This time, I’ll be writing about object permissions only.
Object permissions allow for fine-grained access control to MQ objects (queues, topics, etc.). One can configure an user to only be able to read from one specific queue and only write to another.
They can also be used to setup groups of people acting as MQ administrators, MQ operators, etc.
It is frequently neglected. It is almost always overlooked. It is the ugly duckling of distributed application design. Yes, I am talking about Information Security.
Security should be a compulsory requirement of any application.
IBMMQ has extensive security options for either protecting your MQ infrastructure and securing the information that flows trough MQ in the form of messages.
Security in IBMMQ is a somewhat complex feature, so this will be the first of a series of three articles about MQ’s security features.
Security features were greatly improved in IBMMQ 8.0. The most changed features (user authentication and channel security) will be addressed in future posts.
In the first part of this sub-series of articles about securing your communications with SSL.
Communication between queue managers and between clients and queue manager can and should be encrypted using SSL. This assures that messages being transmitted over the network, if intercepted, cannot be read by unwanted third-parties (or, at least, be very difficult to read).
In the first three articles of this series, I introduced you to IBMMQ and its basic functionalities (queues, local and remote, channels and listeners).
This time, I’ll start complicating things a bit. This time I’ll write about the publish and subscribe feature of IBMMQ.
In the first installment of the IBMMQ Basics, available here, I showed you basic queue creation and usage.
If IBMMQ would only allow local queues to be created and used, it would be less useful. One of the strengths of IBMMQ is the ability to link two or more queue managers and send messages to another queue manager.
In this article, I’m going to show you how to link two queue managers using a remote queues and channels.
IBMMQ is available for Linux for several years and versions. Right now, it is supported on Red Hat Enterprise Linux and compatibles (Oracle Linux, CentOS, etc.) for Intel x86-64, POWER and z/Enterprise architectures, SuSE Linux for the same architectures and Ubuntu Linux on Intel x86-64.
In the following lines, I’ll explain how to install IBMMQ 9.1 (fully licensed version, not trial) on Ubuntu Linux, using Debian packages and on Red Hat Enterprise Linux (and CentOS).
I’ll start this blog with a piece of software I’ve been learning in the past few months: IBMMQ.
Message queuing is a distributed inter-process communication method based on message passing. Typical message queuing systems have mechanisms to ensure messages are delivered to their intended destination and that no messages are lost during transmission and reception.
IBMMQ itself is a market-proven product which has matured as the years went by. It’s now almost an industry standard and it is used in many industries, such as banking, insurance and even the automotive industry.
What is message queuing?
Simply put, message queuing is the mechanism which is used by application to communicate with each other by using messages. The messages are usually sent to a “message broker” (not to be confused with IBM Information Broker, formerly, IBM WebSphere Message Broker, which is an Enterprise Service Bus).
The message broker (in this case, IBMMQ) is responsible for storing messages while in transit (optionally storing them to permanent storage for data recovering purposes) and guaranties delivery. It also has features which enables it to route messages to several destinations at once (in IBMMQ, this is called publish and subscribe).
History
IBMMQ is the natural evolution of IBM’s messaging products. It all started in the 1960s, when IBM released the IBM 7740 Communication Control System and the IBM 7750 Programmed Transmission Control. These were programmable message-switching hardware products, which enabled message-oriented communication between computers.
After, in 1971, IBM released TCAM (Telecommunications Access Method) for its S/360 family of computer systems, andhaving adopted CICS for transaction management, users wanted a way to integrate TCAM with CICS.
These products went through several versions and in 1992, IBM decided to release IBM MQSeries, which incorporated an evolution of the TCAM message-passing engine. MQSeries was later (in 2002) renamed to WebSphere MQ (because of its integration in the WebSphere product family).
The first MQSeries version for distributed systems (the first six releases were for the S/360 and AS/400 computer systems) was named MQSeries 2.0 and was available for OS/2 and AIX. It was released in February 1995.
With version 8.0, IBM dropped the word ‘WebSphere’ from the name and released IBMMQ 8.0 in May 23rd 2014.
The current version is IBMMQ 9.1 and it was released on July 27th 2018.
MQ Releases
IBMMQ is available in two different forms: Continuous Release and a Long Term Support.
Long Term Support releases have the third version number equal to 0 (zero). Continuous Delivery version numbers and in non-zero numbers. For example, IBMMQ 9.0.0 is an LTS version; 9.0.1 is the first CD version for IBMMQ 9.0.
Continuous Delivery versions always contain the latest features and bug fixes; LTS releases are only updated via fix packs and individual bug fixes and include no new features; the only way to update a CD release is to install the new one over the installed version.
This first post is my attempt to explain to you the purpose of this new blog.
I’ve been a systems administrator all my working life and, as such, I’ve accumulated some knowledge about the systems I’ve worked with.
Since I started my professional life, back in 2003, I worked with several Linux and UNIX systems, most notably, Solaris, FreeBSD, and several middleware (BEA/Oracle WebLogic, Apache HTTP Server, WordPress, IBM WebSphere Application Server, IBMMQ and several other minor software products).
This blog is an attempt by me to share some of my knowledge and also as a memory aid for myself.
I just hope you like and read and take advantage of the articles I will publish here.