尽管代理URL中有0.0.0.0,但ActiveMQ远程连接仍被拒绝 [英] ActiveMQ remote connections refused despite 0.0.0.0 in broker URL
问题描述
我有一个要在Karaf v2.3.3中运行的ActiveMQ v5.7.0代理,我希望启用该代理以进行远程连接。我已将代理URL设置为0.0.0.0:61616,以使其能够侦听网络流量。我已打开防火墙,以允许来自客户端计算机的流量。但是,所有远程连接均被拒绝。快速的netstat似乎告诉我,代理未在localhost之外监听。
I have an ActiveMQ v5.7.0 broker, running in Karaf v2.3.3, that I want to enable for remote connections. I've set the broker URL to 0.0.0.0:61616, to enable it to listen to network traffic. I've opened the firewall to allow the traffic from the client machines. However, all remote connections are being refused. A quick netstat seems to tell me that the broker isn't listening outside of localhost.
jeremy@server:~$ netstat -pan | grep 61616
tcp6 0 0 127.0.0.1:61616 :::* LISTEN -
在经纪人处通过 Hawtio 告诉我,URL看起来应该是应该的。
Looking at the broker via Hawtio tells me that the URL looks as it should.
Transport connectors Openwire: tcp://0.0.0.0:61616?maximumConnections=1000&wireformat.maxFrameSize=104857600
防火墙绝对可以,因为连接被拒绝而不是被丢弃。
The firewall is definitely OK, as the connections are being refused rather than just being dropped.
代理正在正确响应来自本地主机的连接。
The broker is responding correctly to connections from localhost.
2013-10-14 17:34:29 Connected to localhost:61613
这是我从远程连接中得到的错误:-
This is the sort of error I get from remote connections:-
Error connecting to xxx.xxx.xxx.xxx:61613: IO::Socket::INET: connect: Connection refused at /usr/local/share/perl/5.14.2/Net/Stomp.pm line 102.
编辑:添加了telnet输出
EDIT: telnet output added
本地主机端口61613
Localhost port 61613
jeremy@server:~$ telnet localhost 61613
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
远程连接端口61613
Remote connection port 61613
jeremy@other-server:~$ telnet xxx.xxx.xxx.xxx 61613
Trying xxx.xxx.xxx.xxx...
telnet: Unable to connect to remote host: Connection refused
Localhost连接端口61616(这个很有趣)
Localhost connection port 61616 (this one is interesting)
jeremy@server:~$ telnet localhost 61616
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
ðActiveMQ Þ
MaxFrameSizÿÿÿ CacheSize
CacheEnabledSizePrefixDisabled MaxInactivityDurationInitalDelay'TcpNoDelayEnabledMaxInactivityDurationu0TightEncodingEnabledStackTraceEnabledPuTTYConnection closed by foreign host.
远程连接端口61616
Remote connection port 61616
jeremy@other-server:~$ telnet xxx.xxx.xxx.xxx 61616
Trying xxx.xxx.xxx.xxx...
telnet: Unable to connect to remote host: Connection refused
编辑:添加了远程服务器karaf日志输出
EDIT: remote server karaf log output added
2013-10-15 19:00:46,599 | ERROR | c.event.invited] | faultJmsMessageListenerContainer | .DefaultMessageListenerContainer 909 | 69 - org.springframework.jms - 3.2.4.RELEASE | Could not refresh JMS Connection for destination 'Consumer.notifications.VirtualTopic.event.invited' - retrying in 5000 ms. Cause: Error while attempting to add new Connection to the pool; nested exception is javax.jms.JMSException: Could not connect to broker URL: tcp://xxx.xxx.xxx.xxx:61616. Reason: java.net.ConnectException: Connection refused
这里是broker.xml。
Here's the broker.xml.
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0"
xmlns:amq="http://activemq.apache.org/schema/core">
<ext:property-placeholder />
<broker xmlns="http://activemq.apache.org/schema/core"
brokerName="jellyfish-messaging"
dataDirectory="${karaf.data}/activemq/localhost"
useShutdownHook="false"
persistent="true"
schedulerSupport="true"
startAsync="true">
<destinationPolicy>
<policyMap>
<policyEntries>
<policyEntry topic=">" producerFlowControl="true" memoryLimit="1mb">
<pendingSubscriberPolicy>
<vmCursor />
</pendingSubscriberPolicy>
</policyEntry>
<policyEntry queue=">" producerFlowControl="true" memoryLimit="1mb">
</policyEntry>
</policyEntries>
</policyMap>
</destinationPolicy>
<persistenceAdapter>
<kahaDB directory="${karaf.data}/activemq/localhost/kahadb"/>
</persistenceAdapter>
<systemUsage>
<systemUsage>
<memoryUsage>
<memoryUsage limit="64 mb"/>
</memoryUsage>
<storeUsage>
<storeUsage limit="100 gb"/>
</storeUsage>
<tempUsage>
<tempUsage limit="50 gb"/>
</tempUsage>
</systemUsage>
</systemUsage>
<!-- The transport connectors ActiveMQ will listen to -->
<transportConnectors>
<!-- DOS protection, limit concurrent connections to 1000 and frame size to 100MB -->
<transportConnector name="openwire" uri="tcp://0.0.0.0:61616?maximumConnections=1000&wireformat.maxFrameSize=104857600"/>
<transportConnector name="stomp" uri="stomp://0.0.0.0:61613?maximumConnections=1000&wireformat.maxFrameSize=104857600"/>
</transportConnectors>
</broker>
<bean id="jmsConnectionFactory" class="org.apache.activemq.ActiveMQConnectionFactory">
<property name="brokerURL" value="tcp://0.0.0.0:61616" />
</bean>
<bean id="pooledConnectionFactory" class="org.apache.activemq.pool.PooledConnectionFactory">
<property name="maxConnections" value="8" />
<property name="maximumActive" value="500" />
<property name="connectionFactory" ref="jmsConnectionFactory" />
</bean>
<bean id="resourceManager" class="org.apache.activemq.pool.ActiveMQResourceManager" init-method="recoverResource">
<property name="transactionManager" ref="transactionManager" />
<property name="connectionFactory" ref="jmsConnectionFactory" />
<property name="resourceName" value="activemq.localhost" />
</bean>
<bean id="jmsConfig" class="org.apache.camel.component.jms.JmsConfiguration">
<property name="connectionFactory" ref="pooledConnectionFactory" />
<property name="transacted" value="false" />
<property name="concurrentConsumers" value="10" />
</bean>
<bean id="activemq" class="org.apache.activemq.camel.component.ActiveMQComponent">
<property name="configuration" ref="jmsConfig" />
</bean>
<reference id="transactionManager" interface="javax.transaction.TransactionManager" />
<service ref="pooledConnectionFactory" interface="javax.jms.ConnectionFactory">
<service-properties>
<entry key="name" value="localhost"/>
</service-properties>
</service>
</blueprint>
有人可以告诉我我在想什么吗?
Can anyone tell me what I'm missing?
谢谢
J。
推荐答案
I' ve解决了这个问题。
I've solved this. It was neither a problem with the firewall, nor with the ActiveMQ configuration.
其中定义了ActiveMQ代理的Karaf kar文件包括 activemq-web-控制台功能。我们尚未使用此功能,因为我们是Hawtio的粉丝,所以从未对其进行配置。
The Karaf kar file in which the ActiveMQ broker was defined included the activemq-web-console feature. We've not been using this feature, as we're fans of Hawtio, so had never configured it.
根据此博客文章,控制台提出了默认设置,包括在端口61616上侦听。这意味着有两个经纪人在启动时处于竞争状态,而通过网络控制台定义的经纪人通常会获胜。由于默认情况下未将其配置为用于远程访问,因此它仅将端口锁定为本地主机连接。
As per this blog post, the console was coming up with default settings, including listening on port 61616. This meant that two brokers were in a race condition on start-up and the webconsole-defined one was generally winning. Since by default it isn't configured for remote access, it was locking the port for localhost connections only.
赠品是一个名为 $ {activemq的目录。数据} (字面上)位于Karaf主目录中,其中包含第二个Kahadb存储库。我们所有的代理配置都设置为使用 data 目录,并且我们从未专门设置ActiveMQ环境变量,因此这导致我们寻找第二个代理可能来自何处。
The giveaway was a directory called ${activemq.data} (literally) within the Karaf home directory, containing a second Kahadb repository. All of our broker config was set to use the data directory and we've never specifically set the ActiveMQ environment variables, so this led us to look for where a second broker might have come from.
如果我们在Karaf会话中完成了 activemq:list ,它可能会更快地发现它,因为它列出了两个经纪人。
Might have spotted it more quickly had we done activemq:list inside a Karaf session, as it was listing two brokers.
简单的解决方案-从功能XML中删除 activemq-web-console 。
Simple solution - delete activemq-web-console from the features XML.
这篇关于尽管代理URL中有0.0.0.0,但ActiveMQ远程连接仍被拒绝的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
