Open Source Subnet An independent Open Source community View more

JBoss AS7 Clustering Using mod_cluster and http 2.4 (Part 2)

This is the second in a multi-part blog series explaining how to set up a JBoss Cluster using httpd 2.4, JBoss mod_cluster, and JBoss AS 7.  This article details how to set up JBoss AS7 Domain mode, and how to connect it to mod_cluster with Apache httpd 2.4.3.

We are using the tagged release JBoss 7.1.3.Final, which does not have a binary release available.  (The latest binary release of JBoss available for download is JBoss 7.1.1.Final; however, there is an issue with that release in generating unique names for each server instance, which causes problems with mod_cluster.) 

To build your own release of JBoss, obtain the source code for the tag via this link to the tar.gz of the source:  https://github.com/jbossas/jboss-as/archive/7.1.3.Final.tar.gz.  When decompressed, the file will create a jboss-as-7.1.3.Final folder.  Accessing that folder, run:  ./build.sh.  Then, watch the magic.  The build.sh script requires that maven is installed and set up.  When completed, the new build of JBoss should be located at jboss-as-7.1.3/build/target/ jboss-as-7.1.3.Final.tar.gz. 

Since we are setting up JBoss in domain mode, we need two servers:  master (10.0.1.50) and slave (10.0.1.51).  First, set up the master, which will be the domain master server. Configuring the domain controller is straightforward.  In the domain/configuration folder, edit the host.xml file:

<interfaces>

<interface name="management">

<inet-address value="${jboss.bind.address.management:10.0.1.50}"/>

</interface>

<interface name="public">

<inet-address value="${jboss.bind.address:10.0.1.50}"/>

</interface>

<interface name="unsecure">

<!-- Used for IIOP sockets in the standard configuration.

To secure JacORB, set up SSL -->

<inet-address value="${jboss.bind.address.unsecure:10.0.1.50}"/>

</interface>

</interfaces>

Next, on the master host, create an admin user and a username/password combo for the slave host to connect to the domain controller. In the JBoss bin folder is a script called add-user.sh.  Running this script will generate a few questions; for most of the questions, the defaults are fine.  Following is a sample interaction with the script.  The password used for both is test123.

$ ./add-user.sh
What type of user do you wish to add? <br> a) Management User (mgmt-users.properties) <br> b) Application User (application-users.properties)<br>(a): a
Enter the details of the new user to add.<br>Realm (ManagementRealm) : <br>Username : admin<br>Password : <br>Re-enter Password : <br>The username 'admin' is easy to guess<br>Are you sure you want to add user 'admin' yes/no? yes<br>About to add user 'admin' for realm 'ManagementRealm'<br>Is this correct yes/no? yes<br>Added user 'admin' to file '/opt/jboss-as-7.1.3.Final/standalone/configuration/mgmt-users.properties'<br>Added user 'admin' to file '/opt/jboss-as-7.1.3.Final/domain/configuration/mgmt-users.properties'<br>Is this new user going to be used for one AS process to connect to another AS process? <br>e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.<br>yes/no? no
$ ./add-user.sh
What type of user do you wish to add? <br> a) Management User (mgmt-users.properties) <br> b) Application User (application-users.properties)<br>(a):
Enter the details of the new user to add.<br>Realm (ManagementRealm) : <br>Username : slave<br>Password : <br>Re-enter Password : <br>About to add user 'slave' for realm 'ManagementRealm'<br>Is this correct yes/no? yes<br>Added user 'slave' to file '/opt/jboss-as-7.1.3.Final/standalone/configuration/mgmt-users.properties'<br>Added user 'slave' to file '/opt/jboss-as-7.1.3.Final/domain/configuration/mgmt-users.properties'<br>Is this new user going to be used for one AS process to connect to another AS process? <br>e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.<br>yes/no? yes<br>To represent the user add the following to the server-identities definition <secret value="dGVzdDEyMw==" />

Pay close attention to that last line of output; it is needed to configure the slave host to connect to the master host.

Now, make a few more changes on the slave host.  In the domain/configuration folder, edit the host.xml file again:

<host name="slave" xmlns="urn:jboss:domain:1.1"><br>    <management><br>        <security-realms><br>            <security-realm name="ManagementRealm"><br>                <server-identities><br>                     <!-- Replace this with either a base64 password of your own, or use a vault with a vault expression --><br>                     <secret value="c2xhdmVfdXNlcl9wYXNzd29yZA=="http://www.openlogic.com/><br>                </server-identities><br>                <authentication><br>                    <local default-user="$local" /><br>                    <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/><br>                </authentication><br>            </security-realm><br>            <security-realm name="ApplicationRealm"><br>                <authentication><br>                    <local default-user="$local" allowed-users="*" /><br>                    <properties path="application-users.properties" relative-to="jboss.domain.config.dir" /><br>                </authentication><br>                <authorization><br>                    <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/><br>                </authorization><br>            </security-realm><br>        </security-realms><br>        <management-interfaces><br>            <native-interface security-realm="ManagementRealm"><br>                <socket interface="management" port="${jboss.management.native.port:9999}"/><br>            </native-interface><br>        </management-interfaces><br>    </management>
 <domain-controller><br>       <!--<local/>--><br>       <!-- Alternative remote domain controller configuration with a host and port --><br>       <remote host="${jboss.domain.master.address:10.0.1.50}" port="${jboss.domain.master.port:9999}"/><br>  </domain-controller>
<interfaces><br>        <interface name="management"><br>            <inet-address value="${jboss.bind.address.management:10.0.1.51}"/><br>        </interface><br>        <interface name="public"><br>           <inet-address value="${jboss.bind.address:10.0.1.51}"/><br>        </interface><br>        <interface name="unsecure"><br>            <!-- Used for IIOP sockets in the standard configuration.<br>                 To secure JacORB, set up SSL --><br>            <inet-address value="${jboss.bind.address.unsecure:10.0.1.51}"/><br>        </interface><br></interfaces>

Before starting the master and slave JBoss instances, either disable iptables and selinux or configure them to allow certain traffic. If configuring to allow certain traffic, use the following:

sudo iptables -I INPUT 1 -p udp -d 224.0.1.0/24 -j ACCEPT -m comment --comment "mod_cluster multicast udp traffic"<br>sudo iptables -I INPUT 2 -p udp -d 224.0.0.0/4 -j ACCEPT -m comment --comment "clustered JBoss multicast udp traffic"<br>sudo iptables -I INPUT 3 -p udp -s 10.0.1.0/24 -j ACCEPT -m comment --comment "node to node udp traffic"<br>sudo iptables -I INPUT 4 -p tcp -s 10.0.1.0/24 -j ACCEPT -m comment --comment "node to node tcp traffic"<br>sudo /etc/init.d/iptables save

Now, starting JBoss first on the master host, then on the slave host, the following (abridged) should appear in the logs: 

Master host-controller.log

07:24:55,287 INFO  [org.jboss.as.remoting] (MSC service thread 1-1) JBAS017100: Listening on 10.0.1.50:9999<br>07:24:56,457 INFO  [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010922: Starting server server-two<br>07:24:56,500 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015961: Http management interface listening on http://10.0.1.50:9990/management<br>07:24:56,501 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015951: Admin console listening on http:// 10.0.1.50:9990<br>07:24:56,501 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015874: JBoss AS 7.1.3.Final "Arges" (Host Controller) started in 2267ms - Started 11 of 11 services (0 services are passive or on-demand)<br>07:24:59,415 INFO  [org.jboss.as.domain.controller.mgmt] (proxy-threads - 1) JBAS010920: Server [Server:server-two] registered using connection [Channel ID 085327fc (inbound) of Remoting connection 08def7d1 to /10.0.1.50:44132]<br>07:25:06,646 INFO  [org.jboss.as.host.controller] (proxy-threads - 1) JBAS010919: Registering server server-two<br>08:02:12,187 INFO  [org.jboss.as.domain] (slave-request-threads - 1) JBAS010918: Registered remote slave host "slave", JBoss AS 7.1.3.Final "Arges"

You should now be able to:

Following is a partial sample screenshot of the mod_cluster-manager.

mod cluster resized 600
To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.