Google Git
Sign in
apache / qpid-broker-j / refs/heads/6.0.x / . / doc / java-broker / src / docbkx / management / managing / Java-Broker-Management-Managing-Ports.xml
blob: 28d0352fc79ef89c0490f9f6e575a4cde078a936 [file] [log] [blame]
<?xml version="1.0"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="Java-Broker-Management-Managing-Ports">
<title>Ports</title>
<para>Ports provide TCP/IP connectivity for messaging and management. A port is defined to use a
protocol. This can be an AMQP protocol for messaging or HTTP for management.</para>
<para>A port is defined to have one or more transports. A transport can either be plain (TCP) or
SSL (TLS). When SSL is in use, the port can be configured to accept or require client
authentication.</para>
<para>Any number of ports defined to use AMQP or HTTP protocols can be defined.</para>
<para>Ports can only be managed by the HTTP management channel.</para>
<section xml:id="Java-Broker-Management-Managing-Ports-Context">
<title>Context</title>
<para>
<itemizedlist>
<listitem>
<para><emphasis>qpid.port.max_open_connections</emphasis>. The default maximum number
of concurrent connections supported by an AMQP port.</para>
</listitem>
<listitem>
<para><emphasis>qpid.port.amqp.acceptBacklog</emphasis>. The backlog is the maximum
number of pending connections that may be queued by the AMQP port. Once the queue
is full, further connections will be refused. This is a request to the operating system
which may or may not be respected. The operating system itself may impose a ceiling.
<footnote><para>Some Linux distributions govern the ceiling with a <literal>sysctl</literal>
setting <literal>net.core.somaxconn</literal>.</para></footnote></para>
</listitem>
</itemizedlist>
</para>
</section>
<section xml:id="Java-Broker-Management-Managing-Ports-Attributes">
<title>Attributes</title>
<para><itemizedlist>
<listitem>
<para><emphasis>Name the port</emphasis>.</para>
</listitem>
<listitem>
<para><emphasis>Port number</emphasis>.</para>
</listitem>
<listitem>
<para><emphasis>Binding address</emphasis>. Used to limit port binding to a
single network interface.</para>
</listitem>
<listitem>
<para><emphasis>Authentication Provider</emphasis>. The <link linkend="Java-Broker-Concepts-Authentication-Providers">authentication
provider</link> used to authenticate incoming connections.</para>
</listitem>
<listitem>
<para><emphasis>Protocol(s)</emphasis>. A list of protocols to be supported by
the port. For messaging choose one or more AMQP protocols. For management
choose HTTP.</para>
</listitem>
<listitem>
<para><emphasis>Transports</emphasis>. A list of transports supported by the
port. For messaging or HTTP management chose TCP, SSL or both.</para>
</listitem>
<listitem>
<para><emphasis>Enabled/Disabled Cipher Suites</emphasis>. Allows cipher
suites supported by the JVM to be enabled or disabled. The cipher
suite names are those understood by the JVM.
</para>
<para>SSLv3 is disabled by default.</para>
</listitem>
<listitem>
<para><emphasis>Keystore</emphasis>. <link linkend="Java-Broker-Management-Managing-Keystores">Keystore</link>
containing the Broker's private key. Required if SSL is in use.</para>
</listitem>
<listitem>
<para><emphasis>Want/Need Client Auth</emphasis>. Client authentication can be
either accepted if offered (want), or demanded (need). When Client
Certificate Authentication is in use a Truststore must be configured. When
using Client Certificate Authentication it may be desirable to use the <link linkend="Java-Broker-Security-External-Provider">External Authentication
Provider</link>.</para>
</listitem>
<listitem>
<para><emphasis>Truststore</emphasis>. <link linkend="Java-Broker-Management-Managing-Truststores">Trust store</link>
contain an issuer certificate or the public keys of the clients themselves
if peers only is desired.</para>
</listitem>
<listitem>
<para><emphasis>Maximum Open Connections</emphasis>. AMQP ports only. Limits
the number of connections that may be open at any one time.</para>
</listitem>
<listitem>
<para><emphasis>Thread pool size</emphasis>. AMQP ports only. Number of worker threads
used to process AMQP connections during connection negotiation phase.</para>
<para>Defaults to 8.</para>
</listitem>
<listitem>
<para><emphasis>Number of selectors</emphasis>. AMQP ports only. Number of worker threads
used from the thread pool to dispatch I/O activity to the worker threads.</para>
<para>Defaults to one eighth of the thread pool size. Minimum 1.</para>
</listitem>
</itemizedlist></para>
</section>
<section xml:id="Java-Broker-Management-Managing-Ports-Children">
<title>Children</title>
<para>
<itemizedlist>
<listitem>
<para>Connection</para>
</listitem>
</itemizedlist>
</para>
</section>
<section xml:id="Java-Broker-Management-Managing-Ports-Lifecycle">
<title>Lifecycle</title>
<para>Not supported</para>
<important>
<para>When updating an existing port, changes to SSL settings, binding address and port
numbers do not become effective until the Broker is restarted.</para>
</important>
</section>
</section>