Domain Controller & Host Controller in the same host.xml
I would like to run a domain controller which manages 4 server instances and I have 2 vms (eg. 192.168.0.2, 192.168.0.3)
VM1: (192.168.0.2)
DC
SEL-1
SEL-2
VM2: (192.168.0.3)
SEL-3
SEL-4
I have created 2 users in the ManagementRealm in the Domain Controller
- selmain
- selremote
and I have configured the host.xml
VM1: (192.168.0.2)
<host name="selmain" xmlns="urn:jboss:domain:1.3">
<management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<!--secret value="U0VMSG9zdENvbnRyb2xsZXJBZG1pblBhc3N3ZCExMg=="/-->
<secret value="c2VsZmNhcmU="/>
</server-identities>
<authentication>
<local default-user="$local" />
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*" />
<properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
</authentication>
<authorization>
<properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/>
</authorization>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:9999}"/>
</native-interface>
<http-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>
</management>
<domain-controller>
<local/>
<!-- Alternative remote domain controller configuration with a host and port -->
<!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
</domain-controller>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
<interface name="unsecure">
<!-- Used for IIOP sockets in the standard configuration.
To secure JacORB you need to setup SSL -->
<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
</interface>
</interfaces>
<jvms>
<jvm name="default">
<heap size="64m" max-size="256m"/>
<permgen size="256m" max-size="256m"/>
<jvm-options>
<option value="-server"/>
</jvm-options>
</jvm>
</jvms>
<servers>
<server name="sel-1" group="selfcare-group" auto-start="false"/>
<server name="sel-2" group="selfcare-group" auto-start="false">
<socket-bindings port-offset="100"/>
</server>
</servers>
</host>
VM2: (192.168.0.3)
<host name="SEL" xmlns="urn:jboss:domain:1.3">
<management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
<secret value="c2VsZmNhcmU="/>
</server-identities>
<authentication>
<local default-user="$local" />
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*" />
<properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
</authentication>
<authorization>
<properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/>
</authorization>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:9999}"/>
</native-interface>
</management-interfaces>
</management>
<domain-controller>
<remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" username="selremote" security-realm="ManagementRealm"/>
</domain-controller>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
<interface name="unsecure">
<!-- Used for IIOP sockets in the standard configuration.
To secure JacORB you need to setup SSL -->
<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
</interface>
</interfaces>
<jvms>
<jvm name="default">
<heap size="64m" max-size="256m"/>
<permgen size="256m" max-size="256m"/>
<jvm-options>
<option value="-server"/>
</jvm-options>
</jvm>
</jvms>
<servers>
<server name="sel-3" group="selfcare-group" auto-start="false" />
<server name="sel-4" group="selfcare-group" auto-start="false" >
<socket-bindings port-offset="100"/>
</server>
</servers>
</host>
This configuration works fine when I start the DC and HC as follows
domain.bat -Djboss.domain.master.address.management=192.168.0.2 -Djboss.bind.address.management=192.168.0.2 -Djboss.bind.address=192.168.0.2 domain.bat -Djboss.domain.master.address.management=192.168.0.2 -Djboss.bind.address.management=192.168.0.3 -Djboss.bind.address=192.168.0.3
Note that in the 2nd host.xml the name of the file is NOT the username of the DC user which will handle the HC
<host name="SEL" xmlns="urn:jboss:domain:1.3">
but
<domain-controller>
<remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" username="selremote" security-realm="ManagementRealm"/>
</domain-controller>
I set the username
However, on the DC side I can ONLY see one way of setting the username to be used for the LOCAL HC and that is in the name of the hose
<host name="selmain" xmlns="urn:jboss:domain:1.3">
Note here I have left the default
<domain-controller>
<local/>
<!-- Alternative remote domain controller configuration with a host and port -->
<!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
</domain-controller>
What is the way to set a different host name in the DC side? And how to configure the management user name in that case?