One of the best features which JBoss AS 7 / Wildfly came up was the domain mode, which is been used when you are looking for a single point of controller over all the servers, which can be running on the same/different boxes.
Most people think that domain mode has to be used when they want clustering which is not true, the main reason domain mode was created to control all the servers which can be in cluster/non-cluster from one point which was not available in the earlier versions of JBoss.
So in this article we would be showing you how can we start JBoss servers in a domain mode in two different boxes which are not in cluster. Once you are able to do it with box-2 you can add other host controller on on different boxes as shown in the below image.
Step 1: Add a name to your host controller in the “host” tag:
<host name="host1" xmlns="urn:jboss:domain:1.2">
Step 2: Make sure you replace the “<local/>” tag from the “domain-controller” element in the “host.xml” file, when you are creating a host controller:
<domain-controller>
<remote host="${jboss.domain.master.address:<IP_ADDRESS-DOMAIN_CONTROLLER>}" port="${jboss.domain.master.port:<NATIVE_PORT-
DOMAIN_CONTROLLER>}" security-realm="ManagementRealm"/>
</domain-controller>
Step 3: Create a “Management User” in the Domain controller, using the same host name (i.e. “host1″)
Step 4: Now convert that password (i.e password given for the host name in step-3 “host1″) into Base64 encoded password which has to be given in the host controller.
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
<secret value="aG9zdDFwYXNzd29yZA=="/>
</server-identities>
On Box-1 we would setup the domain controller, which would be using the “domain.xml” file and the “host.xml” file which defines that on this box we have the domain controller.
Step 1: From “/jboss-as-7.1.1.Final/bin” start the domain controller using the below command
./domain.sh -b 10.252.168.173 -bmanagement 10.252.168.173
Step 2: Now you would have to create users for “Management User”, using the same host names which you are planning to control (i.e. suppose its “host1″)
./add-user.sh
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : host1
Password : host1password
Re-enter Password : host1password
About to add user 'host1' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'host1' to file '/user/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties'
Added user 'host1' to file '/user/jboss-as-7.1.1.Final/domain/configuration/mgmt-users.properties'
Note: You should NOT use any special characters when you are giving a host name, because during creating a “Managment User” you would get the following error
* Error *
JBAS015239: Only alpha/numeric usernames accepted.
That’s it from domain controller side
import org.apache.commons.codec.binary.Base64;
public class Base64EncryptPassword {
public static void main(String ar[]) throws Exception {
byte[] encodedByte = org.apache.commons.codec.binary.Base64.encodeBase64(ar[0].getBytes());
String encodedBase64String = new String(encodedByte);
System.out.println("\n=========================================================");
System.out.println("Your Clear Text Password is : "+ar[0]);
System.out.println("Base64 Encrypted Password is : "+encodedBase64String);
System.out.println("=========================================================\n");
}
}
Base64Password.sh
#!/bin/sh
export JAVA_HOME=/user/jdk1.6.0_21 #<= change this path
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=commons-codec.jar:.
java Base64EncryptPassword $1
Note: Make sure that you keep all the files commons-codec.jar , Base64EncryptPassword.class and Base64Password.sh in the same folder when you run below command.
/Base64EncryptPassword]$ ./Base64Password.sh host1password
=========================================================
Your Clear Text Password is : host1password
Base64 Encrypted Password is : aG9zdDFwYXNzd29yZA==
=========================================================
On Box-2 we would setup the host controller, which would NOT be using its “domain.xml” file, but will use the “host.xml” which has the domain controllers details running on Box-1, this way domain controller would be able to controller its hosts.
Step 1: First we would need to give a name for the host controller in the “host” tag
<host name="host1" xmlns="urn:jboss:domain:1.2">
Step 2: As we need to communicate with the Domain controller we would have to make sure we replace the “<local/>” tag from the “domain-controller” element in the “host.xml” file, when you are creating a host controller.
<domain-controller>
<remote host="${jboss.domain.master.address:10.252.168.173}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/>
</domain-controller>
Note: You should make sure that you have added and give the correct value for “security-realm” or else you would get the following error during starting the host controller.
[Host Controller] 23:09:43,584 ERROR [org.jboss.remoting.remote.connection] (Remoting "host1:MANAGEMENT" read-1) JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
[Host Controller] 23:09:43,593 ERROR [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010901: Could not connect to master. Aborting. Error was: java.lang.IllegalStateException: JBAS010942: Unable to connect due to authentication failure.
Step 3: Now the password which was given during creating the “Management User” in domain controller (i.e password given for the host name in step-2 “host1password“) has to be converted into Base64 encoded password which has to be given in the host controller. By doing this domain controller would be able to know that an authorized host is trying to connect.
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
<secret value="aG9zdDFwYXNzd29yZA=="/>
</server-identities>
Step 4: All the required configuration has been done, now its time to start your host controller using the below command
./domain.sh -b 10.252.168.174 -bmanagement 10.252.168.174 -Djboss.domain.master.address=10.252.168.173 -Djboss.domain.master.port=9999
Once everything comes up you can see the below logging inside the domain controller console, which means that our configuration works properly as well you can also login into admin console which would be running on “http://10.252.168.173:9090/console” and you would see “host1″ servers in it.
[Host Controller] 22:19:17,250 INFO [org.jboss.as.domain] (domain-mgmt-handler-thread - 1) JBAS010918: Registered remote slave host "host1", JBoss AS
Most people think that domain mode has to be used when they want clustering which is not true, the main reason domain mode was created to control all the servers which can be in cluster/non-cluster from one point which was not available in the earlier versions of JBoss.
So in this article we would be showing you how can we start JBoss servers in a domain mode in two different boxes which are not in cluster. Once you are able to do it with box-2 you can add other host controller on on different boxes as shown in the below image.
Things to Remember
We need to keep in mind the following 4 things for successfully start JBoss AS 7 in domain mode.Step 1: Add a name to your host controller in the “host” tag:
<host name="host1" xmlns="urn:jboss:domain:1.2">
Step 2: Make sure you replace the “<local/>” tag from the “domain-controller” element in the “host.xml” file, when you are creating a host controller:
<domain-controller>
<remote host="${jboss.domain.master.address:<IP_ADDRESS-DOMAIN_CONTROLLER>}" port="${jboss.domain.master.port:<NATIVE_PORT-
DOMAIN_CONTROLLER>}" security-realm="ManagementRealm"/>
</domain-controller>
Step 3: Create a “Management User” in the Domain controller, using the same host name (i.e. “host1″)
Step 4: Now convert that password (i.e password given for the host name in step-3 “host1″) into Base64 encoded password which has to be given in the host controller.
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
<secret value="aG9zdDFwYXNzd29yZA=="/>
</server-identities>
Box-1 (Domain Controller – 10.252.168.173)
bhmed-dt-1q.zone7.downingtown.pa.ula.comcast.net [10.252.168.173] - bhmed-dt-1q.cable.comcast.comOn Box-1 we would setup the domain controller, which would be using the “domain.xml” file and the “host.xml” file which defines that on this box we have the domain controller.
Step 1: From “/jboss-as-7.1.1.Final/bin” start the domain controller using the below command
./domain.sh -b 10.252.168.173 -bmanagement 10.252.168.173
Step 2: Now you would have to create users for “Management User”, using the same host names which you are planning to control (i.e. suppose its “host1″)
./add-user.sh
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : host1
Password : host1password
Re-enter Password : host1password
About to add user 'host1' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'host1' to file '/user/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties'
Added user 'host1' to file '/user/jboss-as-7.1.1.Final/domain/configuration/mgmt-users.properties'
Note: You should NOT use any special characters when you are giving a host name, because during creating a “Managment User” you would get the following error
* Error *
JBAS015239: Only alpha/numeric usernames accepted.
That’s it from domain controller side
Base64 Encrypt Password Generator
There are lot of websites available which would help you generate base64 value from clear text, however you can also use one of our code which we have created, which would do the same for you. We are using commons-codec.jar for this and below Base64EncryptPassword.java and Base64Password.sh filesimport org.apache.commons.codec.binary.Base64;
public class Base64EncryptPassword {
public static void main(String ar[]) throws Exception {
byte[] encodedByte = org.apache.commons.codec.binary.Base64.encodeBase64(ar[0].getBytes());
String encodedBase64String = new String(encodedByte);
System.out.println("\n=========================================================");
System.out.println("Your Clear Text Password is : "+ar[0]);
System.out.println("Base64 Encrypted Password is : "+encodedBase64String);
System.out.println("=========================================================\n");
}
}
Base64Password.sh
#!/bin/sh
export JAVA_HOME=/user/jdk1.6.0_21 #<= change this path
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=commons-codec.jar:.
java Base64EncryptPassword $1
Note: Make sure that you keep all the files commons-codec.jar , Base64EncryptPassword.class and Base64Password.sh in the same folder when you run below command.
/Base64EncryptPassword]$ ./Base64Password.sh host1password
=========================================================
Your Clear Text Password is : host1password
Base64 Encrypted Password is : aG9zdDFwYXNzd29yZA==
=========================================================
Box-2 (Host Controller – 10.252.168.174)
bhmed-dt-2q.zone7.downingtown.pa.ula.comcast.net [10.252.168.174] - bhmed-dt-2q.cable.comcast.comOn Box-2 we would setup the host controller, which would NOT be using its “domain.xml” file, but will use the “host.xml” which has the domain controllers details running on Box-1, this way domain controller would be able to controller its hosts.
Step 1: First we would need to give a name for the host controller in the “host” tag
<host name="host1" xmlns="urn:jboss:domain:1.2">
Step 2: As we need to communicate with the Domain controller we would have to make sure we replace the “<local/>” tag from the “domain-controller” element in the “host.xml” file, when you are creating a host controller.
<domain-controller>
<remote host="${jboss.domain.master.address:10.252.168.173}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/>
</domain-controller>
Note: You should make sure that you have added and give the correct value for “security-realm” or else you would get the following error during starting the host controller.
[Host Controller] 23:09:43,584 ERROR [org.jboss.remoting.remote.connection] (Remoting "host1:MANAGEMENT" read-1) JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
[Host Controller] 23:09:43,593 ERROR [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010901: Could not connect to master. Aborting. Error was: java.lang.IllegalStateException: JBAS010942: Unable to connect due to authentication failure.
Step 3: Now the password which was given during creating the “Management User” in domain controller (i.e password given for the host name in step-2 “host1password“) has to be converted into Base64 encoded password which has to be given in the host controller. By doing this domain controller would be able to know that an authorized host is trying to connect.
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
<secret value="aG9zdDFwYXNzd29yZA=="/>
</server-identities>
Step 4: All the required configuration has been done, now its time to start your host controller using the below command
./domain.sh -b 10.252.168.174 -bmanagement 10.252.168.174 -Djboss.domain.master.address=10.252.168.173 -Djboss.domain.master.port=9999
Once everything comes up you can see the below logging inside the domain controller console, which means that our configuration works properly as well you can also login into admin console which would be running on “http://10.252.168.173:9090/console” and you would see “host1″ servers in it.
[Host Controller] 22:19:17,250 INFO [org.jboss.as.domain] (domain-mgmt-handler-thread - 1) JBAS010918: Registered remote slave host "host1", JBoss AS
No comments:
Post a Comment