IBM & Red Hat on AWS

Optimize Messaging with IBM MQ on Red Hat OpenShift Service on AWS

Businesses rely on multiple applications and data sources to keep their operations running smoothly. Effective messaging between these systems is an important aspect for keeping the business running, managing IT strategy, digital transformation, and application modernization.

As companies migrate and modernize on Amazon Web Services (AWS), they need to modernize their messaging infrastructure as well. IBM MQ is a popular choice among customers for messaging due to its support for various protocols and programming languages. To align with their modernization goals, businesses can leverage IBM MQ with Red Hat OpenShift Service on AWS (ROSA).

ROSA is a fully managed application platform that simplifies the deployment of applications by handling cluster lifecycle management. Integrated natively with the AWS console and other AWS services, ROSA supports IBM MQ without requiring customers to manage their own Red Hat OpenShift clusters. This setup allows businesses to focus on delivering value rather than managing infrastructure. ROSA offers efficient deployment, high availability across multiple AWS Availability Zones, and streamlined management with operators and common tooling.

Architecture overview

The architecture for the IBM MQ on ROSA hands-on is illustrated in Figure 1 below:

This image shows the reference architecture of a Red Hat OpenShift Service on AWS (ROSA) cluster deployed across three availability zones, with IBM MQ, a MQ producer and MQ consumer sample applications.

Figure 1. IBM MQ on ROSA hands-on architecture.

Pre-requisites

Follow the steps below to request a free trial of ROSA:

  1. Create a Red Hat account
  2. Request access to a ROSA hands-on experience cluster (figure 2).

Red Hat website with the option to sign-up for a ROSA trial on AWS.

Figure 2. Try Red Hat OpenShift on AWS.

Implementation Steps

Provisioning a ROSA cluster

  1. You’ll be redirected to the Red Hat Hybrid Cloud Console and click Request experience as shown in figure 3. This will provision a ROSA cluster that will be available for 8 hours.

Red Hat hands-on experience website to subtmit the Requesting the AWS ROSA experience.

Figure 3. Requesting the AWS ROSA experience.

  1. When the cluster is ready you will get an email with a link to access the cluster (figure 4).

E-mail showing the hyperlink labeled 'click this link' which takes you to the ROSA trial page.

Figure 4. Confirmation of the ROSA cluster creation.

  1. Access the cluster experience website by clicking the link in the email. Then, select the Access experience button as shown in figure 5.

Red Hat web UI showing the button that says 'Access Experience'.

Figure 5. Accessing the trial ROSA cluster.

This opens with a split pane. The left-hand side shows a text panel with ROSA briefing information. The right-hand side displays a terminal window for logging into the ROSA cluster, as seen in figure 6.

ROSA instructions on one side and the terminal window to execute these instructions in the other side.

Figure 6. ROSA briefing and terminal.

  1. In the left-hand panel select Explore the ROSA environment as shown in figure 7.

Web UI showing the 'Explore the ROSA environment' button that takes you to the instructions to access the ROSA cluster.

Figure 7. Getting to the instructions to access the ROSA cluster.

  1. To access the OpenShift console, you can follow steps 1-6 in the ensuing left-hand panel. For this exercise, you can go directly to step 4 to get the URL for the OpenShift console.
  2. Copy and paste the command into the terminal and hit enter. This will display the ROSA console URL, which may differ from the example shown in figure 8.
rosa describe cluster --cluster rosa-$GUID --output json | jq -r .console.url
Web UI showing the ROSA console URL obtained with the command.

Figure 8. Getting the ROSA console URL.

  1. Copy the console URL and paste it into the address bar in your browser. It should prompt you for a user name and password.
  2. The username is cluster-admin and the password can be found in step 5 from the instructions in the left-hand text panel as shown in figure 9.

Red Hat web UI showing how you can obtain the ROSA console user id and password.

Figure 9. Getting the credentials to access the ROSA console.

You will now have access to your ROSA cluster console.

Deploying IBM MQ on to the ROSA cluster

  1. In the ROSA console, expand Operators in left navigation pane and select Operator Hub.
  2. Search for Web Terminal and click on it. Then click on Install as shown in figure 10.

ROSA console showing the installation of the Web Terminal.

Figure 10. Installing the Web Terminal.

  1. In the next page leave the default options that are enabled and click Install.
  2. Add the IBM Operator Catalog to your ROSA cluster to deploy IBM MQ.
  3. As shown in figure 11, click the ‘+’ button in the top right section of the ROSA console
  4. Paste the YAML template below and click Create. This will take a few minutes to get added.
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: ibm-operator-catalog
  namespace: openshift-marketplace
spec:
  displayName: IBM Operator Catalog
  image: icr.io/cpopen/ibm-operator-catalog:latest
  publisher: IBM
  sourceType: grpc
  updateStrategy:
    registryPoll:
      interval: 45m
ROSA console showing the creation of the IBM operator catalog in the ROSA cluster.

Figure 11. Add the IBM operator catalog to the ROSA cluster.

  1. Once again, in the ROSA console, select Operators and then select OperatorHub.
  2. Search for IBM MQ, select the IBM MQ tile and select Install.
  3. Accept the defaults in the next page and click Install (figure 12).

OpenShift web console showing the installation of the IBM MQ operator via the OperatorHub.

Figure 12. Install IBM MQ via the OperatorHub.

  1. Navigate again to Operators and OperatorHub and search for cert-manager
  2. Install the community supported cert-manager, accepting the defaults and select Install (figure 13).

OpenShift admin console showing the installation of the cert manager via the OperatorHub.

Figure 13. Installing cert-manager Operator via the OperatorHub.

  1. Create a cluster issuer for testing IBM MQ by clicking the ‘+’ button in the top right section of the ROSA console.
  2. Paste the YAML template below and click Create (figure 14).

Note: In a production environment make sure to use a valid certificate issuer.

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: selfsigned-issuer
spec:
  selfSigned: {}
OpenShift admin console showing the creation of a cluster issuer for testing purposes.

Figure 14. Creating a cluster issuer.

  1. Let’s create an OpenShift project to deploy IBM MQ runtime and sample applications.
  2. In the ROSA console (Figure 15), in the left pane, go to Home and select Projects.
  3. Click Create Project, name it mq-demo, then click Create.

Creating a new OpenShift project called mq-demo from the OpenShift admin console.

Figure 15. Creating the mq-demo project in ROSA console.

  1. In your browser window with the ROSA terminal and instructions, copy the command from step 6 in the left pane and paste it into the terminal (see Figure 16).

Using the web terminal to log into the ROSA cluster.

Figure 16. Logging into the ROSA cluster via terminal.

  1. Run the command below to create a secret for IBM MQ authentication. Specify values for mq-admin-password and mq-app-password with passwords of your choice. You will use these in the forthcoming steps.
oc create secret generic qmdemo-passwords --from-literal=dev-admin-password=<mq-admin-password> --from-literal=dev-app-password=<mq-app-password> -n mq-demo

Disclaimer: Please note that the sample configuration and code provided in this blog post is for demonstration purposes only and isn’t intended for production use. The code is not hosted and managed by AWS. We encourage you to review the code to understand how it works. For help with third-party components, please refer to the vendor documentation and support channels.

  1. Copy the YAML file template from the IBM GitHub repository that defines a non-TLS developer channel and its authentication rules for an IBM MQ Queue Manager.
  2. In the ROSA console, click the ‘+’ button in the top right, paste the copied YAML content into the editor, and click Create.
  3. Copy the YAML file template from the IBM GitHub repository to create a self-signed TLS certificate in the mq-demo namespace.
  4. In the ROSA console, click the ‘+’ button in the top right, paste the copied YAML content into the editor, and click Create.
  5. Copy the YAML file template from the IBM GitHub repository to create a QueueManager resource , with a self-signed certificate, manual authentication, and ephemeral storage in the mq-demo namespace.
  6. In the ROSA console, click the ‘+’ button in the top right, paste the copied YAML content into the editor, and click Create.
  7. After a few minutes you should see a qmdemo pod with status running (figure 17).

Validating that the IBM MQ pod is showing status equals to Running via the ROSA admin console.

Figure 17. Validating IBM MQ pods.

  1. In the ROSA console, in the left pane select Operators, then select Installed Operators.
  2. Select Queue Manager then select the qmdemo Queue Manager deployment.
  3. The Admin UI value is your Queue Manager web console URL as shown in Figure 18.

ROSA console showing the URL for the admin UI.

Figure 18. Getting the admin URL for the queue manager.

Deploying sample message producer and consumer applications

Note: The applications below are deployed in the trial ROSA environment hosted by Red Hat. This setup is for demonstration purposes only. It is not intended for use in a customer AWS account or for production use.

  1. Run the below command to create the sample message producer application. Replace <mq-app-password> with what you used in step 26.
oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~https://github.com/ibm-messaging/mq-gitops-samples#main --context-dir=/queue-manager-basic-deployment/code/qmdemo-producer --env='JAVA_APP_JAR=producer-1.0-SNAPSHOT-jar-with-dependencies.jar' --env="MQ_APP_PASSWORD=<mq-app-password>" --name=mq-producer -n mq-demo
  1. Run the below command to create the sample message consumer application. Replace <mq-app-password> with what you used in step 26.
oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~https://github.com/ibm-messaging/mq-gitops-samples#main --context-dir=/queue-manager-basic-deployment/code/qmdemo-producer --env='JAVA_APP_JAR=producer-1.0-SNAPSHOT-jar-with-dependencies.jar' --env="MQ_APP_PASSWORD=<mq-app-password>" --name=mq-producer -n mq-demo
  1. As shown in Figure 19, go to your ROSA console, select Workloads in the left pane and then select Pods. You should see running pods for both the producer and consumer applications.

OpenShift console showing the producer and consumer application pods.

Figure 19. Producer and consumer application pods.

  1. Now go to your IBM MQ Admin UI that you obtained in step 36. The username is admin and the password is <mq-admin-password> that you entered in step 26.
  2. Click on Manage QMDEMO.
  3. As shown in Figure 20, you should see active queues and message counts since the producer and consumer applications have been communicating using the IBM MQ queues.

IBM MQ console showing queue activity.

Figure 20. IBM MQ console showing queue activity.

Summary

We showed you how to deploy IBM MQ in ROSA and test it with sample message producer and consumer applications. These sample applications use the Source 2 Image (S2I) capability of Red Hat OpenShift. The S2I build takes the pom.xml and the source code from the repository, builds the container image and deploys it in the ROSA cluster.

If you want to run the producer and consumer applications from outside of the cluster you will need to compile them in your own environment and use TLS. To set certificate validation options see the IBM MQ documentation.

Visit AWS Marketplace to subscribe to IBM Integration solutions on AWS:

Further Content: