Menu Search

Chapter 9. Configuring And Managing

9.1. Config Files

This section shows how to configure and manage broker.

9.1.1. Configuration file

Broker can be configured using XML configuration files. By default, broker is looking for configuration file at ${QPID_HOME}/etc/config.xml. The default configuration location can be overridden by specifying command line option -c <path to configuration> on broker start up.

9.1.2. Management Configuration

Management interfaces can be configured in management section of broker configuration file. The example of the management section is provided below.

Example 9.1. Management configuration

    <broker>
    ...
        <management>
            <enabled>true</enabled>
            <jmxport>
                <registryServer>8999</registryServer>
            </jmxport>
            <ssl>
                <enabled>false</enabled>
                <keyStorePath>${conf}/qpid.keystore</keyStorePath>
                <keyStorePassword>password</keyStorePassword>
            </ssl>
            <http>
                <enabled>true</enabled>
            </http>
            <https>
                <enabled>false</enabled>
            </https>
        </management>
    ...
    </broker>

9.1.3. JMX Management Configuration

JMX management can be configured in management section of broker configuration file.

An enabled element in the management section is used to enable or disable the JMX interfaces. Setting it to true causes the broker to start the management plugin if such is available on the broker classpath.

JMX management requires two ports which can be configured in jmxport sub-section of management:

  • RMI port (8999 by default) can be configured in an element jmxport/registryServer

  • Connector port can be configured in an element jmxport/connectorServer. If configuration element connectorServer is not provided than the connector port defaults to 100 + registryServer port.

Example 9.2. Enabling JMX Management and configuring JMX ports

<broker>
...
<management>
    <enabled>true</enabled>                     (1)
    <jmxport>
        <registryServer>7999</registryServer>   (2)
        <connectorServer>7998</connectorServer> (3)
    </jmxport>
<management>
...
</broker>

In the snippet above the following is configured:

(1)

Enable JMX management

(2)

Set RMI port to 7999

(3)

Set connector port to 7998

SSL can be configured to use on the connector port in the sub-section ssl of the management section. See Section 9.1.4, “Management SSL key store configuration” for details.

In order to use SSL with JMX management an element ssl/enabled needs to be set to true.

9.1.4. Management SSL key store configuration

This section describes how to configure the key store to use in SSL connections in both JMX and Web management interfaces.

The following examples demonstrates how to configure keystore for management

Example 9.3. Management key store configuration

<broker>
...
<management>
...
    <ssl>
        <enabled>true</enabled>                            (1)
        <keyStorePath>${conf}/qpid.keystore</keyStorePath> (2)
        <keyStorePassword>password</keyStorePassword>      (3)
    </ssl>
...
<management>
...
</broker>

(1)

Enable SSL on JMX connector port only. This setting does not effect the web management interfaces.

(2)

Set path to the key store file

(3)

Set keystore password

9.1.5. Web Management Configuration

Web management can be configured in management section of broker configuration file.

Sub-section http is used to enable web management on http port.

Sub-section https is used to enable web management on https port.

The following example shows how to configure http and https ports

Example 9.4. Enabling web management

<broker>
...
<management>
...
    <http>
        <enabled>true</enabled>                       (1)
        <port>9090</keyStorePath>                     (2)
        <basic-auth>false</basic-auth>                (3)
        <sasl-auth>true</sasl-auth>                   (4)
        <session-timeout>600</session-timeout>        (5)
    </http>

    <https>
        <enabled>true</enabled>                       (6)
        <port>9443</keyStorePath>                     (7)
        <sasl-auth>true</sasl-auth>                   (8)
        <basic-auth>true</basic-auth>                 (9)
    </https>
...
<management>
...
</broker>

(1)

Enable web management on http port. Default is true.

(2)

Set web management http port to 9090. Default is 8080.

(3)

Disable basic authentication on http port for REST services only. Default is false.

(4)

Enable SASL authentication on http port for REST services and web console. Default is true.

(5)

Set session timeout in seconds. Default is 15 minutes.

(6)

Enable web management on https port. Default is false.

(7)

Set web management https port to 9443. Default is 8443.

(8)

Enable SASL authentication on https port for REST services and web console. Default is true.

(9)

Enable basic authentication on https port for REST services only. Default is true.

Note

Please configure the keystore to use with the https web management port. See Section 9.1.4, “Management SSL key store configuration” for details.