0 Replies Latest reply on Nov 6, 2012 5:41 AM by steljboss

    Domain Controller & Host Controller in the same host.xml

    steljboss

      I would like to run a domain controller which manages 4 server instances and I have 2 vms (eg. 192.168.0.2, 192.168.0.3)

       

      VM1: (192.168.0.2)

         DC

         SEL-1

         SEL-2

       

      VM2: (192.168.0.3)

         SEL-3

         SEL-4

       

      I have created 2 users in the ManagementRealm in the Domain Controller

      - selmain

      - selremote

       

      and I have configured the host.xml

      VM1: (192.168.0.2)

       

      <host name="selmain" xmlns="urn:jboss:domain:1.3">
      
          <management>
              <security-realms>
                  <security-realm name="ManagementRealm">
                      <server-identities>
                          <!--secret value="U0VMSG9zdENvbnRyb2xsZXJBZG1pblBhc3N3ZCExMg=="/-->
                          <secret value="c2VsZmNhcmU="/>
                      </server-identities>            
                      <authentication>
                          <local default-user="$local" />
                          <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                      </authentication>
                  </security-realm>
                  <security-realm name="ApplicationRealm">
                      <authentication>
                          <local default-user="$local" allowed-users="*" />
                          <properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
                      </authentication>
                      <authorization>
                          <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/>
                      </authorization>                
                  </security-realm>
              </security-realms>
              <management-interfaces>
                  <native-interface security-realm="ManagementRealm">
                      <socket interface="management" port="${jboss.management.native.port:9999}"/>
                  </native-interface>
                  <http-interface security-realm="ManagementRealm">
                      <socket interface="management" port="${jboss.management.http.port:9990}"/>
                  </http-interface>
              </management-interfaces>
          </management>
      
          <domain-controller>
             <local/>
             <!-- Alternative remote domain controller configuration with a host and port -->
             <!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
          </domain-controller>
      
          <interfaces>
              <interface name="management">
                  <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
              </interface>
              <interface name="public">
                 <inet-address value="${jboss.bind.address:127.0.0.1}"/>
              </interface>
              <interface name="unsecure">
                  <!-- Used for IIOP sockets in the standard configuration.
                       To secure JacORB you need to setup SSL -->
                  <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
              </interface>
          </interfaces>
      
          <jvms>
             <jvm name="default">
                  <heap size="64m" max-size="256m"/>
                  <permgen size="256m" max-size="256m"/>
                  <jvm-options>
                      <option value="-server"/>
                  </jvm-options>
             </jvm>
          </jvms>
      
          <servers>
             <server name="sel-1" group="selfcare-group" auto-start="false"/>
             <server name="sel-2" group="selfcare-group" auto-start="false">
                 <socket-bindings port-offset="100"/>
             </server>
          </servers>
      </host>
      

       

       

       

       

       

      VM2: (192.168.0.3)

       

      <host name="SEL" xmlns="urn:jboss:domain:1.3">
      
          <management>
              <security-realms>
                  <security-realm name="ManagementRealm">
                      <server-identities>
                           <!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
                           <secret value="c2VsZmNhcmU="/>
                      </server-identities>
      
                      <authentication>
                          <local default-user="$local" />
                          <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                      </authentication>
                  </security-realm>
                  <security-realm name="ApplicationRealm">
                      <authentication>
                          <local default-user="$local" allowed-users="*" />
                          <properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
                      </authentication>
                      <authorization>
                          <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/>
                      </authorization>                
                  </security-realm>
              </security-realms>
              <management-interfaces>
                  <native-interface security-realm="ManagementRealm">
                      <socket interface="management" port="${jboss.management.native.port:9999}"/>
                  </native-interface>
              </management-interfaces>
          </management>
      
          <domain-controller>
             <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" username="selremote" security-realm="ManagementRealm"/>
          </domain-controller>
      
          <interfaces>
              <interface name="management">
                  <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
              </interface>
              <interface name="public">
                 <inet-address value="${jboss.bind.address:127.0.0.1}"/>
              </interface>
              <interface name="unsecure">
                  <!-- Used for IIOP sockets in the standard configuration.
                       To secure JacORB you need to setup SSL -->
                  <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
              </interface>
          </interfaces>
      
          <jvms>
                <jvm name="default">
                  <heap size="64m" max-size="256m"/>
                  <permgen size="256m" max-size="256m"/>
                    <jvm-options>
                        <option value="-server"/>
                    </jvm-options>
               </jvm>
             </jvms>
      
          <servers>
              <server name="sel-3" group="selfcare-group" auto-start="false" />
              <server name="sel-4" group="selfcare-group" auto-start="false" >
                 <socket-bindings port-offset="100"/>
              </server>
          </servers>
      </host>
      

       

      This configuration works fine when I start the DC and HC as follows

       

      domain.bat -Djboss.domain.master.address.management=192.168.0.2 -Djboss.bind.address.management=192.168.0.2 -Djboss.bind.address=192.168.0.2
      domain.bat -Djboss.domain.master.address.management=192.168.0.2 -Djboss.bind.address.management=192.168.0.3 -Djboss.bind.address=192.168.0.3
      

       

      Note that in the 2nd host.xml the name of the file is NOT the username of the DC user which will handle the HC

       

      <host name="SEL" xmlns="urn:jboss:domain:1.3">
      

       

      but

       

          <domain-controller>
             <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" username="selremote" security-realm="ManagementRealm"/>
          </domain-controller>
      

       

       

       

      I set the username

       

      However, on the DC side I can ONLY see one way of setting the username to be used for the LOCAL HC  and that is in the name of the hose

       

      <host name="selmain" xmlns="urn:jboss:domain:1.3">
      

       

       

       

      Note here I have left the default

       

          <domain-controller>
             <local/>
             <!-- Alternative remote domain controller configuration with a host and port -->
             <!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
          </domain-controller>
      

       

       

      What is the way to set a different host name in the DC side? And how to configure the management user name in that case?