In the first blog post we saw how to deploy MQ into IBM Cloud Private. We deployed MQ which created a set of kubernetes resources such as pod, services, statefulsets and a queue manager named “mqdemo2”. In this blog post lets see how to connect to the pod (mqdemo2-ibm-mq-0) outside the cluster and how to connect to the queue manager, put and get messages.

kubectl get all -l release=mqdemo2 shows all the resources deployed by MQ


kubectl get all -l release=mqdemo2

NAME                          DESIRED   CURRENT   AGE
statefulsets/mqdemo2-ibm-mq   1         1         2d

NAME                  READY     STATUS    RESTARTS   AGE
po/mqdemo2-ibm-mq-0   1/1       Running   0          2d

NAME                 TYPE       CLUSTER-IP   EXTERNAL-IP   PORT(S)                         AGE
svc/mqdemo2-ibm-mq   NodePort   10.0.0.158           1414:30455/TCP,9443:30899/TCP   2d

"mqdemo2-ibm-mq-0" is the name of the pod and "svc/mqdemo2-ibm-mq" is the name of the service deployed with two ports 1414 and 9443 for the mqchannel and mqwebconsole respectively.

Pods in kubernetes are not exposed outside the cluster without a service. kubectl expose pod command will let you to expose the pod outside. It creates a service for each of the two ports that we want to access outside.


kubectl expose pod mqdemo2-ibm-mq-0 --port 30455 --name mqchannel --type NodePort
kubectl expose pod mqdemo2-ibm-mq-0 --port 30899 --name mqwebconsole --type NodePort

Having created the service you now need to look up the port numbers that have been allocated to the "NodePort" using the kubectl get all -l release=mqdemo2 command. In the example below the mqchannel is exposed publicly on port 31915 and the mqwebconsole on port 30998.


kubectl get all -l release=mqdemo2

NAME                          DESIRED   CURRENT   AGE
statefulsets/mqdemo2-ibm-mq   1         1         2d

NAME                  READY     STATUS    RESTARTS   AGE
po/mqdemo2-ibm-mq-0   1/1       Running   0          2d

NAME                 TYPE       CLUSTER-IP   EXTERNAL-IP   PORT(S)                         AGE
svc/mqchannel        NodePort   10.0.0.63            30455:31915/TCP                 2d
svc/mqdemo2-ibm-mq   NodePort   10.0.0.158           1414:30455/TCP,9443:30899/TCP   2d
svc/mqwebconsole     NodePort   10.0.0.100           30899:30998/TCP                 2d

MQ Web console can now be accessed using the URL “https://MasterNodeIP:30998/ibmmq/console/”. Log in by typing admin for the user name and password that you provided while deploying MQ. Following figure shows the MQ Web console with a queue manager named "mqdemo2" and other default object that got created while deploying MQ. Using the MQ Web console the queue manager “mqdemo2” can be administered and messages put or retrieved from the queue using the Queue widget.

Following figure shows the MQ Web Console after I have created a queue named “Q1” and svrconn channel named "mqdemo2_svrconn".

Now lets see how to put a messages using a client application to the queue “Q1” of queue manager “mqdemo2” using the svrconn channel “mqdemo2_svrconn”.

set the environment variable "MQSERVER" using the “mqdemo2_svrconn” channel and the exposed mqchannel port 31915 in the client system.


MQSERVER=mqdemo2_svrconn/TCP/MasterNodeIP(31915)

The channel authentication, connection authentication and authority on the objects have to be set appropriately for the client application to put and get message to the queue "Q1". Use sample applications amqsputc and amqsgetc from the client machine to put and retrieve a message into and from the queue “Q1” of “mqdemo2” queue manager running inside the pod.


amqsputc Q1 mqdemo2

Sample AMQSPUT0 start
target queue is Q1
This is a test message

Sample AMQSPUT0 end


amqgetc Q1 mqdemo2

Sample AMQSGET0 start
message 
no more messages
Sample AMQSGET0 end

We have now seen how to connect to the pod and use the queue manager created by the MQ Helm charts.

4 comments on"IBM MQ in IBM Cloud Private (Part 2)"

  1. Bharat khade January 31, 2019

    Hi, I am Bharat Khade working in rsc India ISL labs and setting up OMS 10 with MQ on ICP. I am getting below error while OMS/MQ explorer tries to connect with MQ running in one of the POD.
    “2019-01-31 09:00:30,153:ERRORDTL:Thread-44_INBOXPRG: [1548925230106]com.ibm.msg.client.jms.DetailedJMSSecurityException: JMSWMQ2013: The security authentication was not valid that was supplied for QueueManager ‘omsonicpqmgr’ with connection mode ‘Client’ and host name ‘mqforoms2-ibm-mq(1414)’.

    Could you please let me know why it is throwing this error. Setting mentioned by you above does not have any configurations related to a user for MQ.

    Kindly help.

    • Hi Bharat,

      As mentioned in the blogpost, “The channel authentication, connection authentication and authority on the objects have to be set appropriately for the client application to put and get message to the queue. Since MQ 7.1 Channel authentication is enabled and channels are blocked by default. Hence you will have to have appropriate CHLAUTH rules to indicate which inbound connections are allowed to use your queue manager and which are banned. If it is for testing purpose, the CHLAUTH can be disabled. Ensure to define and set proper authority to the user ID that is establishing connection the queue manager in the host where qmgr is running.

      Please refer to the following technote that details on the cause and solution for JMSWMQ2013.
      https://www-01.ibm.com/support/docview.wss?uid=swg21138961

      Hope it helps.

      Regards,
      Alamelu

  2. Hi How to create a new queue and queuemanager inside the pod.

    • Hi,

      By deploying IBM MQ in IBM Cloud Private, it will by default create a queue manager. In one deployment of MQ there can be only one queue manager, which ideally means only one queue manager inside a pod. If you require another queue manager, you will need to deploy one more MQ.

      Once MQ is deployed. MQ Web console can be accessed using the URL “https://:/ibmmq/console/”. Log into, by typing admin for the user name and Admin password that you provided while deploying MQ. MQ Web Console can now be used to create objects like queues, channels, listener, authinfo. You could also get into the container (Kubectl exec -it bash) where MQ is deployed and use runmqsc to administer MQ.

      Regards,
      Alamelu

Join The Discussion

Your email address will not be published.