Sun Java System Message Queue 3 2005Q4 Administration Guide |
Chapter 1
Administrative Tasks and ToolsThis chapter provides an overview of Sun Java System Message Queue administrative tasks and the tools for performing them, focusing on common features of the command line administration utilities. It consists of the following sections:
Administrative TasksThe typical administrative tasks to be performed depend on the nature of the environment in which you are running Message Queue. The demands of a software development environment in which Message Queue applications are being developed and tested are different from those of a production environment in which such applications are deployed to accomplish useful work. The following sections summarize the typical administrative requirements of these two different types of environment.
Administration in a Development Environment
In a development environment, the emphasis is on flexibility. The Message Queue message server is needed principally for testing applications under development. Administration is generally minimal, with programmers often administering their own systems. Such environments are typically distinguished by the following characteristics:
Administration in a Production Environment
In a production environment in which applications must be reliably deployed and run, administration is more important. Administrative tasks to be performed depend on the complexity of the messaging system and of the applications it must support. Such tasks can be classified into two general categories: setup operations and maintenance operations.
Setup Operations
Administrative setup operations in a production environment typically include some or all of the following:
- Setting the password for the default administrative user (admin) (Changing the Default Administrator Password)
- Controlling individual or group access to the administrative connection service (Access Control for Connection Services) and the dead message queue (Access Control for Physical Destinations)
- Regulating administrative group access to a file-based or Lightweight Directory Access Protocol (LDAP) user repository (Groups, Setting Up Access Control for Administrators)
- Managing the contents of a file-based user repository (Populating and Managing a User Repository) or configuring the broker to use an existing LDAP user repository (Editing the Instance Configuration File)
- Controlling the operations that individual users or groups are authorized to perform (Authorizing Users: The Access Control Properties File)
- Setting up encryption services using the Secure Socket Layer (SSL) (Working With an SSL-Based Service)
- Setting up and configuring an LDAP object store (LDAP Server Object Stores)
- Creating connection factories and destinations (Adding Administered Objects)
- Creating a cluster configuration file (Using a Cluster Configuration File)
- Designating a master broker (Master Broker)
- Configuring a broker to use a persistent store (Configuring a Persistent Data Store).
- Setting a destination’s configuration properties to optimize its memory usage (Updating Physical Destination Properties, Chapter 15, "Physical Destination Property Reference")
Maintenance Operations
Because application performance, reliability, and security are at a premium in production environments, message server resources must be tightly monitored and controlled through ongoing administrative maintenance operations, including the following:
Broker administration and tuning
- Using broker metrics to tune and reconfigure a broker (Chapter 11, "Analyzing and Tuning a Message Service")
- Managing broker memory resources (Routing Services)
- Creating and managing broker clusters to balance message load (Chapter 9, "Working With Broker Clusters")
- Recovering failed brokers (Starting Brokers).
- Adjusting connection factory attributes to ensure the correct behavior of client applications (Connection Factory Attributes)
- Monitoring and managing physical destinations (Chapter 6, "Managing Physical Destinations")
- Controlling user access to destinations (Access Control for Physical Destinations)
- Monitoring and managing durable subscriptions (see Managing Durable Subscriptions).
- Monitoring and managing transactions (see Managing Transactions).
Administration ToolsMessage Queue administration tools fall into two categories:
Command Line Utilities
All Message Queue utilities are accessible via a command line interface. Utility commands share common formats, syntax conventions, and options. They include the following:
- The Broker utility (imqbrokerd) starts up brokers and specifies their configuration properties, including connecting them together into a cluster.
- The Command utility (imqcmd) controls brokers and their resources and manages physical destinations.
- The Object Manager utility (imqobjmgr) manages provider-independent administered objects in an object store accessible via the Java Naming and Directory Interface (JNDI).
- The Database Manager utility (imqdbmgr) creates and manages databases for persistent storage that conform to the Java Database Connectivity (JDBC) standard.
- The User Manager utility (imqusermgr) populates a file-based user repository for user authentication and authorization.
- The Service Administrator utility (imqsvcadmin) installs and manages a broker as a Windows service.
- The Key Tool utility (imqkeytool) generates self-signed certificates for Secure Socket Layer (SSL) authentication.
See Chapter 13, "Command Line Reference," for detailed information on the use of these utilities.
Administration Console
The Message Queue Administration Console combines some of the capabilities of the Command and Object Manager utilities. You can use it to perform the following tasks:
However, you cannot use the Administration Console to perform such tasks as starting up a broker, creating broker clusters, managing a JDBC database or a user repository, installing a broker as a Windows service, or generating SSL certificates. For these, you need the other command line utilities (Broker, Database Manager, User Manager, Service Administrator, and Key Tool), which cannot operate remotely and must be run on the same host as the broker they manage (see Figure 1-1).
Figure 1-1 Local and Remote Administration Utilities
See Chapter 2, "Quick-Start Tutorial," for a brief, hands-on introduction to the Administration Console. More detailed information on its use is available through its own help facility.