Configuring a Route to connect IBM MQ on OCP 4.x
If you are using an IBM MQ client or toolkit earlier than IBM MQ 9.2.1, you need to create an OCP route. To create the route, ensure you are in the namespace you created, then enter the following YAML in the OCP UI, or using the command line:
For example, we have config that define one channel called SYSTEM.ADMIN.SVRCONN
DEFINE CHANNEL(SYSTEM.ADMIN.SVRCONN) CHLTYPE(SVRCONN) TRPTYPE(TCP) SSLCAUTH(OPTIONAL) SSLCIPH('ANY_TLS12_OR_HIGHER') REPLACEThe OCP Router will be like this.
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: qm-chl-admin
spec:
host: system2e-admin2e-svrconn.chl.mq.ibm.com
to:
kind: Service
name: qm-ibm-mq
port:
targetPort: 1414
tls:
termination: passthrough
wildcardPolicy: NoneNote that the Red Hat OpenShift Container Platform Router uses SNI for routing requests to the IBM MQ queue manager. If you change the channel name specified in the config map containing MQSC commands, you must also change the host field, and in the CCDT.JSON file that specifies the queue manager details.
Server Name Indication (SNI) is an extension to the TLS protocol that allows a client to indicate what service it requires. In IBM® MQ terminology this equates to a channel.
The SNI extension is used by IBM MQ to allow multiple certificates to be specified across different channels using the CERTLABL parameter on the channel definition.
system2e-admin2e-svrconn.chl.mq.ibm.comThe SNI address used by IBM MQ is based upon the channel name that is being requested, followed by a suffix of .chl.mq.ibm.com.
IBM MQ channel names are mapped to be valid SNI names as follows:
- Upper case letters A to Z are folded to lower case
- Digits 0 to 9 are left unchanged
- All other characters, including lower case letters a to z, are converted into their two digit hexadecimal ASCII character code (in lower case), followed by a hyphen.
* Lower case letters a to z map to hexadecimal 61- to 7a- respectively
* percent (%) maps to hexadecimal 25-
* hyphen (-) maps to hexadecimal 2d-
* dot (.) maps to hexadecimal 2e-
* forward slash (/) maps to hexadecimal 2f-
* underscore (_) maps to hexadecimal 5f-
Source :
How IBM MQ provides multiple certificates capability
Configuring a Route to connect to a queue manager from outside a Red Hat OpenShift cluster
