This is an automated email from the ASF dual-hosted git repository.
robbie pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
The following commit(s) were added to refs/heads/main by this push:
new 77a06a89d6 QPID-8352: [Broker-J] Official Docker image for Broker-J
77a06a89d6 is described below
commit 77a06a89d64470b94fcd1bc93e95ed6cf57a49ea
Author: Daniil Kirilyuk <[email protected]>
AuthorDate: Mon Nov 13 16:07:32 2023 +0100
QPID-8352: [Broker-J] Official Docker image for Broker-J
---
.../org/apache/qpid/server/util/FileHelper.java | 6 +-
.../src/main/markdown/release-instructions.md | 1 +
.../src/docbkx/Apache-Qpid-Broker-J-Book.xml | 1 +
doc/java-broker/src/docbkx/Java-Broker-Docker.xml | 471 +++++++++++++++++++++
qpid-docker/Containerfile | 88 ++++
qpid-docker/README.md | 242 +++++++++++
qpid-docker/broker.acl | 19 +
qpid-docker/config.json | 102 +++++
qpid-docker/default.json | 14 +
qpid-docker/docker-build.sh | 181 ++++++++
qpid-docker/entrypoint.sh | 36 ++
qpid-docker/preferences.json | 3 +
qpid-docker/userPreferences.json | 3 +
13 files changed, 1166 insertions(+), 1 deletion(-)
diff --git
a/broker-core/src/main/java/org/apache/qpid/server/util/FileHelper.java
b/broker-core/src/main/java/org/apache/qpid/server/util/FileHelper.java
index e780a8fc36..038cdcfda3 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/util/FileHelper.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/util/FileHelper.java
@@ -62,7 +62,11 @@ public class FileHelper
if (permissions != null)
{
- Files.setPosixFilePermissions(backupFile, permissions);
+ final Set<PosixFilePermission> backupPermissions =
Files.getPosixFilePermissions(backupFile);
+ if (!backupPermissions.equals(permissions))
+ {
+ Files.setPosixFilePermissions(backupFile, permissions);
+ }
}
atomicFileMoveOrReplace(tmpFile, targetFile);
diff --git a/doc/developer-guide/src/main/markdown/release-instructions.md
b/doc/developer-guide/src/main/markdown/release-instructions.md
index 3068e27e13..b59dd08c4f 100644
--- a/doc/developer-guide/src/main/markdown/release-instructions.md
+++ b/doc/developer-guide/src/main/markdown/release-instructions.md
@@ -183,3 +183,4 @@ Sources are kept in a Git repository. Thus a git client is
required.
14. Remove the previous release binaries from
<https://dist.apache.org/repos/dist/release/qpid/broker-j>
when a new one is announced.
15. Update jenkins jobs if required.
+16. Docker images can be build and pushed to the container registry according
to the qpid-docker
[README.md](https://github.com/apache/qpid-broker-j/tree/main/qpid-docker#readme).
diff --git a/doc/java-broker/src/docbkx/Apache-Qpid-Broker-J-Book.xml
b/doc/java-broker/src/docbkx/Apache-Qpid-Broker-J-Book.xml
index a8d04dfd18..eadef22eaa 100644
--- a/doc/java-broker/src/docbkx/Apache-Qpid-Broker-J-Book.xml
+++ b/doc/java-broker/src/docbkx/Apache-Qpid-Broker-J-Book.xml
@@ -42,4 +42,5 @@
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="Java-Broker-Appendix-Miscellaneous.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="Java-Broker-Appendix-Queue-Declaration-Arguments.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="Java-Broker-Appendix-BDB-HA-Initial-Configuration.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="Java-Broker-Docker.xml"/>
</book>
diff --git a/doc/java-broker/src/docbkx/Java-Broker-Docker.xml
b/doc/java-broker/src/docbkx/Java-Broker-Docker.xml
new file mode 100644
index 0000000000..1b117419cf
--- /dev/null
+++ b/doc/java-broker/src/docbkx/Java-Broker-Docker.xml
@@ -0,0 +1,471 @@
+<?xml version="1.0"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+-->
+
+<chapter xmlns="http://docbook.org/ns/docbook"; version="5.0"
xml:id="Java-Broker-Docker">
+ <title>Docker Images</title>
+
+ <section xml:id="Java-Broker-Docker-Building-Image">
+
+ <title>Building Container Image</title>
+
+ <para>
+ To use an official Apache release in your image run the following
command from the qpid-docker directory where
+ <QPID_RELEASE_VERSION> is the release version you wish to use
(e.g. 9.1.0):
+ </para>
+
+ <para>
+ <programlisting>
+ cd qpid-docker
+ </programlisting>
+ </para>
+
+ <para>
+ <programlisting>
+ docker-build.sh --release <QPID_RELEASE_VERSION>
+ </programlisting>
+ </para>
+
+ <para>
+ This will download the Qpid Broker-J release and copy all the
files necessary to build the pre-configured
+ Docker image and provide you with additional instructions. Follow
these instructions to finish building
+ the image you want based on the provided Docker file or even one
of your own.
+ </para>
+
+ <para>
+ If you would rather prefer to build the docker image from local
Broker-J distribution, build the parent
+ project using the command
+ </para>
+
+ <para>
+ <programlisting>
+ mvn clean install -DskipTests=true
+ </programlisting>
+ </para>
+
+ <para>
+ Navigate to the module 'qpid-docker':
+ </para>
+
+ <para>
+ <programlisting>
+ cd qpid-docker
+ </programlisting>
+ </para>
+
+ <para>
+ Execute the command:
+ </para>
+
+ <para>
+ <programlisting>
+ docker-build.sh --local-dist-path
<PATH_TO_LOCAL_QPID_DISTRIBUTION>
+ </programlisting>
+ </para>
+
+ <para>
+ This will copy all the files necessary to build the pre-configured
Docker image and provide you with additional
+ instructions. Follow these instructions to finish building the
image you want based on one of the provided
+ Docker file or even one of your own.
+ </para>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Running-The-Container">
+
+ <title>Running the Container</title>
+
+ <section xml:id="Java-Broker-Docker-Container-Start">
+
+ <title>Container Start</title>
+
+ <para>
+ Container can be started using following command:
+ </para>
+
+ <para>
+ <programlisting>
+ docker run -d -p 5672:5672 -p 8080:8080 --name qpid
<IMAGE_NAME>
+ </programlisting>
+ </para>
+
+ <para>
+ or
+ </para>
+
+ <para>
+ <programlisting>
+ podman run -d -p 5672:5672 -p 8080:8080 -v
qpid_volume:/qpid-broker-j/work:Z --name qpid <IMAGE_NAME>
+ </programlisting>
+ </para>
+
+ <para>
+ There are two ports exposed: 5672 for AMQP connections and
8080 for HTTP connections.
+ </para>
+
+ <para>
+ There are following environment variables available when
running the container:
+ </para>
+
+ <table>
+ <title>Environment Variables</title>
+ <tgroup cols="2">
+ <colspec colnum="1" colname="variable" colwidth="1*"/>
+ <colspec colnum="2" colname="description" colwidth="1*"/>
+ <thead>
+ <row>
+ <entry>Environment Variable</entry>
+ <entry>Description</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>JAVA_GC</entry>
+ <entry>JVM Garbage Collector parameters, default
value "-XX:+UseG1GC"</entry>
+ </row>
+ <row>
+ <entry>JAVA_MEM</entry>
+ <entry>JVM memory parameters, default value
"-Xmx300m -XX:MaxDirectMemorySize=200m"</entry>
+ </row>
+ <row>
+ <entry>JAVA_OPTS</entry>
+ <entry>Further JVM parameters, default value is an
empty string</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Container-Volume">
+
+ <title>Container Volume</title>
+
+ <para>
+ The image will use the directory /qpid-broker-j/work to hold
the configuration and the data of the
+ running broker. To persist the broker configuration and the
data outside the container, start container
+ with the volume mapping:
+ </para>
+
+ <para>
+ <programlisting>
+ docker run -d -p 5672:5672 -p 8080:8080 -v
<BROKER_DIRECTOR_ON_HOST>:/qpid-broker-j/work --name qpid <IMAGE_NAME>
+ </programlisting>
+ </para>
+
+ <para>
+ or
+ </para>
+
+ <para>
+ <programlisting>
+ podman run -d -p 5672:5672 -p 8080:8080 -v
<BROKER_DIRECTOR_ON_HOST>:/qpid-broker-j/work:Z --name qpid <IMAGE_NAME>
+ </programlisting>
+ </para>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Container-Stop">
+
+ <title>Stopping the Container</title>
+
+ <para>
+ Running container can be stopped using following command:
+ </para>
+
+ <para>
+ <programlisting>
+ docker stop <CONTAINER_NAME>
+ </programlisting>
+ </para>
+
+ </section>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Broker-Users">
+
+ <title>Broker Users</title>
+
+ <para>
+ Default configuration provides a preconfigured broker user, having
read and write access to all broker objects:
+ </para>
+
+ <para>
+ <itemizedlist>
+ <listitem><para>admin (default password
'admin')</para></listitem>
+ </itemizedlist>
+ </para>
+
+ <para>
+ Username of the 'admin' user can be overridden be providing the
variable QPID_ADMIN_USER on start, and the default
+ password of the 'admin' user can be overridden be providing the
variable QPID_ADMIN_PASSWORD on start:
+ </para>
+
+ <para>
+ <programlisting>
+ docker run -d -p 5672:5672 -p 8080:8080 -v
qpid_volume:/qpid-broker-j/work -e QPID_ADMIN_USER=myuser -e
QPID_ADMIN_PASSWORD=mypassword --name qpid <IMAGE_NAME>
+ </programlisting>
+ </para>
+
+ <para>
+ Further broker users as well as other broker objects (queues,
exchanges, keystores, truststore, ports etc.)
+ can be created via HTTP management interface. Description of the
broker REST API can be found in broker book
+ (<link linkend="Java-Broker-Management-Channel-REST-API">chapter
6.3</link>).
+ </para>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Broker-Customization">
+
+ <title>Broker Customization</title>
+
+ <para>
+ To customize broker before building the container image, its
configuration files may be edited to start
+ broker with queues, exchanges, users or other objects.
+ </para>
+
+ <para>
+ The file config.json contains definitions of the broker objects
and references a file containing definitions
+ of virtualhost objects (exchanges and queues).
+ </para>
+
+ <para>
+ It may be helpful first to create broker objects needed via broker
web GUI or via REST API, and then
+ investigate the configuration files and copy the appropriate
definitions to the configuration files used
+ for container image creation.
+ </para>
+
+ <para>
+ An example of the default initial configuration JSON file is
provided in broker book
+ (<link linkend="Java-Broker-Initial-Configuration">chapter
5.7</link>).
+ </para>
+
+ <section xml:id="Java-Broker-Docker-Broker-Customization-Exchanges">
+
+ <title>Exchanges</title>
+
+ <para>
+ To create exchanges a JSON element "exchanges" should be
created containing an array of single
+ exchange definitions:
+ </para>
+
+ <para>
+ <programlisting>
+ "exchanges" : [ {
+ "name" : "amq.direct",
+ "type" : "direct"
+ }, {
+ "name" : "amq.fanout",
+ "type" : "fanout"
+ }, {
+ "name" : "amq.match",
+ "type" : "headers"
+ }, {
+ "name" : "amq.topic",
+ "type" : "topic"
+ }, {
+ "name" : "request.QUEUE1",
+ "type" : "topic",
+ "durable" : true,
+ "durableBindings" : [ {
+ "arguments" : { },
+ "destination" : "QUEUE1",
+ "bindingKey" : "#"
+ } ],
+ "unroutableMessageBehaviour" : "REJECT"
+ } ]
+ </programlisting>
+ </para>
+
+ <para>
+ Information about exchanges, their types and properties can be
found in broker book
+ (<link linkend="Java-Broker-Concepts-Exchanges">chapter
4.6</link>).
+ </para>
+
+ <para>
+ Please note that each virtualhost pre-declares several
exchanges, described in the broker book
+ (<link
linkend="Java-Broker-Concepts-Exchanges-Predeclared">chapter 4.6.1</link>).
+ </para>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Broker-Customization-Queues">
+
+ <title>Queues</title>
+
+ <para>
+ To create queue a JSON element "queues" should be created
containing an array of single queue definitions:
+ </para>
+
+ <para>
+ <programlisting>
+ "queues" : [ {
+ "name" : "QUEUE1",
+ "type" : "standard",
+ "durable" : true,
+ "maximumQueueDepthBytes" : 6144000,
+ "maximumQueueDepthMessages" : 6000,
+ "messageDurability" : "ALWAYS",
+ "overflowPolicy" : "REJECT"
+ }, {
+ "name" : "QUEUE2",
+ "type" : "standard",
+ "durable" : true,
+ "maximumQueueDepthBytes" : 6144000,
+ "maximumQueueDepthMessages" : 6000,
+ "messageDurability" : "ALWAYS",
+ "overflowPolicy" : "REJECT"
+ } ]
+ </programlisting>
+ </para>
+
+ <para>
+ Information about queues, their types and properties can be
found in broker book
+ (<link linkend="Java-Broker-Concepts-Queues">chapter
4.7</link>).
+ </para>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Broker-Customization-Users">
+
+ <title>Users</title>
+
+ <para>
+ Users can be defined in an authentication provider.
Authentication providers are defined on broker
+ level (file config.json).
+ </para>
+
+ <para>
+ Information about authentication providers, their types and
properties can be found in broker book
+ (<link
linkend="Java-Broker-Security-Authentication-Providers">chapter 8.1</link>).
+ </para>
+
+ <para>
+ Examples for most commonly used authentication providers can
be found below.
+ </para>
+
+ <section
xml:id="Java-Broker-Docker-Broker-Customization-Users-Anonymous">
+
+ <title>Anonymous Authentication Provider</title>
+
+ <para>
+ <programlisting>
+ "authenticationproviders" : [ {
+ "name" : "anon",
+ "type" : "Anonymous"
+ } ]
+ </programlisting>
+ </para>
+
+ <para>
+ For additional details see broker book
+ (<link
linkend="Java-Broker-Security-Anonymous-Provider">chapter 8.1.5</link>).
+ </para>
+
+ </section>
+
+ <section
xml:id="Java-Broker-Docker-Broker-Customization-Users-Plain">
+
+ <title>Plain Authentication Provider</title>
+
+ <para>
+ <programlisting>
+ "authenticationproviders" : [{
+ "name" : "plain",
+ "type" : "Plain",
+ "secureOnlyMechanisms" : [],
+ "users" : [ {
+ "name" : "admin",
+ "type" : "managed",
+ "password" : "<PASSWORD>"
+ } ]
+ } ]
+ </programlisting>
+ </para>
+
+ <para>
+ For additional details see broker book
+ (<link
linkend="Java-Broker-Security-Plain-Provider">chapter 8.1.7</link>).
+ </para>
+
+ </section>
+
+ <section
xml:id="Java-Broker-Docker-Broker-Customization-Users-ACL">
+
+ <title>ACL Rules</title>
+
+ <para>
+ The ACL rules for users are defined in file broker.acl
following the syntax:
+ </para>
+
+ <para>
+ <programlisting>
+ ACL {permission} {<group-name>|<user-name>|ALL}
{action|ALL} [object|ALL] [property=<property-values>]
+ </programlisting>
+ </para>
+
+ <para>
+ The predefined broker.acl file contains permissions for
the 'admin' user:
+ </para>
+
+ <para>
+ <programlisting>
+ # account 'admin' - enabled all actions
+ ACL ALLOW-LOG admin ALL ALL
+ </programlisting>
+ </para>
+
+ <para>
+ For additional details see broker book
+ (<link
linkend="Java-Broker-Security-AccessControlProviders-ACLRules">chapter
8.3.2</link>).
+ </para>
+
+ </section>
+
+ </section>
+
+ <section xml:id="Java-Broker-Docker-Broker-Customization-Override">
+
+ <title>Overriding Broker Configuration</title>
+
+ <para>
+ Customized configuration for the Broker-J instance can be used by
replacing the files residing in the work
+ folder with the custom ones, e.g. config.json or default.json. Put
the replacement files inside a folder
+ and map it as a volume to:
+ </para>
+
+ <para>
+ <programlisting>
+ docker run -d -p 5672:5672 -p 8080:8080 -v
<DIRECTORY_ON_HOST>:/qpid-broker-j/work-override:Z --name qpid
<IMAGE_NAME>
+ </programlisting>
+ </para>
+
+ <para>
+ The contents of work-override folder will be copied over to work
folder first time after the instance creation so that
+ the broker will start with user-supplied configuration.
+ </para>
+
+ </section>
+
+ </section>
+
+</chapter>
\ No newline at end of file
diff --git a/qpid-docker/Containerfile b/qpid-docker/Containerfile
new file mode 100644
index 0000000000..a402cb2e32
--- /dev/null
+++ b/qpid-docker/Containerfile
@@ -0,0 +1,88 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+ARG OS_NAME=ubuntu
+
+#
+# Builder images
+#
+
+# Alpine
+FROM docker.io/library/eclipse-temurin:17-jre-alpine AS builder-alpine
+RUN adduser -u 1001 -G root qpid --disabled-password
+
+# Ubuntu
+FROM docker.io/library/eclipse-temurin:17-jre AS builder-ubuntu
+RUN useradd -u 1001 -G root qpid
+
+#
+# Final image
+#
+FROM builder-${OS_NAME}
+
+ARG BROKER_VERSION="unknown"
+
+# Labels
+LABEL description="Apache Qpid Broker-J ${BROKER_VERSION}"
+LABEL io.k8s.display-name="qpid-broker-j ${BROKER_VERSION}"
+LABEL io.k8s.description="Apache Qpid Broker-J ${BROKER_VERSION}"
+LABEL maintainer="Apache Qpid Team, [email protected]"
+LABEL name="Apache Qpid Broker-J"
+LABEL summary="Apache Qpid Broker-J ${BROKER_VERSION}"
+LABEL version="${BROKER_VERSION}"
+LABEL url="https://qpid.apache.org/components/broker-j/index.html";
+
+# Java environment variables
+ENV JAVA_GC="-XX:+UseG1GC"
+ENV JAVA_MEM="-Xmx300m -XX:MaxDirectMemorySize=200m"
+ENV JAVA_OPTS=""
+
+# Broker-J admin user credentials
+ENV QPID_ADMIN_USER="admin"
+ENV QPID_ADMIN_PASSWORD="admin"
+
+# Create work folder and subfolders
+RUN mkdir -p /qpid-broker-j/etc && \
+ mkdir -p /qpid-broker-j/work && \
+ mkdir -p /qpid-broker-j/work-init && \
+ mkdir -p /qpid-broker-j/work-override && \
+ chmod -R 770 /qpid-broker-j && \
+ chown -R 1001:root /qpid-broker-j
+
+# Declare volume
+VOLUME ["/qpid-broker-j/work"]
+
+# Copy jar files
+COPY --chown=1001:root --chmod=770 ./lib /qpid-broker-j/lib
+
+# Copy entrypoint script
+COPY --chown=1001:root --chmod=770 entrypoint.sh /qpid-broker-j
+
+# Copy configuration files
+COPY --chown=1001:root --chmod=660 broker.acl /qpid-broker-j/work-init
+COPY --chown=1001:root --chmod=660 config.json /qpid-broker-j/work-init
+COPY --chown=1001:root --chmod=660 default.json /qpid-broker-j/work-init
+COPY --chown=1001:root --chmod=660 preferences.json /qpid-broker-j/work-init
+COPY --chown=1001:root --chmod=660 userPreferences.json
/qpid-broker-j/work-init
+
+WORKDIR /qpid-broker-j
+
+EXPOSE 5672 8080
+
+USER 1001:root
+
+ENTRYPOINT exec /qpid-broker-j/entrypoint.sh
diff --git a/qpid-docker/README.md b/qpid-docker/README.md
new file mode 100644
index 0000000000..68f11fa34e
--- /dev/null
+++ b/qpid-docker/README.md
@@ -0,0 +1,242 @@
+## Docker Image Example
+
+This is an example on how a Docker Image For Apache Qpid Broker-J based on
Eclipse Temurin JRE image can be created.
+
+## Building Container Image
+
+To use an official Apache release in your image run the following command from
the qpid-docker directory where
+<QPID_RELEASE_VERSION> is the release version you wish to use (e.g. 9.1.0):
+
+```
+cd qpid-docker
+
+docker-build.sh --release <QPID_RELEASE_VERSION>
+```
+
+This will download the Qpid Broker-J release and copy all the files necessary
to build the pre-configured Docker image
+and provide you with additional instructions. Follow these instructions to
finish building the image you want based on
+the provided Docker file or even one of your own.
+
+If you would rather prefer to build the docker image from local Broker-J
distribution, build the parent project using
+the command
+
+```
+mvn clean install -DskipTests=true
+```
+
+Navigate to the module 'qpid-docker':
+
+```
+cd qpid-docker
+```
+
+Execute the command
+
+```
+docker-build.sh --local-dist-path <PATH_TO_LOCAL_QPID_DISTRIBUTION>
+```
+
+This will copy all the files necessary to build the pre-configured Docker
image and provide you with additional
+instructions. Follow these instructions to finish building the image you want
based on one of the provided Docker file
+or even one of your own.
+
+### Container Structure
+
+Broker-J files are copied to the folder /qpid-broker-j \
+This folder belongs to user qpid, which is part of the root group. Java
process is executed under the qpid user as well.
+
+### Running the Container
+
+Container can be started using following command:
+```
+docker run -d -p 5672:5672 -p 8080:8080 --name qpid <IMAGE_NAME>
+```
+There are two ports exposed: 5672 for AMQP connections and 8080 for HTTP
connections.
+
+There are following environment variables available when running the container:
+
+| Environment Variable | Description
|
+|----------------------|------------------------------------------------------------------------------|
+| JAVA_GC | JVM Garbage Collector parameters, default value
"-XX:+UseG1GC" |
+| JAVA_MEM | JVM memory parameters, default value "-Xmx300m
-XX:MaxDirectMemorySize=200m" |
+| JAVA_OPTS | Further JVM parameters, empty by default
|
+
+#### Container Volume
+
+The image will use the directory /qpid-broker-j/work to hold the configuration
and the data of the running broker.
+To persist the broker configuration and the data outside the container, start
container with the volume mapping:
+
+```
+docker run -d -p 5672:5672 -p 8080:8080 -v
<BROKER_DIRECTORY_ON_HOST>:/qpid-broker-j/work --name qpid <IMAGE_NAME>
+```
+or
+```
+podman run -d -p 5672:5672 -p 8080:8080 -v
<BROKER_DIRECTORY_ON_HOST>:/qpid-broker-j/work:Z --name qpid <IMAGE_NAME>
+```
+
+### Stopping the Container
+
+Running container can be stopped using following command:
+```
+docker stop qpid
+```
+
+### Broker Users
+
+Default configuration provides a preconfigured broker user, having read and
write access to all broker objects:
+- admin (default password 'admin')
+
+Username of the 'admin' user can be overridden be providing the variable
QPID_ADMIN_USER on start, and the default
+password of the 'admin' user can be overridden be providing the variable
QPID_ADMIN_PASSWORD on start:
+
+```
+docker run -d -p 5672:5672 -p 8080:8080 -v
<BROKER_DIRECTORY_ON_HOST>:/qpid-broker-j/work -e QPID_ADMIN_USER=myuser -e
QPID_ADMIN_PASSWORD=mypassword --name qpid <IMAGE_NAME>
+```
+
+Further broker users as well as other broker objects (queues, exchanges,
keystores, truststore, ports etc.)
+can be created via HTTP management interface. Description of the broker REST
API can be found in broker book (chapter 6.3).
+
+To change user password following command can be used:
+
+```
+curl -d '{"password": "<NEW_PASSWORD>"}'
http://admin:admin@localhost:8080/api/latest/user/plain/<USERNAME>
+```
+
+## Broker Customization
+
+To customize broker before building the container image, its configuration
files may be edited to start broker with
+queues, exchanges, users or other objects.
+
+The file config.json contains definitions of the broker objects and references
a file containing definitions
+of virtualhost objects (exchanges and queues).
+
+It may be helpful first to create broker objects needed via broker web GUI or
via REST API, and then investigate the
+configuration files and copy the appropriate definitions to the configuration
files used for container image creation.
+
+An example of the default initial configuration JSON file is provided in
broker book (chapter 5.7).
+
+### Exchanges
+
+To create exchanges a JSON element "exchanges" should be created containing an
array of single exchange definitions:
+
+```
+"exchanges" : [ {
+ "name" : "amq.direct",
+ "type" : "direct"
+ }, {
+ "name" : "amq.fanout",
+ "type" : "fanout"
+ }, {
+ "name" : "amq.match",
+ "type" : "headers"
+ }, {
+ "name" : "amq.topic",
+ "type" : "topic"
+ }, {
+ "name" : "request.QUEUE1",
+ "type" : "topic",
+ "durable" : true,
+ "durableBindings" : [ {
+ "arguments" : { },
+ "destination" : "QUEUE1",
+ "bindingKey" : "#"
+ } ],
+ "unroutableMessageBehaviour" : "REJECT"
+ }
+]
+```
+
+Information about exchanges, their types and properties can be found in broker
book (chapter 4.6).
+
+Please note that each virtualhost pre-declares several exchanges, described in
the broker book (chapter 4.6.1).
+
+### Queues
+
+To create queue a JSON element "queues" should be created containing an array
of single queue definitions:
+
+```
+"queues" : [ {
+ "name" : "QUEUE1",
+ "type" : "standard",
+ "durable" : true,
+ "maximumQueueDepthBytes" : 6144000,
+ "maximumQueueDepthMessages" : 6000,
+ "messageDurability" : "ALWAYS",
+ "overflowPolicy" : "REJECT"
+ }, {
+ "name" : "QUEUE2",
+ "type" : "standard",
+ "durable" : true,
+ "maximumQueueDepthBytes" : 6144000,
+ "maximumQueueDepthMessages" : 6000,
+ "messageDurability" : "ALWAYS",
+ "overflowPolicy" : "REJECT"
+ }
+]
+```
+
+Information about queues, their types and properties can be found in broker
book (chapter 4.7).
+
+### Users
+
+Users can be defined in an authentication provider. Authentication providers
are defined on broker level (file config.json).
+
+Information about authentication providers, their types and properties can be
found in broker book (chapter 8.1).
+
+Examples for most commonly used authentication providers can be found below.
+
+#### Anonymous Authentication Provider
+
+```
+"authenticationproviders" : [ {
+ "name" : "anon",
+ "type" : "Anonymous"
+ } ]
+```
+For additional details see broker book (chapter 8.1.5).
+
+#### Plain Authentication Provider
+
+```
+"authenticationproviders" : [{
+ "name" : "plain",
+ "type" : "Plain",
+ "secureOnlyMechanisms" : [],
+ "users" : [ {
+ "name" : "admin",
+ "type" : "managed",
+ "password" : "<PASSWORD>"
+ } ]
+ } ]
+```
+
+For additional details see broker book (chapter 8.1.7).
+
+#### ACL Rules
+
+The ACL rules for users are defined in file broker.acl following the syntax:
+
+```
+ACL {permission} {<group-name>|<user-name>|ALL} {action|ALL} [object|ALL]
[property=<property-values>]
+```
+
+The predefined broker.acl file contains permissions for the 'admin' user:
+
+```
+# account 'admin' - enabled all actions
+ACL ALLOW-LOG QPID_ADMIN_USER ALL ALL
+```
+
+For additional details see broker book (chapter 8.3.2).
+
+### Overriding Broker Configuration
+
+Customized configuration for the Broker-J instance can be used by replacing
the files residing in the work folder with
+the custom ones, e.g. config.json or default.json. Put the replacement files
inside a folder and map it as a volume to:
+
+```
+docker run -d -p 5672:5672 -p 8080:8080 -v
<DIRECTORY_ON_HOST>:/qpid-broker-j/work-override:Z --name qpid <IMAGE_NAME>
+```
+
+The contents of work-override folder will be copied over to work folder first
time after the instance creation so that
+the broker will start with user-supplied configuration.
\ No newline at end of file
diff --git a/qpid-docker/broker.acl b/qpid-docker/broker.acl
new file mode 100644
index 0000000000..7ab82ca278
--- /dev/null
+++ b/qpid-docker/broker.acl
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# account 'admin' - enabled all actions
+ACL ALLOW-LOG QPID_ADMIN_USER ALL ALL
diff --git a/qpid-docker/config.json b/qpid-docker/config.json
new file mode 100644
index 0000000000..68565c573c
--- /dev/null
+++ b/qpid-docker/config.json
@@ -0,0 +1,102 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+{
+ "name" : "${broker.name}",
+ "modelVersion" : "9.0",
+ "accesscontrolproviders" : [ {
+ "name" : "brokerAcl",
+ "type" : "AclFile",
+ "path" : "/qpid-broker-j/work/broker.acl"
+ } ],
+ "authenticationproviders" : [ {
+ "name" : "plain",
+ "type" : "Plain",
+ "secureOnlyMechanisms" : [],
+ "users" : [ {
+ "name" : "${QPID_ADMIN_USER}",
+ "type" : "managed",
+ "password" : "${QPID_ADMIN_PASSWORD}"
+ }]
+ } ],
+ "brokerloggers" : [ {
+ "name" : "console",
+ "type" : "Console",
+ "brokerloginclusionrules" : [ {
+ "name" : "Operational",
+ "type" : "NameAndLevel",
+ "level" : "INFO",
+ "loggerName" : "qpid.message.*"
+ }, {
+ "name" : "Qpid",
+ "type" : "NameAndLevel",
+ "level" : "INFO",
+ "loggerName" : "org.apache.qpid.*"
+ }, {
+ "name" : "Root",
+ "type" : "NameAndLevel",
+ "level" : "INFO",
+ "loggerName" : "ROOT"
+ }, {
+ "name" : "Statistics",
+ "type" : "NameAndLevel",
+ "level" : "INFO",
+ "loggerName" : "qpid.statistics.*"
+ } ]
+ } ],
+ "plugins" : [ {
+ "type" : "MANAGEMENT-HTTP",
+ "name" : "httpManagement",
+ "httpBasicAuthenticationEnabled": true
+ } ],
+ "ports" : [ {
+ "name" : "AMQP",
+ "port" : "${qpid.amqp_port}",
+ "authenticationProvider" : "plain",
+ "virtualhostaliases" : [ {
+ "name" : "defaultAlias",
+ "type" : "defaultAlias"
+ }, {
+ "name" : "hostnameAlias",
+ "type" : "hostnameAlias"
+ }, {
+ "name" : "nameAlias",
+ "type" : "nameAlias"
+ } ]
+ }, {
+ "name" : "HTTP",
+ "port" : "${qpid.http_port}",
+ "authenticationProvider" : "plain",
+ "protocols" : [ "HTTP" ]
+ } ],
+ "virtualhostnodes" : [ {
+ "name" : "default",
+ "type" : "JSON",
+ "defaultVirtualHostNode" : "true",
+ "preferenceStoreAttributes" : {
+ "type" : "JSON",
+ "attributes" : {
+ "path" : "/qpid-broker-j/work"
+ }
+ },
+ "storePath" : "/qpid-broker-j/work",
+ "virtualHostInitialConfiguration" : "{}"
+ } ]
+}
diff --git a/qpid-docker/default.json b/qpid-docker/default.json
new file mode 100644
index 0000000000..9ec681dfdc
--- /dev/null
+++ b/qpid-docker/default.json
@@ -0,0 +1,14 @@
+{
+ "name" : "default",
+ "modelVersion" : "9.0",
+ "type" : "BDB",
+ "storePath" : "/qpid-broker-j/work/messages",
+ "storeUnderfullSize" : "0",
+ "storeOverfullSize" : "0",
+ "context" : {
+ "qpid.broker.bdbCommiterNotifyThreshold" : "8",
+ "qpid.broker.bdbCommiterWaitTimeout" : "500",
+ "queue.defaultMaximumQueueDepthMessages" : "1000",
+ "queue.defaultMaximumQueueDepthBytes" : "1048576"
+ }
+}
\ No newline at end of file
diff --git a/qpid-docker/docker-build.sh b/qpid-docker/docker-build.sh
new file mode 100644
index 0000000000..41103233ff
--- /dev/null
+++ b/qpid-docker/docker-build.sh
@@ -0,0 +1,181 @@
+#!/bin/sh
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from_local_dist=
+from_release=
+local_dist_path=
+qpid_version=
+MY_NAME=$(basename "$0")
+
+print_help()
+{
+ cat << END_OF_HELP
+Usage: $MY_NAME [OPTION]...
+
+ options:
+
+ --release Apache Qpid Broker-J release version to build with
+ --local-dist-path Path to the local Apache Qpid Broker-J distribution to
build with
+ --help, -h, -? Print this help and exit
+
+END_OF_HELP
+}
+
+parse_parameters()
+{
+ while [ $# -gt 0 ]; do
+ case $1 in
+ --local-dist-path)
+ from_local_dist=true
+ local_dist_path=$2
+ shift;;
+ --release)
+ from_release=true
+ qpid_version=$2
+ shift;;
+ --help | -h | -?)
+ print_help; exit 0;;
+ *)
+ echo "Unknown parameter '$1'"
+ exit 2;;
+ esac
+ shift
+ done
+
+ if [ -n "${local_dist_path}" ] && [ -n "${qpid_version}" ]; then
+ echo "Please specify either building image from local installation or from
a particular release version, but not both"
+ exit 2
+ fi
+
+ if [ -z "${local_dist_path}" ] && [ -z "${qpid_version}" ]; then
+ print_help
+ echo "Please specify either building image from local installation or from
a particular release version"
+ exit 2
+ fi
+
+ if [ -n "${local_dist_path}" ]; then
+
+ if [ ! -f "${local_dist_path}" ]; then
+ echo "Local distribution file ${local_dist_path} not found"
+ exit 1
+ fi
+
+ if [ "$(echo ${local_dist_path} | tail -c 7)" != "tar.gz" ]; then
+ echo "Local distribution file ${local_dist_path} should be a tar.gz
archive"
+ exit 1
+ fi
+ fi
+}
+
+install()
+{
+ qpid_dist_dir="./qpid-broker-j"
+ qpid_dist_file_name=
+
+ # Prepare directory
+ if [ ! -d "${qpid_dist_dir}" ]; then
+ echo "Creating directory ${qpid_dist_dir}"
+ mkdir -p "${qpid_dist_dir}"
+ elif [ ! -z "$(find "${temp_dir}" -name "${qpid_version}" -type d -mmin
+60)" ]; then
+ echo "Cleaning up directory ${qpid_dist_dir}"
+ rm -rf ${qpid_dist_dir}/*
+ else
+ echo "Using directory ${qpid_dist_dir}"
+ fi
+
+ if [ -n "${from_release}" ]; then
+
+ qpid_dist_file_name="apache-qpid-broker-j-${qpid_version}-bin.tar.gz"
+
+ # Check if the release is already available locally, if not try to
download it
+ if [ -z "$(ls -A ${qpid_dist_dir})" ]; then
+ cdn="$(curl -s
https://www.apache.org/dyn/closer.cgi\?preferred=true)/qpid/broker-j/${qpid_version}/binaries/"
+
archive="https://archive.apache.org/dist/qpid/broker-j/${qpid_version}/binaries/";
+ qpid_base_url=${cdn}
+ curl_output="${qpid_dist_dir}/${qpid_dist_file_name}"
+
+ # Fallback to the apache archive if the version doesn't exist on the CDN
anymore
+ if [ -z "$(curl -Is ${qpid_base_url}${qpid_dist_file_name} | head -n 1 |
grep 200)" ]; then
+ qpid_base_url=${archive}
+
+ # If the archive also doesn't work then report the failure and abort
+ if [ -z "$(curl -Is ${qpid_base_url}${qpid_dist_file_name} | head -n 1
| grep 200)" ]; then
+ echo "Failed to find ${qpid_dist_file_name}. Tried both ${cdn} and
${archive}."
+ exit 1
+ fi
+ fi
+
+ echo "Downloading ${qpid_dist_file_name} from ${qpid_base_url}..."
+ curl --progress-bar "${qpid_base_url}${qpid_dist_file_name}" --output
"${curl_output}"
+
+ fi
+
+ elif [ -n "${from_local_dist}" ]; then
+
+ qpid_dist_file_name=$(basename ${local_dist_path})
+ qpid_version=$(echo "$qpid_dist_file_name" | sed -e
's/apache-qpid-broker-j-\(.*\)-bin.tar.gz/\1/')
+
+ echo "Broker-J distribution file is $qpid_dist_file_name"
+ echo "Broker-J version is $qpid_version"
+
+ echo "Copying ${local_dist_path} to ${qpid_dist_dir}..."
+ cp "$local_dist_path" "$qpid_dist_dir"
+
+ else
+ exit 2
+ fi
+
+ echo "Expanding ${qpid_dist_dir}/${qpid_dist_file_name}..."
+ tar xzf "${qpid_dist_dir}"/"${qpid_dist_file_name}" --directory
"${qpid_dist_dir}" --strip 1
+
+ echo "Removing ${qpid_dist_dir}/${qpid_dist_file_name}..."
+ rm -rf "${qpid_dist_dir}"/"${qpid_dist_file_name}"
+
+ mkdir -p $qpid_dist_dir/${qpid_version}/docker/
+ cp ./broker.acl "$qpid_dist_dir/${qpid_version}/docker/"
+ cp ./*.json "$qpid_dist_dir/${qpid_version}/docker/"
+ cp ./Containerfile "$qpid_dist_dir/${qpid_version}/docker/"
+ cp -r $qpid_dist_dir/${qpid_version}/lib
"$qpid_dist_dir/${qpid_version}/docker/"
+ cp ./entrypoint.sh "$qpid_dist_dir/${qpid_version}/docker/"
+}
+
+print_instruction()
+{
+ cat <<HERE
+
+Well done! Now you can continue with building the Docker image:
+
+ # Go to $qpid_dist_dir/${qpid_version}/docker/
+ $ cd $qpid_dist_dir/${qpid_version}/docker/
+
+ # For Ubuntu with JRE 17
+ $ docker build -f ./Containerfile -t qpid-ubuntu .
+
+ # For Alpine with JRE 17
+ $ docker build -f ./Containerfile --build-arg OS_NAME=alpine -t qpid-alpine .
+
+Note: -t qpid-ubuntu and -t qpid-alpine are just a tag names for the purpose
of this guide
+
+For more info see README.md
+
+HERE
+ exit 0
+}
+
+# main
+parse_parameters "$@" && install && print_instruction
diff --git a/qpid-docker/entrypoint.sh b/qpid-docker/entrypoint.sh
new file mode 100644
index 0000000000..8af2430a58
--- /dev/null
+++ b/qpid-docker/entrypoint.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# This is the entry point for the docker images.
+# This file is executed when "docker container create" or "docker run" is
called.
+
+set -e
+
+if ! [ -f ./work/config.json ]; then
+ if [ -d ./work-init ]; then
+ for file in `ls ./work-init`; do echo copying file to work folder:
$file; cp ./work-init/$file ./work || :; done
+ fi
+ sed -i "s/QPID_ADMIN_USER/${QPID_ADMIN_USER}/g"
/qpid-broker-j/work/broker.acl
+ if [ -d ./work-override ]; then
+ for file in `ls ./work-override`; do echo copying file to work folder:
$file; cp ./work-override/$file ./work || :; done
+ fi
+else
+ echo "skipping broker instance creation; instance already exists"
+fi
+
+exec java -server $JAVA_GC $JAVA_MEM $JAVA_OPTS -DQPID_HOME=/qpid-broker-j
-DQPID_WORK=/qpid-broker-j/work -cp "/qpid-broker-j/lib/*"
org.apache.qpid.server.Main
\ No newline at end of file
diff --git a/qpid-docker/preferences.json b/qpid-docker/preferences.json
new file mode 100644
index 0000000000..22809bbbac
--- /dev/null
+++ b/qpid-docker/preferences.json
@@ -0,0 +1,3 @@
+{
+ "version" : "9.0"
+}
\ No newline at end of file
diff --git a/qpid-docker/userPreferences.json b/qpid-docker/userPreferences.json
new file mode 100644
index 0000000000..22809bbbac
--- /dev/null
+++ b/qpid-docker/userPreferences.json
@@ -0,0 +1,3 @@
+{
+ "version" : "9.0"
+}
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
