Red Hat JBoss Enterprise Application Platform Administration I
Assign the domain controller and start the managed domain.
Configure secondary host controllers to an existing managed domain.
The settings and configuration of a managed domain are split into two files:
-
host.xml The configuration file for a host controller. This file defines how to find the domain controller, or the domain controller itself.
There are other settings in this file, for example server configurations, but they are presented later in this book. The settings in this file relate to the host hardware and operating system specifics.
-
domain.xml The configuration file of the domain controller. This file defines the available profiles and other settings that are not directly influenced by the host machine, such as server groups or socket bindings.
This chapter and the next focus primarily on the host.xml configuration file.
The domain.xml configuration file is covered in later chapters.
A host controller instance is named after its machine host name, but this can be overridden by using the name attribute in the <host> top-level element, at the beginning of the host.xml configuration file.
For example:
<?xml version="1.0" ?> <host xmlns="urn:jboss:domain:16.0" name="myprimarycontroller"> ...
To denote that a host controller is a domain controller, that is, the primary host controller, add the following configuration to the host.xml configuration file between the <management> and <interfaces> elements:
<?xml version="1.0" ?>
<host xmlns="urn:jboss:domain:16.0" name="myprimarycontroller">
...
</management>
<domain-controller> 
<local/> 
</domain-controller>
<interfaces>
...
</host>
| The |
| If a host controller is supposed to be the primary, or domain controller for the managed domain, use the |
The HTTP management interface references the management network interface, and it is declared in the host.xml configuration file.
For example:
...
</domain-controller>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
</interfaces>
<jvm>
...Notice that host.xml also defines the public network interface.
This interface is used by regular user access to applications.
Domain controllers are NOT required to define this interface, unless they have server instances of their own.
Note
Do not confuse management-interfaces with network interfaces.
The first refers to remote administrative access.
The second refers to segregating different kinds of network traffic to different IP address so they can be subjected to distinct firewall rules.
Those configuration elements have the same meaning in managed domain and in standalone server operating modes.
The management interface also references the ManagementRealm security realm.
Security in managed domains are presented later in this book.
When a host controller is not the primary controller, the host.xml file must define the options to discover the primary controller.
For example:
...
<domain-controller>
<remote security-realm="ManagementRealm">
<discovery-options>
<static-discovery name="primary" 
protocol="${jboss.domain.master.protocol:remote+http}"
host="${jboss.domain.master.address}"
port="${jboss.domain.master.port:9990}"/>
</discovery-options>
</remote>
</domain-controller>
...
| The |
| JBoss EAP supports multiple domain controller discovery mechanisms, configured as children of the |
| The |
In this course only the <static-discovery> mechanism is used. For information about other mechanisms, consult the JBoss EAP product documentation.
In the configuration above, you must define the jboss.domain.master.address system property when starting the host controller.
This is demonstrated later in this section.
An alternative is to modify the host.xml configuration file to assign it to the machine name or IP address that the domain controller is running on.
For example:
<domain-controller>
<remote security-realm="ManagementRealm">
<discovery-options>
<static-discovery name="primary"
protocol="${jboss.domain.master.protocol:remote+http}"
host="${jboss.domain.master.address:172.25.14.9}"
port="${jboss.domain.master.port:9990}"/>
</discovery-options>
</remote>
</domain-controller>
| Adding a default value for the |
The previous example illustrates a common practice with JBoss EAP configuration files: to provide attribute values as default values for system properties. The system property allows overriding the attribute by defining the value on the command line.
The following figure shows an example of a managed domain consisting of three hosts, and shows the critical parts of each host.xml host controller configuration file:
In the previous figure, the server1 machine runs the domain, or primary, controller.
The IP address assigned to all domain controller network interfaces is 192.168.0.14 and the management interface is using the 9990 default port.
The server2 and server3 machines run secondary host controllers configured to connect to the domain controller running in the server1 machine.
To start a JBoss EAP host controller, use the domain script specific to your platform.
The script is found in the /bin directory of your JBoss EAP installation.
On Linux and UNIX, the command is:
[user@host ~]$ $JBOSS_HOME/bin/domain.shWhen starting JBoss EAP in managed domain mode, JBoss EAP needs to determine if the instance being started is the domain controller or not. Here is the sequence of events that occurs when the domain start-up script runs:
The process controller is started in a single JVM process.
The process controller starts a host controller in another JVM process.
The
domain/configuration/host.xmlhost configuration file is processed first, and the<domain-controller>element is checked to determine if this host controller is to act as the domain controller or not.If this particular host controller is configured as a domain controller, then the settings from the
domain/configuration/domain.xmldomain configuration file are combined with the settings inhost.xml. A domain controller must expose an addressable management interface binding for the other host controllers to communicate with it.If this particular host controller is not the domain controller, then it must attempt to connect to the domain controller based on the settings in the
<domain-controller>element in thehost.xmlfile.If the
host.xmlconfiguration file has any servers defined, then the host controller starts up its servers, each in their own JVM process.
JBoss EAP management interfaces are secure by default because they only allow accesses from the local machine.
To allow remote access to a JBoss EAP domain controller for administrative actions, and also for secondary host controllers to join the domain, the management interface has to be assigned to a different IP address.
Following the example from the previous figure, a domain controller cat start to listen for secondary connections on a private IP address by defining the jboss.bind.address.management system property.
For example:
$ ./domain.sh -Djboss.bind.address.management=192.168.0.14The previous example shows a domain controller whose management network interface is assigned to the 192.168.0.14 IP address.
Continuing with the same example, a slave host controller is started to connect to the master in that address, by defining the jboss.domain.master.address system property, and also to listen for management commands in another private IP address, by defining the jboss.bind.address.management system property.
The following example is used to start the host controller in the server2
machine:
$./domain.sh -Djboss.bind.address.management=192.168.0.15 \-Djboss.domain.master.address=192.168.0.14
In the previous example a secondary host controller starts and tries to connect to a domain controller running on 192.168.0.14 on the 9990 default port.
Note that the primary IP address was specified in the command line using a system property.
The primary controller management interface TCP port is the default value provided by the host.xml configuration file.
The previous example also shows that the secondary controller accepts management requests from the primary controller on the 192.168.0.15 IP address, specified on the command line.
The secondary management interface TCP port is also the default value provided by the host.xml configuration file.
You can use the following complete example to start the host controller in the server3 machine:
$./domain.sh -Djboss.bind.address.management=192.168.0.16 \-Djboss.domain.master.address=192.168.0.14
Most JBoss EAP installations need custom configuration files and want to keep the default configuration files unchanged for future reference. This can be done using a few startup host script command-line options:
-
--domain-config Provides an alternative name for the
domain.xmlfile.-
--host-config Provides an alternative name for the
host.xmlfile.
For example:
$ ./domain.sh --domain-config=mydomain.xml --host-config=myhost.xmlThe files specified by --host-config and --domain-config are supposed to exist in the default location which is the JBOSS_HOME/domain/configuration directory.
You can change this path by assigning a new value to the jboss.domain.config.dir system property.
Creating a custom configuration directory for a JBoss EAP host controller normally requires creating custom directories for subsystem data files, logs and other working files.
You can use the jboss.domain.base.dir system property to provide an alternative location for the JBOSS_HOME/domain/ directory.
The JBOSS_HOME/domain/ directory must contain the configuration, data, and log directories as children.
For example, to start a JBoss EAP host controller using domain configuration files from /usr/local/eap/configuration, use the following command:
$ ./domain.sh -Djboss.domain.base.dir=/usr/local/eap/configurationYou can combine the use of system properties and file name options in a single command:
$./domain.sh -Djboss.domain.base.dir=/usr/local/eap/configuration \--domain-config=mydomain.xml --host-config=myhost.xml
Red Hat recommends to copy the /domain directory from the default installation of JBoss EAP before starting JBoss EAP in a managed domain.
This approach separates a specific host controller instance configurations, deployments, log files and temporary directories from the default installation path.
This practice provides the following key benefits:
Multiple instances of JBoss EAP in a managed domain, that is multiple host controllers and their associated server instances, can run on the same machine using the same installation files.
It is possible to upgrade JBoss EAP without affecting or overwriting already custom configurations.
The default host.xml file configures the host controller as a primary controller.
It also configures sample server groups and server instances to perform quick tests.
To start additional secondary host controllers in the domain, the default host.xml configuration file has to be changed to replace the <local/> element with a <remote> element as shown before.
For convenience, the JBoss EAP installation also includes two additional sample host controller configuration files:
-
host-master.xml Configures a minimal domain controller with no server instances. The
host-master.xmlfile defines only themanagementnetwork interface. Thus, it can NOT be used as-is when the primary host controller also contains server instances. Red Hat recommends to configure the primary host controller without server instances.-
host-slave.xml Configures a secondary host controller with the same sample server groups and server instances as the default
host.xmlconfiguration file. This configuration file uses thejboss.domain.master.addressandjboss.domain.master.portsystem properties to provide the master IP address and TCP port.
A JBoss EAP managed domain is a dynamic entity, created by the existence of one or more host controllers running the same domain configuration. Usually, the primary host controller, the domain controller, is started first, and then secondary host controllers are started. Additional host controllers can join the managed domain at any time.
If the domain controller is not available for any reason, host controllers cannot join the managed domain, but existing ones continue to run. Running applications are not affected by domain controller failures; only the administration tasks are affected.
Every host controller can contain a list of host controllers that can act as domain controller. For example:
<domain-controller>
<remote security-realm="ManagementRealm">
<discovery-options>
<static-discovery name="primary"
protocol="${jboss.domain.master.protocol:remote+http}"
host="198.162.0.14"
/>
<static-discovery name="backup1"
protocol="${jboss.domain.master.protocol:remote+http}"
host="198.162.0.15"
/>
<static-discovery name="backup2"
protocol="${jboss.domain.master.protocol:remote+http}"
host="198.162.0.16"
/>
</discovery-options>
</remote>
</domain-controller>A host controller can keep a cache of the managed domain configuration file so that the host can start if the primary controller is unavailable.
You can start the secondary controller by using the --backup option.
This option creates a local copy of the domain configuration file.
For example:
$ ./domain.sh --backup -Djboss.domain.master.address=192.168.0.14If the secondary controller is unable to contact the primary domain controller to get its configuration when it boots, then --cached-dc option informs the secondary controller to use the configuration local copy that was previously created by using the --backup option.
For example:
$ ./domain.sh --cached-dc -Djboss.domain.master.address=192.168.0.14The --backup and --cached-dc can NOT be used at the same time, so its use as a fail-over mechanism requires manual intervention from the system administrator.
Also notice that the --cached-dc option does not make the secondary host controller act as the domain controller: the cached configuration is considered read-only.
When a primary controller becomes unavailable you must promote a secondary controller to act as primary controller.
Refer to the references section in this lecture for more information about how to promote a secondary controller.
The JBoss EAP management console is different compared to when running from a standalone server instance. Additional tabs and navigation steps are required to configure the extra elements provided by the managed domain: named profiles, hosts, server groups, and server instances.
The basic navigation is the same, and specific subsystem configuration is also the same. The most visible changes are:
tab: deployments are organized into server groups, instead of having all applications running in the single server instance.
tab: a profile must be selected before configuring a subsystem.
tab: Adds operation to view and configure hosts, server groups, and server instances.
The following figure shows the view in the tab as it appears after starting the JBoss EAP as managed domain using the default configuration files:
Similar changes also happen in the management CLI as there are objects representing the additional managed domain configuration elements.
References
For more information about server runtime arguments in domain mode, refer to the Server Runtime Arguments section in the Configuration Guide in the Red Hat JBoss EAP documentation at https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/configuration_guide/index#reference_of_switches_and_arguments_to_pass_at_server_runtime
For more information about domain controller failover, refer to the Domain Controller Discovery and Failover section in the Configuration Guide, in the Red Hat JBoss EAP documentation at https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html/configuration_guide/domain_management#domain_controller_discovery_failover
For more information about the JBoss EAP management console in domain mode, refer to the Navigating Domain Configurations section in the Configuration Guide, in the Red Hat JBoss EAP documentation at https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/configuration_guide/index#navigating_domain_configs
