Yet Another James Green Web Developer, Aquarist

Installing ActiveMQ on Ubuntu

Or, "no, there's no .deb for it yet".

ActiveMQ is a software message queue from the Apache Software Foundation. If you're reading this you most likely know what it is and probably have reasons to use it on an Ubuntu machine but have found out that it does not exist in the perfect world that is, apt-get.

And I did promise the solution, so here it is.

Initially

So, hop over to the download page and select the latest available release tarball and extract it on your server. This concludes the super-simple bit.

Ensure you have java installed. I have the sun-java6-bin and sun-java6-jre packages for this purpose for Ubuntu 9.10 and 10.04.

For Security

Next, you might want to add a dedicated user account which doesn't have much at all. Examine the adduser command options to disable login, disable password and disable the home directory. This adds up to a locked-down user account. Recursively change the ownership of the entire activemq directory firstly to root, then change the data directory to the activemq user you just added.

With sudo, move the entire activemq directory into /opt - this is not particularly standard for Ubuntu but given the ActiveMQ scripts default to /opt/activemq and this package does not originate from a Debian package it seems appropriate enough.

Adding Startup

Next, symlink the init script as provided by ActiveMQ 5.4.0+ from /etc/init.d/activemq:

$ sudo ln -sf /opt/activemq/bin/activemq /etc/init.d/

While here you might as well tell Ubuntu to start ActiveMQ on boot:

$ sudo update-rc.d activemq defaults

Defaults and Local Configuration

Now, let's build a default configuration file:

$ sudo /etc/init.d/activemq setup /etc/default/activemq

And edit the newly generated /etc/default/activemq file. You're looking initially for ACTIVEMQ_USER="". Enter the name of your activemq user between the quotes. Further down, uncomment the lines:

And right underneath that lot:

ACTIVEMQ_SUNJMX_CONTROL="--jmxurl service:jmx:rmi:///jndi/rmi://127.0.0.1:11099/jmxrmi --jmxuser controlRole --jmxpassword abcd1234"
#ACTIVEMQ_SUNJMX_CONTROL=""

# Specify the queue manager URL for using "browse" option of sysv initscript
ACTIVEMQ_QUEUEMANAGERURL="--amqurl tcp://localhost:61616"

Now, you must create the data/jmx.password and data/jmx.access files (use the sample data they provide in the comments immediately above the lines). Ensure that these jmx files are only readable by the activemq user account!

Doing that lot enables the init script to connect to the locally running software via JMX, a management console. Without this configures correctly you're looking at issuing a shutdown command and seeing a ton of Java errors followed by thirty seconds of timeout before the script finally issues a KILL on the pid. Not exactly elegant nor convenient.

That's it. There really isn't anything more to it but I thought I'd better note it as I'd been struggling to understand why the out-of-the-box configuration led to such poor shutdowns on each of my boxes.

Apache ActiveMQ on Linux

I previously blogged about getting ActiveMQ working from an init.d script on Ubuntu Linux. I supplied such a script after finding none in the distribution and those I had found on the Internet did not work for me.

As of version 5.4.0 the ActiveMQ project ships with not only a proper init script but a way of building a default configuration file (a file to bootstrap the java loader and it's configuration files).

To use, simply copy or symlink the bin/activemq script into /etc/init.d/. Ensure it is executable (chmod +x).

Next, call it as /etc/init.d/activemq. By default it lists how it should be used. Copy the /etc/default/activemq file suggested and pass it in with the setup argument. Then edit the file and place your own activemq account username in at the provided blank space - as soon as it can the init script will drop from root down to this non-privileged account.

Remember to have created the activemq account with --disabled-password --no-home-dir --disabled-login for extra security. Also ensure that wherever you place the activemq distribution (/opt/activemq is suggested) you ensure the data sub directory is owned by the activemq user.

Apache ActiveMQ on Ubuntu

I have been frustrated at the lack of Ubuntu support for Apache ActiveMQ. Essentially it works, providing you don't mind manually starting it, then ctrl+x to stop it.

NOTE: An updated page integrating a new ActiveMQ-supplied script has been published.

So I have taken the skeleton init.d script and adapted it to make use of the supplied java wrapper. Here it is:

#! /bin/sh
### BEGIN INIT INFO
# Provides:          Apache ActiveMQ
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Apache ActiveMQ Messageing Queue
# Description:       Manages the Apache ActiveMQ messaging queue java daemon
### END INIT INFO

# Author: James Green <james.mk.green@gmail.com>

# Do NOT "set -e"

# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="Apache Messaging Queue"
NAME=activemq
DIR=/usr/share/activemq
BIN_DIR=$DIR/bin/linux-x86-32
DAEMON=$BIN_DIR/$NAME
DAEMON_START="start xbean:conf/activemq.xml"
DAEMON_STOP="stop"
PIDFILE=$BIN_DIR/ActiveMQ.pid
SCRIPTNAME=/etc/init.d/$NAME

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions

cd $DIR

#
# Function that starts the daemon/service
#
do_start()
{
 # Return
 #   0 if daemon has been started
 #   1 if daemon was already running
 #   2 if daemon could not be started
 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
 || return 1
 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
 $DAEMON_START \
 || return 2
 # Add code here, if necessary, that waits for the process to be ready
 # to handle requests from services started subsequently which depend
 # on this one.  As a last resort, sleep for some time.
}

#
# Function that stops the daemon/service
#
do_stop()
{
 # Return
 #   0 if daemon has been stopped
 #   1 if daemon was already stopped
 #   2 if daemon could not be stopped
 #   other if a failure occurred
 #start-stop-daemon --stop --name $NAME --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_STOP
 RETVAL="$?"
 $DAEMON stop
 [ "$RETVAL" = 2 ] && return 2
 # Wait for children to finish too if this is a daemon that forks
 # and if the daemon is only ever run from this initscript.
 # If the above conditions are not satisfied then add some other code
 # that waits for the process to drop all resources that could be
 # needed by services started subsequently.  A last resort is to
 # sleep for some time.
 start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
 [ "$?" = 2 ] && return 2
 # Many daemons don't delete their pidfiles when they exit.
 rm -f $PIDFILE
 return "$RETVAL"
}

#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
 #
 # If the daemon can reload its configuration without
 # restarting (for example, when it is sent a SIGHUP),
 # then implement that here.
 #
 start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
 return 0
}

case "$1" in
 start)
 [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
 do_start
 case "$?" in
 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
 esac
 ;;
 stop)
 [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
 do_stop
 case "$?" in
 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
 esac
 ;;
 status)
 status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
 ;;
 #reload|force-reload)
 #
 # If do_reload() is not implemented then leave this commented out
 # and leave 'force-reload' as an alias for 'restart'.
 #
 #log_daemon_msg "Reloading $DESC" "$NAME"
 #do_reload
 #log_end_msg $?
 #;;
 restart|force-reload)
 #
 # If the "reload" option is implemented then remove the
 # 'force-reload' alias
 #
 log_daemon_msg "Restarting $DESC" "$NAME"
 do_stop
 case "$?" in
 0|1)
 do_start
 case "$?" in
 0) log_end_msg 0 ;;
 1) log_end_msg 1 ;; # Old process is still running
 *) log_end_msg 1 ;; # Failed to start
 esac
 ;;
 *)
 # Failed to stop
 log_end_msg 1
 ;;
 esac
 ;;
 *)
 #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
 echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
 exit 3
 ;;
esac

:

You will clearly need to adjust your path to match your local environment, add an activemq user account (--disabled-password) and chown the data directory appropriately. Needless to say, use -64 instead of -32 on your 64-bit production servers.

It worked for me using 10.04. Remember that Ubuntu are moving to Upstart so natually an event file would be nice, but for now this gets us started.