[ControllingTheDaemon]: /mcollective/reference/basic/daemon.html
[SSLSecurityPlugin]: /mcollective/reference/plugins/security_ssl.html
[AESSecurityPlugin]: /mcollective/reference/plugins/security_aes.html
-[ConnectorStomp]: /mcollective/reference/plugins/connector_stomp.html
+[ConnectorActiveMQ]: /mcollective/reference/plugins/connector_activemq.html
+[ConnectorRabbitMQ]: /mcollective/reference/plugins/connector_rabbitmq.html
[MessageFlowCast]: /mcollective/screencasts.html#message_flow
[Plugins]: http://projects.puppetlabs.com/projects/mcollective-plugins/wiki
[MCDownloads]: http://www.puppetlabs.com/downloads/mcollective/
[RubyGems]: http://packages.debian.org/search?suite=default§ion=all&arch=any&searchon=names&keywords=rubygems
+[server_config]: /mcollective/configure/server.html
Getting started using Debian based distribution like Debian squeeze and Ubuntu is easy as DEBs are available for most the required components. This guide walks you through the process.
-If you just want to experiment with the system please try our [EC2 based demo][EC2Demo]. You should be familiar with the architecture and terminology of Marionette Collective, please review the [basic architecture, terminology and message flow][MessageFlowCast] screencast first.
-
## Requirements
We try to keep the requirements on external Gems to a minimum, you only need:
* Ruby - included with your distribution
* [RubyGems]
* Stomp Ruby Gem
- * [MCollective][MCDownloads] - mcollective-1.x.x-1_all.deb, mcollective-common-1.x.x-1_all.deb, mcollective-client-1.x.x-1_all.deb
+ * [MCollective][MCDownloads] - mcollective-2.2.x-1_all.deb, mcollective-common-2.2.x-1_all.deb, mcollective-client-2.2.x-1_all.deb
The rest of this guide will assume you set up a Apt repository. Puppet Labs hosts a Apt repository with all these dependencies at _apt.puppetlabs.com_.
## ActiveMQ
+
ActiveMQ is currently the most used and tested middleware for use with MCollective.
You need at least one ActiveMQ server on your network, all the nodes you wish to manage will connect to the central ActiveMQ server.
-Later on your can [cluster the ActiveMQ servers for availability and scale][ActiveMQClustering].
+Later on you can [cluster the ActiveMQ servers for availability and scale][ActiveMQClustering].
### Install
### Configuring
-Initially you'll just keep it simple with a single ActiveMQ broker and a basic user setup, further security information for ActiveMQ
-can be found [here][SecurityWithActiveMQ]
-
-Place the following in your ActiveMQ configuration path as *activemq.xml*. You can download this file from [GitHub][ActiveMQSingleBrokerSample]
-
-Other examples are also available from [GitHub][ActiveMQSamples]
-
-{% highlight xml %}
-<beans
- xmlns="http://www.springframework.org/schema/beans"
- xmlns:amq="http://activemq.apache.org/schema/core"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
- http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd
- http://activemq.apache.org/camel/schema/spring http://activemq.apache.org/camel/schema/spring/camel-spring.xsd">
-
- <broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" useJmx="true">
- <destinationPolicy>
- <policyMap>
- <policyEntries>
- <policyEntry topic=">" producerFlowControl="false"/>
- <policyEntry queue="*.reply.>" gcInactiveDestinations="true" inactiveTimoutBeforeGC="300000" />
- </policyEntries>
- </policyMap>
- </destinationPolicy>
-
- <managementContext>
- <managementContext createConnector="false"/>
- </managementContext>
-
- <plugins>
- <statisticsBrokerPlugin/>
- <simpleAuthenticationPlugin>
- <users>
- <authenticationUser username="mcollective" password="marionette" groups="mcollective,everyone"/>
- <authenticationUser username="admin" password="secret" groups="mcollective,admin,everyone"/>
- </users>
- </simpleAuthenticationPlugin>
- <authorizationPlugin>
- <map>
- <authorizationMap>
- <authorizationEntries>
- <authorizationEntry queue=">" write="admins" read="admins" admin="admins" />
- <authorizationEntry topic=">" write="admins" read="admins" admin="admins" />
- <authorizationEntry topic="mcollective.>" write="mcollective" read="mcollective" admin="mcollective" />
- <authorizationEntry queue="mcollective.>" write="mcollective" read="mcollective" admin="mcollective" />
- <authorizationEntry topic="ActiveMQ.Advisory.>" read="everyone" write="everyone" admin="everyone"/>
- </authorizationEntries>
- </authorizationMap>
- </map>
- </authorizationPlugin>
- </plugins>
-
- <systemUsage>
- <systemUsage>
- <memoryUsage>
- <memoryUsage limit="20 mb"/>
- </memoryUsage>
- <storeUsage>
- <storeUsage limit="1 gb" name="foo"/>
- </storeUsage>
- <tempUsage>
- <tempUsage limit="100 mb"/>
- </tempUsage>
- </systemUsage>
- </systemUsage>
-
- <transportConnectors>
- <transportConnector name="openwire" uri="tcp://0.0.0.0:61616"/>
- <transportConnector name="stomp" uri="stomp://0.0.0.0:61613"/>
- </transportConnectors>
- </broker>
-</beans>
-{% endhighlight %}
+[The ActiveMQ config reference][activemq_config] describes all of the ActiveMQ settings that MCollective cares about. For best use, skim the sections you care about while comparing it to an example activemq.xml file.
+
+[activemq_config]: /mcollective/deploy/middleware/activemq.html
-This creates a user *mcollective* with the password *marionette* and give it access to read/write/admin */topic/mcollective.`*`*. You should change this passsword.
+We recommend that new users:
+
+* Start with the [single-broker example config][ActiveMQSingleBrokerSample].
+* Change the [user account passwords](/mcollective/deploy/middleware/activemq.html#authentication-users-and-groups).
+* [Set up TLS](/mcollective/deploy/middleware/activemq.html#tls-credentials) and [use a TLS Stomp transport connector](/mcollective/deploy/middleware/activemq.html#transport-connectors).
+
+Other example config files are also available from [GitHub][ActiveMQSamples].
### Starting
You should see it running in the process list:
{% highlight console %}
- # ps -auxw|grep java
+ # ps auxw|grep java
activemq 3012 0.1 14.5 1155112 152180 ? Sl Dec28 2:02 java -Dactivemq.home=/usr/share/activemq -Dactivemq.base=/usr/share/activemq -Dcom.sun.management.jmxremote -Dorg.apache.activemq.UseDedicatedTaskRunner=true -Xmx512m -Djava.library.path=/usr/lib:/usr/lib64 -classpath /usr/share/java/tanukiwrapper.jar:/usr/share/activemq/bin/run.jar -Dwrapper.key=eg4_VvENzCmvtAKg -Dwrapper.port=32000 -Dwrapper.jvm.port.min=31000 -Dwrapper.jvm.port.max=31999 -Dwrapper.pid=3000 -Dwrapper.version=3.2.3 -Dwrapper.native_library=wrapper -Dwrapper.service=TRUE -Dwrapper.cpu.timeout=10 -Dwrapper.jvmid=1 org.tanukisoftware.wrapper.WrapperSimpleApp org.apache.activemq.console.Main start
{% endhighlight %}
-You should also see it listening on port 61613 in your network stack
+You should also see it listening on port 61613 or 61614 in your network stack, depending on whether you turned on TLS.
-You should open port 61613 for all your nodes to connect to.
+You should open port 61613 or 61614 for all your nodes to connect to.
## Marionette Collective
You'll need to tweak some configs in */etc/mcollective/client.cfg*, a full reference of config settings can be
found [here][ConfigurationReference]:
-We're assuming you called the machine running ActiveMQ *stomp.example.net* please change as appropriate
+We're assuming you called the machine running ActiveMQ *stomp.example.net*; please change as appropriate. Also note that the port should be 61614 if you turned on TLS.
{% highlight ini %}
# main config
loglevel = error
# connector plugin config
- connector = stomp
- plugin.stomp.host = stomp.example.net
- plugin.stomp.port = 61613
- plugin.stomp.user = mcollective
- plugin.stomp.password = marionette
+ connector = activemq
+ plugin.activemq.pool.size = 1
+ plugin.activemq.pool.1.host = stomp.example.net
+ plugin.activemq.pool.1.port = 61613
+ plugin.activemq.pool.1.user = mcollective
+ plugin.activemq.pool.1.password = marionette
# security plugin config
securityprovider = psk
plugin.psk = abcdefghj
{% endhighlight %}
-You should also create _/etc/mcollective/server.cfg_ here's a sample, , a full reference of config settings can be found here [ConfigurationReference]:
+You should also create _/etc/mcollective/server.cfg_ here's a sample, a full reference of config settings can be found on the [Server Configuration Reference][server_config]:
{% highlight ini %}
# main config
loglevel = info
# connector plugin config
- connector = stomp
- plugin.stomp.host = stomp.example.net
- plugin.stomp.port = 61613
- plugin.stomp.user = mcollective
- plugin.stomp.password = marionette
+ connector = activemq
+ plugin.activemq.pool.size = 1
+ plugin.activemq.pool.1.host = stomp.example.net
+ plugin.activemq.pool.1.port = 61613
+ plugin.activemq.pool.1.user = mcollective
+ plugin.activemq.pool.1.password = marionette
+
# facts
factsource = yaml
* [ControllingTheDaemon] - Controlling a running daemon
* [AESSecurityPlugin] - Using AES+RSA for secure message encryption and authentication of clients
* [SSLSecurityPlugin] - Using SSL for secure message signing and authentication of clients
- * [ConnectorStomp] - Full details on the Stomp adapter including failover pools
Code Review / packages / precise / mcollective.git / blobdiff