Rootful Podman with RHEL8 on AWS

This section walks you through the steps to set up a single PubSub+ software event broker container with Podman on a Red Hat Enterprise Linux 8 instance in AWS Elastic Compute Cloud (EC2).

Before You Begin
Step 1: Launch a Host and Install Podman
Step 2: Get a PubSub+ Software Event Broker
Step 3: Set the Podman Create Options
Step 4: Create the Container
Step 5: Manage the Software Event Broker
Next Steps

Before You Begin

It's assumed that you have an Amazon EC2 account.

System Requirements

The number of CPUs and system memory allocations that your event broker requires depends on the number of client connections that you need to support. By default, fresh installations of the event broker allow up to 100 client connections.

To achieve desired stability and performance, the infrastructure that hosts the Pubsub+ software event broker must provide a minimum set of system resources. System resources broadly include requirements that are related to processors, memory, and storage. For details about the types of system resources that are required and their characteristics, see System Resource Requirements.

You can increase certain system limits by using System Scaling Parameters. Increasing these system limits also increases the system resources that are required. For more information, see Using System Scaling Parameters.

Information about configuring storage is at Managing Storage for Container Images.

The example on this page is suitable for use for up to 1,000 connections, and is appropriately configured for testing and PoC activities. If you plan to use your event broker in a production environment, or scale your system above 1,000 connections, make sure to consult the sections above and provision your system appropriately.

Step 1: Launch a Host and Install Podman

Use the AWS EC2 Dashboard’s Launch Instance wizard to create an Amazon Machine Image that you can use to run an event broker.

On the main page of the EC2 Dashboard, select the Launch Instance button.
Follow the setup wizard and accept the recommended default settings except as noted in the following steps.
In the Choose an Amazon Machine Image (AMI) step, search for Red Hat Enterprise Linux 8 and then choose the official AWS distribution from the AWS Marketplace.
In the Choose an Instance Type step, select an Instance Type according to the System Requirements section above.
In the Configure Instance Details step, set Subnet to your availability zone.
In the Add Storage step, set the instance’s storage size and volume type.

The amount of storage to attach to the instance depends on your application. Both SSD volume types, General Purpose and Provisioned IOPS, are supported.

For test deployments, a minimum of 30 GB and Provisioned IOPS SSD are recommended.
In the Name and Tags step, assign a name to your instance.

You can add as many tags as required by your application.

At a minimum, it is recommended that the security group include the following inbound rules.

Type	Protocol	Port Range	Source
Custom TCP Rule	TCP	8080	0.0.0.0/0
Custom TCP Rule	TCP	55555	0.0.0.0/0
SSH	TCP	22	0.0.0.0/0

These port numbers are used for the following services:

22—Host SSH
8080—SEMP /Broker Manager / SolAdmin
55555—SMF/non-compressed message data connections

Other ports can be opened as required. For a list of ports associated with event broker services, see Default Configuration for Software Event Brokers.

After you have completed the launch wizard steps and logged into your host, install and configure Podman. Instructions can be found on the Podman Installation Instructions Web page.

If you are using a t2.medium or t4g.medium instance type, you must create a swap file after the host is up. Enter the following commands:

>sudo mkdir /var/lib/solace
>sudo dd if=/dev/zero of=/var/lib/solace/swap count=3072 bs=1MiB
>sudo mkswap -f /var/lib/solace/swap
>sudo chmod 0600 /var/lib/solace/swap
>sudo swapon -f /var/lib/solace/swap
>sudo grep -q 'solace\/swap' /etc/fstab || sudo sh -c 'echo "/var/lib/solace/swap  none swap sw  0  0" >> /etc/fstab'

Step 2: Get a PubSub+ Software Event Broker

To get the event broker image:

Navigate to the PubSub+ Software Event Broker page of the Red Hat Ecosystem Catalog.
Follow the instructions on the Get this image tab.

These steps download a Solace PubSub+ Standard container image. If you want to use Solace PubSub+ Enterprise, you must obtain the appropriate event broker package. If you have purchased a container image of Solace PubSub+ Enterprise, Solace will give you information for how to download the compressed tar archive package from a secure Solace server. Contact Solace for assistance.

After you have downloaded the package, load the image. For details on the Podman command syntax, see podman load.

For example:

>sudo podman load -i /tmp/solace-pubsub-enterprise-<version>-docker.tar.gz

Step 3: Set the Podman Create Options

There are many options that you can set with the podman create command that is used to create the event broker instance. In this example we will show one that sets up a simple configuration suitable for a test deployment that can be used to help you become familiar with Solace PubSub+.

In this example:

the admin Solace CLI user and an associated password are defined at container creation through the username_admin_globalaccesslevel and username_admin_password configuration keys. By default, in an event broker container, no Solace CLI users are defined, so setting these configuration keys allows the container to be administered through the Solace SolAdmin management tool without first entering the Solace CLI to create an admin user.
the storage-group volume (named solace) is mounted to /var/lib/solace in the container. Podman automatically creates the volume if it does not already exist. The storage-group requires at least 5.1 GB of storage space. See System Resource Requirements and Managing Storage for Container Images for more information.
the container is created in rootful mode. For details about the difference between rootful and rootless containers, see Rootless Containers.
the values of the <repository> and <tag> depend on the event broker image you loaded in the previous section. For example:
- if you pulled the latest PubSub+ Standard image from the Red Hat Ecosystem Catalog, the <repository> is registry.connect.redhat.com/solace/pubsubplus-standard and the <tag> is latest
- if you obtained and loaded the PubSub+ Standard Edition, the value of <repository> is solace-pubsub-standard and <tag> is the version you downloaded, for example 9.13.1.36.

To set the podman create options:

Create the podman-create script, replacing <repository> and <tag> with the appropriate values:

>sudo tee ./podman-create <<-EOF
#!/bin/bash
sudo podman create \
--network=host \
--uts=host \
--shm-size=1g \
--ulimit core=-1 \
--ulimit memlock=-1 \
--ulimit nofile=2448:42192 \
--env 'username_admin_globalaccesslevel=admin' \
--env 'username_admin_password=admin' \
--name=solace \
-v solace:/var/lib/solace:z \
<repository>:<tag>

For production deployments, there are use-case dependent factors that impact the options and configuration key settings in the podman create command. For more information, see System Resource Requirements

Make the podman-create script executable:
```
>sudo chmod +x ./podman-create
```

Step 4: Create the Container

Create and run the event broker container on your host.

Create the container:
```
>./podman-create
```
After podman-create finishes, a long identifier is displayed that looks something like this:
```
1cb8dba3c07b6970b1e22c1067fde76010259e50a8548c3f2f202a6e9ce4e345
```
This is the ID for the event broker container you have just created.
Start the event broker:
```
>sudo podman start solace
```
You can use the podman ps command to check on the status of the event broker.
```
>sudo podman ps
```
The STATUS column associated with the event broker shows whether the container is running and for how long.

Step 5: Manage the Software Event Broker

To start issuing configuration or monitoring commands on the event broker, you can access Broker Manager or the Solace CLI

To access PubSub+ Broker Manager:

Open a browser and enter http://localhost:8080.
Log in as user admin with password admin.

To access the Solace CLI:

Enter the following podman exec command:

>sudo podman exec -it solace /usr/sw/loads/currentload/bin/cli -A

Type the following commands to enter configuration mode:
```
solace> enable
solace# config
solace(configure)#
```
For a list of Solace CLI commands currently supported on the event broker, refer to Software Event Broker CLI Commands.

Next Steps

You now have a software event broker container with a basic configuration that is ready for messaging tasks.

There are additional configuration tasks that you can make use of in the following topics:

Default Configuration for Software Event Brokers—Review the default port numbers for the services that run on the event broker.
System Resource Requirements—Learn about resource requirements for software event brokers.
Security Overview—Apply security features to secure your event broker, systems, and data.

When you are comfortable with your event broker, you can test messaging using the Solace SDKPerf application. You can download SDKPerf from the Other Software section in the Downloads page.

For more information about working with your event brokers, see the following:

Provide feedback