qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Ross <tr...@redhat.com>
Subject Re: Dispatch Router questions
Date Thu, 20 Jul 2017 15:58:29 GMT
On Wed, Jul 19, 2017 at 7:36 PM, Dan Langford <danlangford@gmail.com> wrote:

> So I am struggling to wrap my head around some dispatch Router concepts and
> was wondering if somebody would be willing to point me in the right
> direction on one or more of my idea.
>
> Background: I am doing some due diligence at my place of employment
> regarding AMQP1.0 brokers and currently I am trying to see what Artemis w/
> HA, Colocation, and Replication looks like. Artemis does not currently
> support load-balancing AMQP messages through its cluster and they suggested
> I use QDR for that.
>
> So as I tried to jump into QDR I just found myself lost on some of these
> concepts and terms and I struggled finding examples, guides, or tutorials.
> I am just wanting load balancing of incoming messages to two brokers. For
> HA reasons I want 2 QDR nodes able to "front" these two brokers.  As it
> currently stands here are my questions:
>
> - Can I configure QDR to autoLink in and out ANY/ALL addresses?
>

No.  There is no way currently for QDR to know what queues are present on
its connected brokers.  It would not be difficult to write a program to
synchronize autolinks to existing queues.


>
> - Artemis doesn't support vhosts. Can I configure connections to vhost:Foo
> address:bar actually be address:Foo.bar when the message goes back to the
> broker?
>

Yes.  There is a multi-tenancy feature for listeners that does exactly what
you are asking for.  If you add the attribute "multiTenant: yes" to the
configuration of a listener in the qdrouterd.conf file, clients connected
via that listener will have their addresses annotated as vhost/addr in the
router.


>
> - Can I configure QDR to pass auth through to the broker and let the broker
> decide is the user is authenticated and authorized? Inversely can I
> configure QDR to be the only determinate of auth?
>

Presently, QDR expects to be the sole determiner of authentic identity.
There is an open request to add a SASL proxy that might be used to allow
the broker to do authentication on behalf of the router, but that hasn't
made it into master yet.


>
> I think depending on what I learn on these topics I will likely have more
> questions. Thank you to anybody who is able to give me a lead or point me
> to a config that may serve as an example. I really do appreciate it.
>

Please don't hesitate to ask more questions or point out where there is
lack of documentation.  We appreciate it as well.

-Ted

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message