MQ Engineering Group > MQSeries-1.34 > MQclient.pl

Download:
MQSeries-1.34.tar.gz

Annotate this POD

CPAN RT

New  8
Open  4
View/Report Bugs
Source  

NAME ^

MQclient.pl - Client access program for WebsphereMQ

SYNOPSIS ^

 Mandatory parameters:
 -s|server=ip|hostname    - server running the queueumanager we connect to
 -qm=queuemanager         - queuemanager on server
 -q=queuename             - queue on server
 -ch|channel=channelname  - channel the client connects to
 -p|port=N                - port N the channel is running on
 -t|type=(get|put)        - 'get'-download from queue, 'put'-add to queue, default:"get" 

 Optional parameters:
 -file=filename              - write messages to filename, not defined: STDOUT(if -type=get)
 -file=filename|dir          - read messages from filename/dir (if -type=put)
 -debug=0|1|2                - default is 1 (0=none, 1=filestatus, 2=messages)
 -dump                       - dump the objects with Dumper()
 -wait=#                     - wait # millisec when queue is empty
 -ncount=#                   - process # messages before reporting stat and waiting
 -wl|waitnline='rN1-N2|rN|N' - wait N, randomN or random [N1,N2] millisec between block
                              of ncount messages.
 -wf|waitfull='rN1-N2|rN|N1' - wait # millisecs before retrying if queue is full (default is 1sec)
 -backout                    - do not commit, do a backout to keep message on queue
 -sslkey=dir                 - directory where to find ssl keyrepository made by gsk7ikm, gsk7cmd
                               (need more testing, works for verisign certificates)
 -sslcipherspec=spec         - spec is the cipher used by mq

Press ctrl+c to quit, and then a summary of all transactions will be printed. Please notice the random waiting is very approximate, it is just to create some variance in streams.

SETUP AND TESTING ^

To run this program you need IBM WebsphereMQ client >= v6 and Perl module MQSeries >= 1.23 installed. The MQserver can reside anywhere in your network or on localhost, just ensure the socket you'll use is not firewalled.

 Client needs minimum the following packages:
 MQSeriesRuntime
 MQSeriesClient
 
 Server needs minimum:
 MQSeriesRuntime
 MQSeriesServer

 If you need ssl install on server:
 MQSeriesKeyMan
 gsk7bas (holds gsk7cmd which creates the certificates which is created with script mq-ca.pl)

SETUP A TEST QUEUE ON A WEBSPHEREMQ QUEUEMANAGER

This program is useless without a MQserver to connect to, So if you do not have one around to test with here is a recipe to setup a simple setup. WebsphereMQ has a 60 day free trial period. You can reinstall afterwards to get 60 new days.

Security

The user which runs MQclient.pl on the client is member of mqm group on client. It _MUST_ also exists on mqserver with the same username and being member of group mqm there aswell. Otherwhise you will get MQRC 2035 - 'not authorized to connect' in non SSL mode. With SSL you only get MQRC 2059 - 'MQRC_Q_MGR_NOT_AVAILABLE'.

 MQclient.pl -> put -> MQserver -> get -> MQclient.pl

MQSERVER SETUP

I recommend creating a script which set up the mqserver, This example set up mqserver swolinux using self signed ssl 'NULL_MD5' certificate where all the certificates are generated using gsk7cmd on the same server using the my script mq-ca.pl. See the perldoc on mq-ca.pl.

 root@swolinux$ ./MQmanager-swolinux-sslclient.sh
 (output is abbreviated for readability)
     1 : DEFINE QLOCAL('secana.queue') REPLACE +
       :         DESCR('queue used for secana transactions') +
       :         PUT(ENABLED) +
       :         DEFPRTY(0) +
       :         DEFPSIST(YES) +
       :         GET(ENABLED) +
       :         MAXDEPTH(10000) +
       : *       MAXMSGL(15000) +
       :         DEFSOPT(SHARED) +
       :         NOHARDENBO         +
       :         USAGE(NORMAL) +
       :         NOTRIGGER;
 AMQ8006: WebSphere MQ queue created.
       :
     1 : DIS Q('secana.queue') ALL;
 AMQ8409: Display Queue details.
   QUEUE(secana.queue)                     TYPE(QLOCAL)
   ACCTQ(QMGR)                             ALTDATE(2008-03-05)
   ALTTIME(09.47.27)                       BOQNAME( )
   BOTHRESH(0)                             CLUSNL( )
   CLUSTER( )                              CLWLPRTY(0)
   CLWLRANK(0)                             CLWLUSEQ(QMGR)
   CRDATE(2008-03-04)                      CRTIME(15.49.27)
   CURDEPTH(0)                             DEFBIND(OPEN)
   DEFPRTY(0)                              DEFPSIST(YES)
   DEFSOPT(SHARED)                         DEFTYPE(PREDEFINED)
   DESCR(queue used for secana transactions)
   DISTL(NO)                               GET(ENABLED)
   NOHARDENBO                              INITQ( )
   IPPROCS(0)                              MAXDEPTH(10000)
   MAXMSGL(4194304)                        MONQ(QMGR)
   MSGDLVSQ(PRIORITY)                      NOTRIGGER
   NPMCLASS(NORMAL)                        OPPROCS(0)
   PROCESS( )                              PUT(ENABLED)
   QDEPTHHI(80)                            QDEPTHLO(20)
   QDPHIEV(DISABLED)                       QDPLOEV(DISABLED)
   QDPMAXEV(ENABLED)                       QSVCIEV(NONE)
   QSVCINT(999999999)                      RETINTVL(999999999)
   SCOPE(QMGR)                             SHARE
   STATQ(QMGR)                             TRIGDATA( )
   TRIGDPTH(1)                             TRIGMPRI(0)
   TRIGTYPE(FIRST)                         USAGE(NORMAL)
       :
     1 : DEFINE LISTENER('listener') +
       :         TRPTYPE(TCP) PORT(6666) CONTROL(QMGR) +
       :         DESCR('TCP/IP Listener for this queue-manager') +
       :         REPLACE;
 AMQ8626: WebSphere MQ listener created.
       :
       : * SVRCONN channels are used for clients to connect to
     1 : DEFINE CHANNEL('secana.ssl') +
       :   CHLTYPE(SVRCONN) TRPTYPE(TCP) +
       :   MCAUSER('') +
       :   SSLCAUTH(REQUIRED) +
       : * SSLPEER('OU=Decision Analytics*') +
       :   SSLCIPH('NULL_MD5') +
       :   REPLACE;
 AMQ8014: WebSphere MQ channel created.
       :
     1 : ALTER QMGR SSLKEYR('/var/mqm/ssl/swolinux')
 AMQ8005: WebSphere MQ queue manager changed.
       : * display channel
     1 : DIS CHANNEL('secana.ssl') ALL;
 AMQ8414: Display Channel details.
   CHANNEL(secana.ssl)                     CHLTYPE(SVRCONN)
   ALTDATE(2008-03-05)                     ALTTIME(09.47.27)
   COMPHDR(NONE)                           COMPMSG(NONE)
   DESCR( )                                HBINT(300)
   KAINT(AUTO)                             MAXMSGL(4194304)
   MCAUSER( )                              MONCHL(QMGR)
   RCVDATA( )                              RCVEXIT( )
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SSLCAUTH(REQUIRED)                      SSLCIPH(NULL_MD5)
   SSLPEER( )                              TRPTYPE(TCP)
       :
       : * start channel
     1 : START CHANNEL('secana.ssl')
 AMQ8018: Start WebSphere MQ channel accepted.
       :
       : * start listener
     1 : START LISTENER('listener')
 AMQ8021: Request to start WebSphere MQ Listener accepted. 

     1 : dis listener('listener') all
 AMQ8630: Display listener information details.
   LISTENER(listener)                      CONTROL(QMGR)
   TRPTYPE(TCP)                            PORT(6666)
   IPADDR( )                               BACKLOG(0)
   DESCR(TCP/IP Listener for this queue-manager)
   ALTDATE(2008-03-05)                     ALTTIME(09.53.54)

PUSH DATA TO TEST QUEUE

We now have a channel 'secana.ssl' waiting. First we need to set up the clients we'll use and copy across the client certificate we created with mq-ca.pl with the username which will run MQclient.pl --sslkey (mqsslkeyrepository) is copied to /tmp/mqssl/

 mbj@demolinux$ ./MQclient.pl -s=192.168.2.100 -qm=swolinux -q=secana.queue \
  -channel=secana.ssl -p=6666 --sslkey=/tmp/mqssl/mbj -t=put -file=/raid/scp21_bench/authdata/all
 Connecting to 192.168.2.100:swolinux:secana.queue:secana.ssl:6666
 Will try reading 1412 files from /raid/scp21_bench/authdata/all
 Pushed 100 transactions in 0.15 sec (662.40 trans/sec)
 Pushed 100 transactions in 0.15 sec (662.88 trans/sec)
 Pushed 100 transactions in 0.15 sec (654.99 trans/sec)
 Pushed 100 transactions in 0.16 sec (641.30 trans/sec)
 Pushed 100 transactions in 0.15 sec (652.76 trans/sec)
 Pushed 100 transactions in 0.15 sec (650.14 trans/sec)
 Pushed 100 transactions in 0.16 sec (643.36 trans/sec)
 <ctrl+c>
 Total input 770 transactions in 2.40 sec (320.53 trans/sec)
 Pushed 771 transactions in 2.43 sec (317.52 trans/sec)

if --file points to a directory it pushes all files in directory

You can see how many messages are waiting on the queue with the following command: root@swolinux$ echo "dis q('secana.queue') CURDEPTH;" | runmqsc swolinux : CURDEPTH(771) :

You see there are 188 messages waiting.

GET DATA from TEST QUEUE

MQclient.pl in get mode works as a daemon reading from the queues for a defined period. Add --debug=2 if you like to see the messages.

 mbj@mbjlinux$ ./MQclient.pl -s=192.168.2.100 -qm=swolinux -q=secana.queue \
 -channel=secana.ssl -p=6666 --sslkey=/tmp/mqssl/mbj
 Connecting to 192.168.2.100:swolinux:secana.queue:secana.ssl:6666
 Popped 100 transactions in 0.22 sec (463.16 trans/sec)
 Popped 100 transactions in 0.22 sec (464.90 trans/sec)
 Popped 100 transactions in 0.22 sec (458.82 trans/sec)
 Popped 100 transactions in 0.22 sec (460.90 trans/sec)
 Popped 100 transactions in 0.21 sec (465.57 trans/sec)
 Popped 100 transactions in 0.22 sec (458.80 trans/sec)
 Popped 100 transactions in 0.22 sec (461.81 trans/sec)
 swolinux:secana.queue - is empty
 swolinux:secana.queue - is empty
 <ctrl+c>
 Total output 771 transactions in 4.87 sec (158.47 trans/sec)
 swolinux:secana.queue - is empty

MONITOR QUEUEMANAGER

While communication is running you can browse the channelstatus on queuemanager:

 echo "dis chs('secana.ssl') all" | runmqsc swolinux

AMQ8417: Display Channel Status details. CHANNEL(secana.ssl) CHLTYPE(SVRCONN) BUFSRCVD(20206) BUFSSENT(20205) BYTSRCVD(15818375) BYTSSENT(10909372) CHSTADA(2008-03-05) CHSTATI(10.19.33) COMPHDR(NONE,NONE) COMPMSG(NONE,NONE) COMPRATE(0,0) COMPTIME(0,0) CONNAME(192.168.2.28) CURRENT EXITTIME(0,0) HBINT(300) JOBNAME(0000534000000006) LOCLADDR(::ffff:192.168.2.100(6666)) LSTMSGDA(2008-03-05) LSTMSGTI(10.20.15) MCASTAT(RUNNING) MCAUSER(mbj) MONCHL(OFF) MSGS(20203) RAPPLTAG(MQclient.pl) RQMNAME( ) SSLCERTI(CN=Experian Secana CA,OU=Decision Analytics,O=Experian,L=Oslo,C=NO) SSLKEYDA( ) SSLKEYTI( ) SSLPEER(CN=mbj - client,OU=Decision Analytics,O=Experian,L=Oslo,C=NO) SSLRKEYS(0) STATUS(RUNNING) STOPREQ(NO) SUBSTATE(RECEIVE) XMITQ( )

If the channel is not used, channel status will not show.

SSL KEYREPOSITORY

There are several ways to create ssl certificates, you can optain from a trusted commercial ca-issuer, like verisign (tested well at customer), or you can do it yourselves with openssl, makecert, or IBM's gsk7cmd (command line) or gsk7ikm (java GUI)

Please see the script mq-ca.pl for more info. it uses gsk7cmd.

SSLCIPHERSPEC

We must use the same cipher on each side, below are the different valid ciphers, I've only used NULL_MD5 which is the default, Please look up the Global Security Kit manuals for more info.

 NULL_MD5
 NULL_SHA
 RC4_MD5_EXPORT
 RC4_MD4_US
 RC4_SHA_US
 RC2_MD5_EXPORT
 DES_SHA_EXPORT
 RC4_56_SHA_EXPORT1024
 DES_SHA_EXPORT1024
 TRIPLE_DES_SHA_US
 TLS_RSA_WITH_128_CBC_SHA
 TLS_RSA_WITH_256_CBC_SHA
 TLS_RSA_WITH_DES_CBC_SHA
 TLS_RSA_WITH_3DES_EDE_CBC_SHA
 FIPS_WITH_DES_CBC_SHA
 FIPS_WITH_3DES_EDE_CBC_SHA

AUTHOR ^

Morten Bjørnsvik - morten.bjornsvik@experian-scorex.no - 2006-2008

syntax highlighting: