MQ

 View Only

Setup Microsoft Azure's virtual machine to be MQ MFT transfer-ready

By Avinash Ganesh posted Thu July 21, 2022 05:22 AM

  
This blog post is aimed at focusing on the finer aspects which have to be taken care of when an on-premise MFT agent or an agent running on other cloud platforms tries to transfer files to MS Azure's Virtual machines. Please note this is not absolute. This was tried for internal testing purpose and criteria may vary on case to case and need to need basis. 

Assumptions:

- The user is in possession of Azure VM provisioned from the MS Azure cloud platform. If not, the quick start guide is here

- IBM MQ v9.2.x has been unpacked and installed on the said Azure virtual machine

- IBM MQ v9.2.x is installed on an on-premise server or IBM MQ Managed File Transfer Redistributable Package v9.2.x has been installed on this 
on-premise server 

            Once the above setup mentioned in assumptions are in place, in order for this entire system to achieve end-to-end transfers, some ports need to be opened up on the Azure side. Below screenshot is how an Azure Virtual machine configuration details look like, 



            In this, 
            mftazure --> Virtual Machine's name
            DNS name --> Endpoint DNS name which can be made use to access this box
            Public IP address --> IP address of the VM


            On the left pane, the marked Networking option under settings, is a link where we can enable or disable ports. This is the place we are interested in. Click on it to reach the Inbound port rules page as seen below, 


            The box marked in red contains all the inbound rules which have been set for the VM for achieving MFT transfers with the on-premise agent. These can be setup by clicking on the button, Add inbound port rule. The values to be set are as shown above. Below are highlighted ones, 

            SSH --> needed for sftp connections to box
            Port_1414 --> this is very important, since it is the port on which the IBM MQ is running on in the MFTAZURE virtual machine. Likewise one can enable 
            relevant port of their MQ installation
            Ping_Permission (ICMP) --> This can be enabled to ping and test if the box is responding
            RDP --> This can be enabled if the VM is a windows box and one wants to do a remote connection to it

            Once the above mentioned are in place, then further processes which need to be followed would be like the conventional way of connecting any two standard agents(a source agent and a destination agent) to a coordination, command and agent queue manager, and later achieve the file transfers. A sample fteCreateTransfer would look like below, 

            fteCreateTransfer -sa OnPremAgent -sm QMA -da AzureAgent -dm QMA -de overwrite -df "//home//azureuser//dest//fromOnPrem.txt" "/source/src.txt"

            Where, 
            OnPremAgent --> name of source agent running on the on-premise server
            AzureAgent     --> name of destination agent running on the Azure virtual machine

            Make sure you have escaped the Azure's destination directory path, i.e., like this --> //, as seen in the above command fteCreateTransfer.
            0 comments
            42 views

            Permalink