JBoss AS7 Clustering Using mod_cluster and http 2.4 (Part 2)

This is the second in a multi-part blog series explaining how to set up a JBoss Cluster using httpd 2.4, JBoss mod_cluster, and JBoss AS 7.  This article details how to set up JBoss AS7 Domain mode, and how to connect it to mod_cluster with Apache httpd 2.4.3.

We are using the tagged release JBoss 7.1.3.Final, which does not have a binary release available.  (The latest binary release of JBoss available for download is JBoss 7.1.1.Final; however, there is an issue with that release in generating unique names for each server instance, which causes problems with mod_cluster.) 

To build your own release of JBoss, obtain the source code for the tag via this link to the tar.gz of the source:  https://github.com/jbossas/jboss-as/archive/7.1.3.Final.tar.gz.  When decompressed, the file will create a jboss-as-7.1.3.Final folder.  Accessing that folder, run:  ./build.sh.  Then, watch the magic.  The build.sh script requires that maven is installed and set up.  When completed, the new build of JBoss should be located at jboss-as-7.1.3/build/target/ jboss-as-7.1.3.Final.tar.gz. 

Since we are setting up JBoss in domain mode, we need two servers:  master (10.0.1.50) and slave (10.0.1.51).  First, set up the master, which will be the domain master server. Configuring the domain controller is straightforward.  In the domain/configuration folder, edit the host.xml file:

<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:10.0.1.50}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:10.0.1.50}"/>
</interface>
<interface name="unsecure">
<!-- Used for IIOP sockets in the standard configuration.
To secure JacORB, set up SSL -->
<inet-address value="${jboss.bind.address.unsecure:10.0.1.50}"/>
</interface>
</interfaces>

 

Next, on the master host, create an admin user and a username/password combo for the slave host to connect to the domain controller. In the JBoss bin folder is a script called add-user.sh.  Running this script will generate a few questions; for most of the questions, the defaults are fine.  Following is a sample interaction with the script.  The password used for both is test123.

$ ./add-user.sh
What type of user do you wish to add? 
 a) Management User (mgmt-users.properties)
 b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : admin
Password :
Re-enter Password :
The username 'admin' is easy to guess
Are you sure you want to add user 'admin' yes/no? yes
About to add user 'admin' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'admin' to file '/opt/jboss-as-7.1.3.Final/standalone/configuration/mgmt-users.properties'
Added user 'admin' to file '/opt/jboss-as-7.1.3.Final/domain/configuration/mgmt-users.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? no
$ ./add-user.sh
What type of user do you wish to add? 
 a) Management User (mgmt-users.properties)
 b) Application User (application-users.properties)
(a):
Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : slave
Password :
Re-enter Password :
About to add user 'slave' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'slave' to file '/opt/jboss-as-7.1.3.Final/standalone/configuration/mgmt-users.properties'
Added user 'slave' to file '/opt/jboss-as-7.1.3.Final/domain/configuration/mgmt-users.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? yes
To represent the user add the following to the server-identities definition <secret value="dGVzdDEyMw==" />

Pay close attention to that last line of output; it is needed to configure the slave host to connect to the master host.

Now, make a few more changes on the slave host.  In the domain/configuration folder, edit the host.xml file again:

 

<host name="slave" xmlns="urn:jboss:domain:1.1">
    <management>
        <security-realms>
            <security-realm name="ManagementRealm">
                <server-identities>
                     <!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
                     <secret value="c2xhdmVfdXNlcl9wYXNzd29yZA=="http://www.openlogic.com/>
                </server-identities>
                <authentication>
                    <local default-user="$local" />
                    <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                </authentication>
            </security-realm>
            <security-realm name="ApplicationRealm">
                <authentication>
                    <local default-user="$local" allowed-users="*" />
                    <properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
                </authentication>
                <authorization>
                    <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/>
                </authorization>
            </security-realm>
        </security-realms>
        <management-interfaces>
            <native-interface security-realm="ManagementRealm">
                <socket interface="management" port="${jboss.management.native.port:9999}"/>
            </native-interface>
        </management-interfaces>
    </management>
 
 <domain-controller>
       <!--<local/>-->
       <!-- Alternative remote domain controller configuration with a host and port -->
       <remote host="${jboss.domain.master.address:10.0.1.50}" port="${jboss.domain.master.port:9999}"/>
  </domain-controller>
<interfaces>
        <interface name="management">
            <inet-address value="${jboss.bind.address.management:10.0.1.51}"/>
        </interface>
        <interface name="public">
           <inet-address value="${jboss.bind.address:10.0.1.51}"/>
        </interface>
        <interface name="unsecure">
            <!-- Used for IIOP sockets in the standard configuration.
                 To secure JacORB, set up SSL -->
            <inet-address value="${jboss.bind.address.unsecure:10.0.1.51}"/>
        </interface>
</interfaces>

 

Before starting the master and slave JBoss instances, either disable iptables and selinux or configure them to allow certain traffic. If configuring to allow certain traffic, use the following:

sudo iptables -I INPUT 1 -p udp -d 224.0.1.0/24 -j ACCEPT -m comment --comment "mod_cluster multicast udp traffic"
sudo iptables -I INPUT 2 -p udp -d 224.0.0.0/4 -j ACCEPT -m comment --comment "clustered JBoss multicast udp traffic"
sudo iptables -I INPUT 3 -p udp -s 10.0.1.0/24 -j ACCEPT -m comment --comment "node to node udp traffic"
sudo iptables -I INPUT 4 -p tcp -s 10.0.1.0/24 -j ACCEPT -m comment --comment "node to node tcp traffic"
sudo /etc/init.d/iptables save

Now, starting JBoss first on the master host, then on the slave host, the following (abridged) should appear in the logs: 

Master host-controller.log

07:24:55,287 INFO  [org.jboss.as.remoting] (MSC service thread 1-1) JBAS017100: Listening on 10.0.1.50:9999
07:24:56,457 INFO  [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010922: Starting server server-two
07:24:56,500 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015961: Http management interface listening on http://10.0.1.50:9990/management
07:24:56,501 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015951: Admin console listening on http:// 10.0.1.50:9990
07:24:56,501 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015874: JBoss AS 7.1.3.Final "Arges" (Host Controller) started in 2267ms - Started 11 of 11 services (0 services are passive or on-demand)
07:24:59,415 INFO  [org.jboss.as.domain.controller.mgmt] (proxy-threads - 1) JBAS010920: Server [Server:server-two] registered using connection [Channel ID 085327fc (inbound) of Remoting connection 08def7d1 to /10.0.1.50:44132]
07:25:06,646 INFO  [org.jboss.as.host.controller] (proxy-threads - 1) JBAS010919: Registering server server-two
08:02:12,187 INFO  [org.jboss.as.domain] (slave-request-threads - 1) JBAS010918: Registered remote slave host "slave", JBoss AS 7.1.3.Final "Arges"

You should now be able to:

Following is a partial sample screenshot of the mod_cluster-manager.

mod cluster resized 600

Posted: 1/9/2013 12:00:00 PM by Global Administrator | with 0 comments


Trackback URL: http://www.openlogic.com/trackback/38fab02e-c3fb-4c50-aa5b-ce8f852882c5/JBoss-AS7-Clustering-Using-mod-cluster-and-http-2-4-Part-2.aspx?culture=en-US

Comments
Blog post currently doesn't have any comments.
 Security code