From 2fde6ce50623050a2036f052f669c242f20ee4ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20Czoma?= Date: Wed, 5 Feb 2020 10:40:49 -0500 Subject: [PATCH] 9.4 release (#44) * Supporting release 9.4 * Update template parameters * Now using the latest default ports * Added mounted volume ownership change * Added TCP for WAN optimization * Fix ports 8080 and 80 as HTTP for LB * Updated for deprecated config key * Updated template defaults with new S3 location * Update AMI machine IDs --- .travis.yml | 16 +-- README.md | 100 +++++++-------- ci/solace-aws-ha-3az-prod-travistest.json | 10 +- scripts/gen-cluster-hosts.sh | 6 +- scripts/install-solace.sh | 147 +++++++++++++--------- scripts/semp_query.sh | 76 +++++------ templates/nodecreate.template | 38 +++--- templates/solace-master.template | 22 ++-- templates/solace.template | 118 ++++++++++++----- 9 files changed, 312 insertions(+), 221 deletions(-) diff --git a/.travis.yml b/.travis.yml index 219fbc8..a49cdbb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -33,13 +33,14 @@ script: - aws cloudformation validate-template --template-body file://templates/solace.template - aws cloudformation validate-template --template-body file://templates/nodecreate.template - yaml-lint -n templates/ - - sed -i "s@SolaceDockerImageParameterValue@$SOLACE_DOCKER_URL_PARAMETER_VALUE@g" ci/solace-aws-ha-3az-prod-travistest.json - - sed -i "s@MessageBrokerNodeInstanceTypeParameterValue@$MESSAGEBROKERNODEINSTANCETYPE@g" ci/solace-aws-ha-3az-prod-travistest.json - - sed -i "s@SolaceStackRegionNAME@$AWS_DEFAULT_REGION@g" ci/solace-aws-ha-3az-prod-travistest.json + - #sed -i "s@SolaceDockerImageParameterValue@${SOLACE_DOCKER_URL_PARAMETER_VALUE}@g" ci/solace-aws-ha-3az-prod-travistest.json + - sed -i "s@SolaceDockerImageParameterValue@solace/solace-pubsub-standard:latest@g" ci/solace-aws-ha-3az-prod-travistest.json + - sed -i "s@EventBrokerNodeInstanceTypeParameterValue@${MESSAGEBROKERNODEINSTANCETYPE}@g" ci/solace-aws-ha-3az-prod-travistest.json + - sed -i "s@SolaceStackRegionNAME@${AWS_DEFAULT_REGION}@g" ci/solace-aws-ha-3az-prod-travistest.json - aws s3 mb s3://solace-cf-quickstart-travistest || echo "s3 bucket already existed" - - aws s3 sync . s3://solace-cf-quickstart-travistest/solace/messagebroker/latest --acl public-read + - aws s3 sync . s3://solace-cf-quickstart-travistest/solace/eventbroker/latest --acl public-read - export TESTSTACKPREFIX="T$(date +%s)"; export TESTSTACKNAME="$TESTSTACKPREFIX-sol-aws-travistest"; - - aws cloudformation create-stack --stack-name $TESTSTACKNAME --template-body file://templates/solace-master.template --parameters file://ci/solace-aws-ha-3az-prod-travistest.json --on-failure DELETE --capabilities CAPABILITY_IAM + - aws cloudformation create-stack --stack-name $TESTSTACKNAME --template-body file://templates/solace-master.template --parameters file://ci/solace-aws-ha-3az-prod-travistest.json --on-failure DO_NOTHING --capabilities CAPABILITY_IAM - echo "Waiting for stack create complete" - "travis_wait 30 sleep 1800 &" - until aws cloudformation describe-stacks --stack-name $TESTSTACKNAME | grep -m 1 -E 'CREATE_COMPLETE|DELETE_IN_PROGRESS'; do sleep 10; done @@ -57,12 +58,13 @@ after_success: - echo "YAML linted" - echo "Cloudformation tested" - echo "Messaging tested" - - if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$TRAVIS_BRANCH" = "master" ]; then aws s3 sync . s3://solace-products/solace-aws-ha-quickstart/latest --acl public-read; fi + - if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$TRAVIS_BRANCH" = "master" ]; then aws s3 sync . s3://solace-products/pubsubplus-aws-ha-quickstart/latest --acl public-read; fi after_script: - - aws s3 rb s3://solace-cf-quickstart-travistest --force + - #aws s3 rb s3://solace-cf-quickstart-travistest --force - aws cloudformation delete-stack --stack-name $TESTSTACKNAME - echo "Waiting for stack delete complete" - stackid="$(aws cloudformation describe-stacks --stack-name $TESTSTACKNAME | grep StackId | awk -F '"' '{print $4}')" - if [ -n "$stackid" ]; then until aws cloudformation describe-stacks --stack-name $stackid | grep -m 1 "DELETE_COMPLETE"; do sleep 10; done; fi + - for volume in $(aws ec2 describe-volumes --region ${AWS_DEFAULT_REGION} --filters Name="status",Values="available" --query 'Volumes[*].VolumeId' --output text) ; do aws ec2 delete-volume --volume-id $volume --region ${AWS_DEFAULT_REGION} ; done diff --git a/README.md b/README.md index 47ac568..3ea3cf2 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,16 @@ -[![Build Status](https://travis-ci.org/SolaceProducts/solace-aws-ha-quickstart.svg?branch=master)](https://travis-ci.org/SolaceProducts/solace-aws-ha-quickstart) +[![Build Status](https://travis-ci.org/SolaceProducts/pubsubplus-aws-ha-quickstart.svg?branch=master)](https://travis-ci.org/SolaceProducts/pubsubplus-aws-ha-quickstart) -# Install and Configure Solace PubSub+ Software Message Brokers in an HA Tuple using AWS Cloud Formation +# Install and Configure Solace PubSub+ Software Event Broker in an HA Tuple using AWS Cloud Formation -![alt text](/images/Solace-AWS-HA-Prod-3AZ.png "Production Environment for Solace PubSub+ Software Message Brokers") +![alt text](/images/Solace-AWS-HA-Prod-3AZ.png "Production Environment for Solace PubSub+") -This Quick Start template installs Solace PubSub+ software message brokers in fault tolerant high-availability (HA) redundancy groups. HA redundancy provides 1:1 message broker redundancy to increase overall service availability. If one of the message brokers fails, or is taken out of service, the other one automatically takes over and provides service to the clients that were previously served by the now out-of-service message broker. To increase availability, the message brokers are deployed across 3 availability zones. +This Quick Start template installs Solace PubSub+ Software Event Broker in fault tolerant high-availability (HA) redundancy groups. HA redundancy provides 1:1 event broker redundancy to increase overall service availability. If one of the event brokers fails, or is taken out of service, the other one automatically takes over and provides service to the clients that were previously served by the now out-of-service event broker. To increase availability, the event brokers are deployed across 3 availability zones. -To learn more about message broker redundancy see the [Redundancy Documentation](https://docs.solace.com/Features/SW-Broker-Redundancy-and-Fault-Tolerance.htm ). If you are not familiar with Solace PubSub+ or high-availability configurations it is recommended that you review this document. +To learn more about event broker redundancy see the [Redundancy Documentation](https://docs.solace.com/Features/SW-Broker-Redundancy-and-Fault-Tolerance.htm ). If you are not familiar with Solace PubSub+ or high-availability configurations it is recommended that you review this document. -![alt text](/images/Solace-AWS-HA-PoC-2AZ.png "Proof of Concept Environment for Solace PubSub+ Software Message Brokers") +![alt text](/images/Solace-AWS-HA-PoC-2AZ.png "Proof of Concept Environment for Solace PubSub+ Software Event Broker") -Alternatively this Quick Start can create message brokers in an environment suitable for Proof-of-Concept testing where loss of an AWS Availability Zone will not cause loss of access to mission critical data. +Alternatively this Quick Start can create event brokers in an environment suitable for Proof-of-Concept testing where loss of an AWS Availability Zone will not cause loss of access to mission critical data. To learn more about connectivity to the HA redundancy group see the AWS [VPC Gateway Documentation](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Internet_Gateway.html ). @@ -35,47 +35,47 @@ Below is the list of AWS resources that will be deployed by the Quick Start. Ple Look for `AWS::IAM::Role` in the templates source for the list of required IAM roles to create the stacks. -# How to Deploy a Message Broker in an HA Group +# How to Deploy PubSub+ Software Event Broker in an HA Group This is a two step process: -**Step 1**: Obtain a reference to the Docker image of the Solace PubSub+ message broker to be deployed +**Step 1**: Obtain a reference to the Docker image of the event broker to be deployed -First, decide which [Solace PubSub+ message broker](https://docs.solace.com/Solace-SW-Broker-Set-Up/Setting-Up-SW-Brokers.htm ) and version is suitable to your use case. +First, decide which [Solace PubSub+ Software Event Broker](https://docs.solace.com/Solace-SW-Broker-Set-Up/Setting-Up-SW-Brokers.htm ) edition and version is suitable to your use case. The Docker image reference can be: -* A public or accessible private Docker registry repository name with an optional tag. This is the recommended option if using PubSub+ Standard. The default is to use the latest message broker image [available from Docker Hub](https://hub.docker.com/r/solace/solace-pubsub-standard/ ) as `solace/solace-pubsub-standard:latest`, or use a specific version [tag](https://hub.docker.com/r/solace/solace-pubsub-standard/tags/ ). +* A public or accessible private Docker registry repository name with an optional tag. This is the recommended option if using PubSub+ Software Event Broker Standard. The default is to use the latest event broker image [available from Docker Hub](https://hub.docker.com/r/solace/solace-pubsub-standard/ ) as `solace/solace-pubsub-standard:latest`, or use a specific version [tag](https://hub.docker.com/r/solace/solace-pubsub-standard/tags/ ). * A Docker image download URL - * If using Solace PubSub+ Enterprise Evaluation Edition, go to the Solace Downloads page. For the image reference, copy and use the download URL in the Solace PubSub+ Enterprise Evaluation Edition Docker Images section. + * If using Solace PubSub+ Software Event Broker Enterprise Evaluation Edition, go to the Solace Downloads page. For the image reference, copy and use the download URL in the Solace PubSub+ Software Event Broker Enterprise Evaluation Edition Docker Images section. - | PubSub+ Enterprise Evaluation Edition
Docker Image + | PubSub+ Software Event Broker Enterprise Evaluation Edition
Docker Image | :---: | | 90-day trial version of PubSub+ Enterprise | | [Get URL of Evaluation Docker Image](http://dev.solace.com/downloads#eval ) | * If you have purchased a Docker image of Solace PubSub+ Enterprise, Solace will give you information for how to download the compressed tar archive package from a secure Solace server. Contact Solace Support at support@solace.com if you require assistance. Then you can host this tar archive together with its MD5 on a file server and use the download URL as the image reference. -**Step 2**: Go to the AWS Cloud Formation service and launch the template. The following links are for your convenience and take you directly to the message broker templates. +**Step 2**: Go to the AWS Cloud Formation service and launch the template. The following links are for your convenience and take you directly to the event broker templates. -**Note:** Using `Launch Quick Start (for new VPC)` launches the AWS infrastructure stacks needed with the message broker stack on top (recommended). However, if you have previously launched this Quick Start within your target region and would like to re-deploy just the message broker stack on top of the existing AWS infrastructure stacks, you can use `Launch Quick Start (for existing VPC)`. +**Note:** Using `Launch Quick Start (for new VPC)` launches the AWS infrastructure stacks needed with the event broker stack on top (recommended). However, if you have previously launched this Quick Start within your target region and would like to re-deploy just the event broker stack on top of the existing AWS infrastructure stacks, you can use `Launch Quick Start (for existing VPC)`. - + - + * If you want to take a look under the hood, you can view the AWS CloudFormation template that automates the deployment. You can customize the template during launch or download and extend it for other projects. For that, copy your extended version of `scripts`, `submodules` and `templates` directories in a folder in an S3 bucket and make them public. - + - + @@ -98,27 +98,27 @@ The next screen will allow you to fill in the details for the selected launch op | Parameter label (name) | Default | Description | |----------------------------|-----------|--------------------------------------------------------------------| | Stack name | Solace-HA | Any globally unique name | -| **Solace Configuration** | | | -| Solace Docker image reference (SolaceDockerImage) | solace/solace-pubsub-standard:latest | A reference to the Solace PubSub+ message broker Docker image, from step 1. Either the image name with optional tag in an accessible Docker registry or a download URL. The download URL can be obtained from http://dev.solace.com/downloads/ or it can be a URL to a remotely hosted image version, e.g. on S3 | -| Password to access Solace admin console and SEMP (AdminPassword) | _Requires_ _input_ | Password to allow Solace admin access to configure the message broker instances | -| Container logging format (ContainerLoggingFormat) | graylog | The format of the logs sent by the message broker to the CloudWatch service (see [documentation](https://docs.solace.com/Configuring-and-Managing/SW-Broker-Specific-Config/Docker-Tasks/Configuring-VMR-Container-Logging.htm?Highlight=logging#Config-Out-Form ) for details) | +| **PubSub+ Configuration** | | | +| PubSub+ Docker image reference (SolaceDockerImage) | solace/solace-pubsub-standard:latest | A reference to the Solace PubSub+ event broker Docker image, from step 1. Either the image name with optional tag in an accessible Docker registry or a download URL. The download URL can be obtained from http://dev.solace.com/downloads/ or it can be a URL to a remotely hosted image version, e.g. on S3 | +| Password to access PubSub+ admin console and SEMP (AdminPassword) | _Requires_ _input_ | Password to allow PubSub+ admin access to configure the event broker instances | +| Container logging format (ContainerLoggingFormat) | graylog | The format of the logs sent by the event broker to the CloudWatch service (see [documentation](https://docs.solace.com/Configuring-and-Managing/SW-Broker-Specific-Config/Docker-Tasks/Configuring-VMR-Container-Logging.htm?Highlight=logging#Config-Out-Form ) for details) | | **Network Configuration** | | | | Number of Availability Zones (NumberOfAZs) | 3 | The number of Availability Zones (2 may be used for Proof-of-Concept testing or 3 for Production) you want to use in your deployment. This count must match the number of selections in the Availability Zones parameter; otherwise, your deployment will fail with an AWS CloudFormation template validation error. (Note that some regions provide only one or two Availability Zones.) | | Availability Zones (AvailabilityZones) | _Requires_ _input_ | Choose two or three Availability Zones from this list, which shows the available zones within your selected region. The logical order of your selections is preserved in your deployment. After you make your selections, make sure that the value of the Number of Availability Zones parameter matches the number of selections. | -| Create production ready environment (CreatePrivateSubnets) | true | Whether to create and use Private subnets and accompanying public ELB with health-check, which is recommended for production deployment. In this case SSH access to the Solace message broker nodes is only possible through the bastion hosts. | -| Permitted IP range for SSH Access (SSHAccessCIDR) | _Requires_ _input_ | The CIDR IP range that is permitted to access the message broker nodes via SSH for management purposes. We recommend that you set this value to a trusted IP range. You can use 0.0.0.0/0 for unrestricted access - not recommended for non-production use. | -| Allowed External Access CIDR (RemoteAccessCIDR) | _Requires_ _input_ | The CIDR IP range that is permitted to access the message broker nodes. We recommend that you set this value to a trusted IP range. For example, you might want to grant only your corporate network access to the software. You can use 0.0.0.0/0 for unrestricted access - not recommended for non-production use. | +| Create production ready environment (CreatePrivateSubnets) | true | Whether to create and use Private subnets and accompanying public ELB with health-check, which is recommended for production deployment. In this case SSH access to the PubSub+ event broker nodes is only possible through the bastion hosts. | +| Permitted IP range for SSH Access (SSHAccessCIDR) | _Requires_ _input_ | The CIDR IP range that is permitted to access the event broker nodes via SSH for management purposes. We recommend that you set this value to a trusted IP range. You can use 0.0.0.0/0 for unrestricted access - not recommended for non-production use. | +| Allowed External Access CIDR (RemoteAccessCIDR) | _Requires_ _input_ | The CIDR IP range that is permitted to access the event broker nodes. We recommend that you set this value to a trusted IP range. For example, you might want to grant only your corporate network access to the software. You can use 0.0.0.0/0 for unrestricted access - not recommended for non-production use. | | **Common Amazon EC2 Configuration** | | | | Key Pair Name (KeyPairName) | _Requires_ _input_ | A new or an existing public/private key pair within the AWS Region, which allows you to connect securely to your instances after launch. | -| Boot Disk Capacity (BootDiskSize) | 24 | Amazon EBS storage allocated for the boot disk, in GiBs. The Quick Start supports 8-128 GiB. | -| **Message Broker Instance Configuration** | | | -| Instance Type (MessageBrokerNodeInstanceType) | m4.large | The EC2 instance type for the Solace message broker primary and backup instances in Availability Zones 1 and 2. The m series are recommended for production use.
The available CPU and memory of the selected machine type will limit the maximum connection scaling tier for the Solace message broker. For requirements, refer to the [Solace documentation](https://docs.solace.com/Solace-SW-Broker-Set-Up/Setting-Up-SW-Brokers.htm#Compare) | -| Persistent Storage (MessageBrokerNodeStorage) | 0 | Amazon EBS storage allocated for each block device, in GiBs. The Quick Start supports up to 640 GiB per device. The default value of 0 (zero) indicates emphemeral storage only. A non-zero value will cause a new Provisioned IOPS SSD (io1) disk to be created for message-spool. This disk will not be deleted on stack termination. | +| Boot Disk Capacity (BootDiskSize) | 24 | Amazon event broker storage allocated for the boot disk, in GiBs. The Quick Start supports 8-128 GiB. | +| **Event Broker Instance Configuration** | | | +| Instance Type (EventBrokerNodeInstanceType) | m4.large | The EC2 instance type for the PubSub+ event broker primary and backup instances in Availability Zones 1 and 2. The m series are recommended for production use.
The available CPU and memory of the selected machine type will limit the maximum connection scaling tier for the PubSub+ event broker. For requirements, refer to the [Solace documentation](https://docs.solace.com/Solace-SW-Broker-Set-Up/SW-Broker-Rel-Compat.htm#Connecti) | +| Persistent Storage (EventBrokerNodeStorage) | 0 | Amazon event broker storage allocated for each block device, in GiBs. The Quick Start supports up to 640 GiB per device. The default value of 0 (zero) indicates ephemeral storage only. A non-zero value will cause a new Provisioned IOPS SSD (io1) disk to be created for message-spool. This disk will not be deleted on stack termination. | | **Monitor Instance Configuration** | | | -| Instance Type (MonitorNodeInstanceType) | t2.micro | The EC2 instance type for the Solace message broker monitor instance in Availability Zone 3 (or Availability Zone 2, if you’re using only two zones). | +| Instance Type (MonitorNodeInstanceType) | t2.micro | The EC2 instance type for the PubSub+ event broker monitor instance in Availability Zone 3 (or Availability Zone 2, if you’re using only two zones). | | **AWS Quick Start Configuration** | | | | Quick Start S3 Bucket Name (QSS3BucketName) | solace-products | S3 bucket where the Quick Start templates and scripts are installed. Change this parameter to specify the S3 bucket name you’ve created for your copy of Quick Start assets, if you decide to customize or extend the Quick Start for your own use. | -| Quick Start S3 Key Prefix (QSS3KeyPrefix) | solace-aws-ha-quickstart/latest/ | Specifies the S3 folder for your copy of Quick Start assets. Change this parameter if you decide to customize or extend the Quick Start for your own use. | +| Quick Start S3 Key Prefix (QSS3KeyPrefix) | pubsubplus-aws-ha-quickstart/latest/ | Specifies the S3 folder for your copy of Quick Start assets. Change this parameter if you decide to customize or extend the Quick Start for your own use. | ### Launch option 2: Parameters for deploying into an existing VPC @@ -127,7 +127,7 @@ If you are deploying into an existing VPC, most of the parameters are the same a | Parameter label (name) | Default | Description | |----------------------------|-----------|--------------------------------------------------------------------| | **Network Configuration** | | | -| VPC ID (VPCID) | _Requires_ _input_ | Choose the ID of your existing VPC stack - for a value, refer to the `VPCID` in the "VPCStack"'s `Outputs` tab in the AWS CloudFormation view (e.g., vpc-0343606e). This VPC must exist with the proper configuration for Solace cluster access. | +| VPC ID (VPCID) | _Requires_ _input_ | Choose the ID of your existing VPC stack - for a value, refer to the `VPCID` in the "VPCStack"'s `Outputs` tab in the AWS CloudFormation view (e.g., vpc-0343606e). This VPC must exist with the proper configuration for PubSub+ cluster access. | | Public Subnet IDs (Public SubnetIDs) | _Requires_ _input_ | Choose public subnet IDs in your existing VPC from this list (e.g., subnet-4b8d329f,subnet-bd73afc8,subnet-a01106c2), matching your deployment architecture. | | Private Subnet IDs (PrivateSubnetIDs) | _Requires_ _input_ | Choose private subnet IDs in your existing VPC from this list (e.g., subnet-4b8d329f,subnet-bd73afc8,subnet-a01106c2), matching your deployment architecture. Note: This parameter is ignored if you set the Use private subnets parameter to false, however you must still provide at least one item from the list (any) to satisfy parameter validation. | | Security group allowed to access console SSH (SSHSecurityGroupID) | _Requires_ _input_ | The ID of the security group in your existing VPC that is allowed to access the console via SSH - for a value, refer to the `BastionSecurityGroupID` in the "BastionStack"'s `Outputs` tab in the AWS CloudFormation view (e.g., sg-7f16e910). Note: This parameter is ignored if you set the Use private subnets parameter to false. | @@ -144,28 +144,28 @@ Acknowledge that resources will be created and select [Create] in bottom right c # Stack structure -The Quick Start will create the nested VPC, Bastion, and Solace stacks using their respective templates. The SolaceStack further creates sub-stacks for the deployment of the primary, backup and monitor message brokers. You’ll see all these listed in the AWS CloudFormation console, as illustrated below. Following the links in the Resources tab provides detailed information about the underlying resources. +The Quick Start will create the nested VPC, Bastion, and Solace stacks using their respective templates. The SolaceStack further creates sub-stacks for the deployment of the primary, backup and monitor event brokers. You’ll see all these listed in the AWS CloudFormation console, as illustrated below. Following the links in the Resources tab provides detailed information about the underlying resources. ![alt text](/images/stacks-after-deploy-success.png "Created stacks after deployment") For external access to the deployment (explained in the next sections), the resources of interest are the * the Elastic Load Balancer (ELB), and -* the EC2 instances for the primary, backup, and monitoring message brokers. +* the EC2 instances for the primary, backup, and monitoring event brokers. -For messaging and management access to the active message broker, you will need to note the information about the ELB’s DNS host name, which can be obtained from the `SolaceStack > Resources > ELB, or the EC2 Dashboard > Load Balancing > Load Balancers` section: +For messaging and management access to the active event broker, you will need to note the information about the ELB’s DNS host name, which can be obtained from the `SolaceStack > Resources > ELB, or the EC2 Dashboard > Load Balancing > Load Balancers` section: ![alt text](/images/elb-details.png "ELB details") -For direct SSH access to the individual message brokers, the public DNS host names (elastic IPs) of the EC2 instances of the Bastion Hosts and the private DNS host names of the primary, backup, and monitoring message brokers are required. This can be obtained from the `EC2 Dashboard > Instances > Instances` section: +For direct SSH access to the individual event brokers, the public DNS host names (elastic IPs) of the EC2 instances of the Bastion Hosts and the private DNS host names of the primary, backup, and monitoring event brokers are required. This can be obtained from the `EC2 Dashboard > Instances > Instances` section: ![alt text](/images/ec2-instance-details.png "EC2 instances details") -# Gaining admin access to the message broker +# Gaining admin access to the Solace PubSub+ Software Event Broker -## Using SSH connection to the individual message brokers +## Using SSH connection to the individual event brokers -For persons used to working with Solace PubSub+ message broker console access, this is still available with the AWS EC2 instance: +For persons used to working with event broker console access, this is still available with the AWS EC2 instance: * Copy the Key Pair file used during deployment (KeyPairName) to the Linux Bastion Host. The key must not be publicly viewable. ``` @@ -176,22 +176,22 @@ scp -i ec2-user@:/home/ec2-user ``` ssh -i ec2-user@ ``` -* From the Linux Bastion Host, SSH to your desired EC2 host that is running the message broker. +* From the Linux Bastion Host, SSH to your desired EC2 host that is running the event broker. ``` ssh -i ec2-user@ ``` -* From the host, log into the Solace CLI +* From the host, log into the PubSub+ CLI ``` sudo docker exec -it solace /usr/sw/loads/currentload/bin/cli -A ``` ## Management tools access through the ELB -Non-CLI [management tools](https://docs.solace.com/Management-Tools.htm ) can access the message broker cluster through the ELB’s public DNS host name at port 8080. Use the user `admin` and the password you set for the "AdminPassword". +Non-CLI [management tools](https://docs.solace.com/Management-Tools.htm ) can access the event broker cluster through the ELB’s public DNS host name at port 8080. Use the user `admin` and the password you set for the "AdminPassword". -# Message Broker Logs +# Event Broker Logs -Both host and container logs get logged to [Amazon CloudWatch](https://aws.amazon.com/cloudwatch/ ) on the region where the deployment occurred. The message broker logs can be found under the `*/solace.log` log stream. The `ContainerLoggingFormat` field can be used to control the log output format. +Both host and container logs get logged to [Amazon CloudWatch](https://aws.amazon.com/cloudwatch/ ) on the region where the deployment occurred. The event broker logs can be found under the `*/solace.log` log stream. The `ContainerLoggingFormat` field can be used to control the log output format. ![alt text](/images/CloudWatch_logging.png "CloudWatch Logging") @@ -201,9 +201,9 @@ Quick Starts are automated reference deployments for key workloads on the AWS Cl # Testing data access to the HA cluster -To test data traffic though the newly created message broker instances, visit the Solace developer portal and select your preferred API or protocol to [send and receive messages](http://dev.solace.com/get-started/send-receive-messages/). Under each language there is a Publish/Subscribe tutorial that will help you get started. +To test data traffic though the newly created event broker instances, [visit the Solace developer portal and select your preferred API or protocol](//dev.solace.com/get-started/send-receive-messages/) to send and receive messages. Under each language there is a Publish/Subscribe tutorial that will help you get started. -For data, the message broker cluster can be accessed through the ELB’s public DNS host name and the API or protocol specific port. +For data, the event broker cluster can be accessed through the ELB’s public DNS host name and the API or protocol specific port. ![alt text](/images/solace_tutorial.png "getting started publish/subscribe") @@ -223,6 +223,6 @@ This project is licensed under the Apache License, Version 2.0. - See the [LICEN For more information about Solace PubSub+ technology in general please visit these resources: -- The Solace Developer Portal website at: http://dev.solace.com -- Understanding [Solace technology.](http://dev.solace.com/tech/) -- Ask the [Solace community](http://dev.solace.com/community/). +- The Solace Developer Portal website at: [solace.dev](//solace.dev/) +- Understanding [Solace technology](//solace.com/products/platform/) +- Ask the [Solace community](//dev.solace.com/community/). diff --git a/ci/solace-aws-ha-3az-prod-travistest.json b/ci/solace-aws-ha-3az-prod-travistest.json index 48c2019..16ed1c1 100644 --- a/ci/solace-aws-ha-3az-prod-travistest.json +++ b/ci/solace-aws-ha-3az-prod-travistest.json @@ -28,12 +28,12 @@ "ParameterValue": "24" }, { - "ParameterKey": "MessageBrokerNodeInstanceType", - "ParameterValue": "MessageBrokerNodeInstanceTypeParameterValue" + "ParameterKey": "EventBrokerNodeInstanceType", + "ParameterValue": "EventBrokerNodeInstanceTypeParameterValue" }, { - "ParameterKey": "MessageBrokerNodeStorage", - "ParameterValue": "0" + "ParameterKey": "EventBrokerNodeStorage", + "ParameterValue": "20" }, { "ParameterKey": "MonitorNodeInstanceType", @@ -57,6 +57,6 @@ }, { "ParameterKey": "QSS3KeyPrefix", - "ParameterValue": "solace/messagebroker/latest/" + "ParameterValue": "solace/eventbroker/latest/" } ] diff --git a/scripts/gen-cluster-hosts.sh b/scripts/gen-cluster-hosts.sh index f99d1aa..9b48d9b 100644 --- a/scripts/gen-cluster-hosts.sh +++ b/scripts/gen-cluster-hosts.sh @@ -20,7 +20,7 @@ # instance. # # The assumption is that the Cloudformation Stack deploys 2 autoscaling groups. -# MessageBroker (/tmp/routers) +# EventBroker (/tmp/routers) # MonitorNodes (/tmp/monitors) # # The complete list of hosts for this stack is saved @@ -85,9 +85,9 @@ done # The different models will have slightly different labels for the # nodes associated with each group ... but it's simple to handle both cases. #pwd -grep -q -e "-MessageBroker.*Stack-" ${SOLACE_HOSTS_FILE} +grep -q -e "-EventBroker.*Stack-" ${SOLACE_HOSTS_FILE} if [ $? -eq 0 ] ; then - grep -e "-MessageBroker.*Stack-" ${SOLACE_HOSTS_FILE} \ + grep -e "-EventBroker.*Stack-" ${SOLACE_HOSTS_FILE} \ | awk '{print $1" ROUTERNODE"NR-1" "$2" "$3" "$4}' > /tmp/routers else cp ${SOLACE_HOSTS_FILE} /tmp/routers diff --git a/scripts/install-solace.sh b/scripts/install-solace.sh index 2b4e943..cb38fa5 100644 --- a/scripts/install-solace.sh +++ b/scripts/install-solace.sh @@ -40,8 +40,6 @@ logging_format="" logging_group="" logging_stream="" -verbose=0 - while getopts "c:d:p:s:u:v:f:g:r:" opt; do case "$opt" in c) config_file=$OPTARG @@ -68,7 +66,6 @@ done shift $((OPTIND-1)) [ "$1" = "--" ] && shift -verbose=1 echo "config_file=$config_file , solace_directory=$solace_directory , admin_password_file=$admin_password_file , \ solace_uri=$solace_uri , disk_size=$disk_size , volume=$disk_volume , logging_format=$logging_format , \ logging_group=$logging_group , logging_stream=$logging_stream , Leftovers: $@" @@ -103,6 +100,7 @@ fi ## Try to load solace_uri as a docker registry uri echo "`date` Testing ${solace_uri} for docker registry uri:" if [ -z "`docker pull ${solace_uri}`" ] ; then + # If NOT in this branch then load was successful echo "`date` INFO: Found that ${solace_uri} was not a docker registry uri, retrying if it is a download link" if [[ ${solace_uri} == *"solace.com/download"* ]]; then REAL_LINK=${solace_uri} @@ -189,18 +187,27 @@ chmod 0600 /var/lib/solace/swap swapon -f /var/lib/solace/swap grep -q 'solace\/swap' /etc/fstab || sudo sh -c 'echo "/var/lib/solace/swap none swap sw 0 0" >> /etc/fstab' +echo "`date` INFO: Applying TCP for WAN optimizations" &>> ${LOG_FILE} +echo ' + net.core.rmem_max = 134217728 + net.core.wmem_max = 134217728 + net.ipv4.tcp_rmem = 4096 25165824 67108864 + net.ipv4.tcp_wmem = 4096 25165824 67108864 + net.ipv4.tcp_mtu_probing=1' | sudo tee /etc/sysctl.d/98-solace-sysctl.conf +sudo sysctl -p /etc/sysctl.d/98-solace-sysctl.conf + cd ${solace_directory} host_name=`hostname` host_info=`grep ${host_name} ${config_file}` -local_role=`echo $host_info | grep -o -E 'Monitor|MessageBrokerPrimary|MessageBrokerBackup'` +local_role=`echo $host_info | grep -o -E 'Monitor|EventBrokerPrimary|EventBrokerBackup'` -primary_stack=`cat ${config_file} | grep MessageBrokerPrimary | rev | cut -d "-" -f1 | rev | tr '[:upper:]' '[:lower:]'` -backup_stack=`cat ${config_file} | grep MessageBrokerBackup | rev | cut -d "-" -f1 | rev | tr '[:upper:]' '[:lower:]'` +primary_stack=`cat ${config_file} | grep EventBrokerPrimary | rev | cut -d "-" -f1 | rev | tr '[:upper:]' '[:lower:]'` +backup_stack=`cat ${config_file} | grep EventBrokerBackup | rev | cut -d "-" -f1 | rev | tr '[:upper:]' '[:lower:]'` monitor_stack=`cat ${config_file} | grep Monitor | rev | cut -d "-" -f1 | rev | tr '[:upper:]' '[:lower:]'` # Get the IP addressed for node -for role in Monitor MessageBrokerPrimary MessageBrokerBackup +for role in Monitor EventBrokerPrimary EventBrokerBackup do role_info=`grep ${role} ${config_file}` role_name=${role_info%% *} @@ -209,10 +216,10 @@ do Monitor ) MONITOR_IP=${role_ip} ;; - MessageBrokerPrimary ) + EventBrokerPrimary ) PRIMARY_IP=${role_ip} ;; - MessageBrokerBackup ) + EventBrokerBackup ) BACKUP_IP=${role_ip} ;; esac @@ -224,21 +231,31 @@ case $local_role in ROUTER_NAME="monitor${monitor_stack}" REDUNDANCY_CFG="" ;; - MessageBrokerPrimary ) + EventBrokerPrimary ) NODE_TYPE="message_routing" ROUTER_NAME="primary${primary_stack}" REDUNDANCY_CFG="--env redundancy_matelink_connectvia=${BACKUP_IP} --env redundancy_activestandbyrole=primary --env configsync_enable=yes" is_primary="true" ;; - MessageBrokerBackup ) + EventBrokerBackup ) NODE_TYPE="message_routing" ROUTER_NAME="backup${backup_stack}" REDUNDANCY_CFG="--env redundancy_matelink_connectvia=${PRIMARY_IP} --env redundancy_activestandbyrole=backup --env configsync_enable=yes" ;; esac -if [ $disk_size == "0" ]; then - SPOOL_MOUNT="-v internalSpool:/usr/sw/internalSpool -v adbBackup:/usr/sw/adb -v softAdb:/usr/sw/internalSpool/softAdb" +# Setup password file permissions +chown -R 1000001 $(dirname ${admin_password_file}) +chmod 700 $(dirname ${admin_password_file}) + +if [[ ${disk_size} == "0" ]]; then + #Create new volumes that the PubSub+ Message Broker container can use to consume and store data. + docker volume create --name=jail + docker volume create --name=var + docker volume create --name=softAdb + docker volume create --name=diagnostics + docker volume create --name=internalSpool + SPOOL_MOUNT="-v jail:/usr/sw/jail -v var:/usr/sw/var -v softAdb:/usr/sw/internalSpool/softAdb -v diagnostics:/var/lib/solace/diags -v internalSpool:/usr/sw/internalSpool" else echo "`date` Create primary partition on new disk" ( @@ -252,56 +269,70 @@ else mkfs.xfs ${disk_volume}1 -m crc=0 UUID=`blkid -s UUID -o value ${disk_volume}1` - echo "UUID=${UUID} /opt/pubsubplus xfs defaults 0 0" >> /etc/fstab + echo "UUID=${UUID} /opt/pubsubplus xfs defaults,uid=1000001 0 0" >> /etc/fstab mkdir /opt/pubsubplus + mkdir /opt/pubsubplus/jail + mkdir /opt/pubsubplus/var + mkdir /opt/pubsubplus/softAdb + mkdir /opt/pubsubplus/diagnostics + mkdir /opt/pubsubplus/internalSpool mount -a - SPOOL_MOUNT="-v /opt/pubsubplus:/usr/sw/internalSpool -v /opt/pubsubplus:/usr/sw/adb -v /opt/pubsubplus:/usr/sw/internalSpool/softAdb" + chown 1000001 -R /opt/pubsubplus/ + SPOOL_MOUNT="-v /opt/pubsubplus/jail:/usr/sw/jail -v /opt/pubsubplus/var:/usr/sw/var -v /opt/pubsubplus/softAdb:/usr/sw/internalSpool/softAdb -v /opt/pubsubplus/diagnostics:/var/lib/solace/diags -v /opt/pubsubplus/internalSpool:/usr/sw/internalSpool" fi -# Start up the SolOS docker instance with HA config keys -echo "`date` INFO: Executing 'docker create'" +#Define a create script +tee ~/docker-create <<-EOF +#!/bin/bash docker create \ - --uts=host \ - --shm-size=${shmsize} \ - --ulimit core=-1 \ - --ulimit memlock=-1 \ - --ulimit nofile=${ulimit_nofile} \ - --net=host \ - --restart=always \ - -v jail:/usr/sw/jail \ - -v var:/usr/sw/var \ - -v /mnt/pubsubplus/secrets:/run/secrets \ - ${SPOOL_MOUNT} \ - --log-driver=awslogs \ - --log-opt awslogs-group=${logging_group} \ - --log-opt awslogs-stream=${logging_stream} \ - --env "system_scaling_maxconnectioncount=${maxconnectioncount}" \ - --env "logging_debug_output=all" \ - --env "logging_debug_format=${logging_format}" \ - --env "logging_command_output=all" \ - --env "logging_command_format=${logging_format}" \ - --env "logging_system_output=all" \ - --env "logging_system_format=${logging_format}" \ - --env "logging_event_output=all" \ - --env "logging_event_format=${logging_format}" \ - --env "logging_kernel_output=all" \ - --env "logging_kernel_format=${logging_format}" \ - --env "nodetype=${NODE_TYPE}" \ - --env "routername=${ROUTER_NAME}" \ - --env "username_admin_globalaccesslevel=admin" \ - --env "username_admin_passwordfilepath=$(basename ${admin_password_file})" \ - --env "service_ssh_port=2222" \ - ${REDUNDANCY_CFG} \ - --env "redundancy_group_passwordfilepath=$(basename ${admin_password_file})" \ - --env "redundancy_enable=yes" \ - --env "redundancy_group_node_primary${primary_stack}_nodetype=message_routing" \ - --env "redundancy_group_node_primary${primary_stack}_connectvia=${PRIMARY_IP}" \ - --env "redundancy_group_node_backup${backup_stack}_nodetype=message_routing" \ - --env "redundancy_group_node_backup${backup_stack}_connectvia=${BACKUP_IP}" \ - --env "redundancy_group_node_monitor${monitor_stack}_nodetype=monitoring" \ - --env "redundancy_group_node_monitor${monitor_stack}_connectvia=${MONITOR_IP}" \ - --name=solace ${SOLACE_IMAGE_ID} - + --uts=host \ + --shm-size=${shmsize} \ + --ulimit core=-1 \ + --ulimit memlock=-1 \ + --ulimit nofile=${ulimit_nofile} \ + --net=host \ + --restart=always \ + -v /mnt/pubsubplus/secrets:/run/secrets \ + ${SPOOL_MOUNT} \ + --log-driver awslogs \ + --log-opt awslogs-group=${logging_group} \ + --log-opt awslogs-stream=${logging_stream} \ + --env "system_scaling_maxconnectioncount=${maxconnectioncount}" \ + --env "logging_debug_output=all" \ + --env "logging_debug_format=${logging_format}" \ + --env "logging_command_output=all" \ + --env "logging_command_format=${logging_format}" \ + --env "logging_system_output=all" \ + --env "logging_system_format=${logging_format}" \ + --env "logging_event_output=all" \ + --env "logging_event_format=${logging_format}" \ + --env "logging_kernel_output=all" \ + --env "logging_kernel_format=${logging_format}" \ + --env "nodetype=${NODE_TYPE}" \ + --env "routername=${ROUTER_NAME}" \ + --env "username_admin_globalaccesslevel=admin" \ + --env "username_admin_passwordfilepath=$(basename ${admin_password_file})" \ + --env "service_ssh_port=2222" \ + --env "service_webtransport_port=8008" \ + --env "service_webtransport_tlsport=1443" \ + --env "service_semp_tlsport=1943" \ + ${REDUNDANCY_CFG} \ + --env "redundancy_authentication_presharedkey_key=`cat ${admin_password_file} | awk '{x=$0;for(i=length;i<51;i++)x=x "0";}END{print x}' | base64`" \ + --env "redundancy_enable=yes" \ + --env "redundancy_group_node_primary${primary_stack}_nodetype=message_routing" \ + --env "redundancy_group_node_primary${primary_stack}_connectvia=${PRIMARY_IP}" \ + --env "redundancy_group_node_backup${backup_stack}_nodetype=message_routing" \ + --env "redundancy_group_node_backup${backup_stack}_connectvia=${BACKUP_IP}" \ + --env "redundancy_group_node_monitor${monitor_stack}_nodetype=monitoring" \ + --env "redundancy_group_node_monitor${monitor_stack}_connectvia=${MONITOR_IP}" \ + --name=solace ${SOLACE_IMAGE_ID} +EOF + +#Make the file executable +chmod +x ~/docker-create + +echo "`date` INFO: Creating the Solace container" +~/docker-create # Start the solace service and enable it at system start up. chkconfig --add solace-pubsubplus diff --git a/scripts/semp_query.sh b/scripts/semp_query.sh index a0f4faa..b5ba51d 100644 --- a/scripts/semp_query.sh +++ b/scripts/semp_query.sh @@ -11,61 +11,65 @@ url="" value_search="" script_name=$0 -verbose=0 while getopts "c:n:p:q:u:v:" opt; do - case "$opt" in - c) count_search=$OPTARG - ;; - n) name=$OPTARG - ;; - p) password=$OPTARG - ;; - q) query=$OPTARG - ;; - u) url=$OPTARG - ;; - v) value_search=$OPTARG - ;; - esac + case "$opt" in + c) count_search=$OPTARG + ;; + n) name=$OPTARG + ;; + p) password=$OPTARG + ;; + q) query=$OPTARG + ;; + u) url=$OPTARG + ;; + v) value_search=$OPTARG + ;; + esac done shift $((OPTIND-1)) [ "$1" = "--" ] && shift -verbose=1 -echo "`date` INFO:${script_name}: count_search=${count_search} ,name=${name} ,password=xxx query=${query} \ - ,url=${url} ,value_search=${value_search} ,Leftovers: $@" >&2 +#echo "`date` INFO:${script_name}: count_search=${count_search} ,name=${name} ,password=xxx query=${query} \ +# ,url=${url} ,value_search=${value_search} ,Leftovers: $@" >&2 if [[ ${url} = "" || ${name} = "" || ${password} = "" || ${query} = "" ]]; then - echo "`date` ERROR:${script_name}: url, name, password and query are madatory fields" >&2 - echo '{"errorInfo":"missing parameter"}' - exit 1 - fi + echo "`date` ERROR:${script_name}: url, name, password and query are madatory fields" >&2 + echo "{\"errorInfo\":\"missing parameter\"}" + exit 1 +fi +if [ `curl --write-out '%{http_code}' --silent --output /dev/null -u ${name}:${password} ${url}` != "200" ] ; then + echo "{\"errorInfo\":\"management host is not responding\"}" + exit 1 +fi query_response=`curl -u ${name}:${password} ${url} -d "${query}"` +# Validate first char of response is "<", otherwise no hope of being valid xml +if [[ ${query_response:0:1} != "<" ]] ; then + echo "{\"errorInfo\":\"no valid xml returned\"}" + exit 1 +fi query_response_code=`echo $query_response | xmllint -xpath 'string(/rpc-reply/execute-result/@code)' -` if [[ -z ${query_response_code} && ${query_response_code} != "ok" ]]; then - echo "`date` ERROR:${script_name}: Query failed -${query_response}-" >&2 - echo "{\"errorInfo\":\"query failed -${query_response_code}-\"}" - exit 1 + echo "{\"errorInfo\":\"query failed -${query_response_code}-\"}" + exit 1 fi -echo "`date` INFO:${script_name}: Query passed ${query_response_code}" >&2 +#echo "`date` INFO:${script_name}: Query passed ${query_response_code}" >&2 if [[ ! -z $value_search ]]; then - value_result=`echo $query_response | xmllint -xpath "string($value_search)" -` - echo "`date` INFO:${script_name}: Value search $value_search returned ${value_result}" >&2 - echo "{\"errorInfo\":\"\",\"valueSearchResult\":\"${value_result}\"}" - exit 0 + value_result=`echo $query_response | xmllint -xpath "string($value_search)" -` + echo "{\"errorInfo\":\"\",\"valueSearchResult\":\"${value_result}\"}" + exit 0 fi if [[ ! -z $count_search ]]; then - count_line=`echo $query_response | xmllint -xpath "$count_search" -` - count_string=`echo $count_search | cut -d '"' -f 2` - count_result=`echo ${count_line} | tr "><" "\n" | grep -c ${count_string}` - echo -e "`date` INFO:${script_name}: \n\t count search: $count_search \n\t count_line: ${count_line} \n\t count_string: ${count_string} \n\t count_result: ${count_result}" >&2 - echo "{\"errorInfo\":\"\",\"countSearchResult\":${count_result}}" - exit 0 + count_line=`echo $query_response | xmllint -xpath "$count_search" -` + count_string=`echo $count_search | cut -d '"' -f 2` + count_result=`echo ${count_line} | tr "><" "\n" | grep -c ${count_string}` + echo "{\"errorInfo\":\"\",\"countSearchResult\":${count_result}}" + exit 0 fi diff --git a/templates/nodecreate.template b/templates/nodecreate.template index 0bbe776..d74b4eb 100644 --- a/templates/nodecreate.template +++ b/templates/nodecreate.template @@ -88,7 +88,7 @@ "QSS3KeyPrefix": { "AllowedPattern": "^[0-9a-zA-Z-/]*$", "ConstraintDescription": "Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", - "Default": "solace-aws-ha-quickstart/latest/", + "Default": "pubsubplus-aws-ha-quickstart/latest/", "Description": "S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", "Type": "String" }, @@ -100,52 +100,52 @@ "Mappings": { "AWSAMIRegionMap": { "AMI": { - "AMZNLINUXHVM": "amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2" + "AMZNLINUXHVM": "amzn-ami-hvm-2018.03.0.20190611-x86_64-gp2" }, "ap-northeast-1": { - "AMZNLINUXHVM": "ami-00a5245b4816c38e6" + "AMZNLINUXHVM": "ami-079e6fb1e856e80c1" }, "ap-northeast-2": { - "AMZNLINUXHVM": "ami-00dc207f8ba6dc919" + "AMZNLINUXHVM": "ami-0e4a253fb5f082688" }, "ap-south-1": { - "AMZNLINUXHVM": "ami-0ad42f4f66f6c1cc9" + "AMZNLINUXHVM": "ami-01e074f40dfb9999d" }, "ap-southeast-1": { - "AMZNLINUXHVM": "ami-05b3bcf7f311194b3" + "AMZNLINUXHVM": "ami-0d9233e8ce73df7b2" }, "ap-southeast-2": { - "AMZNLINUXHVM": "ami-02fd0b06f06d93dfc" + "AMZNLINUXHVM": "ami-0c91f97cadcc8499e" }, "ca-central-1": { - "AMZNLINUXHVM": "ami-07423fb63ea0a0930" + "AMZNLINUXHVM": "ami-003a0ba7ea76b2785" }, "eu-central-1": { - "AMZNLINUXHVM": "ami-0cfbf4f6db41068ac" + "AMZNLINUXHVM": "ami-0ab838eeee7f316eb" }, "eu-west-1": { - "AMZNLINUXHVM": "ami-08935252a36e25f85" + "AMZNLINUXHVM": "ami-071f4ce599deff521" }, "eu-west-2": { - "AMZNLINUXHVM": "ami-01419b804382064e4" + "AMZNLINUXHVM": "ami-0e49551fc78560451" }, "eu-west-3": { - "AMZNLINUXHVM": "ami-0dd7e7ed60da8fb83" + "AMZNLINUXHVM": "ami-0ec1d48c59dda554a" }, "sa-east-1": { - "AMZNLINUXHVM": "ami-05145e0b28ad8e0b2" + "AMZNLINUXHVM": "ami-04b202bf877b5027b" }, "us-east-1": { - "AMZNLINUXHVM": "ami-0080e4c5bc078760e" + "AMZNLINUXHVM": "ami-09d069a04349dc3cb" }, "us-east-2": { - "AMZNLINUXHVM": "ami-0cd3dfa4e37921605" + "AMZNLINUXHVM": "ami-0d542ef84ec55d71c" }, "us-west-1": { - "AMZNLINUXHVM": "ami-0ec6517f6edbf8044" + "AMZNLINUXHVM": "ami-04bc3da8f14823e88" }, "us-west-2": { - "AMZNLINUXHVM": "ami-01e24be29428c15b2" + "AMZNLINUXHVM": "ami-01460aa81365561fe" } }, "LinuxAMINameMap": { @@ -727,13 +727,13 @@ { "Ref": "ParentStackName" }, - " MessageBrokerPrimaryStack NodeLaunchConfig\n", + " EventBrokerPrimaryStack NodeLaunchConfig\n", "\n", "$AMI_SBIN/wait-for-child-resource.sh ", { "Ref": "ParentStackName" }, - " MessageBrokerBackupStack NodeLaunchConfig\n", + " EventBrokerBackupStack NodeLaunchConfig\n", "\n", "## Now find the private IP addresses of all deployed nodes\n", "## (generating /tmp/solacehosts and /tmp/ files)\n", diff --git a/templates/solace-master.template b/templates/solace-master.template index fabec6c..74cec09 100644 --- a/templates/solace-master.template +++ b/templates/solace-master.template @@ -40,8 +40,8 @@ "default": "Message Broker Instance Configuration" }, "Parameters": [ - "MessageBrokerNodeInstanceType", - "MessageBrokerNodeStorage" + "EventBrokerNodeInstanceType", + "EventBrokerNodeStorage" ] }, { @@ -81,10 +81,10 @@ "BootDiskSize": { "default": "Boot Disk Capacity (GiB)" }, - "MessageBrokerNodeInstanceType": { + "EventBrokerNodeInstanceType": { "default": "Instance Type" }, - "MessageBrokerNodeStorage": { + "EventBrokerNodeStorage": { "default": "Persistent Storage" }, "MonitorNodeInstanceType": { @@ -156,7 +156,7 @@ "MinValue": "8", "Type": "Number" }, - "MessageBrokerNodeInstanceType": { + "EventBrokerNodeInstanceType": { "AllowedValues": [ "t2.small", "t2.medium", @@ -179,7 +179,7 @@ "Description": "Instance Type for Solace message broker message routing nodes. Note: Make sure that your region supports the selected instance type before continuing", "Type": "String" }, - "MessageBrokerNodeStorage": { + "EventBrokerNodeStorage": { "ConstraintDescription": "No more than 640 GiB per device.", "Default": "0", "Description": "Allocated EBS storage for each block device (in GiB); 0 indicates ephemeral storage only. Non-zero will cause a new io1 disk creation for message-spool which will NOT be deleted on stack termination", @@ -244,7 +244,7 @@ "QSS3KeyPrefix": { "AllowedPattern": "^[0-9a-zA-Z-/]*$", "ConstraintDescription": "Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", - "Default": "solace-aws-ha-quickstart/latest/", + "Default": "pubsubplus-aws-ha-quickstart/latest/", "Description": "S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", "Type": "String" } @@ -416,11 +416,11 @@ "BootDiskSize": { "Ref": "BootDiskSize" }, - "MessageBrokerNodeInstanceType": { - "Ref": "MessageBrokerNodeInstanceType" + "EventBrokerNodeInstanceType": { + "Ref": "EventBrokerNodeInstanceType" }, - "MessageBrokerNodeStorage": { - "Ref": "MessageBrokerNodeStorage" + "EventBrokerNodeStorage": { + "Ref": "EventBrokerNodeStorage" }, "MonitorNodeInstanceType": { "Ref": "MonitorNodeInstanceType" diff --git a/templates/solace.template b/templates/solace.template index 3510362..3b4e2e8 100644 --- a/templates/solace.template +++ b/templates/solace.template @@ -1,6 +1,6 @@ { "AWSTemplateFormatVersion": "2010-09-09", - "Description": "CloudFormation template to deploy Solace PubSub+ HA Message Brokers on AWS. (qs-1nju7g5r0)", + "Description": "CloudFormation template to deploy Solace PubSub+ HA Event Brokers on AWS. (qs-1nju7g5r0)", "Metadata": { "AWS::CloudFormation::Interface": { "ParameterGroups": [ @@ -32,10 +32,10 @@ ] }, { - "Label": { "default": "Message Broker Instance Configuration" }, + "Label": { "default": "Event Broker Instance Configuration" }, "Parameters": [ - "MessageBrokerNodeInstanceType", - "MessageBrokerNodeStorage" + "EventBrokerNodeInstanceType", + "EventBrokerNodeStorage" ] }, { @@ -63,10 +63,10 @@ "BootDiskSize": { "default": "Boot Disk Capacity (GiB)" }, - "MessageBrokerNodeInstanceType": { + "EventBrokerNodeInstanceType": { "default": "Instance Type" }, - "MessageBrokerNodeStorage": { + "EventBrokerNodeStorage": { "default": "Persistent Storage" }, "MonitorNodeInstanceType": { @@ -136,7 +136,7 @@ "MinValue": "8", "Type": "Number" }, - "MessageBrokerNodeInstanceType": { + "EventBrokerNodeInstanceType": { "AllowedValues": [ "t2.small", "t2.medium", @@ -159,7 +159,7 @@ "Description": "Instance Type for Solace message broker message routing nodes. Note: Make sure that your region supports the selected instance type before continuing", "Type": "String" }, - "MessageBrokerNodeStorage": { + "EventBrokerNodeStorage": { "ConstraintDescription": "No more than 640 GiB per device.", "Default": "0", "Description": "Allocated EBS storage for each block device (in GiB); 0 indicates ephemeral storage only. Non-zero will cause a new io1 disk creation for message-spool which will NOT be deleted on stack termination", @@ -244,7 +244,7 @@ "QSS3KeyPrefix": { "AllowedPattern": "^[0-9a-zA-Z-/]*$", "ConstraintDescription": "Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", - "Default": "solace-aws-ha-quickstart/latest/", + "Default": "pubsubplus-aws-ha-quickstart/latest/", "Description": "S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", "Type": "String" } @@ -426,7 +426,7 @@ "Roles": [ { "Ref": "SolaceVMRRole" } ] } }, - "MessageBrokerPrimaryStack": { + "EventBrokerPrimaryStack": { "Type": "AWS::CloudFormation::Stack", "Properties": { "TemplateURL": { @@ -467,13 +467,13 @@ }, "NodeDesignation": "message-router-primary", "NodeInstanceType": { - "Ref": "MessageBrokerNodeInstanceType" + "Ref": "EventBrokerNodeInstanceType" }, "NodeSecurityGroup": { "Fn::Join": [ ",", [ - { "Ref" : "MessageBrokerSecurityGroup" }, + { "Ref" : "EventBrokerSecurityGroup" }, { "Ref" : "SolaceInternalSecurityGroup" }, { "Ref" : "SolaceInternalSecurityGroupMember" }, { "Ref" : "RemoteMgmtSecurityGroup" } @@ -484,7 +484,7 @@ "Ref": "AWS::StackName" }, "PersistentStorage": { - "Ref": "MessageBrokerNodeStorage" + "Ref": "EventBrokerNodeStorage" }, "QSS3BucketName": { "Ref": "QSS3BucketName" @@ -507,7 +507,7 @@ } } }, - "MessageBrokerBackupStack": { + "EventBrokerBackupStack": { "Type": "AWS::CloudFormation::Stack", "Properties": { "TemplateURL": { @@ -548,13 +548,13 @@ }, "NodeDesignation": "message-router-backup", "NodeInstanceType": { - "Ref": "MessageBrokerNodeInstanceType" + "Ref": "EventBrokerNodeInstanceType" }, "NodeSecurityGroup": { "Fn::Join": [ ",", [ - { "Ref" : "MessageBrokerSecurityGroup" }, + { "Ref" : "EventBrokerSecurityGroup" }, { "Ref" : "SolaceInternalSecurityGroup" }, { "Ref" : "SolaceInternalSecurityGroupMember" }, { "Ref" : "RemoteMgmtSecurityGroup" } @@ -565,7 +565,7 @@ "Ref": "AWS::StackName" }, "PersistentStorage": { - "Ref": "MessageBrokerNodeStorage" + "Ref": "EventBrokerNodeStorage" }, "QSS3BucketName": { "Ref": "QSS3BucketName" @@ -714,6 +714,18 @@ "ToPort": "55003", "SourceSecurityGroupId": { "Ref": "SolaceInternalSecurityGroupMember" } }, + { + "IpProtocol": "tcp", + "FromPort": "55443", + "ToPort": "55443", + "SourceSecurityGroupId": { "Ref": "SolaceInternalSecurityGroupMember" } + }, + { + "IpProtocol": "tcp", + "FromPort": "1443", + "ToPort": "1443", + "SourceSecurityGroupId": { "Ref": "SolaceInternalSecurityGroupMember" } + }, { "IpProtocol": "tcp", "FromPort": "8000", @@ -740,8 +752,8 @@ }, { "IpProtocol": "tcp", - "FromPort": "80", - "ToPort": "80", + "FromPort": "8008", + "ToPort": "8008", "SourceSecurityGroupId": { "Ref": "SolaceInternalSecurityGroupMember" } }, { @@ -750,6 +762,12 @@ "ToPort": "8080", "SourceSecurityGroupId": { "Ref": "SolaceInternalSecurityGroupMember" } }, + { + "IpProtocol": "tcp", + "FromPort": "1943", + "ToPort": "1943", + "SourceSecurityGroupId": { "Ref": "SolaceInternalSecurityGroupMember" } + }, { "IpProtocol": "tcp", "FromPort": "5550", @@ -787,13 +805,13 @@ ] } }, - "MessageBrokerSecurityGroup": { + "EventBrokerSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "VpcId": { "Ref": "VPCID" }, - "GroupDescription": "Message Broker Security Group", + "GroupDescription": "Event Broker Security Group", "SecurityGroupIngress": [ { "IpProtocol": "tcp", @@ -811,6 +829,22 @@ "Ref": "RemoteAccessCIDR" } }, + { + "IpProtocol": "tcp", + "FromPort": "55443", + "ToPort": "55443", + "CidrIp": { + "Ref": "RemoteAccessCIDR" + } + }, + { + "IpProtocol": "tcp", + "FromPort": "1443", + "ToPort": "1443", + "CidrIp": { + "Ref": "RemoteAccessCIDR" + } + }, { "IpProtocol": "tcp", "FromPort": "8000", @@ -843,6 +877,14 @@ "Ref": "RemoteAccessCIDR" } }, + { + "IpProtocol": "tcp", + "FromPort": "8008", + "ToPort": "8008", + "CidrIp": { + "Ref": "RemoteAccessCIDR" + } + }, { "IpProtocol": "tcp", "FromPort": "8080", @@ -853,8 +895,8 @@ }, { "IpProtocol": "tcp", - "FromPort": "80", - "ToPort": "80", + "FromPort": "1943", + "ToPort": "1943", "CidrIp": { "Ref": "RemoteAccessCIDR" } @@ -868,7 +910,7 @@ "ClusterInfoCondition": { "Type": "AWS::CloudFormation::WaitCondition", "Condition": "EnableWaitConditions", - "DependsOn": ["MessageBrokerPrimaryStack", "MessageBrokerBackupStack", "MonitorStack"], + "DependsOn": ["EventBrokerPrimaryStack", "EventBrokerBackupStack", "MonitorStack"], "Properties": { "Handle": { "Ref": "ClusterInfoHandle" @@ -879,17 +921,17 @@ }, "ELB": { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", - "DependsOn": ["MessageBrokerPrimaryStack"], + "DependsOn": ["EventBrokerPrimaryStack"], "Condition": "UsePrivateSubnetsCondition", "Properties":{ "SecurityGroups": [ - { "Ref" : "MessageBrokerSecurityGroup" }, + { "Ref" : "EventBrokerSecurityGroup" }, { "Ref" : "SolaceInternalSecurityGroupMember" } ], "Subnets" : { "Ref": "PublicSubnetIDs" }, "Instances" : [ - {"Fn::GetAtt": ["MessageBrokerPrimaryStack","Outputs.EC2ID"]}, - {"Fn::GetAtt": ["MessageBrokerBackupStack","Outputs.EC2ID"]}, + {"Fn::GetAtt": ["EventBrokerPrimaryStack","Outputs.EC2ID"]}, + {"Fn::GetAtt": ["EventBrokerBackupStack","Outputs.EC2ID"]}, {"Fn::GetAtt": ["MonitorStack","Outputs.EC2ID"]} ], "HealthCheck" : { @@ -911,6 +953,14 @@ "InstancePort" : "55003", "Protocol" : "TCP" },{ + "LoadBalancerPort" : "55443", + "InstancePort" : "55443", + "Protocol" : "TCP" + },{ + "LoadBalancerPort" : "1443", + "InstancePort" : "1443", + "Protocol" : "TCP" + },{ "LoadBalancerPort" : "8000", "InstancePort" : "8000", "Protocol" : "TCP" @@ -927,13 +977,17 @@ "InstancePort" : "1883", "Protocol" : "TCP" },{ - "LoadBalancerPort" : "80", - "InstancePort" : "80", - "Protocol" : "HTTP" + "LoadBalancerPort" : "8008", + "InstancePort" : "8008", + "Protocol" : "TCP" },{ "LoadBalancerPort" : "8080", "InstancePort" : "8080", - "Protocol" : "HTTP" + "Protocol" : "TCP" + },{ + "LoadBalancerPort" : "1943", + "InstancePort" : "1943", + "Protocol" : "TCP" } ] }