Domain Controller & Host Controller in the same host.xml
steljboss Nov 6, 2012 5:41 AMI would like to run a domain controller which manages 4 server instances and I have 2 vms (eg. 192.168.0.2, 192.168.0.3)
VM1: (192.168.0.2)
DC
SEL-1
SEL-2
VM2: (192.168.0.3)
SEL-3
SEL-4
I have created 2 users in the ManagementRealm in the Domain Controller
- selmain
- selremote
and I have configured the host.xml
VM1: (192.168.0.2)
<host name="selmain" xmlns="urn:jboss:domain:1.3"> <management> <security-realms> <security-realm name="ManagementRealm"> <server-identities> <!--secret value="U0VMSG9zdENvbnRyb2xsZXJBZG1pblBhc3N3ZCExMg=="/--> <secret value="c2VsZmNhcmU="/> </server-identities> <authentication> <local default-user="$local" /> <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/> </authentication> </security-realm> <security-realm name="ApplicationRealm"> <authentication> <local default-user="$local" allowed-users="*" /> <properties path="application-users.properties" relative-to="jboss.domain.config.dir" /> </authentication> <authorization> <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/> </authorization> </security-realm> </security-realms> <management-interfaces> <native-interface security-realm="ManagementRealm"> <socket interface="management" port="${jboss.management.native.port:9999}"/> </native-interface> <http-interface security-realm="ManagementRealm"> <socket interface="management" port="${jboss.management.http.port:9990}"/> </http-interface> </management-interfaces> </management> <domain-controller> <local/> <!-- Alternative remote domain controller configuration with a host and port --> <!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> --> </domain-controller> <interfaces> <interface name="management"> <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> </interface> <interface name="public"> <inet-address value="${jboss.bind.address:127.0.0.1}"/> </interface> <interface name="unsecure"> <!-- Used for IIOP sockets in the standard configuration. To secure JacORB you need to setup SSL --> <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/> </interface> </interfaces> <jvms> <jvm name="default"> <heap size="64m" max-size="256m"/> <permgen size="256m" max-size="256m"/> <jvm-options> <option value="-server"/> </jvm-options> </jvm> </jvms> <servers> <server name="sel-1" group="selfcare-group" auto-start="false"/> <server name="sel-2" group="selfcare-group" auto-start="false"> <socket-bindings port-offset="100"/> </server> </servers> </host>
VM2: (192.168.0.3)
<host name="SEL" xmlns="urn:jboss:domain:1.3"> <management> <security-realms> <security-realm name="ManagementRealm"> <server-identities> <!-- Replace this with either a base64 password of your own, or use a vault with a vault expression --> <secret value="c2VsZmNhcmU="/> </server-identities> <authentication> <local default-user="$local" /> <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/> </authentication> </security-realm> <security-realm name="ApplicationRealm"> <authentication> <local default-user="$local" allowed-users="*" /> <properties path="application-users.properties" relative-to="jboss.domain.config.dir" /> </authentication> <authorization> <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/> </authorization> </security-realm> </security-realms> <management-interfaces> <native-interface security-realm="ManagementRealm"> <socket interface="management" port="${jboss.management.native.port:9999}"/> </native-interface> </management-interfaces> </management> <domain-controller> <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" username="selremote" security-realm="ManagementRealm"/> </domain-controller> <interfaces> <interface name="management"> <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> </interface> <interface name="public"> <inet-address value="${jboss.bind.address:127.0.0.1}"/> </interface> <interface name="unsecure"> <!-- Used for IIOP sockets in the standard configuration. To secure JacORB you need to setup SSL --> <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/> </interface> </interfaces> <jvms> <jvm name="default"> <heap size="64m" max-size="256m"/> <permgen size="256m" max-size="256m"/> <jvm-options> <option value="-server"/> </jvm-options> </jvm> </jvms> <servers> <server name="sel-3" group="selfcare-group" auto-start="false" /> <server name="sel-4" group="selfcare-group" auto-start="false" > <socket-bindings port-offset="100"/> </server> </servers> </host>
This configuration works fine when I start the DC and HC as follows
domain.bat -Djboss.domain.master.address.management=192.168.0.2 -Djboss.bind.address.management=192.168.0.2 -Djboss.bind.address=192.168.0.2 domain.bat -Djboss.domain.master.address.management=192.168.0.2 -Djboss.bind.address.management=192.168.0.3 -Djboss.bind.address=192.168.0.3
Note that in the 2nd host.xml the name of the file is NOT the username of the DC user which will handle the HC
<host name="SEL" xmlns="urn:jboss:domain:1.3">
but
<domain-controller> <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" username="selremote" security-realm="ManagementRealm"/> </domain-controller>
I set the username
However, on the DC side I can ONLY see one way of setting the username to be used for the LOCAL HC and that is in the name of the hose
<host name="selmain" xmlns="urn:jboss:domain:1.3">
Note here I have left the default
<domain-controller> <local/> <!-- Alternative remote domain controller configuration with a host and port --> <!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> --> </domain-controller>
What is the way to set a different host name in the DC side? And how to configure the management user name in that case?