Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Chapter 4. Using AMQ Management Console

AMQ Management Console is a web console included in the AMQ Broker installation that enables you to use a web browser to manage AMQ Broker.

AMQ Management Console is based on hawtio.

4.1. Overview
Copia collegamento

AMQ Broker is a full-featured, message-oriented middleware broker. It offers specialized queueing behaviors, message persistence, and manageability. It supports multiple protocols and client languages, freeing you to use many of your application assets.

AMQ Broker’s key features allow you to:

  • monitor your AMQ brokers and clients

    • view the topology
    • view network health at a glance

  • manage AMQ brokers using:

    • AMQ Management Console
    • Command-line Interface (CLI)
    • Management API

The supported web browsers for AMQ Management Console are Firefox and Chrome. For more information on supported browser versions, see AMQ 7 Supported Configurations.

4.2. Configuring local and remote access to AMQ Management Console
Copia collegamento

The procedure in this section shows how to configure local and remote access to AMQ Management Console.

Remote access to the console can take one of two forms:

  • Within a console session on a local broker, you use the Connect tab to connect to another, remote broker
  • From a remote host, you connect to the console for the local broker, using an externally-reachable IP address for the local broker

Prerequisites

  • You must upgrade to at least AMQ Broker 7.1.0. As part of this upgrade, an access-management configuration file named jolokia-access.xml is added to the broker instance. For more information about upgrading, see Upgrading a Broker instance from 7.0.x to 7.1.0.

Procedure

  1. Open the <broker_instance_dir>/etc/bootstrap.xml file.

  2. Within the web element, observe that the web port is bound only to localhost by default. 

    <web path="web">
  <binding uri="http://localhost:8161">
    <app url="redhat-branding" war="redhat-branding.war"/>
    <app url="artemis-plugin" war="artemis-plugin.war"/>
    <app url="dispatch-hawtio-console" war="dispatch-hawtio-console.war"/>
    <app url="console" war="console.war"/>
  </binding>
</web>
    Copy to Clipboard Toggle word wrap

  3. To enable connection to the console for the local broker from a remote host, change the web port binding to a network-reachable interface. For example: 

    <web path="web">
  <binding uri="http://0.0.0.0:8161">
    Copy to Clipboard Toggle word wrap

    In the preceding example, by specifying 0.0.0.0, you bind the web port to all interfaces on the local broker.

  4. Save the bootstrap.xml file.
  5. Open the <broker_instance_dir>/etc/jolokia-access.xml file.

  6. Within the <cors> (that is, Cross-Origin Resource Sharing) element, add an allow-origin entry for each HTTP origin request header that you want to allow to access the console. For example: 

    <cors>
   <allow-origin>*://localhost*</allow-origin>
   <allow-origin>*://192.168.0.49*</allow-origin>
   <allow-origin>*://192.168.0.51*</allow-origin>
   <!-- Check for the proper origin on the server side, too -->
   <strict-checking/>
</cors>
    Copy to Clipboard Toggle word wrap

    In the preceding configuration, you specify that the following connections are allowed:

    • Connection from the local host (that is, the host machine for your local broker instance) to the console.

      • The first asterisk (*) wildcard character allows either the http or https scheme to be specified in the connection request, based on whether you have configured the console for secure connections.
      • The second asterisk wildcard character allows any port on the host machine to be used for the connection.
    • Connection from a remote host to the console for the local broker, using the externally-reachable IP address of the local broker. In this case, the externally-reachable IP address of the local broker is 192.168.0.49.
    • Connection from within a console session opened on another, remote broker to the local broker. In this case, the IP address of the remote broker is 192.168.0.51.
  7. Save the jolokia-access.xml file.
  8. Open the <broker_instance_dir>/etc/artemis.profile file.

  9. To enable the Connect tab in the console, set the value of the Dhawtio.disableProxy argument to false. 

    -Dhawtio.disableProxy=false
    Copy to Clipboard Toggle word wrap
    Important

    It is recommended that you enable remote connections from the console (that is, set the value of the Dhawtio.disableProxy argument to false) only if the console is exposed to a secure network.

  10. Add a new argument, Dhawtio.proxyWhitelist, to the JAVA_ARGS list of Java system arguments. As a comma-separated list, specify IP addresses for any remote brokers that you want to connect to from the local broker (that is, by using the Connect tab within a console session running on the local broker). For example: 

    -Dhawtio.proxyWhitelist=192.168.0.51
    Copy to Clipboard Toggle word wrap

    Based on the preceding configuration, you can use the Connect tab within a console session on the local broker to connect to another, remote broker with an IP address of 192.168.0.51.

  11. Save the aretmis.profile file.

Additional resources

4.3. Accessing AMQ Management Console
Copia collegamento

The procedure in this section shows how to:

  • Open AMQ Management Console from the local broker
  • Connect to other brokers from within a console session on the local broker
  • Open a console instance for the local broker from a remote host using the externally-reachable IP address of the local broker

Prerequisites

Procedure

  1. In your web browser, navigate to the console address for the local broker.

    The console address is http://<host:port>/console/login. If you are using the default address, navigate to http://localhost:8161/console/login. Otherwise, use the values of host and port that are defined for the bind attribute of the web element in the <broker_instance_dir>/etc/bootstrap.xml configuration file.

  2. Log in to AMQ Management Console using the default user name and password that you created when you created the broker.

  3. To connect to another, remote broker from the console session of the local broker:

    1. In the left menu, click the Connect tab.
    2. In the main pane, on the Remote tab, click the Add connection button.

    3. In the Add Connection dialog box, specify the following details:

      Name
      Name for the remote connection, for example, my_other_broker.
      Scheme
      Protocol to use for the remote connection. Select http for a non-secured connection, or https for a secured connection.
      Host
      IP address of a remote broker. You must have already configured console access for this remote broker.
      Port
      Port on the local broker to use for the remote connection. Specify the port value that is defined for the bind attribute of the web element in the <broker_instance_dir>/etc/bootstrap.xml configuration file. The default value is 8161.
      Path
      Path to use for console access. Specify console/jolokia.

    4. To test the connection, click the Test Connection button.

      If the connection test is successful, click the Add button. If the connection test fails, review and modify the connection details as needed. Test the connection again.

    5. On the Remote page, for a connection that you have added, click the Connect button.

      A new web browser tab opens for the console instance on the remote broker.

    6. In the Log In dialog box, enter the user name and password for the remote broker. Click Log In.

      The console instance for the remote broker opens.

  4. To connect to the console for the local broker from a remote host, specify the Jolokia endpoint for the local broker in a web browser. This endpoint includes the externally-reachable IP address that you specified for the local broker when configuring remote console access. For example: 

    http://192.168.0.49/console/jolokia
    Copy to Clipboard Toggle word wrap

4.4. Configuring AMQ Management Console
Copia collegamento

Configure user access and request access to resources on the broker.

4.4.1. Securing AMQ Management Console using Red Hat Single Sign-On
Copia collegamento

Prerequisites

  • Red Hat Single Sign-On 7.4

Procedure

  1. Configure Red Hat Single Sign-On:

    1. Navigate to the realm in Red Hat Single Sign-On that you want to use for securing AMQ Management Console. Each realm in Red Hat Single Sign-On includes a client named Broker. This client is not related to AMQ.
    2. Create a new client in Red Hat Single Sign-On, for example artemis-console.

    3. Navigate to the client settings page and set:

      • Valid Redirect URIs to the AMQ Management Console URL followed by *, for example: 

        https://broker.example.com:8161/console/*
        Copy to Clipboard Toggle word wrap
      • Web Origins to the same value as Valid Redirect URIs. Red Hat Single Sign-On allows you enter +, indicating that allowed CORS origins includes the value for Valid Redirect URIs.
    4. Create a role for the client, for example guest.
    5. Make sure all users who require access to AMQ Management Console are assigned the above role, for example, using Red Hat Single Sign-On groups.

  2. Configure the AMQ Broker instance:

    1. Add the following to your <broker-instance-dir>/instances/broker0/etc/login.config file to configure AMQ Management Console to use Red Hat Single Sign-On: 

      console {
    org.keycloak.adapters.jaas.BearerTokenLoginModule required
        keycloak-config-file="${artemis.instance}/etc/keycloak-bearer-token.json"
        role-principal-class=org.apache.activemq.artemis.spi.core.security.jaas.RolePrincipal
    ;
};
      Copy to Clipboard Toggle word wrap

      Adding this configuration sets up a JAAS principal and a requirement for a bearer token from Red Hat Single Sign-On. The connection to Red Hat Single Sign-On is defined in the keycloak-bearer-token.json file, as described in the next step.

    2. Create a file <broker-instance-dir>/etc/keycloak-bearer-token.json with the following contents to specify the connection to Red Hat Single Sign-On used for the bearer token exchange: 

      {
  "realm": "<realm-name>",
  "resource": "<client-name>",
  "auth-server-url": "<RHSSO-URL>/auth",
  "principal-attribute": "preferred_username",
  "use-resource-role-mappings": true,
  "ssl-required": "external",
  "confidential-port": 0
}
      Copy to Clipboard Toggle word wrap
      <realm-name>
      the name of the realm in Red Hat Single Sign-On
      <client-name>
      the name of the client in Red Hat Single Sign-On
      <RHSSO-URL>
      the URL of Red Hat Single Sign-On

    3. Create a file <broker-instance-dir>/etc/keycloak-js-token.json with the following contents to specify the Red Hat Single Sign-On authentication endpoint: 

      {
  "realm": "<realm-name>",
  "clientId": "<client-name>",
  "url": "<RHSSO-URL>/auth"
}
      Copy to Clipboard Toggle word wrap

    4. Configure the security settings by editing the the <broker-instance-dir>/etc/broker.xml file.

      For example, to allow users with the amq role consume messages and allow users with the guest role send messages, add the following: 

               <security-setting match="Info">
            <permission roles="amq" type="createDurableQueue"/>
            <permission roles="amq" type="deleteDurableQueue"/>
            <permission roles="amq" type="createNonDurableQueue"/>
            <permission roles="amq" type="deleteNonDurableQueue"/>
            <permission roles="guest" type="send"/>
            <permission roles="amq" type="consume"/>
         </security-setting>
      Copy to Clipboard Toggle word wrap
  3. Run the AMQ Broker instance and validate AMQ Management Console configuration.

4.4.2. Setting up user access to AMQ Management Console
Copia collegamento

You can access AMQ Management Console using the broker login credentials. The following table provides information about different methods to add additional broker users to access AMQ Management Console:

Expand
Table 4.1. Methods to grant users access to AMQ Management Console
Authentication MethodDescription

Guest authentication

Enables anonymous access. In this configuration, any user who connects without credentials or with the wrong credentials will be authenticated automatically and assigned a specific user and role.

For more information, see Configuring guest access in Configuring AMQ Broker.

Basic user and password authentication

For each user, you must define a username and password and assign a security role. Users can only log into AMQ Management Console using these credentials.

For more information, see Configuring basic user and password authentication in Configuring AMQ Broker.

LDAP authentication

Users are authenticated and authorized by checking the credentials against user data stored in a central X.500 directory server.

For more information, see Configuring LDAP to authenticate clients in Configuring AMQ Broker.

4.4.3. Securing network access to AMQ Management Console
Copia collegamento

To secure AMQ Management Console when the console is being accessed over a WAN or the internet, use SSL to specify that network access uses https instead of http.

Prerequisites

The following should be located in the <broker_instance_dir>/etc/ directory:

  • Java key store
  • Java trust store (needed only if you require client authentication)

Procedure

  1. Open the <broker_instance_dir>/etc/bootstrap.xml file.

  2. In the <web> element, add the following attributes: 

    <web path="web">
    <binding uri="https://0.0.0.0:8161" keyStorePath="<path_to_keystore>" keyStorePassword="<password>"
    clientAuth="<true/false>" trustStorePath="<path_to_truststore>" trustStorePassword="<password>">
    </binding>
</web>
    Copy to Clipboard Toggle word wrap
    bind
    For secure connections to the console, change the URI scheme to https.
    keyStorePath

    Path of the keystore file. For example: 

    keyStorePath="<broker_instance_dir>/etc/keystore.jks"
    Copy to Clipboard Toggle word wrap
    keyStorePassword
    Key store password. This password can be encrypted.
    clientAuth
    Specifies whether client authentication is required. The default value is false.
    trustStorePath
    Path of the trust store file. You need to define this attribute only if clientAuth is set to true.
    trustStorePassword
    Trust store password. This password can be encrypted.

Additional resources

You can configure AMQ Management Console to authenticate users by using certificates instead of passwords.

Procedure

  1. Obtain certificates for the broker and clients from a trusted certificate authority or generate self-signed certificates. If you want to generate self-signed certificates, complete the following steps:

    1. Generate a self-signed certificate for the broker. 

      $ keytool -storetype pkcs12 -keystore broker-keystore.p12 -storepass securepass -keypass securepass -alias client -genkey -keyalg "RSA" -keysize 2048 -dname "CN=ActiveMQ Broker, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -ext bc=ca:false -ext eku=cA
      Copy to Clipboard Toggle word wrap

    2. Export the certificate from the broker keystore, so that it can be shared with clients. 

      $ keytool -storetype pkcs12 -keystore broker-keystore.p12 -storepass securepass -alias client -exportcert -rfc > broker.crt
      Copy to Clipboard Toggle word wrap

    3. On the client, import the broker certificate into the client truststore. 

      $ keytool -storetype pkcs12 -keystore client-truststore.p12 -storepass securepass -keypass securepass -importcert -alias client-ca -file broker.crt -noprompt
      Copy to Clipboard Toggle word wrap

    4. On the client, generate a self-signed certificate for the client. 

      $ keytool -storetype pkcs12 -keystore client-keystore.p12 -storepass securepass -keypass securepass -alias client -genkey -keyalg "RSA" -keysize 2048 -dname "CN=ActiveMQ Client, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -ext bc=ca:false -ext eku=cA
      Copy to Clipboard Toggle word wrap

    5. Export the client certificate from the client keystore to a file so that it can be added to the broker truststore. 

      $ keytool -storetype pkcs12 -keystore client-keystore.p12 -storepass securepass -alias client -exportcert -rfc > client.crt
      Copy to Clipboard Toggle word wrap

    6. Import the client certificate into the broker truststore. 

      $ keytool -storetype pkcs12 -keystore client-truststore.p12 -storepass securepass -keypass securepass -importcert -alias client-ca -file client.crt -noprompt
      Copy to Clipboard Toggle word wrap
      Note

      On the broker machine, ensure that the keystore and truststore files are in a location that is accessible to the broker.

  2. In the <broker_instance_dir>/etc/bootstrap.xml file, update the web configuration to enable the HTTPS protocol and client authentication for the broker console. For example: 

    ...
<web path="web">
    <binding uri="https://localhost:8161" keyStorePath="${artemis.instance}/etc/server-keystore.p12" keyStorePassword="password"
    clientAuth="true" trustStorePath="${artemis.instance}/etc/client-truststore.p12" trustStorePassword="password">
    ...
    </binding>
</web>
...
    Copy to Clipboard Toggle word wrap
    binding uri
    Specify the https protocol to enable SSL and add a host name and port.
    keystorePath
    The path to the keystore where the broker certificate is installed.
    keystorePassword
    The password of the keystore where the broker certificate is installed.
    ClientAuth
    Set to true to configure the broker to require that each client presents a certificate when a client tries to connect to the broker console.
    trustStorePath
    If clients are using self-signed certificates, specify the path to the truststore where client certificates are installed.
    trustStorePassword

    If clients are using self-signed certificates, specify the password of the truststore where client certificates are installed .

    NOTE. You need to configure the trustStorePath and trustStorePassword properties only if clients are using self-signed certificates.

  3. Obtain the Subject Distinguished Names (DNs) from each client certificate so you can create a mapping between each client certificate and a broker user.

    1. Export each client certificate from the client’s keystore file into a temporary file. For example: 

      keytool -export -file <file_name> -alias broker-localhost -keystore broker.ks -storepass <password>
      Copy to Clipboard Toggle word wrap

    2. Print the contents of the exported certificate: 

      keytool -printcert -file <file_name>
      Copy to Clipboard Toggle word wrap

      The output is similar to that shown below: 

      Owner: CN=AMQ Client, OU=Artemis, O=AMQ, L=AMQ, ST=AMQ, C=AMQ
Issuer: CN=AMQ Client, OU=Artemis, O=AMQ, L=AMQ, ST=AMQ, C=AMQ
Serial number: 51461f5d
Valid from: Sun Apr 17 12:20:14 IST 2022 until: Sat Jul 16 12:20:14 IST 2022
Certificate fingerprints:
	 SHA1: EC:94:13:16:04:93:57:4F:FD:CA:AD:D8:32:68:A4:13:CC:EA:7A:67
	 SHA256: 85:7F:D5:4A:69:80:3B:5B:86:27:99:A7:97:B8:E4:E8:7D:6F:D1:53:08:D8:7A:BA:A7:0A:7A:96:F3:6B:98:81
      Copy to Clipboard Toggle word wrap

      The Owner entry is the Subject DN. The format used to enter the Subject DN depends on your platform. The string above could also be represented as; 

      Owner: `CN=localhost,\ OU=broker,\ O=Unknown,\ L=Unknown,\ ST=Unknown,\ C=Unknown`
      Copy to Clipboard Toggle word wrap

  4. Enable certificate-based authentication for the broker’s console.

    1. Open the <broker_instance_dir>/etc/login.config configuration file. Add the certificate login module and reference the user and roles properties files. For example: 

      activemq {
    org.apache.activemq.artemis.spi.core.security.jaas.TextFileCertificateLoginModule
        debug=true
        org.apache.activemq.jaas.textfiledn.user="artemis-users.properties"
        org.apache.activemq.jaas.textfiledn.role="artemis-roles.properties";
};
      Copy to Clipboard Toggle word wrap
      org.apache.activemq.artemis.spi.core.security.jaas.TextFileCertificateLoginModule
      The implementation class.
      org.apache.activemq.jaas.textfiledn.user
      Specifies the location of the user properties file relative to the directory that contains the login configuration file.
      org.apache.activemq.jaas.textfiledn.role

      Specifies the properties file that maps users to defined roles for the login module implementation.

      Note

      If you change the default name of the certificate login module configuration in the <broker_instance_dir>/etc/login.config file, you must update the value of the -dhawtio.realm argument in the <broker_instance_dir>/etc/artemis.profile file to match the new name. The default name is activemq.

    2. Open the <broker_instance_dir>/etc/artemis-users.properties file. Create a mapping between client certificates and broker users by adding the Subject DNS that you obtained from each client certificate to a broker user. For example: 

      user1=CN=user1,O=Progress,C=US
user2=CN=user2,O=Progress,C=US
      Copy to Clipboard Toggle word wrap

      In this example, the user1 broker user is mapped to the client certificate that has a Subject Distinguished Name of CN=user1,O=Progress,C=US Subject DN. After you create a mapping between a client certificate and a broker user, the broker can authenticate the user by using the certificate.

    3. Open the <broker_instance_dir>/etc/artemis-roles.properties file. Grant users permission to log in to the console by adding them to the role that is specified for the HAWTIO_ROLE variable in the <broker_instance_dir>/etc/artemis.profile file. The default value of the HAWTIO_ROLE variable is amq. For example: 

      amq=user1, user2
      Copy to Clipboard Toggle word wrap

  5. Configure the following recommended security properties for the HTTPS protocol.

    1. Open the <broker_instance_dir>/etc/artemis.profile file.

    2. Set the hawtio.http.strictTransportSecurity property to allow only HTTPS requests to the AMQ Management Console and to convert any HTTP requests to HTTPS. For example: 

      hawtio.http.strictTransportSecurity = max-age=31536000; includeSubDomains; preload
      Copy to Clipboard Toggle word wrap

    3. Set the hawtio.http.publicKeyPins property to instruct the web browser to associate a specific cryptographic public key with the AMQ Management Console to decrease the risk of “man-in-the-middle” attacks using forged certificates. For example: 

      hawtio.http.publicKeyPins = pin-sha256="..."; max-age=5184000; includeSubDomains
      Copy to Clipboard Toggle word wrap

4.4.5. Configuring AMQ Management Console to handle X-forwarded headers
Copia collegamento

If requests to AMQ Management Console are routed through a proxy server, you can configure the AMQ Broker embedded web server, which hosts AMQ Management Console, to handle X-Forwarded headers. By handling X-Forwarded headers, AMQ Management Console can receive header information that is otherwise altered or lost when a proxy is involved in the path of a request. For example, the proxy can expose AMQ Management Console using HTTPS, and the AMQ Management Console, which uses HTTP, can identify from the X-Forwarded header that the connection between the browser and the proxy uses HTTPS and switch to HTTPS to serve browser requests.

Procedure

  1. Open the <broker_instance_dir>/etc/bootstrap.xml file.

  2. In the <web> element, add the customizer attribute with a value of org.eclipse.jetty.server.ForwardedRequestCustomizer. For example: 

    <web path="web" customizer="org.eclipse.jetty.server.ForwardedRequestCustomizer">
..
</web>
    Copy to Clipboard Toggle word wrap
  3. Save the bootstrap.xml file.

  4. Start or restart the broker by entering the following command:

    • On Linux: <broker_instance_dir>/bin/artemis run
    • On Windows: <broker_instance_dir>\bin\artemis-service.exe start

4.5. Managing brokers using AMQ Management Console
Copia collegamento

You can use AMQ Management Console to view information about a running broker and manage the following resources:

  • Incoming network connections (acceptors)
  • Addresses
  • Queues

4.5.1. Viewing details about the broker
Copia collegamento

To see how the broker is configured, in the left menu, click Artemis.

In the main pane, the following tabs are available:

Status

Displays information about the current status of the broker, such as version information, uptime and the high availability policy deployed. Also displays the amount of address memory that the broker is currently using. The graph shows this value as a proportion of the global-max-size configuration parameter.

Figure 4.1. Status tab

*Status* tab
View larger image
*Status* tab
Connections
Displays information about broker connections, including client, cluster, and bridge connections.
Sessions
Displays information about all sessions currently open on the broker.
Consumers
Displays information about all consumers currently open on the broker.
Producers
Displays information about producers currently open on the broker.
Addresses
Displays information about addresses on the broker. This includes internal addresses, such as store-and-forward addresses.
Queues
Displays information about queues on the broker. This includes internal queues, such as store-and-forward queues.
Broker diagram
Displays a diagram of the cluster topology. This includes all brokers in the cluster and any addresses and queues on the local broker.

4.5.2. Viewing the broker diagram
Copia collegamento

You can view a diagram of all AMQ Broker resources in your topology, including brokers (live and backup brokers), producers and consumers, addresses, and queues.

Procedure

  1. In the left menu, click Artemis.

  2. In the main pane, click the Broker Diagram tab.

    The console displays a diagram of the cluster topology. This includes all brokers in the cluster and any addresses and queues on the local broker, as shown in the figure.

    Figure 4.2. Broker diagram tab

    *Broker diagram* tab
    View larger image
    *Broker diagram* tab
  3. To change the items displayed in the diagram, in the Node options list, select the checkboxes for the items you want to display.

  4. To show attributes for the local broker or an address or queue that is connected to it, click that node in the diagram. For example, the following figure shows a diagram that also includes attributes for the local broker.

    Figure 4.3. Broker diagram tab, including attributes

    *Broker diagram* tab
    View larger image
    *Broker diagram* tab

4.5.3. Viewing acceptors
Copia collegamento

You can view details about the acceptors configured for the broker.

Procedure

  1. In the left menu, click Artemis JMX.
  2. In the folder tree, click acceptors.

  3. To view details about how an acceptor is configured, click the acceptor.

    The console shows the acceptor attributes on the Attributes tab and the operations you can execute for the acceptor on the Operations tab.

    The following examples shows the attributes for the amqp acceptor.

    Figure 4.4. AMQP acceptor attributes

    AMQP acceptor attributes
    View larger image
    AMQP acceptor attributes
  4. To see complete details for an attribute, click the attribute. An additional pane opens to show the details.
  5. To execute an operation on the acceptor, click the Operations tab, expand the operation and click the Execute button.

4.5.4. Managing addresses and queues
Copia collegamento

An address represents a messaging endpoint. Within the configuration, a typical address is given a unique name.

A queue is associated with an address. There can be multiple queues per address. Once an incoming message is matched to an address, the message is sent on to one or more of its queues, depending on the routing type configured. Queues can be configured to be automatically created and deleted.

4.5.4.1. Creating addresses
Copia collegamento

A typical address is given a unique name, zero or more queues, and a routing type.

A routing type determines how messages are sent to the queues associated with an address. Addresses can be configured with two different routing types.

Expand

If you want your messages routed to…

Use this routing type…

A single queue within the matching address, in a point-to-point manner.

Anycast

Every queue within the matching address, in a publish-subscribe manner.

Multicast

You can create and configure addresses and queues, and then delete them when they are no longer in use.

Procedure

  1. In the left menu, click Artemis.
  2. In the main pane, click the Addresses tab.

  3. Click Create Address.

    The Create Address dialog is displayed.

    Figure 4.5. Create Address dialog

    AMQ Management Console Create Address
    View larger image
    AMQ Management Console Create Address

  4. Complete the following fields:

    Address Name
    The routing name of the address.
    Routing type

    Select one of the following options:

    • Multicast: Messages sent to the address are distributed to all subscribers in a publish-subscribe manner.
    • Anycast: Messages sent to this address are distributed to only one subscriber in a point-to-point manner.
  5. Click Create Address.

4.5.4.2. Sending messages to an address
Copia collegamento

You can use the console to send messages to an address.

Procedure

  1. In the left menu, click Artemis.
  2. In the main pane, click the Addresses tab.
  3. Click the three-dot icon for the selected address.

  4. Click Send Message.

    The Send Message to Address <address name> dialog is displayed.

    Figure 4.6. Send Message to Address

    AMQ Management Console Send Message
    View larger image
    AMQ Management Console Send Message
  5. By default messages are sent using the credentials that you used to log in to AMQ Management Console. If you want to use different credentials, clear the Use Current Logged in User checkbox and specify values in the Username and Password fields, which are displayed after you clear the checkbox.
  6. If necessary, click the Add Header button to add message header information.
  7. Enter the message body.
  8. In the Format drop-down menu, select an option for the format of the message body, and then click Format. The message body is formatted in a human-readable style for the format you selected.

  9. Click Send.

    The message is sent.

  10. To send additional messages, change any of the information you entered, and then click Send.

4.5.4.3. Creating queues
Copia collegamento

Queues provide a channel between a producer and a consumer.

Prerequisites

Procedure

  1. In the left menu, click Artemis.
  2. In the main pane, click the Addresses tab.
  3. Click the three-dot icon for the address to which you want to bind the queue.

  4. Click Create Queue.

    The Create Queue on Address <address name> dialog is displayed

    Figure 4.7. Create Queue on Address dialog

    AMQ Management Console Create Queue
    View larger image
    AMQ Management Console Create Queue

  5. Complete the following fields:

    Queue name
    A unique name for the queue.
    Routing Type

    Select one of the following options:

    • Multicast: Messages sent to the parent address will be distributed to all queues bound to the address.
    • Anycast: Only one queue bound to the parent address will receive a copy of the message. Messages will be distributed evenly among all of the queues bound to the address.
    Durable
    If you select this option, the queue and its messages are persistent.
    Filter
    The username to be used when connecting to the broker.
    Max Consumers
    The maximum number of consumers that can access the queue at a given time.
    Purge when no Consumers
    If selected, the queue will be purged when no consumers are connected.
  6. Click Create Queue.

4.5.4.4. Checking the status of a queue
Copia collegamento

Charts provide a real-time view of the status of a queue on a broker.

Procedure

  1. In the left menu, click Artemis JMX.
  2. In the folder tree, navigate to a queue.

  3. Click the Chart tab.

    The console displays a chart that shows real-time data for the queue attributes.

    Figure 4.8. Chart tab for a queue

    Chart tab for a queue
    View larger image
    Chart tab for a queue
    Note

    To view a chart for multiple queues on an address, select the anycast or multicast folder that contains the queues.

  4. By default, all attributes for a queue are displayed on the chart. If necessary, change the list of attributes displayed on the chart:

    1. Click Edit watches.
    2. On the Watched attributes list, select the checkbox beside each attribute that you do not want to include in the chart.
    3. Click the right arrow icon to remove the selected attributes from the chart.
    4. Click Close.

4.5.4.5. Browsing queues
Copia collegamento

Browsing a queue displays all of the messages in the queue. You can also filter and sort the list to find specific messages.

Procedure

  1. In the left menu, click Artemis.
  2. In the main pane, click the Queues tab.
  3. Click the three-dot icon for the queue that you want to browse.

  4. Click Browse Messages.

    The messages in the queue are displayed. By default, the first 200 messages are displayed.

    Figure 4.9. Browse Queue dialog

    Browse Queue page
    View larger image
    Browse Queue page

  5. To view the content of a message, click the three-dot icon for the message and click View.

    You can view the message body, header and properties.

4.5.4.6. Sending messages to a queue
Copia collegamento

After creating a queue, you can send a message to it.

Procedure

  1. In the left menu, click Artemis.
  2. In the main pane, click the Queues tab.
  3. Click the three-dot icon for the queue to which you want to send a message .

  4. Click Send Message.

    The Send Message to Queue <queue name> dialog is displayed

    Figure 4.10. Send Message to Queue dialog

    Send Message to a Queue
    View larger image
    Send Message to a Queue
  5. By default messages are sent using the credentials that you used to log in to AMQ Management Console. If you want to use different credentials, clear the Use Current Logged in User checkbox and specify values in the Username and Password fields, which are displayed after you clear the checkbox.
  6. If necessary, click the Add Header button to add message header information.
  7. Enter the message body.
  8. In the Format drop-down menu, select an option for the format of the message body, and then click Format. The message body is formatted in a human-readable style for the format you selected.
  9. Click Send.
  10. To send additional messages, change any of the information you entered, and then click Send.

4.5.4.7. Resending messages to a queue
Copia collegamento

You can resend previously sent messages.

Procedure

  1. Browse for the message you want to resend.
  2. Click the three-dot icon for the message that you want to resend.

  3. Click Resend.

    The Resend Message dialog is displayed.

  4. Update the message header and body as needed, and then click Send.

4.5.4.8. Moving messages to a different queue
Copia collegamento

You can move one or more messages in a queue to a different queue.

Procedure

  1. Browse for the messages you want to move.
  2. Click the checkbox next to each message that you want to move.

  3. Click Move.

    A confirmation dialog box is displayed.

  4. From the drop-down menu, select the name of the queue to which you want to move the messages. Click Confirm.

4.5.4.9. Deleting messages or queues
Copia collegamento

You can delete all of the messages in a queue and retain the queue, or you can delete the queue and any messages it contains.

Procedure

  1. In the left menu, click Artemis.
  2. In the main pane, click the Queues tab.

  3. Click the three-dot icon for the queue you want to purge or delete.

    1. To delete all the message in the selected queue without deleting the queue, click Purge.
    2. To delete all the messages and the queue itself, click Delete.
  4. In the confirmation dialog, click Confirm.
Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat