Puppet module to install, configure and manage Wildfly (8/9/10+), JBoss EAP (6.1+/7.0+) and some Wildfly based products like apiman, Keycloak and Infinispan.
License: Apache License 2.0
We run the ci system for beaker at http://ci.puppet.community/ and would be happy to test and vote on this module.
the line
file{'/etc/default/wildfly.conf':
should be
file{'/etc/default/wildfly':
the service script is looking for the later file name.
BTW: there should be java dependency added.
Hi, I'm getting this error below, do you know why?
Error: /Stage[main]/Wildfly::Install/Archive[/tmp/wildfly-8.2.0.Final.tar.gz]/ensure: change from absent to present failed: cannot load such file -- faraday_middleware
...
Error: Could not run: cannot load such file -- faraday_middleware
My setup: centos 6.5, ruby-gems 1.8.3, puppet 4
This what I'm doing:
class { 'wildfly':
version => '8.2.0',
java_home => '/usr/lib/jvm/java-1.8.0-openjdk',
install_source => 'http://download.jboss.org/wildfly/8.2.0.Final/wildfly-8.2.0.Final.tar.gz',
group => 'wildfly',
user => 'wildfly',
dirname => '/opt/wildfly',
mode => 'standalone',
config => 'standalone.xml',
java_xmx => '512m',
java_xms => '256m',
java_maxpermsize => '256m',
users_mgmt => { 'wildfly' => { username => 'wildfly', password => 'wildfly'}},
}
I just used your module, thanks for making one.
What I noticed, that after installing wildfly listen on localhost i.e [127.0.0.1] rather then [0.0.0.0]
The config variable
class { '::wildfly' :
version => $version,
install_source => "http://download.jboss.org/wildfly/$version.Final/wildfly-$version.Final.tar.gz",
java_home => "/opt/jdk-$version",
group => 'wildfly',
user => 'wildfly',
dirname => "/opt/wildfly",
mode => "standalone",
config => "standalone-full.xml",
}
This is class which is calling a config variable
init.pp
$config = $wildfly::params::config, #jboss_config
Which goes to params.pp and has a value "standalone-full.xml"
params.pp
$config = 'standalone-full.xml'
This the one of exec which looks for "wildfly::config" which has value standalone-full.xml
exec { 'replace management bind':
command => "sed -i -e's/jboss.bind.address.management:127.0.0.1/jboss.bind.address.management:${wildfly::mgmt_bind}/g' ${wildfly::dirname}/standalone/configuration/${wildfly::config}",
path => '/bin:/sbin:/usr/bin:/usr/sbin',
onlyif => "grep 'jboss.bind.address.management:127.0.0.1' ${wildfly::dirname}/standalone/configuration/${wildfly::config}",
}
To me it looks like we are running sed on the wrong file here. or just i'm understanding the whole thing?
I manually edited the standalone.xml and changed localhost to [0.0.0.0] and it started listening on all the interface.
I need to add some java opts for wildfly for our ear. I'm working on this currently by converting the bin/standalone.conf file into an erb and puppeting it.
Can you make a feature that deploy, assign and enable application on separate servers in server-group in "domain" mode?
I have a profile manifest where I am removing subsystem=ee/service=default-bindings] which requires a reload. I'm using the Wildfly::Util::Exec_cli call to issue a reload which works correctly.
The issues is that tasks that are run directly after that reload fail because the management interface is temporarily unavailable after the reload.
Error: /Stage[main]/Jolokia::Deploy/Wildfly::Deploy[jolokia war]/Wildfly_deploy[jolokia war]: Could not evaluate: Connection refused - connect(2) for "0.0.0.0" port 9990
Is there an suggestions for making the reload not report completed to puppet unless it can access the management interface to stop additional tasks from failing ?
I've been thinking about break the module into two modules:
My point is that administration/management is common across many JBoss AS (7+)/JBoss EAP(6+)/Wildfly(8+) versions, but installation and defines built on top of administration custom types/providers varies from one version to another.
RHEL 6.x comes with Ruby 1.8.7 which doesn't have sort_by
Unfortunately I can't upgrade OS or Ruby version on the servers
Right now the module only supports the driver-xa-datasource-class-name property on a JDBC driver. However, when using a non-XA driver, the driver-class-name property could be more appropriate.
A direction might be to add a driver_class_name parameter to wildfly::datasources::driver, differentiate between a XA and non-XA driver, or make wildfly::datasources::driver 'transparent' by using e.g. a hash instead of named parameters/arguments.
I have a datasource resource that I am creating
wildfly::standalone::datasources::datasource { 'jpnDS':
config => {
'driver-name' => 'mysql',
'min-pool-size' => '10',
'max-pool-size' => '60',
'connection-url' => 'jdbc:mysql://localhost:3306/DB',
'jndi-name' => 'java:jboss/datasources/jpnDS',
'user-name' => 'my_app',
'password' => 'my_app'
}
}
It looks to correctly create the datasource but then on every run it tries to modify the resource to append quotes " around the values.
$ sudo puppet apply --modulepath=/vagrant/modules/ /vagrant/manifests/jboss_wildfly9.pp
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Faraday: you may want to install system_timer for reliable timeouts
Notice: Compiled catalog for wildfly.example.dev in environment production in 1.22 seconds
Notice: /Stage[main]/Whois_wildfly/Wildfly::Standalone::Datasources::Datasource[jpnDS]/Wildfly::Util::Resource[/subsystem=datasources/data-source=jpnDS]/Wildfly_resource[/subsystem=datasources/data-source=jpnDS]/state: state changed '{"max-pool-size"=>60, "min-pool-size"=>10}' to '{"max-pool-size"=>"60", "min-pool-size"=>"10"}'
Notice: Finished catalog run in 1.13 seconds
Domain support is still tied to augeas, hence it only works on Wildfly versions < 9.0. Its support should be improved to use CLI-like resources and to provide built-in abstractions for servers and server-groups.
I'm not sure if there's a good way to resolve this (or if this is an issue I should bring up here), but I've run into a conflict with other modules' dependency on camptocamp's archive and this module's usage of nanliu's archive. I've done some work to switch to camptocamp in a fork, but I'm curious if it would be a good idea to optionally split out the usage of archive in this module. I'd rather avoid having to rely on a fork in the long run, but it seems module namespacing conflicts is one of puppet's weak points.
Since archive was replaced by execs, only http:// and ftp:// protocol are supported. In order to fully support external archive modules[1], file:// support must be implemented.
[1]
archive::nexus { '/tmp/hawtio.war':
ensure => present,
url => $nexus_url,
gav => "'io.hawt:hawtio-web:1.4.59'",
packaging => 'war',
repository => $repository,
owner => 'wildfly',
group => 'wildly',
}
~>
wildfly::deployment { 'hawtio.war':
source => 'file:/tmp/hawtio.war',
}
I'd like to add support for configuring LDAP security in Wildfly. I'm working on a pull request based on:
https://gist.github.com/hasalex/5854155.js
and
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-6.4/red-hat-jboss-enterprise-application-platform-64-how-to-configure-identity-management/chapter-4-configuring-a-security-domain-to-use-ldap
what's wrong with domain mode?
if i set this:
class {'::wildfly':
version => '8.2.0', install_source => 'http://download.jboss.org/wildfly/8.2.0.Final/wildfly-8.2.0.Final.tar.gz', java_home => '/opt/jdk1.7.0_79', group => 'wildfly', user => 'wildfly', dirname => '/opt/wildfly',
mode => 'domain',
config => 'domain.xml',
java_xmx => '512m', java_xms => '256m', java_maxpermsize => '256m', users_mgmt => { 'wildfly' => { username => 'admin', password => '1'}},
}
i get that:
==> web1: Notice: /Stage[main]/Wildfly::Install/Archive[/tmp/wildfly-8.2.0.Final.tar.gz]/ensure: download archive from http://download.jboss.org/wildfly/8.2.0.Final/wildfly-8.2.0.Final.tar.gz to /tmp/wildfly-8.2.0.Final.tar.gz and extracted in /opt/wildfly with cleanup
==> web1: Error: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[ajp]/Augeas[ajp]: Could not evaluate: Save failed with return code false, see debug
==> web1: Notice: /Stage[main]/Wildfly::Setup/Exec[replace memory parameters]/returns: executed successfully
==> web1: Error: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[management-http]/Augeas[management-http]: Could not evaluate: Save failed with return code false, see debug
==> web1: Error: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[management-https]/Augeas[management-https]: Could not evaluate: Save failed with return code false, see debug
==> web1: Error: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[http]/Augeas[http]: Could not evaluate: Save failed with return code false, see debug
==> web1: Error: /Stage[main]/Wildfly::Setup/Wildfly::Config::Interfaces[public]/Augeas[public]: Could not evaluate: Save failed with return code false, see debug
==> web1: Error: /Stage[main]/Wildfly::Setup/Wildfly::Config::Interfaces[management]/Augeas[management]: Could not evaluate: Save failed with return code false, see debug
==> web1: Notice: /Stage[main]/Wildfly::Setup/Wildfly::Config::Add_mgmt_user[wildfly]/Wildfly::Config::Add_user[wildfly]/File_line[admin:ManagementRealm]/ensure: created
==> web1: Notice: /Stage[main]/Profile::Maven/Exec[export MVN_PATH]/returns: executed successfully
==> web1: Error: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[https]/Augeas[https]: Could not evaluate: Save failed with return code false, see debug
Hi, it seems the mysql JDBC driver needs some additional support to function properly.
https://zorq.net/b/2011/07/12/adding-a-mysql-datasource-to-jboss-as-7/
Could this install be puppetized and would it be appropriate to include with this module?
When using PE4, which uses Ruby 2, Net::HTTP honours the http_proxy environment variable. PE<4 doesn't have this behaviour since in Ruby 1.x the Net::HTTP ignores http_proxy. I think wildfly_cli.rb should be modified to explicitly pass nil as proxy host to ignore the proxy, because the API connection will always be local (or should be).
Non-system modules should be installed within the modules directory directly instead of within the system modules directory. This would ideally be a configurable option.
Deployment using nexus does not work. There is no support for nexus in nanliu/arhive and in deploy.pp line 21 "archive::nexus" fails.
If you have a resource (e.g. a deployment) that depends on another resource (e.g. a datasource) and you try to update the datasource, it will fail cause wildfly_resource is not actually updating the resource, property by property, it's removing and inserting again.
Resource update should assemble a update-properties operation in order to avoid this issue.
I'm working to deploy Wildfly 8.2.0 and so far have simply changed version = 8.2.0 in order to deploy it. This appears to work so far, but it would be nice to see this become the new default.
I'm happy to help test it with 8.2.0 if you have a testing routine or suggestions as to what I should run against my install to test it.
Submitting to Coveralls fails with:
{"message":"Couldn't find a repository matching this job.","error":true}
I have some WARs that take a while to complete the deploy process ( lot of DB hibernate checks ).
Error: Could not set 'present' on ensure: Net::ReadTimeout at 61:/vagrant/modules/wildfly/manifests/deploy.pp
Error: Could not set 'present' on ensure: Net::ReadTimeout at 61:/vagrant/modules/wildfly/manifests/deploy.pp Wrapped exception:Net::ReadTimeout
Error:/Stage[main]/Rdap_bootstrap_server::Deploy/Wildfly::Deploy[rdap_bootstrap_server.war]/Wildfly_deploy[rdap_bootstrap_server.war]/ensure: change from absent to present failed: Could not set 'present' on ensure: Net::ReadTimeout at 61:/vagrant/modules/wildfly/manifests/deploy.pp
Puppet runs fails for the first time on centos
Notice: /Stage[main]/Apache::Service/Service[httpd]: Triggered 'refresh' from 1 events
Error: Could not start Service[wildfly]: Execution of '/bin/systemctl start wildfly' returned 6: Failed to start wildfly.service: Unit wildfly.service failed to load: No such file or directory.
Error: /Stage[main]/Wildfly::Service/Service[wildfly]/ensure: change from stopped to running failed: Could not start Service[wildfly]: Execution of '/bin/systemctl start wildfly' returned 6: Failed to start wildfly.service: Unit wildfly.service failed to load: No such file or directory.
Manually starting wildly
[root@beaker-role-appeng-wildfly-centos7-mrfkyciu ~]# service wildfly start
Reloading systemd: Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39)
[ OK ]
Starting wildfly (via systemctl): Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39)
[ OK ]
And then it works proper,
Looks like first time we have to start the service with manually.
[root@beaker-role-appeng-wildfly-centos7-mrfkyciu ~]# systemctl status wildfly
● wildfly.service - SYSV: WildFly startup script
Loaded: loaded (/etc/rc.d/init.d/wildfly)
Active: active (running) since Wed 2015-12-30 03:59:19 UTC; 5s ago
Docs: man:systemd-sysv-generator(8)
Process: 4473 ExecStart=/etc/rc.d/init.d/wildfly start (code=exited, status=0/SUCCESS)
Main PID: 4576 (java)
CGroup: /lxc/beaker/lxc/beaker-role-appeng-wildfly-centos7-mrfkyciu/system.slice/wildfly.service
├─4481 /bin/sh /etc/rc.d/init.d/wildfly start
├─4484 runuser -s /bin/bash wildfly -c ulimit -S -c 0 >/dev/null 2>&1 ; LAUNCH_JBOSS_IN_BACKGROUND=1 JBOSS_PIDFILE=/var/run/wildfly/wildfly.pid ...
├─4485 bash -c ulimit -S -c 0 >/dev/null 2>&1 ; LAUNCH_JBOSS_IN_BACKGROUND=1 JBOSS_PIDFILE=/var/run/wildfly/wildfly.pid /opt/wildfly/bin/standal...
├─4486 /bin/sh /opt/wildfly/bin/standalone.sh -c standalone-full.xml -Djboss.bind.address=0.0.0.0 -Djboss.bind.address.management=0.0.0.0 -Djbos...
└─4576 java -D[Standalone] -server -XX:+UseCompressedOops -server -XX:+UseCompressedOops -Xms256m -Xmx512m -XX:MaxPermSize=256m -Dorg.jboss.boot...
Dec 30 03:59:03 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Starting SYSV: WildFly startup script...
Dec 30 03:59:19 beaker-role-appeng-wildfly-centos7-mrfkyciu wildfly[4473]: Starting wildfly: [ OK ]
Dec 30 03:59:19 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: wildfly.service: Supervising process 4576 which is not our child. We'll most ...exits.
Dec 30 03:59:19 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Started SYSV: WildFly startup script.
Hint: Some lines were ellipsized, use -l to show in full.
[root@beaker-role-appeng-wildfly-centos7-mrfkyciu ~]# systemctl stop wildfly
Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39)
[root@beaker-role-appeng-wildfly-centos7-mrfkyciu ~]# systemctl status wildfly
● wildfly.service - SYSV: WildFly startup script
Loaded: loaded (/etc/rc.d/init.d/wildfly)
Active: inactive (dead)
Docs: man:systemd-sysv-generator(8)
Dec 30 03:59:03 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Starting SYSV: WildFly startup script...
Dec 30 03:59:19 beaker-role-appeng-wildfly-centos7-mrfkyciu wildfly[4473]: Starting wildfly: [ OK ]
Dec 30 03:59:19 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: wildfly.service: Supervising process 4576 which is not our child. We'll most ...exits.
Dec 30 03:59:19 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Started SYSV: WildFly startup script.
Dec 30 03:59:31 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Stopping SYSV: WildFly startup script...
Dec 30 03:59:32 beaker-role-appeng-wildfly-centos7-mrfkyciu wildfly[4745]: Stopping wildfly: [ OK ]
Dec 30 03:59:32 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Stopped SYSV: WildFly startup script.
Hint: Some lines were ellipsized, use -l to show in full.
[root@beaker-role-appeng-wildfly-centos7-mrfkyciu ~]# systemctl start wildfly
Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39)
[root@beaker-role-appeng-wildfly-centos7-mrfkyciu ~]# systemctl status wildfly
● wildfly.service - SYSV: WildFly startup script
Loaded: loaded (/etc/rc.d/init.d/wildfly)
Active: active (running) since Wed 2015-12-30 03:59:55 UTC; 1s ago
Docs: man:systemd-sysv-generator(8)
Process: 4786 ExecStart=/etc/rc.d/init.d/wildfly start (code=exited, status=0/SUCCESS)
Main PID: 4889 (java)
CGroup: /lxc/beaker/lxc/beaker-role-appeng-wildfly-centos7-mrfkyciu/system.slice/wildfly.service
├─4794 /bin/sh /etc/rc.d/init.d/wildfly start
├─4797 runuser -s /bin/bash wildfly -c ulimit -S -c 0 >/dev/null 2>&1 ; LAUNCH_JBOSS_IN_BACKGROUND=1 JBOSS_PIDFILE=/var/run/wildfly/wildfly.pid ...
├─4798 bash -c ulimit -S -c 0 >/dev/null 2>&1 ; LAUNCH_JBOSS_IN_BACKGROUND=1 JBOSS_PIDFILE=/var/run/wildfly/wildfly.pid /opt/wildfly/bin/standal...
├─4799 /bin/sh /opt/wildfly/bin/standalone.sh -c standalone-full.xml -Djboss.bind.address=0.0.0.0 -Djboss.bind.address.management=0.0.0.0 -Djbos...
└─4889 java -D[Standalone] -server -XX:+UseCompressedOops -server -XX:+UseCompressedOops -Xms256m -Xmx512m -XX:MaxPermSize=256m -Dorg.jboss.boot...
Dec 30 03:59:39 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Starting SYSV: WildFly startup script...
Dec 30 03:59:55 beaker-role-appeng-wildfly-centos7-mrfkyciu wildfly[4786]: Starting wildfly: [ OK ]
Dec 30 03:59:55 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: wildfly.service: Supervising process 4889 which is not our child. We'll most ...exits.
Dec 30 03:59:55 beaker-role-appeng-wildfly-centos7-mrfkyciu systemd[1]: Started SYSV: WildFly startup script.
Hint: Some lines were ellipsized, use -l to show in full.```
Hi,
I'm using this module also to deploy also Keycloak, just changing $version and $install_source, and everything is fine but it happens that sometimes download is slower thus Exec timeout expires.
A possibile workaround now could be:
Exec["Download wildfly from ${install_source}"] { timeout => 1000 }
instead of setting global Exec timeout or modify wildfly module.
Maybe a $install_source_timeout in wildfly class constructor could help
Seems I didn't test recursive resources enough. My XA Datasource resource always updates even when it shouldn't. I plan on taking a look at this sometime this week.
Does this look familiar?
Info: Applying configuration version '1446849940'
Error: /Stage[main]/Archive/Package[faraday]: Provider gem is not functional on this host
Error: /Stage[main]/Archive/Package[faraday_middleware]: Provider gem is not functional on this host
Notice: /Stage[main]/Wildfly::Prepare/Group[wildfly]: Dependency Package[faraday] has failures: true
Notice: /Stage[main]/Wildfly::Prepare/Group[wildfly]: Dependency Package[faraday_middleware] has failures: true
Warning: /Stage[main]/Wildfly::Prepare/Group[wildfly]: Skipping because of failed dependencies
[root@puppetmaster modules]# puppet module install biemond-wildfly
Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
/etc/puppetlabs/code/environments/production/modules
└─┬ biemond-wildfly (v0.4.3)
├─┬ nanliu-archive (v0.3.0)
│ └── puppetlabs-pe_gem (v0.1.1)
└── puppetlabs-stdlib (v4.9.0)
[root@puppetmaster modules]# puppet --version
4.2.2
[root@puppetmaster modules]#
I deploy an app to the server using an install script. The install script copies over or modifies /opt/wildfly/standalone/configuration/standalone.xml.
standalone.xml is then "fixed" by a subsequent puppet run, after the application install script. See augeas output below.
Notice: Augeas[public](provider=augeas):
--- /opt/wildfly/standalone/configuration/standalone.xml 2015-10-08 22:17:50.740310945 -0400
+++ /opt/wildfly/standalone/configuration/standalone.xml.augnew 2015-10-08 22:22:24.114023287 -0400
@@ -488,7 +488,7 @@
<inet-address value="${management.interface.ip}"/>
</interface>
<interface name="public">
- <inet-address value="${public.interface.ip}"/>
+ <inet-address value="${jboss.bind.address:0.0.0.0}"/>
</interface>
<interface name="unsecure">
<inet-address value="${unsecure.interface.ip}"/>
Notice: /Stage[main]/Wildfly::Setup/Wildfly::Config::Interfaces[public]/Augeas[public]/returns: executed successfully
Notice: Augeas[management](provider=augeas):
--- /opt/wildfly/standalone/configuration/standalone.xml 2015-10-08 22:22:24.265026992 -0400
+++ /opt/wildfly/standalone/configuration/standalone.xml.augnew 2015-10-08 22:22:24.348029029 -0400
@@ -485,7 +485,7 @@
<interfaces>
<interface name="management">
- <inet-address value="${management.interface.ip}"/>
+ <inet-address value="${jboss.bind.address.management:0.0.0.0}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:0.0.0.0}"/>
Notice: /Stage[main]/Wildfly::Setup/Wildfly::Config::Interfaces[management]/Augeas[management]/returns: executed successfully
Notice: Augeas[http](provider=augeas):
--- /opt/wildfly/standalone/configuration/standalone.xml 2015-10-08 22:22:24.500032756 -0400
+++ /opt/wildfly/standalone/configuration/standalone.xml.augnew 2015-10-08 22:22:24.663036755 -0400
@@ -499,7 +499,7 @@
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
<socket-binding name="ajp" port="${ajp.connector.port}"/>
- <socket-binding name="http" port="${http.connector.port}"/>
+ <socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="jgroups-tcp" port="${jgroups.tcp.port}"/>
<socket-binding name="jgroups-tcp-fd" port="${jgroups.tcp.fd.port}"/>
<socket-binding name="https" port="8443"/>
Notice: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[http]/Augeas[http]/returns: executed successfully
Notice: Augeas[https](provider=augeas):
--- /opt/wildfly/standalone/configuration/standalone.xml 2015-10-08 22:22:24.825040730 -0400
+++ /opt/wildfly/standalone/configuration/standalone.xml.augnew 2015-10-08 22:22:24.908042766 -0400
@@ -502,7 +502,7 @@
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="jgroups-tcp" port="${jgroups.tcp.port}"/>
<socket-binding name="jgroups-tcp-fd" port="${jgroups.tcp.fd.port}"/>
- <socket-binding name="https" port="8443"/>
+ <socket-binding name="https" port="${jboss.https.port:8443}"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="primary-mail-smtp">
Notice: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[https]/Augeas[https]/returns: executed successfully
Notice: Augeas[ajp](provider=augeas):
--- /opt/wildfly/standalone/configuration/standalone.xml 2015-10-08 22:22:25.058046447 -0400
+++ /opt/wildfly/standalone/configuration/standalone.xml.augnew 2015-10-08 22:22:25.141048483 -0400
@@ -498,7 +498,7 @@
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
- <socket-binding name="ajp" port="${ajp.connector.port}"/>
+ <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="jgroups-tcp" port="${jgroups.tcp.port}"/>
<socket-binding name="jgroups-tcp-fd" port="${jgroups.tcp.fd.port}"/>
Notice: /Stage[main]/Wildfly::Setup/Wildfly::Config::Socket_binding[ajp]/Augeas[ajp]/returns: executed successfully
Notice: /Stage[main]/Profiles::Appserver/Wildfly::Datasources::Driver[Driver mysql]/Wildfly::Util::Resource[/subsystem=datasources/jdbc-driver=mysql]/Wildfly_resource[/subsystem=datasources/jdbc-driver=mysql]/state: state changed '{"driver-xa-datasource-class-name"=>nil}' to '{"driver-xa-datasource-class-name"=>"undef"}'
Notice: Finished catalog run in 15.06 seconds
wildfly service is then failed, returning '404'.
if i restart wildfly then the app starts working again.
I think there needs to be a refresh on the wildfly service if standalone.xml is ever modified. I checked a couple manifests in config and it appears none of the augeas resources notify the wildfly service.
perhaps a notify would fix this issue? from manifests/config/socket_binding.pp
augeas { $name:
lens => 'Xml.lns',
incl => "${wildfly::dirname}/${wildfly::mode}/configuration/${wildfly::config}",
changes => "set server/socket-binding-group/socket-binding[#attribute/name='${name}']/#attribute/port ${port}",
onlyif => "match server/socket-binding-group/socket-binding[#attribute/name='${name}'][#attribute/port='${port}'] size == 0",
notify => Service['wildfly'],
}
does that seem appropriate?
Installing curl via package resource causes conflicts when package curl is already defined.
One way to fix this is to use the ensure_resource function found in stdlib. https://forge.puppetlabs.com/puppetlabs/stdlib
ensure_resource('package', 'curl', { 'ensure' => 'installed' })
I've made a wildfly datasource, where some config keys have number in.
'min-pool-size' => 1,
'max-pool-size' => 10,
It configure it right, but every puppet run it tells me that state changed.
/state: state changed '{"max-pool-size"=>10, "min-pool-size"=>1}' to '{"min-pool-size"=>"1", "max-pool-size"=>"10"}'
Hi,
Specifying parameters for a domain node has no actual effect on the settings file host-master.xml and the code of class wildfly::setup shows why (https://github.com/biemond/biemond-wildfly/blob/master/manifests/setup.pp#L16) . How can I use a different binding address (other than 127.0.0.1) for instance?
I had to change in manifests/params.pp line 10:
$service_file = $::osfamily? {
Debian => 'wildfly-init-debian.sh',
RedHat => 'wildfly-init-redhat.sh',
default => 'wildfly-init-redhat.sh',
}
to
$service_file = $::osfamily? {
'Debian' => 'wildfly-init-debian.sh',
'RedHat' => 'wildfly-init-redhat.sh',
default => 'wildfly-init-redhat.sh',
}
I am not sure if it has something to do with the puppet version I use (3.7.4). And I have not tested RedHat an default, so i did not want to open a pull request as I am not sure about this change.
I've hit an issue when trying to use the wildfly_resource type to create a periodic-rotating-file-handler with the name WHOIS-PROXY-QUERY-FILE.
When running Puppet apply I get the following error
$ sudo puppet apply --modulepath=/vagrant/modules /vagrant/manifests/jboss_wildfly8.pp
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Faraday: you may want to install system_timer for reliable timeouts
Notice: Compiled catalog for wildfly.example.dev in environment production in 1.14 seconds
Error: /Stage[main]/Main/Wildfly_resource[/subsystem=logging/periodic-rotating-file-handler=WHOIS-PROXY-QUERY-FILE]: Could not evaluate: private method `gsub' called for nil:NilClass
Notice: Finished catalog run in 0.76 seconds
If the name is modified it works without issue. I'm not sure what is tripping to make it error.
$ sudo puppet apply --modulepath=/vagrant/modules /vagrant/manifests/jboss_wildfly8.pp
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
Faraday: you may want to install system_timer for reliable timeouts
Notice: Compiled catalog for wildfly.example.dev in environment production in 1.06 seconds
Notice: /Stage[main]/Main/Wildfly_resource[/subsystem=logging/periodic-rotating-file-handler=WHOIS-PROXY-FILE]/ensure: created
Notice: Finished catalog run in 0.71 seconds
Hi!
I've used this module to instantiate a new Wildfly instance, however, I've recognized that setting the AJP port doesn't start the AJP port.
I had to follow the instructions found here: https://docs.jboss.org/author/display/WFLY8/AJP+listeners
Maybe you can check / integrate / fix this issue.
Thx,
Oliver
I need to add an XA datasource to Wildfly. After a lot of trial and error I've been able to add an XA datasource via the management API using this request.
{
"operation": "composite",
"address": [],
"steps": [
{
"address": [
{
"subsystem": "datasources"
},
{
"xa-data-source": "DefaultPool"
}
],
"driver-name": "oracle",
"jndi-name": "java:/jdbc/DefaultPool",
"operation": "add",
"password": "password",
"user-name": "undef"
}, {
"address": [
{
"subsystem": "datasources"
},
{
"xa-data-source": "DefaultPool"
},
{
"xa-datasource-properties": "URL"
}
],
"operation": "add"
}
]
}
The second step is needed in the same request otherwise the request fails for not having any xa-datasource-properties. I've been trying to figure out the best way to work this into the code base, but I'm not seeing any straightforward ways. Any suggestions on how to achieve this in a way that's merge worthy?
Update: realized the first step had still had a xa-datasource-property field that did nothing from my testing. Removed it.
The new wget functionality breaks the module, since it behaves differently from the previously used archive and curl functionality:
wget -N -P ${dir_path}/${file_name} ${source} --max-redirect=5
causes wget to create a subdirectory with the name ${file_name} to be created, and the downloaded file will be placed in there. This causes classloading errors since Wildfly won't be able to find the jar in the 'current' directory. E.g.: when creating a PostgreSQL module the resulting file resource is:
$WILDFLY_HOME/modules/system/layers/base/org/postgresql/main/postgresql-9.4-1204.jdbc41.jar/postgresql-9.4-1204.jdbc41.jar
while it should be:
$WILDFLY_HOME/modules/system/layers/base/org/postgresql/main/postgresql-9.4-1204.jdbc41.jar
I will provide a pull request with a fix.
Right now wildfly::util::resource items are created using direct interaction with the http management API using the wildfly_cli.rb code. This code makes an invalid assumption that authentication to the management API always uses Digest.
However, I observed that when configuring your own security realm with LDAP, and attaching it to the http management interface, the authentication method can differ. E.g. with the authentication=ldap setting, authentication on the http management interface uses Basic auth (!).
It was my invalid assumption that Wildfly would handle http authentication, and only delegate the validation of the credentials to the methods defined by the security realm. This is not true, as the entire http request seems to be forwarded. So the http authentication used, depends on the configuration of the security realm.
I will provide a pull request that makes wildfly_cli.rb detect which authentication method to use, and switch between Digest or Basic accordingly.
In the file manifests/install.pp:
{code}
file{"${dirname}/standalone/configuration/mgmt-users.properties":
ensure => present,
mode => '0755',
owner => $user,
group => $group,
content => template('wildfly/mgmt-users.properties.erb'),
before => Service['wildfly'],
}
{code}
To fix this issue add:
{code}
require => Exec["tar ${install_file} in /var/tmp"],
{code}
How would you go about removing a resource only if it exists with the custom types ?
My attempt to use the following removes the resource....
wildfly::util::exec_cli { "Disable ExampleDS":
command => "/subsystem=datasources/data-source=ExampleDS:remove",
unless => "(outcome == failed) of /subsystem=datasources/data-source=ExampleDS:read-resource"
}
...but once removed the next run of puppet fails
Error: /Stage[main]/Main/Wildfly::Util::Exec_cli[Disable ExampleDS]/Wildfly_cli[Disable ExampleDS]: Could not evaluate: Failed with: JBAS014807: Management resource '[
("subsystem" => "datasources"),
("data-source" => "ExampleDS")
]' not found for {"address":[{"subsystem":"datasources"},{"data-source":"ExampleDS"}],"operation":"read-resource"}
Upgraded the module from 0.3.5 to 0.4.0. Adjusted the classes appropriately, as per the CHANGELOG.
::wildfly::deploy { 'foo.war':
source => "${prefix}/${groupid_path}/foo/${version}/foo-${version}.war",
require => Service['jboss'],
}
Receives an error:
Invalid parameter server_group on Wildfly_deploy[foo.war] at /etc/puppet/environments/<branch>/modules/wildfly/manifests/deploy.pp:69
It looks like server_group is required, which I believe won't work correctly when deploying in standalone mode.
What is happening sometime puppet fails to run and sometime it does not fail. I don't think the require statement under http_api file, would be creating any problem. any idea why this sudden burst of puppet
puppet agent t --environment=ashish
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload puppet/type/wildfly_resource: Could not autoload puppet/provider/wildfly_resource/http_api: no such file to load - puppet_x/util/wildfly_cli on node beaker-role-appeng-wildfly-centos7-menywugg.ashish
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
The current wildfly::util::resource definition does not accept the 'ensure' parameter that allows the ensurable property to be used.
Since @jairojunior closed the issue #68, the wildfly module allowed wildfly::public_bind and wildfly::mgmt_bind to set bind address value by informing a value to JBOSS_OPTS variable, which is read by the jboss-as-{domain,standalone}.sh scripts.
The variable JBOSS_OPTS is completed ignored in the init.d scripts of wildfly versions prior to 8.2.0, such as 8.1.0, 8.0.0 and all EAP 6.x versions, therefore setting the variables wildfly::public_bind and wildfly::mgmt_bind on the puppet module doesn't change bind address configuration. Other settings that depend on JBOSS_OPTS won't work, also.
The CLI supports quoting variables so names that may include characters such as a "/" can be looked up. Support looking these values up via the resource process.
Setup is
wildfly::config::add_app_user { 'Adding user':
username => 'user',
password => 'password'
}
wildfly::standalone::deploy { 'app.war': source => "file:///home/wildfly/app.war",
}
wildfly::standalone::undertow::https { 'app':
socket_binding => 'https',
keystore_path => "${wildflyhome}/bin/server.store",
keystore_password => 'password',
key_alias => "*.${::domain}",
key_password => 'password',
}
This results in:
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid parameter recursive on Wildfly_resource[/core-service=management/security-realm=TLSRealm] at /etc/puppet/environments/devtest/modules/wildfly/manifests/util/resource.pp:13 on node xxx.xxx.xxx
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Simple fix was to remove line 11 in resource.pp (recursive => $recursive,)
I have a recursive resource. E.g. (partial example):
wildfly::util::resource { "/core-service=management/security-realm=${realm_name}/authorization=ldap":
recursive => true,
content => {
'connection' => "${realm_name}-LDAPConnection",
'group-search' => {
'group-to-principal' => {
'group-name' => $authorization_group_name,
'group-name-attribute' => $authorization_group_name_attribute,
'group-dn-attribute' => $authorization_group_dn_attribute,
'base-dn' => $authorization_group_base_dn,
'search-by' => $authorization_group_search_by,
'principal-attribute' => $authorization_principal_attribute,
'recursive' => $authorization_group_recursive,
'iterative' => $authorization_group_iterative,
'prefer-original-connection' => $authorization_prefer_original_conn,
'cache' => {
"${cache_type}" => {
'max-cache-size' => $max_cache_size,
'eviction-time' => $cache_eviction_time,
'cache-failures' => $cache_failures,
}
}
}},
'username-to-dn' => {
'username-filter' => {
'base-dn' => $ldap_user_base_dn,
'attribute' => $authorization_user_name_attribute,
'user-dn-attribute' => $authorization_user_dn_attribute,
'force' => $authorization_user_force,
'recursive' => $authorization_user_recursive,
'cache' => {
"${cache_type}" => {
'max-cache-size' => $max_cache_size,
'eviction-time' => $cache_eviction_time,
'cache-failures' => $cache_failures,
}
}
}},
},
}
Each Puppet run will cause a state changed because Puppet thinks the resources are dissimilar. This is incorrect since the resources are similar.
The HTTP management API has so-called operation-headers, which allow some resources to be added without requiring the (full) server to reload. Please see:
https://docs.jboss.org/author/display/WFLY9/Management+API+reference#ManagementAPIreference-OperationHeaders
I think we should offer support for these headers, so that some resources can be added more efficiently because then they won't require the server to reload.
Looking at the code I think this feature could actually be implemented easily and quickly..
I've implemented the wildfly::security::domain with support for just one login-module. However, security domains can have multiple login-modules, and maybe log-modules should/could be managed independently of the security domain.
I've refactored wildfly::security::domain to do a create_resources of wildfly::security::login_module and added the wildfly::security::login_module resource itself.
Pull-request will follow..
Sometimes it is necessary to be able to control the state of the service outside of Puppet. For that reason I'd like to add some parameters to specify the behaviour of the wildfly service:
I use this to provide a custom startup script that has a 'defer' function which allows us to temporarily stop de service during e.g. a test or maintenance window without Puppet trying to start it during its run.
I think this would make the module more 'batteries included but removable' ;-)
I will provide a pull request for this.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.