One Pager: Allowing unwanted ports in an embedded MQ broker to be switched off
(template version: 1.91)
Table of Contents
1.1 Project/Component Working Name2. Project Summary
3. Problem Summary
4. Technical Description
Allowing unwanted services in an embedded MQ broker to be switched off
10 May 2010
There is a requirement that when a MQ broker is embedded in a Glassfish instance which is itself embedded in the user's application it should be possible to reduce the ports opened by the broker to an absolute minimum. It should even be possible to configure the embedded broker so that it opens no ports at all.
This document reviews the various services that are started by default and the ports that they use, and whether they can be disabled using existing functionality. Where a service cannot be disabled, this document proposes changes to make that possible, and discusses the impact this will have on the operation of the broker.
This is not really a problem in that Glassfish will operate perfectly satisfactorily even if it is running services that are not needed and so is listening on ports that are not being used.
However the Glassfish engineering team has a desire that an embedded Glassfish instance be as lightweight an entity as possible, and only opens ports that are actually needed.
In addition, some MQ users monotor the ports opened by a MQ broker and ask what they are all for. Some users report that they are operating in a high-security environment where every open port needs to be accounted for. It is therefore considered desirable to give the user complete control over what ports are opened.
This main justification is that Glassfish engineering has requested it. It is a useful product enhancement, but definitely not an absolute priority.
If a Glassfish V3 instance is started which contains an embedded MQ broker, then by default the following ports are opened:
This document therefore proposes adding new functionality to MQ to prevent the following services being started:
The work defined in this document will include testing to ensure that all the properties mentioned above, including those what are already supported, can be passed to the embedded broker via the resource adapter (or MQ broker lifecycle code), and that they have the expected effect.
This document covers changes to MQ (including the resource adapter and broker lifecycle code) to offer the configuration options described above. It does not cover changes to the Glassfish JMS module or any other part of Glassfish to allow these configuration to be specified by the user and then passed on to MQ. These will be the subject of a separate specification.
This document describes how an embedded MQ broker can be configured to disable various services that are started by default. This document does not consider the circumstances under which it is appropriate to disable these services. In general, it is strongly recommended that these services not be disabled, except for the cluster service, as they will prevent the normal operation and management of the embedded MQ broker.
4.5.1 Public Interfaces
This project adds the following new public interfaces.
Note however that although these interfaces are public, Glassfish users will not use them directly but will configure Glassfish (in a manner which is out of scope of this document) to use these interfaces.
4.5.2 Private interfaces
There are none.
4.5.3 Deprecated/Removed Interfaces
There are none.
This work will require updates to the Message Queue Administration Guide
This work defines new broker configuration properties. These will be configured using Glassfish tools which are out of scope of this document.
Note that if the port mapper, admin service or JMS RMI connector is disabled in a broker, as discussed in this document, then this will have a severe effect on the ability to administer the broker since these services are essential for the normal administration of such a broker.
The features described in this document are not intended for use in clustered or HA deployments and should not be used in such cases, since disabling key services will prevent clustered or HA operation.
This work does not impact internationalization or localization.
This work does not have any impact in packaging.
This work will not have any impact on product installation
4.10.3 Upgrade and Migration
This work will not have any impact on product upgrade and/or migration from prior releases.
This work does not interact with security-related APIs or interfaces. It does not rely on any Java policy or platform user/permission. The feature does not expose any new ports (quite the contrary!).
The changes described in this document will not change the default behaviour, and so will have no impact on backwards compatibility.
4.13.1 Internal Dependencies
The work described in this document is not dependent on any other Glassfish component. However this work does not stand alone; changes to Glassfish are needed to allow the user to configure what services and ports are required using the various properties defined in this document. The changes to Glassfish are covered in a separate document. Those changes will be dependent on the changes described here.
4.13.2 External Dependencies
The work described in this document does not introduce any new dependencies on external components, whether open source or not.
Additional automated MQ system tests will be created to test the changes described in this document and to confirm (using new or existing interfaces) some or all of the ports used by an embedded broker can be disabled if desired.
6.1. Projected AvailabilitySee Milestone schedule.