > > > > > > Secondly I'm not sure I understand your question -
are you
> > asking
> > > > > about
> > > > > > > > overriding particular properties, or the storage format
for
> the
> > > > > broker
> > > > > > > > configuration - these are two different things.  In
terms of
> > > > > > properties /
> > > > > > > > context overrides this can be specified using a properties
> file
> > > (at
> > > > > > least
> > > > > > > > in v6 - I forget exactly how it worked on 0.28). 
In terms of
> > the
> > > > > > > > configuration, JSON is currently the only text based
format
> > > > > supported.
> > > > > > > You
> > > > > > > > can use a database for the broker config storage,
there are
> > built
> > > > in
> > > > > > > > mechanisms to support Derby, BDB, and generic JDBC
config
> > stores.
> > > > > > > >
> > > > > > > > May I ask what advantage you would get by using YAML
or
> > > properties
> > > > > > files
> > > > > > > > instead of JSON?
> > > > > > > >
> > > > > > > > -- Rob
> > > > > > > >
> > > > > > > > On 7 April 2016 at 22:43, rammohan ganapavarapu <
> > > > > > rammohanganap@gmail.com
> > > > > > > >
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > > > Hi,
> > > > > > > > >
> > > > > > > > > Is there any way to start qpid-java-0.28 broker
using
> > > .properties
> > > > > > file
> > > > > > > or
> > > > > > > > > .xml or .yaml file instead of .json file? or
what are the
> > other
> > > > > ways
> > > > > > to
> > > > > > > > > pass override properties instead of JSON config
file?
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Thanks,
> > > > > > > > > Ram
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message