Maintaining RabbitMQ in File Access Manager

Maintaining RabbitMQ in File Access Manager

 

RabbitMQ is a secure message broker for communication between the Central Permissions Collector and Central Data Classification engine services, to/from the Permissions and Data Classification collector agents. RabbitMQ is a lightweight tool and does not require significant server resources. It is a prerequisite for installing Permissions Collection and Data Classification collectors.

It is recommended that you install RabbitMQ in a location that is accessible by the Central Permissions Collection/Central Data Classification engines and the Permissions Collection/Data Classification collector agents with almost equal network latency.

Prerequisites

Before installing or moving a service, the File Access Manager Server Installer must be installed on each of the servers involved (for example, in case of a move, on both the server a service is currently on, and the server it will be moved to).

Note for SecurityIQ 6.0 users: Apply fixes from the SecurityIQ 6.0 SP1 (Service Pack 1) before proceeding with the RabbitMQ installation.

Installing RabbitMQ

Begin by setting up the RabbitMQ installation configuration on the core services server:

  1. Launch the File Access Manager Server Installer on the core services server.
  2. Choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. On the Action Select page, choose Create/Edit installation configuration and click Next.
  5. If the server where you want to install the service is not in the server list, add it by entering the details of the server. For new servers, provide the Server Local Name (short NETBIOS name) and Server FQDN (Fully Qualified Domain Name). Then click Add to add this server to the Server List.
  6. Click Next.
  7. Check File Access Manager RabbitMQ and click on the drop-down list to choose the server to install it on.
  8. Click on the option to Define manual credentials, and enter a User Name and Password. These credentials can be used later to connect to RabbitMQ independently.
  9. Click Next.
  10. Choose Save Configuration only and click Next.
  11. Click Finish to exit the server installer and open the Installation Summary window.
  12. Check the installer logs as described in the Checking the Logs section below.

Continue by installing RabbitMQ on the server where you want it to be located:

  1. On the server where RabbitMQ will be installed, install the File Access Manager Server Installer if it is not present already.
  2. Launch the File Access Manager Server Installer.
  3. Choose Use an existing IdentityIQ File Access Manager Database
  4. Enter the database credentials to connect to the same database you created or connected to in the section above, and click Next.
  5. On the Action Select page, choose Perform Current Server's Installation Tasks and click Next.
  6. The next panel lists the services the installer will install on this server. Verify that RabbitMQ is listed in the configuration and click Next.
  7. Click Next, then click Finish to complete the installation and open the Installation Summary window.
  8. Check the installer logs as described in the Checking the Logs section above.

Checking the Logs

  1. In the the Installation Summary window, check the Open Installation Log box, then click Finish. This opens the installation log.
  2. In the installation log, search for the term ERROR (using all capital letters) to see if any errors occurred during installation of the RabbitMQ service.
  3. If you encounter any errors, you can try to troubleshoot the error, or contact SailPoint Support for further assistance. If you contact Support, you will need to send the install log to analyze the issue.

Moving RabbitMQ

Services may sometimes need to be moved due to architecture or hardware changes in your environment.

Important: If Central Permissions Collection/Central Data Classification services in the environment are associated with any collector agents, all the associated collector agents should be uninstalled prior to moving RabbitMQ. Use the File Access Manager Collector Manager to uninstall the collector agents.

On the current server (where RabbitMQ is installed now):

  1. Launch the File Access Manager Server Installer.
  2. Choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. In the Action Select page, select Create / Edit Installation Configuration and click Next.
  5. If the server you want to move the service to is not in the server list, add it by entering the details of the server. For new servers, provide the Server Local Name (short NETBIOS name) and Server FQDN (Fully Qualified Domain Name). Then click Add to add this server to the Server List.
  6. Click Next.
  7. Click on the drop-down list for File Access Manager RabbitMQ, and choose the server you want to move it to.
  8. Click Next.
  9. In the next panel, click Save Configuration and Perform current Server's installation Tasks.
  10. Click Next. This will uninstall RabbitMQ from its current server location.
  11. Click Finish to exit from the installer and open the Installation Summary window
  12. Check the installer logs as described in the Checking the Logs section above.

On the new server (the one you want to move RabbitMQ to):

  1. Launch the File Access Manager Server Installer.
  2. Choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. In the Action Select page, select Perform current Server's installation Tasks and click Next.
  5. The next page shows a summary of the services that will be moved to this server. Verify that the configuration includes RabbitMQ, and click Next.
  6. Click Next, then click Finish to complete the installation.
  7. Click Next to open the Installation Summary window. Check the installer logs as described in the Checking the Logs section above.
  8. Reinstalling collector agents: If you uninstalled any collector agents, you can reinstall the agents now, using the File Access Manager Collector Manager, and associate them to the appropriate engine(s)

Uninstalling RabbitMQ

Important: If the Central Permissions Collection/Central Data Classification services are associated with any collector agents, all the associated collector agents should be uninstalled prior to uninstalling RabbitMQ. Use the File Access Manager Collector Manager to uninstall the collector agents.

To uninstall RabbitMQ:

  1. Launch the File Access Manager Server Installer on the server where RabbitMQ is installed.
  2. Choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. In the Action Select page, select Uninstall File Access Manager features from the current server and click Next.
  5. Select RabbitMQ as the service to be uninstalled.
    Note: By default, all the services installed on the server are selected for uninstall. Click Select All to de-select all the options, then individually select RabbitMQ.
  6. Click Next to start the uninstall process.
  7. When the progress bar shows Finished, click Next to open the Installation Summary window. Check the installer logs as described in the Checking the Logs section above.

Troubleshooting

To troubleshoot RabbitMQ issues:

  1. Navigate via a browser to https://rabbitmqserver:15671/#/queues
  2. Log in with the RabbitMQ credentials that were defined during installation.
  3. Click on the Queues tab to view queues, and review the Messages columns for details.

 

Version history
Revision #:
6 of 6
Last update:
‎Aug 23, 2019 04:50 PM
Updated by: