Creating and configuring an Amazon MQ network of brokers
A network of brokers is comprised of multiple simultaneously active single-instance brokers or active/standby brokers. You can configure networks of brokers in a variety of topologies (for example, concentrator, hub-and-spokes, tree, or mesh), depending on your application's needs, such as high availability and scalability. For instance, a hub and spoke network of brokers can increase resiliency, preserving messages if one broker is not reachable. A network of brokers with a concentrator topology can collect messages from a larger number of brokers accepting incoming messages, and concentrate them to more central brokers, to better handle the load of many incoming messages. In this tutorial, you learn how to create a two-broker network of brokers with a source and sink topology.
For a conceptual overview and detailed configuration information, see the following:
-
Networks of Brokers
in the ActiveMQ documentation
You can use the Amazon MQ console to create an Amazon MQ network of brokers. Because you can start the creation of the two brokers in parallel, this process takes approximately 15 minutes.
Topics
Prerequisites
To create a network of brokers, you must have the following:
-
Two or more simultaneously active brokers (named
MyBroker1
andMyBroker2
in this tutorial). For more information about creating brokers, see Getting started: Creating and connecting to an ActiveMQ broker. -
The two brokers must be in the same VPC or in peered VPCs. For more information about VPCs, see What is Amazon VPC? in the Amazon VPC User Guide and What is VPC Peering? in the Amazon VPC Peering Guide.
Important
If you don't have a default VPC, subnet(s), or security group, you must create them first. For more information, see the following in the Amazon VPC User Guide:
-
Two users with identical sign-in credentials for both brokers. For more information about creating users, see Creating an ActiveMQ broker user.
Note
When integrating LDAP authentication with a network of brokers, make sure that the user exists both as an ActiveMQ brokers, as well as an LDAP user.
The following example uses two single-instance brokers. However, you can create networks of brokers using active/standby brokers or a combination of broker deployment modes.
Step 1: Allow Traffic between Brokers
After you create your brokers, you must allow traffic between them.
-
On the Amazon MQ console
, on the MyBroker2 page, in the Details section, under Security and network, choose the name of your security group or . The Security Groups page of the EC2 Dashboard is displayed.
-
From the security group list, choose your security group.
-
At the bottom of the page, choose Inbound, and then choose Edit.
-
In the Edit inbound rules dialog box, add a rule for the OpenWire endpoint.
-
Choose Add Rule.
-
For Type, select Custom TCP.
-
For Port Range, type the OpenWire port (
61617
). -
Do one of the following:
-
If you want to restrict access to a particular IP address, for Source, leave Custom selected, and then enter the IP address of
MyBroker1
, followed by/32
. (This converts the IP address to a valid CIDR record). For more information see Elastic Network Interfaces.Tip
To retrieve the IP address of
MyBroker1
, on the Amazon MQ console, choose the name of the broker and navigate to the Details section. -
If all the brokers are private and belong to the same VPC, for Source, leave Custom selected and then type the ID of the security group you are editing.
Note
For public brokers, you must restrict access using IP addresses.
-
-
Choose Save.
Your broker can now accept inbound connections.
-
Step 2: Configure Network Connectors for Your Broker
After you allow traffic between your brokers, you must configure network connectors for one of them.
-
Edit the configuration revision for broker
MyBroker1
.-
On the MyBroker1 page, choose Edit.
-
On the Edit MyBroker1 page, in the Configuration section, choose View.
The broker engine type and version that the configuration uses (for example, Apache ActiveMQ 5.15.0) are displayed.
-
On the Configuration details tab, the configuration revision number, description, and broker configuration in XML format are displayed.
-
Choose Edit configuration.
-
At the bottom of the configuration file, uncomment the
<networkConnectors>
section and include the following information:-
The
name
for the network connector. -
The ActiveMQ Web Console username that is common to both brokers.
-
Enable
duplex
connections. -
Do one of the following:
-
If you are connecting the broker to a single-instance broker, use the
static:
prefix and the OpenWire endpointuri
forMyBroker2
. For example:<networkConnectors> <networkConnector name="
connector_1_to_2
" userName="myCommonUser
" duplex="true" uri="static:(ssl://b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9-1.mq.us-east-2.amazonaws.com:61617
)"/> </networkConnectors> -
If you are connecting the broker to an active/standby broker, use the
static+failover
transport and the OpenWire endpointuri
for both brokers with the following query parameters?randomize=false&maxReconnectAttempts=0
. For example:<networkConnectors> <networkConnector name="
connector_1_to_2
" userName="myCommonUser
" duplex="true" uri="static:(failover:(ssl://b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9-1.mq.us-east-2.amazonaws.com:61617, ssl://b-9876l5k4-32ji-109h-8gfe-7d65c4b132a1-2.mq.us-east-2.amazonaws.com:61617
)?randomize=false&maxReconnectAttempts=0)"/> </networkConnectors>
Note
Don't include the sign-in credentials for the ActiveMQ user.
-
-
-
Choose Save.
-
In the Save revision dialog box, type
Add network of brokers connector for MyBroker2
. -
Choose Save to save the new revision of the configuration.
-
-
Edit
MyBroker1
to set the latest configuration revision to apply immediately.-
On the MyBroker1 page, choose Edit.
-
On the Edit MyBroker1 page, in the Configuration section, choose Schedule Modifications.
-
In the Schedule broker modifications section, choose to apply modifications Immediately.
-
Choose Apply.
MyBroker1
is rebooted and your configuration revision is applied.
The network of brokers is created.
-
Next Steps
After you configure your network of brokers, you can test it by producing and consuming messages.
Important
Make sure that you enable inbound connections
from your local machine for broker MyBroker1
on port 8162 (for the ActiveMQ Web Console) and port 61617 (for the OpenWire
endpoint).
You might also need to adjust your security group(s) settings to allow the producer and consumer to connect to the network of brokers.
-
On the Amazon MQ console
, navigate to the Connections section and note the ActiveMQ Web Console endpoint for broker MyBroker1
. -
Navigate to the ActiveMQ Web Console for broker
MyBroker1
. -
To verify that the network bridge is connected, choose Network.
In the Network Bridges section, the name and the address of
MyBroker2
are listed in the Remote Broker and Remote Address columns. -
From any machine that has access to broker
MyBroker2
, create a consumer. For example:activemq consumer --brokerUrl "ssl://b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9-1.mq.us-east-2.amazonaws.com:61617" \ --user commonUser \ --password myPassword456 \ --destination queue://MyQueue
The consumer connects to the OpenWire endpoint of
MyBroker2
and begins to consume messages from queueMyQueue
. -
From any machine that has access to broker
MyBroker1
, create a producer and send some messages. For example:activemq producer --brokerUrl "ssl://b-9876l5k4-32ji-109h-8gfe-7d65c4b132a1-1.mq.us-east-2.amazonaws.com:61617" \ --user commonUser \ --password myPassword456 \ --destination queue://MyQueue \ --persistent true \ --messageSize 1000 \ --messageCount 10000
The producer connects to the OpenWire endpoint of
MyBroker1
and begins to produce persistent messages to queueMyQueue
.