Creating and configuring an Amazon MQ network of brokers - Amazon MQ
PrerequisitesStep 1: Allow Traffic between BrokersStep 2: Configure Network Connectors for Your BrokerNext Steps
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating and configuring an Amazon MQ network of brokers

A network of brokers is comprised of multiple simultaneously active single-instance brokers or active/standby brokers. You can configure networks of brokers in a variety of topologies (for example, concentrator, hub-and-spokes, tree, or mesh), depending on your application's needs, such as high availability and scalability. For instance, a hub and spoke network of brokers can increase resiliency, preserving messages if one broker is not reachable. A network of brokers with a concentrator topology can collect messages from a larger number of brokers accepting incoming messages, and concentrate them to more central brokers, to better handle the load of many incoming messages. In this tutorial, you learn how to create a two-broker network of brokers with a source and sink topology.

For a conceptual overview and detailed configuration information, see the following:

You can use the Amazon MQ console to create an Amazon MQ network of brokers. Because you can start the creation of the two brokers in parallel, this process takes approximately 15 minutes.

Prerequisites

To create a network of brokers, you must have the following:

The following example uses two single-instance brokers. However, you can create networks of brokers using active/standby brokers or a combination of broker deployment modes.

Step 1: Allow Traffic between Brokers

After you create your brokers, you must allow traffic between them.

  1. On the Amazon MQ console, on the MyBroker2 page, in the Details section, under Security and network, choose the name of your security group or .

    The Security Groups page of the EC2 Dashboard is displayed.

  2. From the security group list, choose your security group.

  3. At the bottom of the page, choose Inbound, and then choose Edit.

  4. In the Edit inbound rules dialog box, add a rule for the OpenWire endpoint.

    1. Choose Add Rule.

    2. For Type, select Custom TCP.

    3. For Port Range, type the OpenWire port (61617).

    4. Do one of the following:

      • If you want to restrict access to a particular IP address, for Source, leave Custom selected, and then enter the IP address of MyBroker1, followed by /32. (This converts the IP address to a valid CIDR record). For more information see Elastic Network Interfaces.

        Tip

        To retrieve the IP address of MyBroker1, on the Amazon MQ console, choose the name of the broker and navigate to the Details section.

      • If all the brokers are private and belong to the same VPC, for Source, leave Custom selected and then type the ID of the security group you are editing.

        Note

        For public brokers, you must restrict access using IP addresses.

    5. Choose Save.

      Your broker can now accept inbound connections.

Step 2: Configure Network Connectors for Your Broker

After you allow traffic between your brokers, you must configure network connectors for one of them.

  1. Edit the configuration revision for broker MyBroker1.

    1. On the MyBroker1 page, choose Edit.

    2. On the Edit MyBroker1 page, in the Configuration section, choose View.

      The broker engine type and version that the configuration uses (for example, Apache ActiveMQ 5.15.0) are displayed.

    3. On the Configuration details tab, the configuration revision number, description, and broker configuration in XML format are displayed.

    4. Choose Edit configuration.

    5. At the bottom of the configuration file, uncomment the <networkConnectors> section and include the following information:

      • The name for the network connector.

      • The ActiveMQ Web Console username that is common to both brokers.

      • Enable duplex connections.

      • Do one of the following:

        • If you are connecting the broker to a single-instance broker, use the static: prefix and the OpenWire endpoint uri for MyBroker2. For example:

          <networkConnectors>
  <networkConnector name="connector_1_to_2" userName="myCommonUser" duplex="true"
    uri="static:(ssl://b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9-1.mq.us-east-2.amazonaws.com:61617)"/>
</networkConnectors>

        • If you are connecting the broker to an active/standby broker, use the static+failover transport and the OpenWire endpoint uri for both brokers with the following query parameters ?randomize=false&maxReconnectAttempts=0. For example:

          <networkConnectors>
  <networkConnector name="connector_1_to_2" userName="myCommonUser" duplex="true"
    uri="static:(failover:(ssl://b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9-1.mq.us-east-2.amazonaws.com:61617,
    ssl://b-9876l5k4-32ji-109h-8gfe-7d65c4b132a1-2.mq.us-east-2.amazonaws.com:61617)?randomize=false&amp;maxReconnectAttempts=0)"/>
</networkConnectors>
        Note

        Don't include the sign-in credentials for the ActiveMQ user.

    6. Choose Save.

    7. In the Save revision dialog box, type Add network of brokers connector for MyBroker2.

    8. Choose Save to save the new revision of the configuration.

  2. Edit MyBroker1 to set the latest configuration revision to apply immediately.

    1. On the MyBroker1 page, choose Edit.

    2. On the Edit MyBroker1 page, in the Configuration section, choose Schedule Modifications.

    3. In the Schedule broker modifications section, choose to apply modifications Immediately.

    4. Choose Apply.

      MyBroker1 is rebooted and your configuration revision is applied.

    The network of brokers is created.

Next Steps

After you configure your network of brokers, you can test it by producing and consuming messages.

Important

Make sure that you enable inbound connections from your local machine for broker MyBroker1 on port 8162 (for the ActiveMQ Web Console) and port 61617 (for the OpenWire endpoint).

You might also need to adjust your security group(s) settings to allow the producer and consumer to connect to the network of brokers.

  1. On the Amazon MQ console, navigate to the Connections section and note the ActiveMQ Web Console endpoint for broker MyBroker1.

  2. Navigate to the ActiveMQ Web Console for broker MyBroker1.

  3. To verify that the network bridge is connected, choose Network.

    In the Network Bridges section, the name and the address of MyBroker2 are listed in the Remote Broker and Remote Address columns.

  4. From any machine that has access to broker MyBroker2, create a consumer. For example:

    activemq consumer --brokerUrl "ssl://b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9-1.mq.us-east-2.amazonaws.com:61617" \
	--user commonUser \
	--password myPassword456 \
	--destination queue://MyQueue

    The consumer connects to the OpenWire endpoint of MyBroker2 and begins to consume messages from queue MyQueue.

  5. From any machine that has access to broker MyBroker1, create a producer and send some messages. For example:

    activemq producer --brokerUrl "ssl://b-9876l5k4-32ji-109h-8gfe-7d65c4b132a1-1.mq.us-east-2.amazonaws.com:61617" \
	--user commonUser \
	--password myPassword456 \
	--destination queue://MyQueue \
	--persistent true \
	--messageSize 1000 \
	--messageCount 10000

    The producer connects to the OpenWire endpoint of MyBroker1 and begins to produce persistent messages to queue MyQueue.