You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by Fabrice Triboix <fa...@armedia.com> on 2021/06/11 16:20:23 UTC
Roundup of the configuration files
Hello everyone,
I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
In the "conf" directory, I can see the following files:
* activemq.xml
* broker.ks
* broker-localhost.cert
* broker.ts
* client.ks
* client.ts
* credentials-enc.properties
* credentials.properties
* groups.properties
* java.security
* jetty-realm.properties
* jetty.xml
* jmx.access
* jmx.password
* log4j.properties
* logging.properties
* login.config
* users.properties
I would like to know what each of these configuration files do, and whether they are required or not.
Many thanks,
Fabrice
Re: Roundup of the configuration files
Posted by Justin Bertram <jb...@apache.org>.
It seems to me that Matt and Jean-Baptiste have provided the essential
guidance you need. Can you be more specific about what answer(s) you are
still looking for? Saying, "my question below," is ambiguous unfortunately.
Justin
On Fri, Jun 18, 2021 at 1:46 PM Fabrice Triboix <fa...@armedia.com>
wrote:
> Hello,
>
> Could somebody please provide me with an answer to my question below?
>
> Thank you very much for any help,
>
> Fabrice
>
> ________________________________
> From: Fabrice Triboix <fa...@armedia.com>
> Sent: 12 June 2021 15:50
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe.
>
>
> Hi Jean-Baptiste,
>
> Thanks a lot for your answer.
>
> Our ActiveMQ installation won't use any TLS, but will have authentication
> (using the simple authentication plugin) and authorization. Which
> additional configuration files would be required in such a setup?
>
> Thanks a lot for your help!
>
> Fabrice
>
> ________________________________
> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
> Sent: 12 June 2021 05:37
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe.
>
>
> Hi,
>
> Basically, for a simple bin/activemq console start, by default (without
> authentication), you just need
>
> - activemq.xml (broker config)
> - jetty.xml (jetty container used by admin web console)
> - log4j.properties (for logging config)
> - logging.properties (can be removed if you don’t use JUL)
>
> All the rest is used when SSL is enabled, when authentication is enabled.
>
> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>
> Regards
> JB
>
> > Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com>
> a écrit :
> >
> > Hello everyone,
> >
> > I am looking at the official ActiveMQ tarball (
> https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz)
> and I would like to understand how ActiveMQ is configured.
> >
> > In the "conf" directory, I can see the following files:
> >
> > * activemq.xml
> > * broker.ks
> > * broker-localhost.cert
> > * broker.ts
> > * client.ks
> > * client.ts
> > * credentials-enc.properties
> > * credentials.properties
> > * groups.properties
> > * java.security
> > * jetty-realm.properties
> > * jetty.xml
> > * jmx.access
> > * jmx.password
> > * log4j.properties
> > * logging.properties
> > * login.config
> > * users.properties
> >
> > I would like to know what each of these configuration files do, and
> whether they are required or not.
> >
> > Many thanks,
> >
> > Fabrice
>
>
Re: Roundup of the configuration files
Posted by Tim Bain <tb...@alumni.duke.edu>.
Is that filesystem a local disk (i.e. exclusive to the host) or an NFS
share (i.e. the file could be locked by a process running on another host)?
If the latter, lsof wouldn't show processes from other hosts, so you'd want
to run the command from all hosts where ActiveMQ is installed and might be
running.
Tim
On Tue, Jun 22, 2021, 5:54 AM Matt Pavlovich <ma...@gmail.com> wrote:
> The filesystem locking is simply delegated to the OS. Double check you do
> not have a second ActiveMQ process that was left running unintentionally
> during the config testing.
>
> If it is on Linux, you can use the ‘lsof’ command to look for the process
> that has the kahadb/lock file locked.
>
> -Matt Pavlovich
>
> > On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <
> fabrice.triboix@armedia.com> wrote:
> >
> > Hello Matt,
> >
> > I am using a subset of the configuration files found in the the conf
> directory of the official ActiveMQ release available here:
> https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
> >
> > The configuration files I kept are:
> >
> > * activemq.xml
> > * jetty.xml
> > * log4j.properties
> > * logging.properties
> >
> > Indeed, activemq.xml referenced credentials.properties. I commented
> out that reference, and ActiveMQ works a bit better. It does show the
> following message which is not looking good:
> >
> > INFO | Database ${activemq.data}/kahadb/lock is locked by another
> server. This broker is now in slave mode waiting a lock to be acquired
> >
> > This is very odd because there is only one ActiveMQ broker running...
> >
> > Any idea about what is going on?
> >
> > Many thanks,
> >
> > Fabrice
> >
> > ________________________________
> > From: Matt Pavlovich <ma...@gmail.com>
> > Sent: 21 June 2021 15:43
> > To: users@activemq.apache.org <us...@activemq.apache.org>
> > Subject: Re: Roundup of the configuration files
> >
> > CAUTION: This email originated from outside of the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe.
> >
> >
> > Hello Fabrice-
> >
> > Please be mindful that is difficult to troubleshoot over an email thread
> without seeing the changes you are making on your end. I suspect the top of
> your conf/activemq.xml has the Properties file entry referencing the
> conf/credentials.properties. Try removing that section from your
> conf/activemq.xml and the broker should start up.
> >
> > -Matt Pavlovich
> >
> >> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <
> fabrice.triboix@armedia.com> wrote:
> >>
> >> Hi Matt,
> >>
> >> All right, thanks a lot for these details.
> >>
> >> ActiveMQ crashes for me, there is a stack trace with the following
> error:
> >>
> >> Caused by: java.io.FileNotFoundException:
> /app/conf/credentials.properties (No such file or directory)
> >>
> >> Also, I am not sure why I need to repeat the users/groups/passwords
> information in the login.config, groups.properties, and users.properties
> files... This information is already available in the activemq.xml file,
> isn't it? (I am using the simple authentication plugin)
> >>
> >> Thanks a lot for your help!
> >>
> >> Fabrice
> >>
> >> ________________________________
> >> From: Matt Pavlovich <ma...@gmail.com>
> >> Sent: 18 June 2021 22:38
> >> To: users@activemq.apache.org <us...@activemq.apache.org>
> >> Subject: Re: Roundup of the configuration files
> >>
> >> CAUTION: This email originated from outside of the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe.
> >>
> >>
> >> Hi Fabrice-
> >>
> >> The simple authentication plugin stores usernames and passwords in the
> conf/activemq.xml (it is generally used for embedded brokers or unit
> testing). If you use that, you won’t need the files below in the Messaging
> services section.
> >>
> >> Most general setups using running stand alone brokers with the Apache
> ActiveMQ distribution:
> >>
> >> Messaging services (JMS, MQTT, STOMP, etc):
> >>
> >> conf/login.config <— defines what to use
> >> conf/groups.properties <— group-to-user mappings
> >> conf/users.properties <— user and passwords
> >>
> >> Management (JMX):
> >>
> >> bin/env
> >> conf/jmx.password
> >> conf/jmx.access
> >>
> >> Web Console:
> >>
> >> conf/jetty.xml
> >>
> >> ref: https://activemq.apache.org/security
> >>
> >>
> >> Hope this helps!
> >>
> >> -Matt Pavlovich
> >>
> >>
> >>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <
> fabrice.triboix@armedia.com> wrote:
> >>>
> >>> Hello,
> >>>
> >>> Could somebody please provide me with an answer to my question below?
> >>>
> >>> Thank you very much for any help,
> >>>
> >>> Fabrice
> >>>
> >>> ________________________________
> >>> From: Fabrice Triboix <fa...@armedia.com>
> >>> Sent: 12 June 2021 15:50
> >>> To: users@activemq.apache.org <us...@activemq.apache.org>
> >>> Subject: Re: Roundup of the configuration files
> >>>
> >>> CAUTION: This email originated from outside of the organization. Do
> not click links or open attachments unless you recognize the sender and
> know the content is safe.
> >>>
> >>>
> >>> Hi Jean-Baptiste,
> >>>
> >>> Thanks a lot for your answer.
> >>>
> >>> Our ActiveMQ installation won't use any TLS, but will have
> authentication (using the simple authentication plugin) and authorization.
> Which additional configuration files would be required in such a setup?
> >>>
> >>> Thanks a lot for your help!
> >>>
> >>> Fabrice
> >>>
> >>> ________________________________
> >>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
> >>> Sent: 12 June 2021 05:37
> >>> To: users@activemq.apache.org <us...@activemq.apache.org>
> >>> Subject: Re: Roundup of the configuration files
> >>>
> >>> CAUTION: This email originated from outside of the organization. Do
> not click links or open attachments unless you recognize the sender and
> know the content is safe.
> >>>
> >>>
> >>> Hi,
> >>>
> >>> Basically, for a simple bin/activemq console start, by default
> (without authentication), you just need
> >>>
> >>> - activemq.xml (broker config)
> >>> - jetty.xml (jetty container used by admin web console)
> >>> - log4j.properties (for logging config)
> >>> - logging.properties (can be removed if you don’t use JUL)
> >>>
> >>> All the rest is used when SSL is enabled, when authentication is
> enabled.
> >>>
> >>> I’ve started some cleanup for 5.17.0 having dedicated folders per
> "use".
> >>>
> >>> Regards
> >>> JB
> >>>
> >>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com>
> a écrit :
> >>>>
> >>>> Hello everyone,
> >>>>
> >>>> I am looking at the official ActiveMQ tarball (
> https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz)
> and I would like to understand how ActiveMQ is configured.
> >>>>
> >>>> In the "conf" directory, I can see the following files:
> >>>>
> >>>> * activemq.xml
> >>>> * broker.ks
> >>>> * broker-localhost.cert
> >>>> * broker.ts
> >>>> * client.ks
> >>>> * client.ts
> >>>> * credentials-enc.properties
> >>>> * credentials.properties
> >>>> * groups.properties
> >>>> * java.security
> >>>> * jetty-realm.properties
> >>>> * jetty.xml
> >>>> * jmx.access
> >>>> * jmx.password
> >>>> * log4j.properties
> >>>> * logging.properties
> >>>> * login.config
> >>>> * users.properties
> >>>>
> >>>> I would like to know what each of these configuration files do, and
> whether they are required or not.
> >>>>
> >>>> Many thanks,
> >>>>
> >>>> Fabrice
> >>>
> >>
> >
>
>
Re: Roundup of the configuration files
Posted by "Tetreault, Lucas" <te...@amazon.com.INVALID>.
Hey Fabrice,
You commented out the following in conf/activemq.xml
<!-- XXX Fabrice
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<value>file:${activemq.conf}/credentials.properties</value>
</property>
</bean>
-->
Without this the ${activemq.data} properties and others won't be interpolated properly. You seem to be trying to minimize the config files and there is no credentials.properties file so you need to include at least the following:
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
</bean>
However, with the config and docker setup you provided ActiveMQ still won't start as your jetty.xml is referring to "jetty-realm.properties" which is missing.
I hope this helps!
Lucas
On 2021-06-22, 5:51 PM, "Matt Pavlovich" <ma...@gmail.com> wrote:
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
I believe this is still problematic:
/app/${activemq.data}/kahadb
I expect ${activemq.data} to be expanded to the actual value
> On Jun 22, 2021, at 3:37 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> I think I didn't miss it, but for some reason it doesn't get attached. So here is a copy/paste:
>
> FROM openjdk:11-jre
>
> # Environment variables: version and tarball stuff
> ENV ACTIVEMQ_VERSION 5.16.2
> ENV ACTIVEMQ apache-activemq-$ACTIVEMQ_VERSION
> ENV ACTIVEMQ apache-activemq-$ACTIVEMQ_VERSION
> ENV ACTIVEMQ_SHA512 27bb26786640f74dcf404db884bedffc0af4bfb2a0248c398044ac9a13e19ff097c590b79eb1404e0b04d17a8f85a8f7de87186a96744e19162d70b3c7a9bdde
>
> # Environment variables: ActiveMQ directories
> ENV ACTIVEMQ_HOME /app/activemq
> ENV ACTIVEMQ_BASE $ACTIVEMQ_HOME
> ENV ACTIVEMQ_CONF /app/conf
> ENV ACTIVEMQ_DATA /app/data
> ENV ACTIVEMQ_TMP /app/tmp
>
> # Environment variables: system stuff
> ENV DEBIAN_FRONTEND noninteractive
>
> WORKDIR /app
>
> RUN curl -fsSLo activemq.tgz "https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz" \
> && checksum=$(sha512sum activemq.tgz | awk '{ print $1 }') \
> && if [ $checksum != $ACTIVEMQ_SHA512 ]; then \
> echo "Unexpected SHA512 checksum; possible man-in-the-middle-attack"; \
> exit 1; \
> fi \
> && tar xf activemq.tgz \
> && rm activemq.tgz \
> && ln -s "/app/$ACTIVEMQ" /app/activemq \
> && cd activemq \
> && rm bin/activemq-diag bin/env bin/wrapper.jar LICENSE NOTICE README.txt \
> activemq-all-5.16.2.jar conf/*.ts conf/*.ks \
> && rm -r bin/linux-x86-32 bin/linux-x86-64 bin/macosx \
> data docs examples webapps-demo \
> && useradd --system --no-create-home --home-dir /app/home activemq \
> && mkdir -p /app/home "$ACTIVEMQ_CONF" "$ACTIVEMQ_DATA" "$ACTIVEMQ_TMP" \
> && chown -R activemq:activemq "$ACTIVEMQ_CONF" "$ACTIVEMQ_DATA" "$ACTIVEMQ_TMP"
>
> USER activemq
>
> CMD ["/app/activemq/bin/activemq", "console"]
>
> ________________________________
> From: Fabrice Triboix <fa...@armedia.com>
> Sent: 22 June 2021 21:04
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> It looks like I missed the Dockerfile, sorry about that. Here it is!
>
> ________________________________
> From: Fabrice Triboix <fa...@armedia.com>
> Sent: 22 June 2021 20:27
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi Matt,
>
> Please find attached my Dockerfile and docker-compose file. Also included is the "conf" directory I am mounting inside the container to configure ActiveMQ. Hopefully you should be able to reproduce the problem.
>
> Here is the full log when I run docker-compose up😒
>
> $ docker-compose up
> Creating network "ark_activemq_default" with the default driver
> Creating ark_activemq_activemq_1 ... done
> Attaching to ark_activemq_activemq_1
> activemq_1 | INFO: Using default configuration
> activemq_1 | Configurations are loaded in the following order: /etc/default/activemq /app/home/.activemqrc /app/activemq/bin/env
> activemq_1 |
> activemq_1 | INFO: Using java '/usr/local/openjdk-11/bin/java'
> activemq_1 | INFO: Starting in foreground, this is just for debugging purposes (stop process by pressing CTRL+C)
> activemq_1 | INFO: Creating pidfile /app/data/activemq.pid
> activemq_1 | Java Runtime: Oracle Corporation 11.0.11 /usr/local/openjdk-11
> activemq_1 | Heap sizes: current=260096k free=258119k max=4098048k
> activemq_1 | JVM args: -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=/app/conf/login.config -Djava.awt.headless=true -Djava.io.tmpdir=/app/tmp --add-reads=java.xml=java.logging --add-opens=java.base/java.security=ALL-UNNAMED --add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.naming/javax.naming.spi=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED -Dactivemq.classpath=/app/conf:/app/activemq/../lib/: -Dactivemq.home=/app/activemq -Dactivemq.base=/app/activemq -Dactivemq.conf=/app/conf -Dactivemq.data=/app/data
> activemq_1 | Extensions classpath:
> activemq_1 | [/app/activemq/lib,/app/activemq/lib/camel,/app/activemq/lib/optional,/app/activemq/lib/web,/app/activemq/lib/extra]
> activemq_1 | ACTIVEMQ_HOME: /app/activemq
> activemq_1 | ACTIVEMQ_BASE: /app/activemq
> activemq_1 | ACTIVEMQ_CONF: /app/conf
> activemq_1 | ACTIVEMQ_DATA: /app/data
> activemq_1 | Loading message broker from: xbean:activemq.xml
> activemq_1 | INFO | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@8646db9: startup date [Tue Jun 22 19:25:11 UTC 2021]; root of context hierarchy
> activemq_1 | INFO | Using Persistence Adapter: KahaDBPersistenceAdapter[/app/${activemq.data}/kahadb]
> activemq_1 | INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>
> After that, nothing gets logged any more.
>
> Thanks a lot for your help!
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 18:23
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Flying blind here.. without more detailed logs or information there isn’t enough information to point to a root cause.
>
> I can confirm that people have run ActiveMQ in Docker containers for years, so I do not suspect you are running into a bug at this point.
>
> I’d look into this line next-- "${activemq.data}/kahadb/lock”. I would expect the log line to expand the value of vs output the literal macro expression “${activemq.data}”.
>
> -Matt Pavlovich
>
>> On Jun 22, 2021, at 11:46 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> No, I am not using a volume at the moment.
>>
>> The data directory that I am using is /app/data and is owned by the activemq user and activemq group with 755 permissions. ActiveMQ runs as the activemq user. ActiveMQ clearly can create files there:
>>
>> activemq@7a5313d69a74:/app/data$ ls -al
>> total 20
>> drwxr-xr-x 1 activemq activemq 4096 Jun 22 16:44 .
>> drwxr-xr-x 1 root root 4096 Jun 22 16:38 ..
>> -rw-r--r-- 1 activemq activemq 610 Jun 22 16:44 activemq.log
>> -rw-r--r-- 1 activemq activemq 2 Jun 22 16:44 activemq.pid
>> -rw-r--r-- 1 activemq activemq 0 Jun 22 16:44 audit.log
>>
>> Cheers,
>>
>> Fabrice
>>
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 22 June 2021 16:54
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
>>
>>> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hi Matt,
>>>
>>> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>>>
>>> Cheers,
>>>
>>> Fabrice
>
Re: Roundup of the configuration files
Posted by Matt Pavlovich <ma...@gmail.com>.
I believe this is still problematic:
/app/${activemq.data}/kahadb
I expect ${activemq.data} to be expanded to the actual value
> On Jun 22, 2021, at 3:37 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> I think I didn't miss it, but for some reason it doesn't get attached. So here is a copy/paste:
>
> FROM openjdk:11-jre
>
> # Environment variables: version and tarball stuff
> ENV ACTIVEMQ_VERSION 5.16.2
> ENV ACTIVEMQ apache-activemq-$ACTIVEMQ_VERSION
> ENV ACTIVEMQ apache-activemq-$ACTIVEMQ_VERSION
> ENV ACTIVEMQ_SHA512 27bb26786640f74dcf404db884bedffc0af4bfb2a0248c398044ac9a13e19ff097c590b79eb1404e0b04d17a8f85a8f7de87186a96744e19162d70b3c7a9bdde
>
> # Environment variables: ActiveMQ directories
> ENV ACTIVEMQ_HOME /app/activemq
> ENV ACTIVEMQ_BASE $ACTIVEMQ_HOME
> ENV ACTIVEMQ_CONF /app/conf
> ENV ACTIVEMQ_DATA /app/data
> ENV ACTIVEMQ_TMP /app/tmp
>
> # Environment variables: system stuff
> ENV DEBIAN_FRONTEND noninteractive
>
> WORKDIR /app
>
> RUN curl -fsSLo activemq.tgz "https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz" \
> && checksum=$(sha512sum activemq.tgz | awk '{ print $1 }') \
> && if [ $checksum != $ACTIVEMQ_SHA512 ]; then \
> echo "Unexpected SHA512 checksum; possible man-in-the-middle-attack"; \
> exit 1; \
> fi \
> && tar xf activemq.tgz \
> && rm activemq.tgz \
> && ln -s "/app/$ACTIVEMQ" /app/activemq \
> && cd activemq \
> && rm bin/activemq-diag bin/env bin/wrapper.jar LICENSE NOTICE README.txt \
> activemq-all-5.16.2.jar conf/*.ts conf/*.ks \
> && rm -r bin/linux-x86-32 bin/linux-x86-64 bin/macosx \
> data docs examples webapps-demo \
> && useradd --system --no-create-home --home-dir /app/home activemq \
> && mkdir -p /app/home "$ACTIVEMQ_CONF" "$ACTIVEMQ_DATA" "$ACTIVEMQ_TMP" \
> && chown -R activemq:activemq "$ACTIVEMQ_CONF" "$ACTIVEMQ_DATA" "$ACTIVEMQ_TMP"
>
> USER activemq
>
> CMD ["/app/activemq/bin/activemq", "console"]
>
> ________________________________
> From: Fabrice Triboix <fa...@armedia.com>
> Sent: 22 June 2021 21:04
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> It looks like I missed the Dockerfile, sorry about that. Here it is!
>
> ________________________________
> From: Fabrice Triboix <fa...@armedia.com>
> Sent: 22 June 2021 20:27
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi Matt,
>
> Please find attached my Dockerfile and docker-compose file. Also included is the "conf" directory I am mounting inside the container to configure ActiveMQ. Hopefully you should be able to reproduce the problem.
>
> Here is the full log when I run docker-compose up😒
>
> $ docker-compose up
> Creating network "ark_activemq_default" with the default driver
> Creating ark_activemq_activemq_1 ... done
> Attaching to ark_activemq_activemq_1
> activemq_1 | INFO: Using default configuration
> activemq_1 | Configurations are loaded in the following order: /etc/default/activemq /app/home/.activemqrc /app/activemq/bin/env
> activemq_1 |
> activemq_1 | INFO: Using java '/usr/local/openjdk-11/bin/java'
> activemq_1 | INFO: Starting in foreground, this is just for debugging purposes (stop process by pressing CTRL+C)
> activemq_1 | INFO: Creating pidfile /app/data/activemq.pid
> activemq_1 | Java Runtime: Oracle Corporation 11.0.11 /usr/local/openjdk-11
> activemq_1 | Heap sizes: current=260096k free=258119k max=4098048k
> activemq_1 | JVM args: -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=/app/conf/login.config -Djava.awt.headless=true -Djava.io.tmpdir=/app/tmp --add-reads=java.xml=java.logging --add-opens=java.base/java.security=ALL-UNNAMED --add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.naming/javax.naming.spi=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED -Dactivemq.classpath=/app/conf:/app/activemq/../lib/: -Dactivemq.home=/app/activemq -Dactivemq.base=/app/activemq -Dactivemq.conf=/app/conf -Dactivemq.data=/app/data
> activemq_1 | Extensions classpath:
> activemq_1 | [/app/activemq/lib,/app/activemq/lib/camel,/app/activemq/lib/optional,/app/activemq/lib/web,/app/activemq/lib/extra]
> activemq_1 | ACTIVEMQ_HOME: /app/activemq
> activemq_1 | ACTIVEMQ_BASE: /app/activemq
> activemq_1 | ACTIVEMQ_CONF: /app/conf
> activemq_1 | ACTIVEMQ_DATA: /app/data
> activemq_1 | Loading message broker from: xbean:activemq.xml
> activemq_1 | INFO | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@8646db9: startup date [Tue Jun 22 19:25:11 UTC 2021]; root of context hierarchy
> activemq_1 | INFO | Using Persistence Adapter: KahaDBPersistenceAdapter[/app/${activemq.data}/kahadb]
> activemq_1 | INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>
> After that, nothing gets logged any more.
>
> Thanks a lot for your help!
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 18:23
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Flying blind here.. without more detailed logs or information there isn’t enough information to point to a root cause.
>
> I can confirm that people have run ActiveMQ in Docker containers for years, so I do not suspect you are running into a bug at this point.
>
> I’d look into this line next-- "${activemq.data}/kahadb/lock”. I would expect the log line to expand the value of vs output the literal macro expression “${activemq.data}”.
>
> -Matt Pavlovich
>
>> On Jun 22, 2021, at 11:46 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> No, I am not using a volume at the moment.
>>
>> The data directory that I am using is /app/data and is owned by the activemq user and activemq group with 755 permissions. ActiveMQ runs as the activemq user. ActiveMQ clearly can create files there:
>>
>> activemq@7a5313d69a74:/app/data$ ls -al
>> total 20
>> drwxr-xr-x 1 activemq activemq 4096 Jun 22 16:44 .
>> drwxr-xr-x 1 root root 4096 Jun 22 16:38 ..
>> -rw-r--r-- 1 activemq activemq 610 Jun 22 16:44 activemq.log
>> -rw-r--r-- 1 activemq activemq 2 Jun 22 16:44 activemq.pid
>> -rw-r--r-- 1 activemq activemq 0 Jun 22 16:44 audit.log
>>
>> Cheers,
>>
>> Fabrice
>>
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 22 June 2021 16:54
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
>>
>>> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hi Matt,
>>>
>>> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>>>
>>> Cheers,
>>>
>>> Fabrice
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
I think I didn't miss it, but for some reason it doesn't get attached. So here is a copy/paste:
FROM openjdk:11-jre
# Environment variables: version and tarball stuff
ENV ACTIVEMQ_VERSION 5.16.2
ENV ACTIVEMQ apache-activemq-$ACTIVEMQ_VERSION
ENV ACTIVEMQ apache-activemq-$ACTIVEMQ_VERSION
ENV ACTIVEMQ_SHA512 27bb26786640f74dcf404db884bedffc0af4bfb2a0248c398044ac9a13e19ff097c590b79eb1404e0b04d17a8f85a8f7de87186a96744e19162d70b3c7a9bdde
# Environment variables: ActiveMQ directories
ENV ACTIVEMQ_HOME /app/activemq
ENV ACTIVEMQ_BASE $ACTIVEMQ_HOME
ENV ACTIVEMQ_CONF /app/conf
ENV ACTIVEMQ_DATA /app/data
ENV ACTIVEMQ_TMP /app/tmp
# Environment variables: system stuff
ENV DEBIAN_FRONTEND noninteractive
WORKDIR /app
RUN curl -fsSLo activemq.tgz "https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz" \
&& checksum=$(sha512sum activemq.tgz | awk '{ print $1 }') \
&& if [ $checksum != $ACTIVEMQ_SHA512 ]; then \
echo "Unexpected SHA512 checksum; possible man-in-the-middle-attack"; \
exit 1; \
fi \
&& tar xf activemq.tgz \
&& rm activemq.tgz \
&& ln -s "/app/$ACTIVEMQ" /app/activemq \
&& cd activemq \
&& rm bin/activemq-diag bin/env bin/wrapper.jar LICENSE NOTICE README.txt \
activemq-all-5.16.2.jar conf/*.ts conf/*.ks \
&& rm -r bin/linux-x86-32 bin/linux-x86-64 bin/macosx \
data docs examples webapps-demo \
&& useradd --system --no-create-home --home-dir /app/home activemq \
&& mkdir -p /app/home "$ACTIVEMQ_CONF" "$ACTIVEMQ_DATA" "$ACTIVEMQ_TMP" \
&& chown -R activemq:activemq "$ACTIVEMQ_CONF" "$ACTIVEMQ_DATA" "$ACTIVEMQ_TMP"
USER activemq
CMD ["/app/activemq/bin/activemq", "console"]
________________________________
From: Fabrice Triboix <fa...@armedia.com>
Sent: 22 June 2021 21:04
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
It looks like I missed the Dockerfile, sorry about that. Here it is!
________________________________
From: Fabrice Triboix <fa...@armedia.com>
Sent: 22 June 2021 20:27
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi Matt,
Please find attached my Dockerfile and docker-compose file. Also included is the "conf" directory I am mounting inside the container to configure ActiveMQ. Hopefully you should be able to reproduce the problem.
Here is the full log when I run docker-compose up😒
$ docker-compose up
Creating network "ark_activemq_default" with the default driver
Creating ark_activemq_activemq_1 ... done
Attaching to ark_activemq_activemq_1
activemq_1 | INFO: Using default configuration
activemq_1 | Configurations are loaded in the following order: /etc/default/activemq /app/home/.activemqrc /app/activemq/bin/env
activemq_1 |
activemq_1 | INFO: Using java '/usr/local/openjdk-11/bin/java'
activemq_1 | INFO: Starting in foreground, this is just for debugging purposes (stop process by pressing CTRL+C)
activemq_1 | INFO: Creating pidfile /app/data/activemq.pid
activemq_1 | Java Runtime: Oracle Corporation 11.0.11 /usr/local/openjdk-11
activemq_1 | Heap sizes: current=260096k free=258119k max=4098048k
activemq_1 | JVM args: -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=/app/conf/login.config -Djava.awt.headless=true -Djava.io.tmpdir=/app/tmp --add-reads=java.xml=java.logging --add-opens=java.base/java.security=ALL-UNNAMED --add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.naming/javax.naming.spi=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED -Dactivemq.classpath=/app/conf:/app/activemq/../lib/: -Dactivemq.home=/app/activemq -Dactivemq.base=/app/activemq -Dactivemq.conf=/app/conf -Dactivemq.data=/app/data
activemq_1 | Extensions classpath:
activemq_1 | [/app/activemq/lib,/app/activemq/lib/camel,/app/activemq/lib/optional,/app/activemq/lib/web,/app/activemq/lib/extra]
activemq_1 | ACTIVEMQ_HOME: /app/activemq
activemq_1 | ACTIVEMQ_BASE: /app/activemq
activemq_1 | ACTIVEMQ_CONF: /app/conf
activemq_1 | ACTIVEMQ_DATA: /app/data
activemq_1 | Loading message broker from: xbean:activemq.xml
activemq_1 | INFO | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@8646db9: startup date [Tue Jun 22 19:25:11 UTC 2021]; root of context hierarchy
activemq_1 | INFO | Using Persistence Adapter: KahaDBPersistenceAdapter[/app/${activemq.data}/kahadb]
activemq_1 | INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
After that, nothing gets logged any more.
Thanks a lot for your help!
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 22 June 2021 18:23
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Flying blind here.. without more detailed logs or information there isn’t enough information to point to a root cause.
I can confirm that people have run ActiveMQ in Docker containers for years, so I do not suspect you are running into a bug at this point.
I’d look into this line next-- "${activemq.data}/kahadb/lock”. I would expect the log line to expand the value of vs output the literal macro expression “${activemq.data}”.
-Matt Pavlovich
> On Jun 22, 2021, at 11:46 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> No, I am not using a volume at the moment.
>
> The data directory that I am using is /app/data and is owned by the activemq user and activemq group with 755 permissions. ActiveMQ runs as the activemq user. ActiveMQ clearly can create files there:
>
> activemq@7a5313d69a74:/app/data$ ls -al
> total 20
> drwxr-xr-x 1 activemq activemq 4096 Jun 22 16:44 .
> drwxr-xr-x 1 root root 4096 Jun 22 16:38 ..
> -rw-r--r-- 1 activemq activemq 610 Jun 22 16:44 activemq.log
> -rw-r--r-- 1 activemq activemq 2 Jun 22 16:44 activemq.pid
> -rw-r--r-- 1 activemq activemq 0 Jun 22 16:44 audit.log
>
> Cheers,
>
> Fabrice
>
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 16:54
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
>
>> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>>
>> Cheers,
>>
>> Fabrice
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
It looks like I missed the Dockerfile, sorry about that. Here it is!
________________________________
From: Fabrice Triboix <fa...@armedia.com>
Sent: 22 June 2021 20:27
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi Matt,
Please find attached my Dockerfile and docker-compose file. Also included is the "conf" directory I am mounting inside the container to configure ActiveMQ. Hopefully you should be able to reproduce the problem.
Here is the full log when I run docker-compose up😒
$ docker-compose up
Creating network "ark_activemq_default" with the default driver
Creating ark_activemq_activemq_1 ... done
Attaching to ark_activemq_activemq_1
activemq_1 | INFO: Using default configuration
activemq_1 | Configurations are loaded in the following order: /etc/default/activemq /app/home/.activemqrc /app/activemq/bin/env
activemq_1 |
activemq_1 | INFO: Using java '/usr/local/openjdk-11/bin/java'
activemq_1 | INFO: Starting in foreground, this is just for debugging purposes (stop process by pressing CTRL+C)
activemq_1 | INFO: Creating pidfile /app/data/activemq.pid
activemq_1 | Java Runtime: Oracle Corporation 11.0.11 /usr/local/openjdk-11
activemq_1 | Heap sizes: current=260096k free=258119k max=4098048k
activemq_1 | JVM args: -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=/app/conf/login.config -Djava.awt.headless=true -Djava.io.tmpdir=/app/tmp --add-reads=java.xml=java.logging --add-opens=java.base/java.security=ALL-UNNAMED --add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.naming/javax.naming.spi=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED -Dactivemq.classpath=/app/conf:/app/activemq/../lib/: -Dactivemq.home=/app/activemq -Dactivemq.base=/app/activemq -Dactivemq.conf=/app/conf -Dactivemq.data=/app/data
activemq_1 | Extensions classpath:
activemq_1 | [/app/activemq/lib,/app/activemq/lib/camel,/app/activemq/lib/optional,/app/activemq/lib/web,/app/activemq/lib/extra]
activemq_1 | ACTIVEMQ_HOME: /app/activemq
activemq_1 | ACTIVEMQ_BASE: /app/activemq
activemq_1 | ACTIVEMQ_CONF: /app/conf
activemq_1 | ACTIVEMQ_DATA: /app/data
activemq_1 | Loading message broker from: xbean:activemq.xml
activemq_1 | INFO | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@8646db9: startup date [Tue Jun 22 19:25:11 UTC 2021]; root of context hierarchy
activemq_1 | INFO | Using Persistence Adapter: KahaDBPersistenceAdapter[/app/${activemq.data}/kahadb]
activemq_1 | INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
After that, nothing gets logged any more.
Thanks a lot for your help!
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 22 June 2021 18:23
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Flying blind here.. without more detailed logs or information there isn’t enough information to point to a root cause.
I can confirm that people have run ActiveMQ in Docker containers for years, so I do not suspect you are running into a bug at this point.
I’d look into this line next-- "${activemq.data}/kahadb/lock”. I would expect the log line to expand the value of vs output the literal macro expression “${activemq.data}”.
-Matt Pavlovich
> On Jun 22, 2021, at 11:46 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> No, I am not using a volume at the moment.
>
> The data directory that I am using is /app/data and is owned by the activemq user and activemq group with 755 permissions. ActiveMQ runs as the activemq user. ActiveMQ clearly can create files there:
>
> activemq@7a5313d69a74:/app/data$ ls -al
> total 20
> drwxr-xr-x 1 activemq activemq 4096 Jun 22 16:44 .
> drwxr-xr-x 1 root root 4096 Jun 22 16:38 ..
> -rw-r--r-- 1 activemq activemq 610 Jun 22 16:44 activemq.log
> -rw-r--r-- 1 activemq activemq 2 Jun 22 16:44 activemq.pid
> -rw-r--r-- 1 activemq activemq 0 Jun 22 16:44 audit.log
>
> Cheers,
>
> Fabrice
>
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 16:54
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
>
>> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>>
>> Cheers,
>>
>> Fabrice
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 22 June 2021 13:54
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> The filesystem locking is simply delegated to the OS. Double check you do not have a second ActiveMQ process that was left running unintentionally during the config testing.
>>
>> If it is on Linux, you can use the ‘lsof’ command to look for the process that has the kahadb/lock file locked.
>>
>> -Matt Pavlovich
>>
>>> On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hello Matt,
>>>
>>> I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
>>>
>>> The configuration files I kept are:
>>>
>>> * activemq.xml
>>> * jetty.xml
>>> * log4j.properties
>>> * logging.properties
>>>
>>> Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
>>>
>>> INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>>>
>>> This is very odd because there is only one ActiveMQ broker running...
>>>
>>> Any idea about what is going on?
>>>
>>> Many thanks,
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Matt Pavlovich <ma...@gmail.com>
>>> Sent: 21 June 2021 15:43
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hello Fabrice-
>>>
>>> Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
>>>
>>> -Matt Pavlovich
>>>
>>>> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>
>>>> Hi Matt,
>>>>
>>>> All right, thanks a lot for these details.
>>>>
>>>> ActiveMQ crashes for me, there is a stack trace with the following error:
>>>>
>>>> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>>>>
>>>> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>>>>
>>>> Thanks a lot for your help!
>>>>
>>>> Fabrice
>>>>
>>>> ________________________________
>>>> From: Matt Pavlovich <ma...@gmail.com>
>>>> Sent: 18 June 2021 22:38
>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>> Subject: Re: Roundup of the configuration files
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>
>>>>
>>>> Hi Fabrice-
>>>>
>>>> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>>>>
>>>> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>>>>
>>>> Messaging services (JMS, MQTT, STOMP, etc):
>>>>
>>>> conf/login.config <— defines what to use
>>>> conf/groups.properties <— group-to-user mappings
>>>> conf/users.properties <— user and passwords
>>>>
>>>> Management (JMX):
>>>>
>>>> bin/env
>>>> conf/jmx.password
>>>> conf/jmx.access
>>>>
>>>> Web Console:
>>>>
>>>> conf/jetty.xml
>>>>
>>>> ref: https://activemq.apache.org/security
>>>>
>>>>
>>>> Hope this helps!
>>>>
>>>> -Matt Pavlovich
>>>>
>>>>
>>>>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>>
>>>>> Hello,
>>>>>
>>>>> Could somebody please provide me with an answer to my question below?
>>>>>
>>>>> Thank you very much for any help,
>>>>>
>>>>> Fabrice
>>>>>
>>>>> ________________________________
>>>>> From: Fabrice Triboix <fa...@armedia.com>
>>>>> Sent: 12 June 2021 15:50
>>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>>> Subject: Re: Roundup of the configuration files
>>>>>
>>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>>
>>>>>
>>>>> Hi Jean-Baptiste,
>>>>>
>>>>> Thanks a lot for your answer.
>>>>>
>>>>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>>>>
>>>>> Thanks a lot for your help!
>>>>>
>>>>> Fabrice
>>>>>
>>>>> ________________________________
>>>>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>>>>> Sent: 12 June 2021 05:37
>>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>>> Subject: Re: Roundup of the configuration files
>>>>>
>>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>>>>
>>>>> - activemq.xml (broker config)
>>>>> - jetty.xml (jetty container used by admin web console)
>>>>> - log4j.properties (for logging config)
>>>>> - logging.properties (can be removed if you don’t use JUL)
>>>>>
>>>>> All the rest is used when SSL is enabled, when authentication is enabled.
>>>>>
>>>>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>>>>
>>>>> Regards
>>>>> JB
>>>>>
>>>>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>>>>
>>>>>> Hello everyone,
>>>>>>
>>>>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>>>>
>>>>>> In the "conf" directory, I can see the following files:
>>>>>>
>>>>>> * activemq.xml
>>>>>> * broker.ks
>>>>>> * broker-localhost.cert
>>>>>> * broker.ts
>>>>>> * client.ks
>>>>>> * client.ts
>>>>>> * credentials-enc.properties
>>>>>> * credentials.properties
>>>>>> * groups.properties
>>>>>> * java.security
>>>>>> * jetty-realm.properties
>>>>>> * jetty.xml
>>>>>> * jmx.access
>>>>>> * jmx.password
>>>>>> * log4j.properties
>>>>>> * logging.properties
>>>>>> * login.config
>>>>>> * users.properties
>>>>>>
>>>>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>>>>
>>>>>> Many thanks,
>>>>>>
>>>>>> Fabrice
>>>>>
>>>>
>>>
>>
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hi Matt,
Please find attached my Dockerfile and docker-compose file. Also included is the "conf" directory I am mounting inside the container to configure ActiveMQ. Hopefully you should be able to reproduce the problem.
Here is the full log when I run docker-compose up😒
$ docker-compose up
Creating network "ark_activemq_default" with the default driver
Creating ark_activemq_activemq_1 ... done
Attaching to ark_activemq_activemq_1
activemq_1 | INFO: Using default configuration
activemq_1 | Configurations are loaded in the following order: /etc/default/activemq /app/home/.activemqrc /app/activemq/bin/env
activemq_1 |
activemq_1 | INFO: Using java '/usr/local/openjdk-11/bin/java'
activemq_1 | INFO: Starting in foreground, this is just for debugging purposes (stop process by pressing CTRL+C)
activemq_1 | INFO: Creating pidfile /app/data/activemq.pid
activemq_1 | Java Runtime: Oracle Corporation 11.0.11 /usr/local/openjdk-11
activemq_1 | Heap sizes: current=260096k free=258119k max=4098048k
activemq_1 | JVM args: -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=/app/conf/login.config -Djava.awt.headless=true -Djava.io.tmpdir=/app/tmp --add-reads=java.xml=java.logging --add-opens=java.base/java.security=ALL-UNNAMED --add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.naming/javax.naming.spi=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED -Dactivemq.classpath=/app/conf:/app/activemq/../lib/: -Dactivemq.home=/app/activemq -Dactivemq.base=/app/activemq -Dactivemq.conf=/app/conf -Dactivemq.data=/app/data
activemq_1 | Extensions classpath:
activemq_1 | [/app/activemq/lib,/app/activemq/lib/camel,/app/activemq/lib/optional,/app/activemq/lib/web,/app/activemq/lib/extra]
activemq_1 | ACTIVEMQ_HOME: /app/activemq
activemq_1 | ACTIVEMQ_BASE: /app/activemq
activemq_1 | ACTIVEMQ_CONF: /app/conf
activemq_1 | ACTIVEMQ_DATA: /app/data
activemq_1 | Loading message broker from: xbean:activemq.xml
activemq_1 | INFO | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@8646db9: startup date [Tue Jun 22 19:25:11 UTC 2021]; root of context hierarchy
activemq_1 | INFO | Using Persistence Adapter: KahaDBPersistenceAdapter[/app/${activemq.data}/kahadb]
activemq_1 | INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
After that, nothing gets logged any more.
Thanks a lot for your help!
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 22 June 2021 18:23
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Flying blind here.. without more detailed logs or information there isn’t enough information to point to a root cause.
I can confirm that people have run ActiveMQ in Docker containers for years, so I do not suspect you are running into a bug at this point.
I’d look into this line next-- "${activemq.data}/kahadb/lock”. I would expect the log line to expand the value of vs output the literal macro expression “${activemq.data}”.
-Matt Pavlovich
> On Jun 22, 2021, at 11:46 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> No, I am not using a volume at the moment.
>
> The data directory that I am using is /app/data and is owned by the activemq user and activemq group with 755 permissions. ActiveMQ runs as the activemq user. ActiveMQ clearly can create files there:
>
> activemq@7a5313d69a74:/app/data$ ls -al
> total 20
> drwxr-xr-x 1 activemq activemq 4096 Jun 22 16:44 .
> drwxr-xr-x 1 root root 4096 Jun 22 16:38 ..
> -rw-r--r-- 1 activemq activemq 610 Jun 22 16:44 activemq.log
> -rw-r--r-- 1 activemq activemq 2 Jun 22 16:44 activemq.pid
> -rw-r--r-- 1 activemq activemq 0 Jun 22 16:44 audit.log
>
> Cheers,
>
> Fabrice
>
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 16:54
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
>
>> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>>
>> Cheers,
>>
>> Fabrice
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 22 June 2021 13:54
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> The filesystem locking is simply delegated to the OS. Double check you do not have a second ActiveMQ process that was left running unintentionally during the config testing.
>>
>> If it is on Linux, you can use the ‘lsof’ command to look for the process that has the kahadb/lock file locked.
>>
>> -Matt Pavlovich
>>
>>> On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hello Matt,
>>>
>>> I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
>>>
>>> The configuration files I kept are:
>>>
>>> * activemq.xml
>>> * jetty.xml
>>> * log4j.properties
>>> * logging.properties
>>>
>>> Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
>>>
>>> INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>>>
>>> This is very odd because there is only one ActiveMQ broker running...
>>>
>>> Any idea about what is going on?
>>>
>>> Many thanks,
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Matt Pavlovich <ma...@gmail.com>
>>> Sent: 21 June 2021 15:43
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hello Fabrice-
>>>
>>> Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
>>>
>>> -Matt Pavlovich
>>>
>>>> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>
>>>> Hi Matt,
>>>>
>>>> All right, thanks a lot for these details.
>>>>
>>>> ActiveMQ crashes for me, there is a stack trace with the following error:
>>>>
>>>> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>>>>
>>>> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>>>>
>>>> Thanks a lot for your help!
>>>>
>>>> Fabrice
>>>>
>>>> ________________________________
>>>> From: Matt Pavlovich <ma...@gmail.com>
>>>> Sent: 18 June 2021 22:38
>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>> Subject: Re: Roundup of the configuration files
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>
>>>>
>>>> Hi Fabrice-
>>>>
>>>> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>>>>
>>>> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>>>>
>>>> Messaging services (JMS, MQTT, STOMP, etc):
>>>>
>>>> conf/login.config <— defines what to use
>>>> conf/groups.properties <— group-to-user mappings
>>>> conf/users.properties <— user and passwords
>>>>
>>>> Management (JMX):
>>>>
>>>> bin/env
>>>> conf/jmx.password
>>>> conf/jmx.access
>>>>
>>>> Web Console:
>>>>
>>>> conf/jetty.xml
>>>>
>>>> ref: https://activemq.apache.org/security
>>>>
>>>>
>>>> Hope this helps!
>>>>
>>>> -Matt Pavlovich
>>>>
>>>>
>>>>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>>
>>>>> Hello,
>>>>>
>>>>> Could somebody please provide me with an answer to my question below?
>>>>>
>>>>> Thank you very much for any help,
>>>>>
>>>>> Fabrice
>>>>>
>>>>> ________________________________
>>>>> From: Fabrice Triboix <fa...@armedia.com>
>>>>> Sent: 12 June 2021 15:50
>>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>>> Subject: Re: Roundup of the configuration files
>>>>>
>>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>>
>>>>>
>>>>> Hi Jean-Baptiste,
>>>>>
>>>>> Thanks a lot for your answer.
>>>>>
>>>>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>>>>
>>>>> Thanks a lot for your help!
>>>>>
>>>>> Fabrice
>>>>>
>>>>> ________________________________
>>>>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>>>>> Sent: 12 June 2021 05:37
>>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>>> Subject: Re: Roundup of the configuration files
>>>>>
>>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>>>>
>>>>> - activemq.xml (broker config)
>>>>> - jetty.xml (jetty container used by admin web console)
>>>>> - log4j.properties (for logging config)
>>>>> - logging.properties (can be removed if you don’t use JUL)
>>>>>
>>>>> All the rest is used when SSL is enabled, when authentication is enabled.
>>>>>
>>>>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>>>>
>>>>> Regards
>>>>> JB
>>>>>
>>>>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>>>>
>>>>>> Hello everyone,
>>>>>>
>>>>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>>>>
>>>>>> In the "conf" directory, I can see the following files:
>>>>>>
>>>>>> * activemq.xml
>>>>>> * broker.ks
>>>>>> * broker-localhost.cert
>>>>>> * broker.ts
>>>>>> * client.ks
>>>>>> * client.ts
>>>>>> * credentials-enc.properties
>>>>>> * credentials.properties
>>>>>> * groups.properties
>>>>>> * java.security
>>>>>> * jetty-realm.properties
>>>>>> * jetty.xml
>>>>>> * jmx.access
>>>>>> * jmx.password
>>>>>> * log4j.properties
>>>>>> * logging.properties
>>>>>> * login.config
>>>>>> * users.properties
>>>>>>
>>>>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>>>>
>>>>>> Many thanks,
>>>>>>
>>>>>> Fabrice
>>>>>
>>>>
>>>
>>
>
Re: Roundup of the configuration files
Posted by Matt Pavlovich <ma...@gmail.com>.
Flying blind here.. without more detailed logs or information there isn’t enough information to point to a root cause.
I can confirm that people have run ActiveMQ in Docker containers for years, so I do not suspect you are running into a bug at this point.
I’d look into this line next-- "${activemq.data}/kahadb/lock”. I would expect the log line to expand the value of vs output the literal macro expression “${activemq.data}”.
-Matt Pavlovich
> On Jun 22, 2021, at 11:46 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> No, I am not using a volume at the moment.
>
> The data directory that I am using is /app/data and is owned by the activemq user and activemq group with 755 permissions. ActiveMQ runs as the activemq user. ActiveMQ clearly can create files there:
>
> activemq@7a5313d69a74:/app/data$ ls -al
> total 20
> drwxr-xr-x 1 activemq activemq 4096 Jun 22 16:44 .
> drwxr-xr-x 1 root root 4096 Jun 22 16:38 ..
> -rw-r--r-- 1 activemq activemq 610 Jun 22 16:44 activemq.log
> -rw-r--r-- 1 activemq activemq 2 Jun 22 16:44 activemq.pid
> -rw-r--r-- 1 activemq activemq 0 Jun 22 16:44 audit.log
>
> Cheers,
>
> Fabrice
>
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 16:54
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
>
>> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>>
>> Cheers,
>>
>> Fabrice
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 22 June 2021 13:54
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> The filesystem locking is simply delegated to the OS. Double check you do not have a second ActiveMQ process that was left running unintentionally during the config testing.
>>
>> If it is on Linux, you can use the ‘lsof’ command to look for the process that has the kahadb/lock file locked.
>>
>> -Matt Pavlovich
>>
>>> On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hello Matt,
>>>
>>> I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
>>>
>>> The configuration files I kept are:
>>>
>>> * activemq.xml
>>> * jetty.xml
>>> * log4j.properties
>>> * logging.properties
>>>
>>> Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
>>>
>>> INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>>>
>>> This is very odd because there is only one ActiveMQ broker running...
>>>
>>> Any idea about what is going on?
>>>
>>> Many thanks,
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Matt Pavlovich <ma...@gmail.com>
>>> Sent: 21 June 2021 15:43
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hello Fabrice-
>>>
>>> Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
>>>
>>> -Matt Pavlovich
>>>
>>>> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>
>>>> Hi Matt,
>>>>
>>>> All right, thanks a lot for these details.
>>>>
>>>> ActiveMQ crashes for me, there is a stack trace with the following error:
>>>>
>>>> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>>>>
>>>> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>>>>
>>>> Thanks a lot for your help!
>>>>
>>>> Fabrice
>>>>
>>>> ________________________________
>>>> From: Matt Pavlovich <ma...@gmail.com>
>>>> Sent: 18 June 2021 22:38
>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>> Subject: Re: Roundup of the configuration files
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>
>>>>
>>>> Hi Fabrice-
>>>>
>>>> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>>>>
>>>> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>>>>
>>>> Messaging services (JMS, MQTT, STOMP, etc):
>>>>
>>>> conf/login.config <— defines what to use
>>>> conf/groups.properties <— group-to-user mappings
>>>> conf/users.properties <— user and passwords
>>>>
>>>> Management (JMX):
>>>>
>>>> bin/env
>>>> conf/jmx.password
>>>> conf/jmx.access
>>>>
>>>> Web Console:
>>>>
>>>> conf/jetty.xml
>>>>
>>>> ref: https://activemq.apache.org/security
>>>>
>>>>
>>>> Hope this helps!
>>>>
>>>> -Matt Pavlovich
>>>>
>>>>
>>>>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>>
>>>>> Hello,
>>>>>
>>>>> Could somebody please provide me with an answer to my question below?
>>>>>
>>>>> Thank you very much for any help,
>>>>>
>>>>> Fabrice
>>>>>
>>>>> ________________________________
>>>>> From: Fabrice Triboix <fa...@armedia.com>
>>>>> Sent: 12 June 2021 15:50
>>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>>> Subject: Re: Roundup of the configuration files
>>>>>
>>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>>
>>>>>
>>>>> Hi Jean-Baptiste,
>>>>>
>>>>> Thanks a lot for your answer.
>>>>>
>>>>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>>>>
>>>>> Thanks a lot for your help!
>>>>>
>>>>> Fabrice
>>>>>
>>>>> ________________________________
>>>>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>>>>> Sent: 12 June 2021 05:37
>>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>>> Subject: Re: Roundup of the configuration files
>>>>>
>>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>>>>
>>>>> - activemq.xml (broker config)
>>>>> - jetty.xml (jetty container used by admin web console)
>>>>> - log4j.properties (for logging config)
>>>>> - logging.properties (can be removed if you don’t use JUL)
>>>>>
>>>>> All the rest is used when SSL is enabled, when authentication is enabled.
>>>>>
>>>>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>>>>
>>>>> Regards
>>>>> JB
>>>>>
>>>>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>>>>
>>>>>> Hello everyone,
>>>>>>
>>>>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>>>>
>>>>>> In the "conf" directory, I can see the following files:
>>>>>>
>>>>>> * activemq.xml
>>>>>> * broker.ks
>>>>>> * broker-localhost.cert
>>>>>> * broker.ts
>>>>>> * client.ks
>>>>>> * client.ts
>>>>>> * credentials-enc.properties
>>>>>> * credentials.properties
>>>>>> * groups.properties
>>>>>> * java.security
>>>>>> * jetty-realm.properties
>>>>>> * jetty.xml
>>>>>> * jmx.access
>>>>>> * jmx.password
>>>>>> * log4j.properties
>>>>>> * logging.properties
>>>>>> * login.config
>>>>>> * users.properties
>>>>>>
>>>>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>>>>
>>>>>> Many thanks,
>>>>>>
>>>>>> Fabrice
>>>>>
>>>>
>>>
>>
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hi Matt,
No, I am not using a volume at the moment.
The data directory that I am using is /app/data and is owned by the activemq user and activemq group with 755 permissions. ActiveMQ runs as the activemq user. ActiveMQ clearly can create files there:
activemq@7a5313d69a74:/app/data$ ls -al
total 20
drwxr-xr-x 1 activemq activemq 4096 Jun 22 16:44 .
drwxr-xr-x 1 root root 4096 Jun 22 16:38 ..
-rw-r--r-- 1 activemq activemq 610 Jun 22 16:44 activemq.log
-rw-r--r-- 1 activemq activemq 2 Jun 22 16:44 activemq.pid
-rw-r--r-- 1 activemq activemq 0 Jun 22 16:44 audit.log
Cheers,
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 22 June 2021 16:54
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>
> Cheers,
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 13:54
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> The filesystem locking is simply delegated to the OS. Double check you do not have a second ActiveMQ process that was left running unintentionally during the config testing.
>
> If it is on Linux, you can use the ‘lsof’ command to look for the process that has the kahadb/lock file locked.
>
> -Matt Pavlovich
>
>> On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hello Matt,
>>
>> I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
>>
>> The configuration files I kept are:
>>
>> * activemq.xml
>> * jetty.xml
>> * log4j.properties
>> * logging.properties
>>
>> Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
>>
>> INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>>
>> This is very odd because there is only one ActiveMQ broker running...
>>
>> Any idea about what is going on?
>>
>> Many thanks,
>>
>> Fabrice
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 21 June 2021 15:43
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hello Fabrice-
>>
>> Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
>>
>> -Matt Pavlovich
>>
>>> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hi Matt,
>>>
>>> All right, thanks a lot for these details.
>>>
>>> ActiveMQ crashes for me, there is a stack trace with the following error:
>>>
>>> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>>>
>>> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>>>
>>> Thanks a lot for your help!
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Matt Pavlovich <ma...@gmail.com>
>>> Sent: 18 June 2021 22:38
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hi Fabrice-
>>>
>>> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>>>
>>> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>>>
>>> Messaging services (JMS, MQTT, STOMP, etc):
>>>
>>> conf/login.config <— defines what to use
>>> conf/groups.properties <— group-to-user mappings
>>> conf/users.properties <— user and passwords
>>>
>>> Management (JMX):
>>>
>>> bin/env
>>> conf/jmx.password
>>> conf/jmx.access
>>>
>>> Web Console:
>>>
>>> conf/jetty.xml
>>>
>>> ref: https://activemq.apache.org/security
>>>
>>>
>>> Hope this helps!
>>>
>>> -Matt Pavlovich
>>>
>>>
>>>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>
>>>> Hello,
>>>>
>>>> Could somebody please provide me with an answer to my question below?
>>>>
>>>> Thank you very much for any help,
>>>>
>>>> Fabrice
>>>>
>>>> ________________________________
>>>> From: Fabrice Triboix <fa...@armedia.com>
>>>> Sent: 12 June 2021 15:50
>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>> Subject: Re: Roundup of the configuration files
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>
>>>>
>>>> Hi Jean-Baptiste,
>>>>
>>>> Thanks a lot for your answer.
>>>>
>>>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>>>
>>>> Thanks a lot for your help!
>>>>
>>>> Fabrice
>>>>
>>>> ________________________________
>>>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>>>> Sent: 12 June 2021 05:37
>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>> Subject: Re: Roundup of the configuration files
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>
>>>>
>>>> Hi,
>>>>
>>>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>>>
>>>> - activemq.xml (broker config)
>>>> - jetty.xml (jetty container used by admin web console)
>>>> - log4j.properties (for logging config)
>>>> - logging.properties (can be removed if you don’t use JUL)
>>>>
>>>> All the rest is used when SSL is enabled, when authentication is enabled.
>>>>
>>>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>>>
>>>> Regards
>>>> JB
>>>>
>>>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>>>
>>>>> Hello everyone,
>>>>>
>>>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>>>
>>>>> In the "conf" directory, I can see the following files:
>>>>>
>>>>> * activemq.xml
>>>>> * broker.ks
>>>>> * broker-localhost.cert
>>>>> * broker.ts
>>>>> * client.ks
>>>>> * client.ts
>>>>> * credentials-enc.properties
>>>>> * credentials.properties
>>>>> * groups.properties
>>>>> * java.security
>>>>> * jetty-realm.properties
>>>>> * jetty.xml
>>>>> * jmx.access
>>>>> * jmx.password
>>>>> * log4j.properties
>>>>> * logging.properties
>>>>> * login.config
>>>>> * users.properties
>>>>>
>>>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>>>
>>>>> Many thanks,
>>>>>
>>>>> Fabrice
>>>>
>>>
>>
>
Re: Roundup of the configuration files
Posted by Matt Pavlovich <ma...@gmail.com>.
Are you using a volume? Could be permissions related that ActiveMQ is unable to get a lock on the filesystem.
> On Jun 22, 2021, at 8:57 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
>
> Cheers,
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 22 June 2021 13:54
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> The filesystem locking is simply delegated to the OS. Double check you do not have a second ActiveMQ process that was left running unintentionally during the config testing.
>
> If it is on Linux, you can use the ‘lsof’ command to look for the process that has the kahadb/lock file locked.
>
> -Matt Pavlovich
>
>> On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hello Matt,
>>
>> I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
>>
>> The configuration files I kept are:
>>
>> * activemq.xml
>> * jetty.xml
>> * log4j.properties
>> * logging.properties
>>
>> Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
>>
>> INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>>
>> This is very odd because there is only one ActiveMQ broker running...
>>
>> Any idea about what is going on?
>>
>> Many thanks,
>>
>> Fabrice
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 21 June 2021 15:43
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hello Fabrice-
>>
>> Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
>>
>> -Matt Pavlovich
>>
>>> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hi Matt,
>>>
>>> All right, thanks a lot for these details.
>>>
>>> ActiveMQ crashes for me, there is a stack trace with the following error:
>>>
>>> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>>>
>>> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>>>
>>> Thanks a lot for your help!
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Matt Pavlovich <ma...@gmail.com>
>>> Sent: 18 June 2021 22:38
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hi Fabrice-
>>>
>>> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>>>
>>> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>>>
>>> Messaging services (JMS, MQTT, STOMP, etc):
>>>
>>> conf/login.config <— defines what to use
>>> conf/groups.properties <— group-to-user mappings
>>> conf/users.properties <— user and passwords
>>>
>>> Management (JMX):
>>>
>>> bin/env
>>> conf/jmx.password
>>> conf/jmx.access
>>>
>>> Web Console:
>>>
>>> conf/jetty.xml
>>>
>>> ref: https://activemq.apache.org/security
>>>
>>>
>>> Hope this helps!
>>>
>>> -Matt Pavlovich
>>>
>>>
>>>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>>
>>>> Hello,
>>>>
>>>> Could somebody please provide me with an answer to my question below?
>>>>
>>>> Thank you very much for any help,
>>>>
>>>> Fabrice
>>>>
>>>> ________________________________
>>>> From: Fabrice Triboix <fa...@armedia.com>
>>>> Sent: 12 June 2021 15:50
>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>> Subject: Re: Roundup of the configuration files
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>
>>>>
>>>> Hi Jean-Baptiste,
>>>>
>>>> Thanks a lot for your answer.
>>>>
>>>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>>>
>>>> Thanks a lot for your help!
>>>>
>>>> Fabrice
>>>>
>>>> ________________________________
>>>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>>>> Sent: 12 June 2021 05:37
>>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>>> Subject: Re: Roundup of the configuration files
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>>
>>>>
>>>> Hi,
>>>>
>>>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>>>
>>>> - activemq.xml (broker config)
>>>> - jetty.xml (jetty container used by admin web console)
>>>> - log4j.properties (for logging config)
>>>> - logging.properties (can be removed if you don’t use JUL)
>>>>
>>>> All the rest is used when SSL is enabled, when authentication is enabled.
>>>>
>>>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>>>
>>>> Regards
>>>> JB
>>>>
>>>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>>>
>>>>> Hello everyone,
>>>>>
>>>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>>>
>>>>> In the "conf" directory, I can see the following files:
>>>>>
>>>>> * activemq.xml
>>>>> * broker.ks
>>>>> * broker-localhost.cert
>>>>> * broker.ts
>>>>> * client.ks
>>>>> * client.ts
>>>>> * credentials-enc.properties
>>>>> * credentials.properties
>>>>> * groups.properties
>>>>> * java.security
>>>>> * jetty-realm.properties
>>>>> * jetty.xml
>>>>> * jmx.access
>>>>> * jmx.password
>>>>> * log4j.properties
>>>>> * logging.properties
>>>>> * login.config
>>>>> * users.properties
>>>>>
>>>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>>>
>>>>> Many thanks,
>>>>>
>>>>> Fabrice
>>>>
>>>
>>
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hi Matt,
I am running ActiveMQ as a Docker container, so I am positively certain that (1) there are no other ActiveMQ processes and (2) the "data" directory is empty at startup. Additionally, when I add back all the other configuration files (i.e. the files in the conf directory of the official tarball), this problem goes away.
Cheers,
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 22 June 2021 13:54
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
The filesystem locking is simply delegated to the OS. Double check you do not have a second ActiveMQ process that was left running unintentionally during the config testing.
If it is on Linux, you can use the ‘lsof’ command to look for the process that has the kahadb/lock file locked.
-Matt Pavlovich
> On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hello Matt,
>
> I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
>
> The configuration files I kept are:
>
> * activemq.xml
> * jetty.xml
> * log4j.properties
> * logging.properties
>
> Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
>
> INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>
> This is very odd because there is only one ActiveMQ broker running...
>
> Any idea about what is going on?
>
> Many thanks,
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 21 June 2021 15:43
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hello Fabrice-
>
> Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
>
> -Matt Pavlovich
>
>> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> All right, thanks a lot for these details.
>>
>> ActiveMQ crashes for me, there is a stack trace with the following error:
>>
>> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>>
>> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>>
>> Thanks a lot for your help!
>>
>> Fabrice
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 18 June 2021 22:38
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hi Fabrice-
>>
>> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>>
>> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>>
>> Messaging services (JMS, MQTT, STOMP, etc):
>>
>> conf/login.config <— defines what to use
>> conf/groups.properties <— group-to-user mappings
>> conf/users.properties <— user and passwords
>>
>> Management (JMX):
>>
>> bin/env
>> conf/jmx.password
>> conf/jmx.access
>>
>> Web Console:
>>
>> conf/jetty.xml
>>
>> ref: https://activemq.apache.org/security
>>
>>
>> Hope this helps!
>>
>> -Matt Pavlovich
>>
>>
>>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hello,
>>>
>>> Could somebody please provide me with an answer to my question below?
>>>
>>> Thank you very much for any help,
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Fabrice Triboix <fa...@armedia.com>
>>> Sent: 12 June 2021 15:50
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hi Jean-Baptiste,
>>>
>>> Thanks a lot for your answer.
>>>
>>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>>
>>> Thanks a lot for your help!
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>>> Sent: 12 June 2021 05:37
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hi,
>>>
>>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>>
>>> - activemq.xml (broker config)
>>> - jetty.xml (jetty container used by admin web console)
>>> - log4j.properties (for logging config)
>>> - logging.properties (can be removed if you don’t use JUL)
>>>
>>> All the rest is used when SSL is enabled, when authentication is enabled.
>>>
>>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>>
>>> Regards
>>> JB
>>>
>>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>>
>>>> Hello everyone,
>>>>
>>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>>
>>>> In the "conf" directory, I can see the following files:
>>>>
>>>> * activemq.xml
>>>> * broker.ks
>>>> * broker-localhost.cert
>>>> * broker.ts
>>>> * client.ks
>>>> * client.ts
>>>> * credentials-enc.properties
>>>> * credentials.properties
>>>> * groups.properties
>>>> * java.security
>>>> * jetty-realm.properties
>>>> * jetty.xml
>>>> * jmx.access
>>>> * jmx.password
>>>> * log4j.properties
>>>> * logging.properties
>>>> * login.config
>>>> * users.properties
>>>>
>>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>>
>>>> Many thanks,
>>>>
>>>> Fabrice
>>>
>>
>
Re: Roundup of the configuration files
Posted by Matt Pavlovich <ma...@gmail.com>.
The filesystem locking is simply delegated to the OS. Double check you do not have a second ActiveMQ process that was left running unintentionally during the config testing.
If it is on Linux, you can use the ‘lsof’ command to look for the process that has the kahadb/lock file locked.
-Matt Pavlovich
> On Jun 22, 2021, at 6:30 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hello Matt,
>
> I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
>
> The configuration files I kept are:
>
> * activemq.xml
> * jetty.xml
> * log4j.properties
> * logging.properties
>
> Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
>
> INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
>
> This is very odd because there is only one ActiveMQ broker running...
>
> Any idea about what is going on?
>
> Many thanks,
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 21 June 2021 15:43
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hello Fabrice-
>
> Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
>
> -Matt Pavlovich
>
>> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hi Matt,
>>
>> All right, thanks a lot for these details.
>>
>> ActiveMQ crashes for me, there is a stack trace with the following error:
>>
>> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>>
>> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>>
>> Thanks a lot for your help!
>>
>> Fabrice
>>
>> ________________________________
>> From: Matt Pavlovich <ma...@gmail.com>
>> Sent: 18 June 2021 22:38
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hi Fabrice-
>>
>> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>>
>> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>>
>> Messaging services (JMS, MQTT, STOMP, etc):
>>
>> conf/login.config <— defines what to use
>> conf/groups.properties <— group-to-user mappings
>> conf/users.properties <— user and passwords
>>
>> Management (JMX):
>>
>> bin/env
>> conf/jmx.password
>> conf/jmx.access
>>
>> Web Console:
>>
>> conf/jetty.xml
>>
>> ref: https://activemq.apache.org/security
>>
>>
>> Hope this helps!
>>
>> -Matt Pavlovich
>>
>>
>>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>>
>>> Hello,
>>>
>>> Could somebody please provide me with an answer to my question below?
>>>
>>> Thank you very much for any help,
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Fabrice Triboix <fa...@armedia.com>
>>> Sent: 12 June 2021 15:50
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hi Jean-Baptiste,
>>>
>>> Thanks a lot for your answer.
>>>
>>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>>
>>> Thanks a lot for your help!
>>>
>>> Fabrice
>>>
>>> ________________________________
>>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>>> Sent: 12 June 2021 05:37
>>> To: users@activemq.apache.org <us...@activemq.apache.org>
>>> Subject: Re: Roundup of the configuration files
>>>
>>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>>
>>>
>>> Hi,
>>>
>>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>>
>>> - activemq.xml (broker config)
>>> - jetty.xml (jetty container used by admin web console)
>>> - log4j.properties (for logging config)
>>> - logging.properties (can be removed if you don’t use JUL)
>>>
>>> All the rest is used when SSL is enabled, when authentication is enabled.
>>>
>>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>>
>>> Regards
>>> JB
>>>
>>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>>
>>>> Hello everyone,
>>>>
>>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>>
>>>> In the "conf" directory, I can see the following files:
>>>>
>>>> * activemq.xml
>>>> * broker.ks
>>>> * broker-localhost.cert
>>>> * broker.ts
>>>> * client.ks
>>>> * client.ts
>>>> * credentials-enc.properties
>>>> * credentials.properties
>>>> * groups.properties
>>>> * java.security
>>>> * jetty-realm.properties
>>>> * jetty.xml
>>>> * jmx.access
>>>> * jmx.password
>>>> * log4j.properties
>>>> * logging.properties
>>>> * login.config
>>>> * users.properties
>>>>
>>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>>
>>>> Many thanks,
>>>>
>>>> Fabrice
>>>
>>
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hello Matt,
I am using a subset of the configuration files found in the the conf directory of the official ActiveMQ release available here: https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz
The configuration files I kept are:
* activemq.xml
* jetty.xml
* log4j.properties
* logging.properties
Indeed, activemq.xml referenced credentials.properties. I commented out that reference, and ActiveMQ works a bit better. It does show the following message which is not looking good:
INFO | Database ${activemq.data}/kahadb/lock is locked by another server. This broker is now in slave mode waiting a lock to be acquired
This is very odd because there is only one ActiveMQ broker running...
Any idea about what is going on?
Many thanks,
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 21 June 2021 15:43
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hello Fabrice-
Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
-Matt Pavlovich
> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> All right, thanks a lot for these details.
>
> ActiveMQ crashes for me, there is a stack trace with the following error:
>
> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>
> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>
> Thanks a lot for your help!
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 18 June 2021 22:38
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi Fabrice-
>
> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>
> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>
> Messaging services (JMS, MQTT, STOMP, etc):
>
> conf/login.config <— defines what to use
> conf/groups.properties <— group-to-user mappings
> conf/users.properties <— user and passwords
>
> Management (JMX):
>
> bin/env
> conf/jmx.password
> conf/jmx.access
>
> Web Console:
>
> conf/jetty.xml
>
> ref: https://activemq.apache.org/security
>
>
> Hope this helps!
>
> -Matt Pavlovich
>
>
>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hello,
>>
>> Could somebody please provide me with an answer to my question below?
>>
>> Thank you very much for any help,
>>
>> Fabrice
>>
>> ________________________________
>> From: Fabrice Triboix <fa...@armedia.com>
>> Sent: 12 June 2021 15:50
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hi Jean-Baptiste,
>>
>> Thanks a lot for your answer.
>>
>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>
>> Thanks a lot for your help!
>>
>> Fabrice
>>
>> ________________________________
>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>> Sent: 12 June 2021 05:37
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hi,
>>
>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>
>> - activemq.xml (broker config)
>> - jetty.xml (jetty container used by admin web console)
>> - log4j.properties (for logging config)
>> - logging.properties (can be removed if you don’t use JUL)
>>
>> All the rest is used when SSL is enabled, when authentication is enabled.
>>
>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>
>> Regards
>> JB
>>
>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>
>>> Hello everyone,
>>>
>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>
>>> In the "conf" directory, I can see the following files:
>>>
>>> * activemq.xml
>>> * broker.ks
>>> * broker-localhost.cert
>>> * broker.ts
>>> * client.ks
>>> * client.ts
>>> * credentials-enc.properties
>>> * credentials.properties
>>> * groups.properties
>>> * java.security
>>> * jetty-realm.properties
>>> * jetty.xml
>>> * jmx.access
>>> * jmx.password
>>> * log4j.properties
>>> * logging.properties
>>> * login.config
>>> * users.properties
>>>
>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>
>>> Many thanks,
>>>
>>> Fabrice
>>
>
Re: Roundup of the configuration files
Posted by Matt Pavlovich <ma...@gmail.com>.
Hello Fabrice-
Please be mindful that is difficult to troubleshoot over an email thread without seeing the changes you are making on your end. I suspect the top of your conf/activemq.xml has the Properties file entry referencing the conf/credentials.properties. Try removing that section from your conf/activemq.xml and the broker should start up.
-Matt Pavlovich
> On Jun 19, 2021, at 1:35 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hi Matt,
>
> All right, thanks a lot for these details.
>
> ActiveMQ crashes for me, there is a stack trace with the following error:
>
> Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
>
> Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
>
> Thanks a lot for your help!
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 18 June 2021 22:38
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi Fabrice-
>
> The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
>
> Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
>
> Messaging services (JMS, MQTT, STOMP, etc):
>
> conf/login.config <— defines what to use
> conf/groups.properties <— group-to-user mappings
> conf/users.properties <— user and passwords
>
> Management (JMX):
>
> bin/env
> conf/jmx.password
> conf/jmx.access
>
> Web Console:
>
> conf/jetty.xml
>
> ref: https://activemq.apache.org/security
>
>
> Hope this helps!
>
> -Matt Pavlovich
>
>
>> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hello,
>>
>> Could somebody please provide me with an answer to my question below?
>>
>> Thank you very much for any help,
>>
>> Fabrice
>>
>> ________________________________
>> From: Fabrice Triboix <fa...@armedia.com>
>> Sent: 12 June 2021 15:50
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hi Jean-Baptiste,
>>
>> Thanks a lot for your answer.
>>
>> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>>
>> Thanks a lot for your help!
>>
>> Fabrice
>>
>> ________________________________
>> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
>> Sent: 12 June 2021 05:37
>> To: users@activemq.apache.org <us...@activemq.apache.org>
>> Subject: Re: Roundup of the configuration files
>>
>> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>>
>>
>> Hi,
>>
>> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>>
>> - activemq.xml (broker config)
>> - jetty.xml (jetty container used by admin web console)
>> - log4j.properties (for logging config)
>> - logging.properties (can be removed if you don’t use JUL)
>>
>> All the rest is used when SSL is enabled, when authentication is enabled.
>>
>> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>>
>> Regards
>> JB
>>
>>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>>
>>> Hello everyone,
>>>
>>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>>
>>> In the "conf" directory, I can see the following files:
>>>
>>> * activemq.xml
>>> * broker.ks
>>> * broker-localhost.cert
>>> * broker.ts
>>> * client.ks
>>> * client.ts
>>> * credentials-enc.properties
>>> * credentials.properties
>>> * groups.properties
>>> * java.security
>>> * jetty-realm.properties
>>> * jetty.xml
>>> * jmx.access
>>> * jmx.password
>>> * log4j.properties
>>> * logging.properties
>>> * login.config
>>> * users.properties
>>>
>>> I would like to know what each of these configuration files do, and whether they are required or not.
>>>
>>> Many thanks,
>>>
>>> Fabrice
>>
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hi Matt,
All right, thanks a lot for these details.
ActiveMQ crashes for me, there is a stack trace with the following error:
Caused by: java.io.FileNotFoundException: /app/conf/credentials.properties (No such file or directory)
Also, I am not sure why I need to repeat the users/groups/passwords information in the login.config, groups.properties, and users.properties files... This information is already available in the activemq.xml file, isn't it? (I am using the simple authentication plugin)
Thanks a lot for your help!
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 18 June 2021 22:38
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi Fabrice-
The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
Messaging services (JMS, MQTT, STOMP, etc):
conf/login.config <— defines what to use
conf/groups.properties <— group-to-user mappings
conf/users.properties <— user and passwords
Management (JMX):
bin/env
conf/jmx.password
conf/jmx.access
Web Console:
conf/jetty.xml
ref: https://activemq.apache.org/security
Hope this helps!
-Matt Pavlovich
> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hello,
>
> Could somebody please provide me with an answer to my question below?
>
> Thank you very much for any help,
>
> Fabrice
>
> ________________________________
> From: Fabrice Triboix <fa...@armedia.com>
> Sent: 12 June 2021 15:50
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi Jean-Baptiste,
>
> Thanks a lot for your answer.
>
> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>
> Thanks a lot for your help!
>
> Fabrice
>
> ________________________________
> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
> Sent: 12 June 2021 05:37
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi,
>
> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>
> - activemq.xml (broker config)
> - jetty.xml (jetty container used by admin web console)
> - log4j.properties (for logging config)
> - logging.properties (can be removed if you don’t use JUL)
>
> All the rest is used when SSL is enabled, when authentication is enabled.
>
> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>
> Regards
> JB
>
>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>
>> Hello everyone,
>>
>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>
>> In the "conf" directory, I can see the following files:
>>
>> * activemq.xml
>> * broker.ks
>> * broker-localhost.cert
>> * broker.ts
>> * client.ks
>> * client.ts
>> * credentials-enc.properties
>> * credentials.properties
>> * groups.properties
>> * java.security
>> * jetty-realm.properties
>> * jetty.xml
>> * jmx.access
>> * jmx.password
>> * log4j.properties
>> * logging.properties
>> * login.config
>> * users.properties
>>
>> I would like to know what each of these configuration files do, and whether they are required or not.
>>
>> Many thanks,
>>
>> Fabrice
>
Re: Roundup of the configuration files
Posted by Matt Pavlovich <ma...@gmail.com>.
Hi Fabrice-
The simple authentication plugin stores usernames and passwords in the conf/activemq.xml (it is generally used for embedded brokers or unit testing). If you use that, you won’t need the files below in the Messaging services section.
Most general setups using running stand alone brokers with the Apache ActiveMQ distribution:
Messaging services (JMS, MQTT, STOMP, etc):
conf/login.config <— defines what to use
conf/groups.properties <— group-to-user mappings
conf/users.properties <— user and passwords
Management (JMX):
bin/env
conf/jmx.password
conf/jmx.access
Web Console:
conf/jetty.xml
ref: https://activemq.apache.org/security
Hope this helps!
-Matt Pavlovich
> On Jun 18, 2021, at 1:46 PM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hello,
>
> Could somebody please provide me with an answer to my question below?
>
> Thank you very much for any help,
>
> Fabrice
>
> ________________________________
> From: Fabrice Triboix <fa...@armedia.com>
> Sent: 12 June 2021 15:50
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi Jean-Baptiste,
>
> Thanks a lot for your answer.
>
> Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
>
> Thanks a lot for your help!
>
> Fabrice
>
> ________________________________
> From: Jean-Baptiste Onofre <jb...@nanthrax.net>
> Sent: 12 June 2021 05:37
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hi,
>
> Basically, for a simple bin/activemq console start, by default (without authentication), you just need
>
> - activemq.xml (broker config)
> - jetty.xml (jetty container used by admin web console)
> - log4j.properties (for logging config)
> - logging.properties (can be removed if you don’t use JUL)
>
> All the rest is used when SSL is enabled, when authentication is enabled.
>
> I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
>
> Regards
> JB
>
>> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>>
>> Hello everyone,
>>
>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>
>> In the "conf" directory, I can see the following files:
>>
>> * activemq.xml
>> * broker.ks
>> * broker-localhost.cert
>> * broker.ts
>> * client.ks
>> * client.ts
>> * credentials-enc.properties
>> * credentials.properties
>> * groups.properties
>> * java.security
>> * jetty-realm.properties
>> * jetty.xml
>> * jmx.access
>> * jmx.password
>> * log4j.properties
>> * logging.properties
>> * login.config
>> * users.properties
>>
>> I would like to know what each of these configuration files do, and whether they are required or not.
>>
>> Many thanks,
>>
>> Fabrice
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hello,
Could somebody please provide me with an answer to my question below?
Thank you very much for any help,
Fabrice
________________________________
From: Fabrice Triboix <fa...@armedia.com>
Sent: 12 June 2021 15:50
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi Jean-Baptiste,
Thanks a lot for your answer.
Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
Thanks a lot for your help!
Fabrice
________________________________
From: Jean-Baptiste Onofre <jb...@nanthrax.net>
Sent: 12 June 2021 05:37
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi,
Basically, for a simple bin/activemq console start, by default (without authentication), you just need
- activemq.xml (broker config)
- jetty.xml (jetty container used by admin web console)
- log4j.properties (for logging config)
- logging.properties (can be removed if you don’t use JUL)
All the rest is used when SSL is enabled, when authentication is enabled.
I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
Regards
JB
> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>
> Hello everyone,
>
> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>
> In the "conf" directory, I can see the following files:
>
> * activemq.xml
> * broker.ks
> * broker-localhost.cert
> * broker.ts
> * client.ks
> * client.ts
> * credentials-enc.properties
> * credentials.properties
> * groups.properties
> * java.security
> * jetty-realm.properties
> * jetty.xml
> * jmx.access
> * jmx.password
> * log4j.properties
> * logging.properties
> * login.config
> * users.properties
>
> I would like to know what each of these configuration files do, and whether they are required or not.
>
> Many thanks,
>
> Fabrice
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hi Jean-Baptiste,
Thanks a lot for your answer.
Our ActiveMQ installation won't use any TLS, but will have authentication (using the simple authentication plugin) and authorization. Which additional configuration files would be required in such a setup?
Thanks a lot for your help!
Fabrice
________________________________
From: Jean-Baptiste Onofre <jb...@nanthrax.net>
Sent: 12 June 2021 05:37
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi,
Basically, for a simple bin/activemq console start, by default (without authentication), you just need
- activemq.xml (broker config)
- jetty.xml (jetty container used by admin web console)
- log4j.properties (for logging config)
- logging.properties (can be removed if you don’t use JUL)
All the rest is used when SSL is enabled, when authentication is enabled.
I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
Regards
JB
> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>
> Hello everyone,
>
> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>
> In the "conf" directory, I can see the following files:
>
> * activemq.xml
> * broker.ks
> * broker-localhost.cert
> * broker.ts
> * client.ks
> * client.ts
> * credentials-enc.properties
> * credentials.properties
> * groups.properties
> * java.security
> * jetty-realm.properties
> * jetty.xml
> * jmx.access
> * jmx.password
> * log4j.properties
> * logging.properties
> * login.config
> * users.properties
>
> I would like to know what each of these configuration files do, and whether they are required or not.
>
> Many thanks,
>
> Fabrice
Re: Roundup of the configuration files
Posted by Jean-Baptiste Onofre <jb...@nanthrax.net>.
Hi,
Basically, for a simple bin/activemq console start, by default (without authentication), you just need
- activemq.xml (broker config)
- jetty.xml (jetty container used by admin web console)
- log4j.properties (for logging config)
- logging.properties (can be removed if you don’t use JUL)
All the rest is used when SSL is enabled, when authentication is enabled.
I’ve started some cleanup for 5.17.0 having dedicated folders per "use".
Regards
JB
> Le 11 juin 2021 à 18:20, Fabrice Triboix <fa...@armedia.com> a écrit :
>
> Hello everyone,
>
> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>
> In the "conf" directory, I can see the following files:
>
> * activemq.xml
> * broker.ks
> * broker-localhost.cert
> * broker.ts
> * client.ks
> * client.ts
> * credentials-enc.properties
> * credentials.properties
> * groups.properties
> * java.security
> * jetty-realm.properties
> * jetty.xml
> * jmx.access
> * jmx.password
> * log4j.properties
> * logging.properties
> * login.config
> * users.properties
>
> I would like to know what each of these configuration files do, and whether they are required or not.
>
> Many thanks,
>
> Fabrice
Re: Roundup of the configuration files
Posted by Jean-Baptiste Onofre <jb...@nanthrax.net>.
Hi Fabrice,
ActiveMQ is the right project, no need to set component for this kind of issue.
Regards
JB
> Le 12 juin 2021 à 16:56, Fabrice Triboix <fa...@armedia.com> a écrit :
>
> Hi Matt,
>
> Thanks for your answer, that is helpful.
>
> I registered on issues.apache.org, but I am not sure which project I should report the issue for?
>
> Cheers,
>
> Fabrice
>
> ________________________________
> From: Matt Pavlovich <ma...@gmail.com>
> Sent: 11 June 2021 19:36
> To: users@activemq.apache.org <us...@activemq.apache.org>
> Subject: Re: Roundup of the configuration files
>
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
>
> Hello Fabrice-
>
> The short answer is “it depends on your environment and setup”. For example, all the .ks and .ts files are there to provide an example of setting up SSL in various one-way or two-way ssl configurations.
>
> I think that would be a useful document for other users as well. Would you please open a JIRA against activemq-website for a documentation request?
>
> Thanks!
> Matt Pavlovich
>
>> On Jun 11, 2021, at 11:20 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>>
>> Hello everyone,
>>
>> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>>
>> In the "conf" directory, I can see the following files:
>>
>> * activemq.xml
>> * broker.ks
>> * broker-localhost.cert
>> * broker.ts
>> * client.ks
>> * client.ts
>> * credentials-enc.properties
>> * credentials.properties
>> * groups.properties
>> * java.security
>> * jetty-realm.properties
>> * jetty.xml
>> * jmx.access
>> * jmx.password
>> * log4j.properties
>> * logging.properties
>> * login.config
>> * users.properties
>>
>> I would like to know what each of these configuration files do, and whether they are required or not.
>>
>> Many thanks,
>>
>> Fabrice
>
Re: Roundup of the configuration files
Posted by Fabrice Triboix <fa...@armedia.com>.
Hi Matt,
Thanks for your answer, that is helpful.
I registered on issues.apache.org, but I am not sure which project I should report the issue for?
Cheers,
Fabrice
________________________________
From: Matt Pavlovich <ma...@gmail.com>
Sent: 11 June 2021 19:36
To: users@activemq.apache.org <us...@activemq.apache.org>
Subject: Re: Roundup of the configuration files
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hello Fabrice-
The short answer is “it depends on your environment and setup”. For example, all the .ks and .ts files are there to provide an example of setting up SSL in various one-way or two-way ssl configurations.
I think that would be a useful document for other users as well. Would you please open a JIRA against activemq-website for a documentation request?
Thanks!
Matt Pavlovich
> On Jun 11, 2021, at 11:20 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hello everyone,
>
> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>
> In the "conf" directory, I can see the following files:
>
> * activemq.xml
> * broker.ks
> * broker-localhost.cert
> * broker.ts
> * client.ks
> * client.ts
> * credentials-enc.properties
> * credentials.properties
> * groups.properties
> * java.security
> * jetty-realm.properties
> * jetty.xml
> * jmx.access
> * jmx.password
> * log4j.properties
> * logging.properties
> * login.config
> * users.properties
>
> I would like to know what each of these configuration files do, and whether they are required or not.
>
> Many thanks,
>
> Fabrice
Re: Roundup of the configuration files
Posted by Matt Pavlovich <ma...@gmail.com>.
Hello Fabrice-
The short answer is “it depends on your environment and setup”. For example, all the .ks and .ts files are there to provide an example of setting up SSL in various one-way or two-way ssl configurations.
I think that would be a useful document for other users as well. Would you please open a JIRA against activemq-website for a documentation request?
Thanks!
Matt Pavlovich
> On Jun 11, 2021, at 11:20 AM, Fabrice Triboix <fa...@armedia.com> wrote:
>
> Hello everyone,
>
> I am looking at the official ActiveMQ tarball (https://archive.apache.org/dist/activemq/5.16.2/apache-activemq-5.16.2-bin.tar.gz) and I would like to understand how ActiveMQ is configured.
>
> In the "conf" directory, I can see the following files:
>
> * activemq.xml
> * broker.ks
> * broker-localhost.cert
> * broker.ts
> * client.ks
> * client.ts
> * credentials-enc.properties
> * credentials.properties
> * groups.properties
> * java.security
> * jetty-realm.properties
> * jetty.xml
> * jmx.access
> * jmx.password
> * log4j.properties
> * logging.properties
> * login.config
> * users.properties
>
> I would like to know what each of these configuration files do, and whether they are required or not.
>
> Many thanks,
>
> Fabrice