ext/activemq/examples/single-broker/activemq.xml

   1 <beans
   2   xmlns="http://www.springframework.org/schema/beans"
   3   xmlns:amq="http://activemq.apache.org/schema/core"
   4   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   5   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
   6   http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd
   7   http://activemq.apache.org/camel/schema/spring http://activemq.apache.org/camel/schema/spring/camel-spring.xsd">
   8
   9     <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
  10         <property name="locations">
  11             <value>file:${activemq.base}/conf/credentials.properties</value>
  12         </property>
  13     </bean>
  14
  15     <!--
  16       For more information about what MCollective requires in this file,
  17       see http://docs.puppetlabs.com/mcollective/deploy/middleware/activemq.html
  18     -->
  19
  20     <!--
  21       WARNING: The elements that are direct children of <broker> MUST BE IN
  22       ALPHABETICAL ORDER. This is fixed in ActiveMQ 5.6.0, but affects
  23       previous versions back to 5.4.
  24       https://issues.apache.org/jira/browse/AMQ-3570
  25     -->
  26     <broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" useJmx="true" schedulePeriodForDestinationPurge="60000">
  27         <!--
  28           MCollective generally expects producer flow control to be turned off.
  29           It will also generate a limitless number of single-use reply queues,
  30           which should be garbage-collected after about five minutes to conserve
  31           memory.
  32
  33           For more information, see:
  34           http://activemq.apache.org/producer-flow-control.html
  35         -->
  36         <destinationPolicy>
  37           <policyMap>
  38             <policyEntries>
  39               <policyEntry topic=">" producerFlowControl="false"/>
  40               <policyEntry queue="*.reply.>" gcInactiveDestinations="true" inactiveTimoutBeforeGC="300000" />
  41             </policyEntries>
  42           </policyMap>
  43         </destinationPolicy>
  44
  45         <managementContext>
  46             <managementContext createConnector="false"/>
  47         </managementContext>
  48
  49         <plugins>
  50           <statisticsBrokerPlugin/>
  51
  52           <!--
  53             This configures the users and groups used by this broker. Groups
  54             are referenced below, in the write/read/admin attributes
  55             of each authorizationEntry element.
  56           -->
  57           <simpleAuthenticationPlugin>
  58             <users>
  59               <authenticationUser username="mcollective" password="marionette" groups="mcollective,everyone"/>
  60               <authenticationUser username="admin" password="secret" groups="mcollective,admins,everyone"/>
  61             </users>
  62           </simpleAuthenticationPlugin>
  63
  64           <!--
  65             Configure which users are allowed to read and write where. Permissions
  66             are organized by group; groups are configured above, in the
  67             authentication plugin.
  68
  69             With the rules below, both servers and admin users belong to group
  70             mcollective, which can both issue and respond to commands. For an
  71             example that splits permissions and doesn't allow servers to issue
  72             commands, see:
  73             http://docs.puppetlabs.com/mcollective/deploy/middleware/activemq.html#detailed-restrictions
  74           -->
  75           <authorizationPlugin>
  76             <map>
  77               <authorizationMap>
  78                 <authorizationEntries>
  79                   <authorizationEntry queue=">" write="admins" read="admins" admin="admins" />
  80                   <authorizationEntry topic=">" write="admins" read="admins" admin="admins" />
  81                   <authorizationEntry topic="mcollective.>" write="mcollective" read="mcollective" admin="mcollective" />
  82                   <authorizationEntry queue="mcollective.>" write="mcollective" read="mcollective" admin="mcollective" />
  83                   <!--
  84                     The advisory topics are part of ActiveMQ, and all users need access to them.
  85                     The "everyone" group is not special; you need to ensure every user is a member.
  86                   -->
  87                   <authorizationEntry topic="ActiveMQ.Advisory.>" read="everyone" write="everyone" admin="everyone"/>
  88                 </authorizationEntries>
  89               </authorizationMap>
  90             </map>
  91           </authorizationPlugin>
  92         </plugins>
  93
  94         <!--
  95           The systemUsage controls the maximum amount of space the broker will
  96           use for messages. For more information, see:
  97           http://docs.puppetlabs.com/mcollective/deploy/middleware/activemq.html#memory-and-temp-usage-for-messages-systemusage
  98         -->
  99         <systemUsage>
 100             <systemUsage>
 101                 <memoryUsage>
 102                     <memoryUsage limit="20 mb"/>
 103                 </memoryUsage>
 104                 <storeUsage>
 105                     <storeUsage limit="1 gb" name="foo"/>
 106                 </storeUsage>
 107                 <tempUsage>
 108                     <tempUsage limit="100 mb"/>
 109                 </tempUsage>
 110             </systemUsage>
 111         </systemUsage>
 112
 113         <!--
 114           The transport connectors allow ActiveMQ to listen for connections over
 115           a given protocol. MCollective uses Stomp, and other ActiveMQ brokers
 116           use OpenWire. You'll need different URLs depending on whether you are
 117           using TLS. For more information, see:
 118
 119           http://docs.puppetlabs.com/mcollective/deploy/middleware/activemq.html#transport-connectors
 120         -->
 121         <transportConnectors>
 122             <transportConnector name="openwire" uri="tcp://0.0.0.0:61616"/>
 123             <transportConnector name="stomp+nio" uri="stomp+nio://0.0.0.0:61613"/>
 124             <!-- If using TLS, uncomment this and comment out the previous connector:
 125               <transportConnector name="stomp+ssl" uri="stomp+ssl://0.0.0.0:61614?needClientAuth=true"/>
 126             -->
 127         </transportConnectors>
 128     </broker>
 129
 130     <!--
 131       Enable web consoles, REST and Ajax APIs and demos.
 132       It also includes Camel (with its web console); see ${ACTIVEMQ_HOME}/conf/camel.xml for more info.
 133
 134       See ${ACTIVEMQ_HOME}/conf/jetty.xml for more details.
 135     -->
 136     <import resource="jetty.xml"/>
 137 </beans>