JMS deployment
This topic describes the JMS providers that are supported by the IBM PEM integration deployment.
- Liberty Embedded JMS: This is provided by default with the IBM PEM
image. Based on your deployment strategy, PEM Partner Provisioner acts as JMS server
and client, or only client. JMS is hosted on PEM Partner Provisioner IP and 7286 port
for SSL or 7276 port for non-SSL. As this port is running inside the container, expose the port
through port forwarding in the docker run command for PEM Partner Provisioner.Important: You must start PEM Partner Provisioner and then start the PEM Partner Repository because PEM Partner Provisioner starts the JMS server.
You can enable JMS messaging through secure mode, which is
BootstrapSecureMessagingor non-secure mode, which isBootstrapBasicMessaging.Note: High availability is not supported for Liberty Embedded JMS.You can configure the SSL connectivity between JMS and other PEM Partner Repository or PEM Partner Provisioner containers by performing the following steps:- In the
Setup.cfgfile, set the value ofservers.remote_server_sslproperty to true. - Export the SSL certificate from the JMS server's keystore.
- Import the SSL certificate into the JMS client's keystore.
- Ensure that the hostname mapping for JMS server's host is present in all the JMS client
machine's
/etc/hostsfiles.
- In the
- Websphere MQ: You need to install and administer WMQ for this mode of deployment. Ensure
that WMQ server and queues are set up and running.
Note: High Availability is supported for WMQ JMS.
- Export the SSL certificate from the JMS server's keystore. This certificate is configured on the
WMQ server's connection channel. You can also configure the SSL CipherSpec on the WMQ server's
connection channel. If an SSL CipherSpec is already present for the SSL configuration, ensure to
specify the corresponding CipherSuite in the
Setup.cfgfile for theservers.ssl_cipher_suiteproperty. - Import the SSL certificate into the JMS client's keystore (PEM Partner Repository and PEM Partner Provisioner server's keystore).
- Ensure that the hostname mapping for the JMS server's host is present in all the JMS client
machine's
/etc/hostsfiles.
For more information about the SSL CipherSpec and CipherSuite mapping, see WebSphere MQ Documentation.
Liberty Embedded JMS deployment
- Single PEM Partner Repository and PEM Partner Provisioner
deployment
The high availability capability of PEM Partner Repository and PEM Partner Provisioner is not used as only one set of PEM Partner Repository and PEM Partner Provisioner application containers are used as illustrated in the following diagram:
- Multiple PEM Partner Repository and PEM Partner Provisioner
deployment
The following deployment option with multiple PEM Partner Repository and PEM Partner Provisioner provides load balancing capability. As this deployment option supports only one JMS Server, you cannot achieve high availability.
servers.enable_jms_features property, see the
Setup.cfg file.WebSphere MQ JMS deployment
- Single PEM Partner Repository and PEM Partner Provisioner
deployment
The high availability capability of PEM Partner Repository and PEM Partner Provisioner is not used as only one set of PEM Partner Repository and PEM Partner Provisioner application containers are used as depicted in the following diagram:
- Multiple PEM Partner Repository and PEM Partner Provisioner
deployment
The high availability capability of PEM Partner Repository and PEM Partner Provisioner is used with multiple instances as depicted in the following diagram:
servers.ssl_cipher_suite property by specifying a valid SSL cipher suite. Also,
configure the value of servers.jvm_options property by providing a truststore with
SSL certificate from the WMQ JMS server. For example,
-Djavax.net.ssl.trustStore=/path/trust.jks. For more information, see the Setup.cfg file.