Saturday, October 4, 2014

How to Peek inside your ActiveMQ Server

This post describes steps that can be taken for sysadmins to peek inside an ActiveMQ server. We assume root capability, otherwise we need a user which has access to ActiveMQ configuration files.

Step 1. Determine running ActiveMQ process

ps auxw | grep activemq

We got a java process running ActiveMQ :

[root@broker ~]# ps auxw | grep activemq
activemq  1236  0.1  0.0  19124   696 ?        Sl   07:00   0:02 /usr/lib/activemq/linux/wrapper /etc/activemq/wrapper.conf wrapper.syslog.ident=ActiveMQ wrapper.pidfile=/var/run/activemq//ActiveMQ.pid wrapper.daemonize=TRUE wrapper.lockfile=/var/lock/subsys/ActiveMQ
activemq  1243  3.2 12.2 2016568 125264 ?      Sl   07:00   1:06 java -Dactivemq.home=/usr/share/activemq -Dactivemq.base=/usr/share/activemq -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStore=/usr/share/activemq/conf/broker.ks -Djavax.net.ssl.trustStore=/usr/share/activemq/conf/broker.ts -Dcom.sun.management.jmxremote -Dorg.apache.activemq.UseDedicatedTaskRunner=true -Djava.util.logging.config.file=logging.properties -Dactivemq.conf=/usr/share/activemq/conf -Dactivemq.data=/usr/share/activemq/data -Xmx1024m -Djava.library.path=/usr/share/activemq/bin/linux-x86-64/ -classpath /usr/share/activemq/bin/wrapper.jar:/usr/share/activemq/bin/activemq.jar -Dwrapper.key=zvZTrwPTV6sBMrMd -Dwrapper.port=32000 -Dwrapper.jvm.port.min=31000 -Dwrapper.jvm.port.max=31999 -Dwrapper.pid=1236 -Dwrapper.version=3.2.3 -Dwrapper.native_library=wrapper -Dwrapper.service=TRUE -Dwrapper.cpu.timeout=10 -Dwrapper.jvmid=1 org.tanukisoftware.wrapper.WrapperSimpleApp org.apache.activemq.console.Main start
root     10249  0.0  0.0 103244   860 pts/0    S+   07:35   0:00 grep activemq

From the result above, we know that the configuration file is in /usr/share/activemq/conf

Step 2. Determine whether ActiveMQ console are enabled

vi /usr/share/activemq/conf/activemq.xml

find the jetty.xml part, and make sure that it is enabled.
before:
after:
Check the jetty.xml too for console's port number.
vi /usr/share/activemq/conf/jetty.xml

Step 3. If we had changed activemq.xml, restart it


service activemq restart

Step 4. Obtain admin password

 vi /usr/share/activemq/conf/jetty-realm.properties

Right next to "admin:" is the admin's password.

Step 5. Finally, we could browse to localhost port 8161


If the server is not your localhost, please use SSH tunneling to port forward 8161 to 127.0.0.1:8161. Otherwise, just open a browser and type http://localhost:8161/
Use the admin password we got in step 4. No, you must check your own admin password, I won't tell you mine.

http://localhost:8161/
Click on the 'Manage ActiveMQ broker'.

home
Click on the Connections on the top menu.
 Now we see one client using Stomp connected to the activeMQ server. click on it.


The client, in this case, an Openshift Origin Node in the same VM as Broker, registered as a listener for:

  • Queue mcollective.nodes
  • Topic mcollective.discovery.agent
  • Topic mcollective.mcollective.agent
  • Topic mcollective.rpcutil.agent
  • Topic mcollective.openshift.agent

Summary

In this post, I have shown how to enable ActiveMQ web console in an ActiveMQ server configuration, and using the ActiveMQ web console to examine a client connecting to the server.

No comments: