I have a JMS Queue which will be flooded with event messages from another system. I need to write a program/component which reads the messages and compares the event data against set of rules. Multiple rules can match a message from JMS. If they match, the system should be able to send notifications.
Example:
JMS Queue will be flooded with a strings.
Users of this system are interested in specific type of strings.
User1 will create a rule - "String that contains no special chars"
User2 will create a rule - "String with only capital letters"
and so on...
I should design a system which consumes the strings from the JMS, check the string against all rules, and alert the respective user that a string matching his rule has arrived.
Some considerations :
Hundreds of users.
Each user can create hundreds of rules.
Totally thousands of rules need to be run for a single string from JMS.
So, the comparison needs to be extremely fast.
Also, the users are allowed to create more rules while the system is running.
Which framework will help me achieve this?
Related
I'm currently faced with a use case where I need to process multiple messages in parallel, but related messages should only be processed by one JMS consumer at a time.
As an example, consider the messages ABCDEF and DEFGHI, followed by a sequence number:
ABCDEF-1
ABCDEF-2
ABCDEF-3
DEFGHI-1
DEFGHI-2
DEFGHI-3
If possible, I'd like to have JMS consumers process ABCDEF and DEFGHI messages in parallel, but never two ABCDEF or DEFGHI messages at the same time across two or more consumers. In my use case, the ordering of messages is irrelevant. I cannot use JMS filters because I would not know the group name ahead of time, and having a static list of group names is not feasible.. Messages are sent via a system which is not under my control, and the group name always consists of 6 letters.
ActiveMQ seems to have implemented this via their message groups feature, but I can't find equivalent functionality in IBM MQ. My understanding is that this behaviour is driven by JMSXGroupId and JMSXGroupSeq headers, which are only defined in an optional part of the JMS specification.
As a workaround, I could always have a staging ground (a database perhaps), where all messages are placed and then have a fast poll on this database, but adding an extra piece of infrastructure seems overkill here. Moreover, it would also not allow me to use JMS transactions for reprocessing in case of failures.
To me this seems like a common use case in messaging architecture, but I can't find a simple yes/no answer anywhere online, and the IBM MQ documentation isn't very clear about whether this functionality is supported or not.
Thanks in advance
IBM MQ also has the concept of message groups.
The IBM MQ message header, called the Message Descriptor (MQMD) has a couple of fields in it that the JMS Group fields map to:-
JMSXGroupID -> MQMD GroupID field
JMSXGroupSeq -> MQMD MsgSeqNumber field
Read more here
IBM MQ docs: Mapping JMS property fields
IBM MQ docs: Message groups
I am trying to implement an application(Java) which will subscribe to different message types (XMLs) from other different applications via TIBCO EMS. Each of these message types will have a specific purpose. I am of the opinion that I should have multiple queues with multiple subscribers in my application, however, the TIBCO guy is adamant that there should be only one queue where all of these messages will be published and I will have one subscriber and the subscriber then should have logic to different tasks based on the XML received.
Which approach is better? One with multiple queues and subscribers OR the one queue and one subscriber? Please let me know reasons for the choice.
Thanks!
-Naveen
In general, if the same application is reading all the messages, it is much cleaner for that application to have a single input queue instead of multiple input queues. With multiple then the application will need to have logic to know which order to process the queues and so on. With one input queue, the messaging system can deal with the order of the messages - whether FIFO or by priority etc, and the application can just read the next message and process it.
Use unique message header for each type of xml while sending the message. And use message selectors / filters while receiving the same, so that it can be routed / delegated to the respective handler based on the header value. This way, you will be able to handle different type of xml messages by single queue as well.
The JMS 2.0 specification says
The JMSMessageID header field contains a value that uniquely
identifies each message sent by a provider.
...and...
The exact scope of uniqueness is provider defined. It should at least
cover all messages for a specific installation of a provider where an
installation is some connected set of message routers.
The specification does not explicitly state that the JMSMessageID returned from the publish API call must match the one present in the message when it is consumed. The discussion in the spec about moving the JMSMessageID to the JMSCorrelationID when replying to a request implies that the two would be the same. If the message ID was changed between publication and consumption, this style of request/reply would fail.
Certainly in the unified domain model of JMS 1.1 and now 2.0, it would not make sense for the behavior of the JMSMessageID to change depending on whether the destination is a queue or a topic. Under the unified model, one would expect all destinations to act alike in this regard.
Also, if "provider" as used in the first paragraph refers to the thing that is sending messages, then a publication that fanned out to 10 identical messages, with identical JMSMessageID values, would meet the spec since uniqueness is measured at the sending side.
Unfortunately, the specification liberally switches between using the term "provider" to describe the thing sending messages versus using it to describe the vendor of the JMS transport. This is evident in the two quoted passages above. This ambiguity doesn't help matters any.
At least one implementation (IBM's MQ) takes the approach that a publication fanning out to 10 messages has created 10 unique, new messages, and therefore each of these has a unique JMSMessageID value. This is arguably consistent with the second quoted passage which requires uniqueness scoped to the provider, where "provider" appears to refer to the vendor implementation and not the thing sending messages.
It is my belief that when a published message fans out to multiple subscribers the correct behavior would be that the JMSMessageID would be preserved in each instance of the message so that replies can be correlated as expected. In other words, I believe IBM's implementation to be non-compliant. Since the specification is ambiguous on the matter, I'm looking for an authoritative source which either states outright or strongly implies the behavior as intended by the spec, one way or the other. Depending on the response, I'll either stand down, or else raise the issue with IBM as a compliance defect.
The term "provider" here is simply a reference to the specific messaging product being used, and covers both client-side and server-side components. To avoid confusion, I'll use the word JMS product vendor here.
The purpose of the JMS specification is to define a Java API implemented by that messaging product. It uses loose terms like "provider" because the JMS spec does not define how the product is architected and is trying to avoid suggesting how the implementation should be shared between client-side and server-side components, or even whether there is a server (or cluster of servers) at all. You'll notice the spec never (well, almost never) says "the server does this" or "the server does that".
The sentence about the "exact scope of uniqueness" is there to make it easy for the JMS product vendor to implement the code that generates JMSMessageID values. It's saying that the code that generates JMSMessageID values doesn't need to worry about ensuring that the values generated are unique across the entire universe. It's sufficient to ensure that they are unique to that particular product installation.
You say that "The specification does not explicitly state that the JMSMessageID returned from the publish API call must match the one present in the message when it is consumed."
I think this is stated in Section 4.4.11 "How message header values are set". This states that the JMSMessageID is set by the "JMS provider send method". The same section goes on to say that "Message header fields that are defined as being set by the 'JMS provider send method' will be available on the sending client as well as on the receiving client."
This means that after the call to send() or publish() has returned, the sending application can use the method getJMSMessageID() to find the message ID that was assigned to that message. When this message is received, the receiving application can use the same method, and get the same value.
Each message sent to a topic is delivered to every subscriber on that topic. These subscribers will receive a separate copy of the same message, with the same body, properties and headers, including JMSMessageID value.
Feel free to argue; the JMS spec is not free of ambiguities.
I think the issue here is less about when the JMSMessageID field is set on a published message, and more about what happens to that message when it is processed within the JMS provider.
As stated in T.Rob's and Nigel's posts, section 3.4.3 of the JMS 2.0 specification states:
"The JMSMessageID header field contains a value that uniquely
identifies each message sent by a provider."
and also:
"A JMSMessageID is a String value which should function as a unique
key for identifying messages in a historical repository. The exact
scope of uniqueness is provider defined. It should at least cover all
messages for a specific installation of a provider where an
installation is some connected set of message routers."
That is to say, two or more messages, even if they contain the same data, ought to have different JMSMessageID values if they constitute different messages within a repository.
The spec also states, in section 4.2.1 that,
"A topic can be thought of as a mini message broker that gathers and
distributes messages addressed to it. By relying on the topic as an
intermediary, message publishers are kept independent of subscribers
and vice versa."
This would imply that the intention of the spec is that, when a message is sent to a Topic, the Topic can do some work on the message, including creating multiple copies of the message (or, more specifically, creating multiple messages with the same data that are considered separate within the provider's repository.
Finally, section 4.2.2 states:
"A subscription will receive a copy of every message that is sent to
the topic after the subscription is created, ... Each copy of the
message is treated as a completely separate message. Work done on one
copy has no effect on any other; acknowledging one does not
acknowledge any other; one message may be delivered immediately, while
another waits for its consumer to process messages ahead of it."
Putting these passages together, the spec can be read as saying
When a message is sent to a Topic, that Topic can create a copy of the message for each current subscription.
The copies of the message created when sending to a Topic can be considered as completely separate messages.
Because separate JMS messages are uniquely identified by their JMSMessageID field, each separate subscription message should have a different JMSMessageID
To pick up Nigel's last sentence the JMS specification isn't free of ambiguities. This is very true and vendors and customers have previously worked around issues, and work in the expert group does take place to clarify these and provide guidance as well as make suggestions for improving the compliance tests. Based on the understanding outlined above, and the tests within the JMS 2.0 Compliance Test Suite that IBM MQ v8 passes, the IBM MQ v8 implementation is JMS2.0 compliant (and likewise earlier IBM MQ versions are JMS1.1 compliant; the JMS 1.1 specification has the same ambiguity).
The request-response paradigm is a common one, though with a pub-sub based distribution model the sending application does potentially have to cope with multiple responses not just the one that would be more likely with a point-point architecture. We acknowledge that there are messaging scenarios where the capability for a message id to have a different 'value of uniqueness' from the one currently implemented by IBM MQ would provide value to some IBM MQ customers
For the above reasons IBM strongly believes that its MQ JMS solution is compliant, so a PMR will not be accepted. However, we do acknowledge that there are a number of use cases where maintaining the message ID would be beneficial to you. For that reason we will make RFE 35062 an uncommitted candidate, which means it has the highest probability of being addressed and we promise that we're actively working to provide the solution that best fits the needs as quickly as possible. But to do this we'd appreciate additional feedback on the RFE with descriptions of what the actual problems our users are trying to solve here. For example is this for audit purposes, request-reply, message flows, etc, and what it is you need replicated? The more information we have, the more likely the solution is to satisfy the need.
The JMS 2.0 specification says
The JMSMessageID header field contains a value that uniquely
identifies each message sent by a provider.
...and...
The exact scope of uniqueness is provider defined. It should at least
cover all messages for a specific installation of a provider where an
installation is some connected set of message routers.
The specification does not explicitly state that the JMSMessageID returned from the publish API call must match the one present in the message when it is consumed. The discussion in the spec about moving the JMSMessageID to the JMSCorrelationID when replying to a request implies that the two would be the same. If the message ID was changed between publication and consumption, this style of request/reply would fail.
Certainly in the unified domain model of JMS 1.1 and now 2.0, it would not make sense for the behavior of the JMSMessageID to change depending on whether the destination is a queue or a topic. Under the unified model, one would expect all destinations to act alike in this regard.
Also, if "provider" as used in the first paragraph refers to the thing that is sending messages, then a publication that fanned out to 10 identical messages, with identical JMSMessageID values, would meet the spec since uniqueness is measured at the sending side.
Unfortunately, the specification liberally switches between using the term "provider" to describe the thing sending messages versus using it to describe the vendor of the JMS transport. This is evident in the two quoted passages above. This ambiguity doesn't help matters any.
At least one implementation (IBM's MQ) takes the approach that a publication fanning out to 10 messages has created 10 unique, new messages, and therefore each of these has a unique JMSMessageID value. This is arguably consistent with the second quoted passage which requires uniqueness scoped to the provider, where "provider" appears to refer to the vendor implementation and not the thing sending messages.
It is my belief that when a published message fans out to multiple subscribers the correct behavior would be that the JMSMessageID would be preserved in each instance of the message so that replies can be correlated as expected. In other words, I believe IBM's implementation to be non-compliant. Since the specification is ambiguous on the matter, I'm looking for an authoritative source which either states outright or strongly implies the behavior as intended by the spec, one way or the other. Depending on the response, I'll either stand down, or else raise the issue with IBM as a compliance defect.
The term "provider" here is simply a reference to the specific messaging product being used, and covers both client-side and server-side components. To avoid confusion, I'll use the word JMS product vendor here.
The purpose of the JMS specification is to define a Java API implemented by that messaging product. It uses loose terms like "provider" because the JMS spec does not define how the product is architected and is trying to avoid suggesting how the implementation should be shared between client-side and server-side components, or even whether there is a server (or cluster of servers) at all. You'll notice the spec never (well, almost never) says "the server does this" or "the server does that".
The sentence about the "exact scope of uniqueness" is there to make it easy for the JMS product vendor to implement the code that generates JMSMessageID values. It's saying that the code that generates JMSMessageID values doesn't need to worry about ensuring that the values generated are unique across the entire universe. It's sufficient to ensure that they are unique to that particular product installation.
You say that "The specification does not explicitly state that the JMSMessageID returned from the publish API call must match the one present in the message when it is consumed."
I think this is stated in Section 4.4.11 "How message header values are set". This states that the JMSMessageID is set by the "JMS provider send method". The same section goes on to say that "Message header fields that are defined as being set by the 'JMS provider send method' will be available on the sending client as well as on the receiving client."
This means that after the call to send() or publish() has returned, the sending application can use the method getJMSMessageID() to find the message ID that was assigned to that message. When this message is received, the receiving application can use the same method, and get the same value.
Each message sent to a topic is delivered to every subscriber on that topic. These subscribers will receive a separate copy of the same message, with the same body, properties and headers, including JMSMessageID value.
Feel free to argue; the JMS spec is not free of ambiguities.
I think the issue here is less about when the JMSMessageID field is set on a published message, and more about what happens to that message when it is processed within the JMS provider.
As stated in T.Rob's and Nigel's posts, section 3.4.3 of the JMS 2.0 specification states:
"The JMSMessageID header field contains a value that uniquely
identifies each message sent by a provider."
and also:
"A JMSMessageID is a String value which should function as a unique
key for identifying messages in a historical repository. The exact
scope of uniqueness is provider defined. It should at least cover all
messages for a specific installation of a provider where an
installation is some connected set of message routers."
That is to say, two or more messages, even if they contain the same data, ought to have different JMSMessageID values if they constitute different messages within a repository.
The spec also states, in section 4.2.1 that,
"A topic can be thought of as a mini message broker that gathers and
distributes messages addressed to it. By relying on the topic as an
intermediary, message publishers are kept independent of subscribers
and vice versa."
This would imply that the intention of the spec is that, when a message is sent to a Topic, the Topic can do some work on the message, including creating multiple copies of the message (or, more specifically, creating multiple messages with the same data that are considered separate within the provider's repository.
Finally, section 4.2.2 states:
"A subscription will receive a copy of every message that is sent to
the topic after the subscription is created, ... Each copy of the
message is treated as a completely separate message. Work done on one
copy has no effect on any other; acknowledging one does not
acknowledge any other; one message may be delivered immediately, while
another waits for its consumer to process messages ahead of it."
Putting these passages together, the spec can be read as saying
When a message is sent to a Topic, that Topic can create a copy of the message for each current subscription.
The copies of the message created when sending to a Topic can be considered as completely separate messages.
Because separate JMS messages are uniquely identified by their JMSMessageID field, each separate subscription message should have a different JMSMessageID
To pick up Nigel's last sentence the JMS specification isn't free of ambiguities. This is very true and vendors and customers have previously worked around issues, and work in the expert group does take place to clarify these and provide guidance as well as make suggestions for improving the compliance tests. Based on the understanding outlined above, and the tests within the JMS 2.0 Compliance Test Suite that IBM MQ v8 passes, the IBM MQ v8 implementation is JMS2.0 compliant (and likewise earlier IBM MQ versions are JMS1.1 compliant; the JMS 1.1 specification has the same ambiguity).
The request-response paradigm is a common one, though with a pub-sub based distribution model the sending application does potentially have to cope with multiple responses not just the one that would be more likely with a point-point architecture. We acknowledge that there are messaging scenarios where the capability for a message id to have a different 'value of uniqueness' from the one currently implemented by IBM MQ would provide value to some IBM MQ customers
For the above reasons IBM strongly believes that its MQ JMS solution is compliant, so a PMR will not be accepted. However, we do acknowledge that there are a number of use cases where maintaining the message ID would be beneficial to you. For that reason we will make RFE 35062 an uncommitted candidate, which means it has the highest probability of being addressed and we promise that we're actively working to provide the solution that best fits the needs as quickly as possible. But to do this we'd appreciate additional feedback on the RFE with descriptions of what the actual problems our users are trying to solve here. For example is this for audit purposes, request-reply, message flows, etc, and what it is you need replicated? The more information we have, the more likely the solution is to satisfy the need.
What are the recommended guidelines for WebSphere MQ naming conventions for queue managers, queues (local, remote, transmit, dead letter queues...), channels etc. I found one at IBM's developerWorks but looking to see if there is anything else comprehensive out there. Thanks.
This sounds like a good topic for a new Mission:Messaging column but I'll write up the condensed version here. I'll preface my answer by noting that many of my recommendations are contrary to those you might find elsewhere. In some cases this is because the way MQ is commonly used have changed over the years. In other cases it is because the conventional wisdom never worked well to begin with. (Cluster channels named TO.QMGR for example.) In all cases, I prefer conventions which apply to the broadest number of situations. That means it is usually possible to find exceptions to these rules for specific cases but they are broadly applicable nonetheless.
Some general rules
The following apply to all object types.
Use the dot character . as a separator.
Authorization rules parse names using dot characters as separators. For example, the queue name MY.EXAMPLE.QUEUE.NAME would match rules like MY.*.*.* or MY.** but not MY.* because the dots signify name node separator characters. Do yourself a favor and use dots rather than underscores as your naming node separators consistently.
Use machine-parsable names.
When you have 5 queue managers and a few hundred objects, you can easily get by doing all your management manually with WMQ Explorer or runmqsc. However, there comes a point where consistency, reliability, repeatability and efficiency demand that you script up some of your routine operations or employ instrumentation to respond to network events. More than anything else this means eliminating ambiguity in names.
For example, if you create a naming convention that channel names must look like SRCQMGR.DESTQMGR then it is possible for a script to read a RCVR or SDR channel name and derive the names of the two queue managers it connects. However, what does the script do with a channel name like GA.PAYROLL.OPS? Is it the GA.PAYROLL queue manager connecting to the OPS queue manager? Or is it the GA queue manager connecting to the PAYROLL.OPS queue manager? A human might be able to tell instantly based on context but scripts are notorious for doing what you tell them rather than what you intended. Similar situations arise when queue names have position-dependent qualifiers at both the beginning and the end of the name and a variable number of nodes.
Stick with UPPERCASE names.
This is for compatibility across all platforms, and in particular z/OS. Although it is true that more z/OS shops are using mixed case, it is also true that there are still a lot of systems out there that only accept UPPERCASE names. While it is easy to say "this doesn't apply to me" I have seen many cases where somebody had problems interfacing to a new business partner because of incompatible names. After all, the ability to interface to just about any platform out there is one of the main reasons for using WMQ in the first place.
Don't include attributes of the object in the name
In an SOA world, queues and topics are different types of destination and often are interchangeable. Something putting messages to what it thinks is a queue doesn't necessarily know (or care!) if they are actually going to a queue or a topic. A queue that has an application listening on it for messages may be fed by an administrative subscription that is actually roping in publications from one or more topics.
What we really care about is the nature of the messages - what function do they perform - not whether we are connecting to a local queue or an alias queue. So adding qualifiers like .QA, .QL, .TPC (for topic) and so forth doesn't make sense. Similarly, adding .RCVR onto a channel name sucks up 5 useful characters that could have been better used describing the QMgr name. Worse, these practices bake the topology into the object names, making the system both less flexible and more brittle.
Channel names
Point-to-Point Channel names
Use names like SRCQMGR.DESTQMGR for RCVR, RQSTR, SDR, and SVR channels. This is biased toward languages that read left-to-right because the intention is to describe the data flow from a QMgr to another QMgr
Cluster channels
Use names like CLUSNAME.QMNAME. The old wisdom said to use names like TO.QMNAME but if you ever implement overlapping clusters this causes the same channel to be used for multiple clusters. That's bad because you can then never perform maintenance on one cluster without impacting the other. Using CLUSNAME.QMNAME insures that every QMgr has a dedicated CLUSRCVR channel for each cluster in which it participates.
Client Channels
The exception to the "don't include attributes of the object in the name" is arguably the SVRCONN channel. This is because channels are very much tied to the physical rather than the logical layer of the network. So putting the QMgr name in a SVRCONN channel name is generally OK. I don't object too strongly if people want to add .SVRCONN at the end, either.
The thing to remember about client channels is that if you use a Client Channel Definition Table (CCDT) then the unique index into that table is the channel name. That means you cannot have the same channel name on multiple QMgrs and still use a CCDT. Since the CCDT is one way to configure the SSL/TLS channel details, this is often not appreciated to its fullest until the "let's finally secure WMQ" project comes along. By using unique channel names for SVRCONN channels from the start, you can future-proof the network. Usually these names look like APP.QMNAME or to make it obvious you aren't dealing with a cluster or point-to-point channel, APP.QMNAME.SVRCONN or similar.
Queue manager names
No dots in QMgr names
One implication of the previous rules is that cluster and queue manager names must contain only one node and therefore should never contain a . character. This is because channel names are typically derived from the cluster and/or QMgr names. So in the example above, a RCVR channel name like GA_PAYROLL.OPS would tell both humans and scripts that the channel in question connects a QMgr named GA_PAYROLL to a QMgr named OPS.
Names of 9 chars or less
Channel names can be only 20 characters. Subtract one for the dot separator, divide by two and round down gets you to 9 characters max for queue managers. If there's a possibility that you may set up different channels for classes of service (for large vs small messages, for example, then drop back to 8 chars or less for QMgr names. This leads to QM1.QM2.A, QM1.QM2.B, etc.
QMgr names reflect the physical layer
In a service-oriented world, we really care about destination names like queues and topics. We care much less about queue manager names because these are just life support for queues and topics. Client apps don't care so much about which QMgr the connect to, so long as they can send requests and receive replies. WMQ very conveniently fills in the reply-to QMgr name on outbound requests so it is rare that an application needs to know about it.
On the other hand, the administrators need to know about the QMgr name. In the early days it was common to name QMgrs for the host server. Later it became the fashion to name them for the applications they hosted. Now in the SOA world, messaging is infrastructure and usually not associated with any single application so the pendulum has swung back. Give the QMgr a unique name that is meaningful to an administrator.
Never reuse QMgr names!
It is unfortunately very common to "move" a QMgr from one place to another or to have a primary and disaster recovery QMgr with the same name. This practice usually means some part of the application is dependent on the QMgr name and therefore it is "easier" to reuse the name. IBM introduced the QMID as a way to address some of the problems introduced by reusing QMgr names. The typical use case is that a node gets rebuilt and the QMgr once there is also rebuilt from scratch. The cluster knows it is a new QMgr because the QMID has changed, but the name used for routing and other operations remains the same.
Although this helped in that limited use case, it doesn't address the issues when both QMgrs with the same name are online at the same time. Nor does it address the problem that a reputable Certificate Authority won't issue multiple certs with the same Distinguished Name which forces reuse of the same certificate for multiple QMgrs.
Remember that QMgrs are just life support for queues and topics and ideally will be anonymous to the applications using them. Pick a naming convention that allows you to spin up new QMgrs with unique names by the hundreds or thousands, if necessary, so that you don't have to reuse QMgr names.
Other objects
Use intention-revealing names
Or to put it another way, name the object for what it does and not what it is. For example, if you were in the habit (as many people are) of including qualifiers like .QL for local queues and .QA for aliases, then any change in topology will impact the applications using those queues. Instead, name the queues for the functions they represent.
Go left-to-right, most generic to most specific
Object names, especially queues, should be constructed hierarchically beginning with the most generic qualifier and proceeding to the most specific qualifier. For example, many shops use APP.FUNC.SUBFUNC.VER where APP is the ID of the owning application, then one or more nodes with the function and subfunction. Many shops add a version qualifier on the end so that new versions of a service can migrate their clients on separate schedules rather than changing the service on the existing queue and making all clients change at the same time.
The thing that reads the messages owns the queue
If I have a service endpoint represented by a queue then there is a many-to-one relationship between the things that might call the service to the thing that provides the service. The queue is associated with the service and the thing providing that service. Clients are more or less anonymous. Therefore, if any of the stakeholder applications can be said to "own" the queue, it is the service provider app that consumes messages form it.
The thing that publishes the message owns the topic. Sort of.
The relationship is not as straightforward with topics. Here it is the consumers of messages that are usually anonymous. In that sense if the topic name reflects any application, it is most likely the publisher. However, even publishers can be anonymous, or at least there may many of them and not all publishing at the same time. With topics it makes much more sense that the topic tree nodes are structured for the hierarchy of data or functionality they represent. These names tend to match the names of the publishing apps so sometimes the publisher "owns" the topic as much out of coincidence as anything else.
Put positional qualifiers on the left
Where names have variable numbers of qualifiers, put the positional ones on the left where scripts and automation can parse them. Some shops where both the beginning and ending qualifiers are positional deal with this by using underscores for separators in the variable section of the name like APP.FUNC.SUBFUNC1_SUBFUNC2.VER. Scripts and authorizations then always see a fixed number of nodes in the name but this approach can be brittle if somebody forgets and makes a name with an extra node or two.
Further reading
This sums up most of the general rules but some of the philosophy behind them has been captured in the Mission:Messaging column. In particular:
Embracing cultural change in the WebSphere MQ community
Migration, failover, and scaling in a WebSphere MQ cluster
The article Planning for SSL on the WebSphere MQ network discusses distinguished name standards as they apply to WMQ