이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 4. Connecting clients to the router network


After creating a router network, you can connect clients (messaging applications) to it so that they can begin sending and receiving messages.

By default, the AMQ Interconnect Operator creates a Service for the router deployment and configures the following ports for client access:

  • 5672 for plain AMQP traffic without authentication
  • 5671 for AMQP traffic secured with TLS authentication

To connect clients to the router network, you can do the following:

  • If any clients are outside of the OpenShift cluster, expose the ports so that they can connect to the router network.
  • Configure your clients to connect to the router network.

4.1. Exposing ports for clients outside of OpenShift Container Platform

You expose ports to enable clients outside of the OpenShift Container Platform cluster to connect to the router network.

Procedure

  1. Start editing the Interconnect Custom Resource YAML file that describes the router deployment for which you want to expose ports.

    $ oc edit -f router-mesh.yaml
  2. In the spec.listeners section, expose each port that you want clients outside of the cluster to be able to access.

    In this example, port 5671 is exposed. This enables clients outside of the cluster to authenticate with and connect to the router network.

    Sample router-mesh.yaml file

      apiVersion: interconnectedcloud.github.io/v1alpha1
      kind: Interconnect
      metadata:
        name: router-mesh
      spec:
        ...
        listeners:
          - port: 5672
          - authenticatePeer: true
            expose: true
            http: true
            port: 8080
          - port: 5671
            sslProfile: default
            expose: true
        ...

    The AMQ Interconnect Operator creates a Route, which clients from outside the cluster can use to connect to the router network.

4.2. Authentication for client connections

When you create a router deployment, the AMQ Interconnect Operator uses the AMQ Certificate Manager Operator to create default SSL/TLS certificates for client authentication, and configures port 5671 for SSL encryption.

4.3. Configuring clients to connect to the router network

You can connect messaging clients running in the same OpenShift cluster as the router network, a different cluster, or outside of OpenShift altogether so that they can exchange messages.

Prerequisites

Procedure

  • To connect a client to the router network, use the following connection URL format:

    <scheme>://[<username>@]<host>[:<port>]
    <scheme>

    Use one of the following:

    • amqp - unencrypted TCP from within the same OpenShift cluster
    • amqps - for secure connections using SSL/TLS authentication
    • amqpws - AMQP over WebSockets for unencrypted connections from outside the OpenShift cluster
    <username>
    If you deployed the router mesh with user name/password authentication, provide the client’s user name.
    <host>
    If the client is in the same OpenShift cluster as the router network, use the OpenShift Service host name. Otherwise, use the host name of the Route.
    <port>

    If you are connecting to a Route, you must specify the port. To connect on an unsecured connection, use port 80. Otherwise, to connect on a secured connection, use port 443.

    Note

    To connect on an unsecured connection (port 80), the client must use AMQP over WebSockets (amqpws).

The following table shows some example connection URLs.

URLDescription

amqp://admin@router-mesh:5672

The client and router network are both in the same OpenShift cluster, so the Service host name is used for the connection URL. In this case, user name/password authentication is implemented, which requires the user name (admin) to be provided.

amqps://router-mesh-myproject.mycluster.com:443

The client is outside of OpenShift, so the Route host name is used for the connection URL. In this case, SSL/TLS authentication is implemented, which requires the amqps scheme and port 443.

amqpws://router-mesh-myproject.mycluster.com:80

The client is outside of OpenShift, so the Route host name is used for the connection URL. In this case, no authentication is implemented, which means the client must use the amqpws scheme and port 80.

Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.