wildfly
Version information
This version is compatible with:
- Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
- Puppet >=4.4.2 < 6.0.0
- , , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'biemond-wildfly', '2.3.2'
Learn more about managing modules with a PuppetfileDocumentation
wildfly
Table of Contents
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with wildfly
- Upgrade
- Usage - Configuration options and additional functionality
- Wildfly 10.1.0
- Wildfly 9.0.2
- Wildfly 8.2.1
- JBoss EAP 6.x (with hiera)
- JBoss EAP 7.0
- Keycloak
- apiman
- Infinispan Server
- Wildfly's Configuration Management
- Patch management
- Unmanaged installation
- Domain Mode
- Deployment
- User management
- Module installation
- Datasources
- HTTPS/SSL
- Server reload
- Messaging
- Logging
- Modcluster
- JGroups
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
- Documentation
Overview
created by Edwin Biemond email biemond at gmail dot com biemond.blogspot.com Github homepage
Install, configures and manages Wildfly.
Should work on every Redhat or Debian family member, tested with Wildfly 10.1, 10.0, 9.0, 8.2, 8.1 & 8.0 and with JBoss EAP (tested on 6.1/6.2/6.3/6.4 and 7.0). Some defines may work only in certain versions.
Vagrant Fedora 21, Puppet 4.2.1 example with Wildfly 8.2, Apache AJP and PostgreSQL.
Vagrant CentOS Standalone HA + Gossip Router example with two nodes, a gossip router and a load balancer (httpd + mod_cluster).
Vagrant CentOS 7.2 Domain Mode with two nodes (Domain master and slave) and a load balancer.
Module Description
The wildfly module can install, configure and manage - through its HTTP Management API - Wildfly (8/9/10) and JBoss EAP (6.1+/7.0+).
Setup
What wildfly affects
-
Manage Wildfly user, group and directory.
-
Creates a wildfly service using bundled scripts and manages its installation and resources (using Management API)
-
Installs requisite libaio and wget packages
Setup Requirements
This module requires a JVM ( should already be there ). Just need to be extracted somewhere, no need to update-alternatives, set PATH or anything else, but it also works if you choose to do so.
Three gems are bundled with this module: treetop
(parsing JBoss-CLI commands), polyglot
(treetop's requirement) and net-http-digest_auth
(Management API authentication).
Acceptance tests works with puppetlabs/java in both CentOS and Debian.
This module requires puppetlabs-stdlib
and jethrocarr/initfact
(it uses init_system
fact provided by this module by default, but it's overridable in wildfly::initsystem
parameter)
It should work on every operating system with the following init systems: sysvinit, systemd and upstart
Upgrade
to 1.2.0
wildfly class
The main changes in wildfly
class are bellow:
class { '::wildfly':
distribution => 'jboss-eap|wildfly',
properties => {
'jboss.bind.address' => $public_bind,
'jboss.bind.address.management' => $mgmt_bind,
'jboss.management.http.port' => $mgmt_http_port,
'jboss.management.https.port' => $mgmt_https_port,
'jboss.http.port' => $public_http_port,
'jboss.https.port' => $public_https_port,
'jboss.ajp.port' => $ajp_port,
},
jboss_opts => '-Dproperty=value'
mgmt_user => { username => $management_user, password => $management_password },
}
distribution
was introduced to provide out of the box support for JBoss EAP and properties
to replace fine-grained parameters for address/port binding like public_bind
, mgmt_bind
and public_http_port
. (Reason: It's easier - and more reliable - to manage a properties file than Wildfly's XML through augeas)
users_mgmt
was replaced by mgmt_user
, and additional users should be managed by wildfly::config::mgtm_user
defined type. The hash format and default value also changed.
New dependency
jethrocarr/initfact
module.
Defined types
All resources from wildfly::util
were moved to wildfly
, hence you need to search and replace them, I suggest you execute these commands in your environment:
find . -name '*.pp' -type f -exec sed -i 's/wildfly::util::exec_cli/wildfly::cli/g' {} +
find . -name '*.pp' -type f -exec sed -i 's/wildfly::util/wildfly/g' {} +
to 2.0.0
This version requires Puppet 4.4+ and heavily uses Puppet 4 new features: data types, epp templates and Ruby 2.1+, but there is no breaking change per se. Meaning that if you're using 1.x version with Puppet 4 you should be able to migrate without any problems.
If you're still using Puppet 3.x with Ruby 1.8.7+ check version 1.2.x (unsupported).
to 2.1.0
This version will no longer stringify values for wildfly_resource
's state or sort arrays values. In other words, you'll have to declare attributes using a type that matches Wildfly's Management Model type and in the same order returned by the API (in case of an array/LIST).
Usage
class { 'wildfly': }
Wildfly 10.1.0
class { 'wildfly':
version => '10.1.0',
install_source => 'http://download.jboss.org/wildfly/10.1.0.Final/wildfly-10.1.0.Final.tar.gz',
}
Wildfly 9.0.2
class { 'wildfly':
version => '9.0.2',
install_source => 'http://download.jboss.org/wildfly/9.0.2.Final/wildfly-9.0.2.Final.tar.gz',
}
Wildfly 8.2.1
class { 'wildfly':
version => '8.2.1',
install_source => 'http://download.jboss.org/wildfly/8.2.1.Final/wildfly-8.2.1.Final.tar.gz',
}
JBoss EAP 6.x (with hiera)
include ::wildfly
wildfly::distribution: 'jboss-eap'
wildfly::version: '6.4'
wildfly::install_source: 'http://mywebserver/jboss-eap-6.4.tar.gz'
wildfly::user: 'jboss-as'
wildfly::group: 'jboss-as'
wildfly::dirname: '/opt/jboss-as'
wildfly::console_log: '/var/log/jboss-as/console.log'
JBoss EAP 7.0
class { 'wildfly':
version => '7.0',
distribution => 'jboss-eap',
install_source => 'http:/mywebserver/jboss-eap-7.0.tar.gz',
user => 'jboss-eap',
group => 'jboss-eap',
dirname => '/opt/jboss-eap',
console_log => '/var/log/jboss-eap/console.log',
}
Keycloak
Keycloak is an open source Identity and Access Management built on top of Wildfly/JBoss platform, therefore you should be able to use this module to install and config it.
class { 'wildfly':
version => '10.1.0',
distribution => 'wildfly',
install_source => 'https://downloads.jboss.org/keycloak/2.5.0.Final/keycloak-2.5.0.Final.tar.gz',
}
NOTE: Just make sure to point to the right version/distribution it was built upon.
Some Keycloak configuration can be managed in the same way as a regular Wildfly/Jboss configuration:
wildfly::datasources::datasource { 'KeycloakDS':
config => {
'driver-name' => 'postgresql',
'password' => 'keycloak',
'user-name' => 'keycloak',
'jndi-name' => 'java:jboss/datasources/KeycloakDS',
'connection-url' => "jdbc:postgresql://192.168.33.20:5432/keycloak",
'background-validation' => true,
'background-validation-millis' => 60000,
'check-valid-connection-sql' => 'SELECT 1',
'flush-strategy' => 'IdleConnections',
}
}
apiman
apiman is an API Manager built on top of Wildfly/JBoss, therefore you should be able to use this module to install and config it.
Currently there aren't no prebuilt packages, but download page provides instruction to build it for Wildfly 10, 9 and EAP 7.
Example
wget http://download.jboss.org/wildfly/10.1.0.Final/wildfly-10.1.0.Final.zip
wget http://downloads.jboss.org/apiman/1.2.9.Final/apiman-distro-wildfly10-1.2.9.Final-overlay.zip
unzip wildfly-10.1.0.Final.zip
unzip -o apiman-distro-wildfly10-1.2.9.Final-overlay.zip -d wildfly-10.1.0.Final
tar czvf apiman-wildfly-10.1.0.Final.tar.gz wildfly-10.1.0.Final
class { 'wildfly':
version => '10.1.0',
distribution => 'wildfly',
config => 'standalone-apiman.xml',
install_source => 'http://10.0.2.2:9090/apiman-wildfly-10.1.0.Final.tar.gz',
}
NOTE: Just make sure to point to the right version/distribution it was built upon.
Infinispan Server
Infinispan Server (or JBoss Data Grid) also work with this module but requires more tweaks.
From Infinispan Server 7 to 9 (including JDG 7.0) you will only need to change install_source
to match the desired version:
class { 'wildfly':
install_source => 'http://10.0.2.2:9090/infinispan-server-8.2.5.Final.tar.gz',
conf_file => '/etc/infinispan-server/infinispan-server.conf',
conf_template => 'wildfly/infinispan-server.conf.erb',
service_file => 'bin/init.d/infinispan-server.sh',
service_name => 'infinispan-server',
}
Limitation: You need to repackage it to a tar.gz file and Infinispan Server 6 and JDG 6.x are not working.
Wildfly's Configuration Management
Wildfly has a Management Model that describes its configuration and there are three main elements that you need to understand in order to use this module: path
, attributes
and operations
This module provides a few defined types built around these concepts using wildfly_resource
and wildfly_cli
(wildfly::messaging::*
, wildfly:datasources::datasource
, wildfly:datasources::driver
) to ease management of most used resources, but they are not guaranteed to work across all versions of JBoss/Wildfly and they represent only a tiny subset of the Management Model.
In order to manage virtually any configuration in the Model Reference (i.e. datasources, https, queues, modcluster) with wildfly::resource
or wildfly::cli
you must understand how declared resources are converted to Management API requests using paths
, attributes
and operations
.
Path/Addresss: The resource address in /node-type=node-name (/node-type=node-name)*
format. (e.g. /subsystem=datasources/datasource=DatasourceName
)
Attributes: key-value pairs that describes the resource. (e.g. driver-name=postgresql
, connection-url=jdbc:postgresql://localhost/postgres
)
Operations: An operation to be performed in a resource. (e.g. read
, write-attribute
, remove
)
With wildfly::cli
you have more control, but you should only use it when you can't manage the resource with wildfly_resource
(e.g. you can't manage enabled
attribute as it is only changed as a result of enable
and disable
operations.):
wildfly::cli { "Enable ADatasource":
command => "/subsystem=datasources/data-source=ADatasource:enable",
unless => "(result == true) of /subsystem=datasources/data-source=ADatasource:read-attribute(name=enabled)",
}
For all other scenarios, wildfly::resource
will be your best friend, from the most simple resource:
wildfly::resource { "/system-property=myproperty":
content => {
'value' => '1234'
},
}
To the most complex:
wildfly::resource { '/subsystem=modcluster/mod-cluster-config=configuration':
recursive => true,
content => {
'advertise' => true,
'connector' => 'ajp',
'excluded-contexts' => 'ROOT,invoker,jbossws,juddi,console',
'proxy-url' => '/',
'sticky-session' => true,
'proxies' => ['192.168.1.1:6666', '192.168.1.2::6666']
'balancer' => 'mybalancer',
'load-balancing-group' => 'mygroup',
'dynamic-load-provider' => {'configuration' => {
'load-metric' => {'busyness' => {
'type' => 'busyness',
}}
}},
}
}
The first thing to note about wildfly::resource
is the absence of an operation, as you will only need to set ensure
with either present or absent, using the first will result in the creation or update of the resource with the declared state/content, whereas the other will remove the resource with all its children.
A resource attribute behaviors like a Puppet resource property. Therefore, unmanaged attributes behavior like unmanaged properties in puppet resources, meaning: if you don't declare, you don't care.
NOTE: Be careful with the type of declared attribute's value as it should match Management Model type. Valid Management Model types include:
STRING
,INT
,BOOLEAN
,LIST
(i.e. arrays []) andOBJECT
(i.e. hashes {}).
Patch management
Wildfly/JBoss allows you to apply patches to existing installation in order to update it. I suggest you use puppet-archive
or any other archive
module to download patches from remote sources, just be aware that you need to extract patch zip file in order to apply patches to Wildfly, but you'll be able to apply the zip file directly when you're using EAP.
NOTE: Wildfly from versions 8.0.0 to 9.0.1 has a bug in
jboss-cli.sh
WFCORE-160 that makes it report that a patch hasn't been successfuly applied (exit code 2) even when it was. If you're using one of theses versions you better update this file or live with a bad report.
Offline
Offline patching requires the server to be down, but don't leave the server in a restart-required
state.
EAP/Offline example
class { '::wildfly':
distribution => 'jboss-eap',
version => '6.4',
}
archive { '/opt/wildfly/jboss-eap-6.4.8-patch.zip':
ensure => present,
source => 'http://10.0.2.2:9090/jboss-eap-6.4.8-patch.zip',
}
->
wildfly::patch::offline { '6.4.8':
source => '/opt/wildfly/jboss-eap-6.4.8-patch.zip',
}
Online
Online patching requires the server to be up and requires a restart after being applied.
Wildfly/Online example
class { '::wildfly':
version => '10.0.0',
install_source => 'http://download.jboss.org/wildfly/10.0.0.Final/wildfly-10.0.0.Final.tar.gz',
}
archive { '/opt/wildfly/wildfly-10.1.0.Final-update.zip':
ensure => present,
extract => true,
extract_path => '/opt/wildfly',
creates => '/opt/wildfly/wildfly-10.1.0.Final.patch',
source => 'http://download.jboss.org/wildfly/10.1.0.Final/wildfly-10.1.0.Final-update.zip',
user => 'wildfly',
group => 'wildfly',
require => [File['/opt/wildfly'],Package['unzip']],
}
->
wildfly::patch::online { '10.1.0':
source => '/opt/wildfly/wildfly-10.1.0.Final.patch',
override_all => true,
}
Unmanaged installation
If you don't want to use this module to manage your Wildfly/JBoss installation or you don't want to manage your installation with Puppet at all. You still can use this module to manage your configuration using wildfly_resource
, wildfly_cli
, wildfly_deployment
and wildfly_restart
.
Example:
wildfly_resource { "/subsystem=datasources/data-source=MyDS":
ensure => 'present',
username => 'admin',
password => 'password',
host => '192.168.33.10',
port => '9990',
state => {
'driver-name' => 'postgresql',
'connection-url' => 'jdbc:postgresql://localhost/postgres',
'jndi-name' => 'java:jboss/datasources/MyDS',
'user-name' => 'postgres',
'password' => 'postgres',
},
}
Domain Mode
Master (Domain Controller)
class { 'wildfly':
mode => 'domain',
host_config => 'host-master.xml',
properties => {
'jboss.bind.address.management' => '172.17.0.2',
},
}
wildfly::config::mgmt_user { 'slave1':
password => 'wildfly',
}
NOTE: Don't forget to set
target_profile
while managing your domain resources.
Slave (Host Controller)
class { 'wildfly':
mode => 'domain',
host_config => 'host-slave.xml',
properties => {
'jboss.domain.master.address' => '172.17.0.2',
},
secret_value => 'd2lsZGZseQ==', #base64('wildfly'),
}
NOTE: Host Controller name has to match a mgmt user name in Domain Controller, since, by default, HC uses it own name as the username for connecting with DC. You can always set a different one by overriding
remote_username
parameter.
Domain Management
Make sure you remove default resources (server-groups and server-config) if you're not going to use it.
Domain controller:
wildfly::resource { ['/server-group=main-server-group', '/server-group=other-server-group'] :
ensure => absent,
}
Host controller:
wildlfy::resource { ['/host=slave1/server-config=server-one', '/host=slave1/server-config=server-two']:
ensure => absent,
}
Then start managing your own server-groups
and server-config
with wildfly::domain::server-group
and wildfly::host::server_config
Deployment
From a local or remote source
Source supports these protocols: http://
, ftp://
, puppet://
, file://
wildfly::deployment { 'hawtio.war':
source => 'http://central.maven.org/maven2/io/hawt/hawtio-web/1.4.48/hawtio-web-1.4.48.war',
}
wildfly::deployment { 'hawtio.war':
source => 'puppet:///modules/profile/wildfly/hawtio-web-1.4.48.war',
}
wildfly::deployment { 'hawtio.war':
source => 'file://var/tmp/hawtio-web-1.4.48.war',
}
To a target server-group (domain mode)
wildfly::deployment { 'hawtio.war':
source => 'http://central.maven.org/maven2/io/hawt/hawtio-web/1.4.48/hawtio-web-1.4.48.war',
server_group => 'main-server-group',
}
From nexus
NOTE: This feature was removed to avoid 'archive' name collision, but you can still use archive::nexus to download an artifact and use as an input for
wildfly::deployment
archive::nexus { '/tmp/hawtio.war':
url => 'https://oss.sonatype.org',
gav => 'io.hawt:hawtio-web:1.4.66',
repository => 'releases',
packaging => 'war',
}
~>
wildfly::deployment { 'hawtio.war':
source => '/tmp/hawtio.war'
}
User management
You can add App and Management users (requires server restart).
wildfly::config::mgmt_user { 'mgmtuser':
password => 'mgmtuser'
}
wildfly::config::app_user { 'appuser':
password => 'appuser'
}
And associate groups or roles to them (requires server restart)
wildfly::config::user_groups { 'mgmtuser':
groups => 'admin,mygroup'
}
wildfly::config::user_roles { 'appuser':
roles => 'guest,ejb'
}
Module installation
Install a JAR module from a remote file system, puppet file server or local file system.
wildfly::config::module { 'org.postgresql':
source => 'http://central.maven.org/maven2/org/postgresql/postgresql/9.3-1103-jdbc4/postgresql-9.3-1103-jdbc4.jar',
dependencies => ['javax.api', 'javax.transaction.api']
}
wildfly::config::module { 'org.postgresql':
source => 'puppet:///modules/profiles/wildfly/postgresql-9.3-1103-jdbc4.jar',
dependencies => ['javax.api', 'javax.transaction.api']
}
wildfly::config::module { 'org.postgresql':
source => 'file:///var/tmp/postgresql-9.3-1103-jdbc4.jar',
dependencies => ['javax.api', 'javax.transaction.api']
}
Datasources
Setup a driver and a datasource (for domain mode you need to set target_profile
parameter):
wildfly::datasources::driver { 'Driver postgresql':
driver_name => 'postgresql',
driver_module_name => 'org.postgresql',
driver_xa_datasource_class_name => 'org.postgresql.xa.PGXADataSource'
}
->
wildfly::datasources::datasource { 'DemoDS':
config => {
'driver-name' => 'postgresql',
'connection-url' => 'jdbc:postgresql://localhost/postgres',
'jndi-name' => 'java:jboss/datasources/DemoDS',
'user-name' => 'postgres',
'password' => 'postgres'
}
}
Alternatively, you can install a JDBC driver and module using deployment if your driver is JDBC4 compliant:
wildfly::deployment { 'postgresql-9.3-1103-jdbc4.jar':
source => 'http://central.maven.org/maven2/org/postgresql/postgresql/9.3-1103-jdbc4/postgresql-9.3-1103-jdbc4.jar'
}
->
wildfly::datasources::datasource { 'DemoDS':
config => {
'driver-name' => 'postgresql-9.3-1103-jdbc4.jar',
'connection-url' => 'jdbc:postgresql://localhost/postgres',
'jndi-name' => 'java:jboss/datasources/DemoDS',
'user-name' => 'postgres',
'password' => 'postgres'
}
}
A postgresql normal & XA datasource example
wildfly::config::module { 'org.postgresql':
source => 'http://central.maven.org/maven2/org/postgresql/postgresql/9.3-1103-jdbc4/postgresql-9.3-1103-jdbc4.jar',
dependencies => ['javax.api', 'javax.transaction.api'],
require => Class['wildfly'],
}
->
wildfly::datasources::driver { 'Driver postgresql':
driver_name => 'postgresql',
driver_module_name => 'org.postgresql',
driver_xa_datasource_class_name => 'org.postgresql.xa.PGXADataSource'
}
->
wildfly::datasources::datasource { 'petshop datasource':
name => 'petshopDS',
config => { 'driver-name' => 'postgresql',
'connection-url' => 'jdbc:postgresql://10.10.10.10/petshop',
'jndi-name' => 'java:jboss/datasources/petshopDS',
'user-name' => 'petshop',
'password' => 'password'
}
}
->
wildfly::datasources::xa_datasource { 'petshopDSXa':
config => { 'driver-name' => 'postgresql',
'jndi-name' => 'java:jboss/datasources/petshopDSXa',
'user-name' => 'petshop',
'password' => 'password',
'xa-datasource-class' => 'org.postgresql.xa.PGXADataSource',
'xa-datasource-properties' => {
'url' => {'value' => 'jdbc:postgresql://10.10.10.10/petshop'}
},
}
}
Datasource configuration uses a hash with elements that match JBoss-CLI datasource add elements name.
Configure Database Property, only works for normal datasources
wildfly::datasources::db_property { 'DemoDbProperty':
value => 'demovalue',
database => 'ExampleDS',
}
HTTPS/SSL
Wildfly 8+
wildfly::undertow::https { 'https':
socket_binding => 'https',
keystore_path => '/vagrant/identitystore.jks',
keystore_password => 'changeit',
key_alias => 'demo',
key_password => 'changeit'
}
JBoss AS7/EAP 6
wildfly::web::connector { 'https':
scheme => 'https',
protocol => 'HTTP/1.1',
socket_binding => 'https',
enable_lookups => false,
secure => true,
}
->
wildfly::web::ssl { 'ssl':
connector => 'https',
protocol => 'TLSv1,TLSv1.1,TLSv1.2',
password => 'changeit',
key_alias => 'demo',
certificate_key_file => '/opt/identitykeystore.jks',
cipher_suite => 'TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA',
}
Sample identity store configuration with puppetlabs-java_ks
java_ks { 'demo:/opt/identitystore.jks':
ensure => latest,
certificate => '/opt/demo.pub.crt',
private_key => '/opt/demo.private.pem',
path => '/usr/java/jdk1.7.0_75/bin/',
password => 'changeit',
}
Server Reload
Some configurations like SSL and modcluster requires a server reload (i.e. server-state = reload-required
), and it can be achieved with the following snippet:
## a_resource_that_requires_reload_when_changed {}
~>
wildfly::reload { 'Reload if necessary':
retries => 2,
wait => 15,
}
Or
wildfly::cli { 'Reload if necessary':
command => ':reload',
onlyif => '(result == reload-required) of :read-attribute(name=server-state)'
}
Even operation-headers can do the trick in some cases:
wildfly::resource { '/some=resource':
operation_headers => {
'allow-resource-service-restart' => true,
}
}
Messaging
NOTE:
full
profiles only
wildfly::messaging::queue { 'DemoQueue':
durable => true,
entries => ['java:/jms/queue/DemoQueue'],
selector => "MessageType = 'AddRequest'"
}
wildfly::messaging::topic { 'DemoTopic':
entries => ['java:/jms/topic/DemoTopic']
}
Wildfly 10/EAP 7+ replaced HornetQ with ActiveMQ and queue/topic management is slightly different:
wildfly::messaging::activemq::queue { 'DemoQueue':
durable => true,
entries => ['java:/jms/queue/DemoQueue'],
selector => "MessageType = 'AddRequest'"
}
wildfly::messaging::activemq::topic { 'DemoTopic':
entries => ['java:/jms/topic/DemoTopic']
}
Logging
wildfly::logging::category { 'DemoCategory':
level => 'DEBUG',
use_parent_handlers => false,
handlers => ['DemoHandler']
}
System Property
wildfly::system::property { 'DemoSysProperty':
value => 'demovalue'
}
Modcluster
NOTE:
full
andha
profiles only
wildfly::modcluster::config { "Modcluster mybalancer":
balancer => 'mybalancer',
load_balancing_group => 'demolb',
proxy_url => '/',
proxy_list => '127.0.0.1:6666'
}
NOTE: For apache/httpd mod_cluster configuration check ::apache::mod::cluster
JGroups
NOTE:
ha
profiles only
wildfly::jgroups::stack::tcpgossip { 'TCPGOSSIP':
initial_hosts => '172.28.128.1[12001]',
num_initial_members => 2
}
wildfly::jgroups::stack::tcpping { 'TCPPING':
initial_hosts => '172.28.128.10[7600],17228.128.20[7600]',
num_initial_members => 2
}
Limitations
Some of this module public defined types (widfly::datasources
, wildfly::messaging
, wildfly::undertow
, etc) were built for Wildfly 8.x and may not work with other versions. When there is a proven alternative for a different version, examples might be provided, otherwise you'll need to build your own abstraction using wildfly_resource
or wildfly::resource
.
One discussed approach would be to generate defined types based on Wildfly's configuration schemas ($WILDFLY_HOME/docs/schema
) or DMR (See Issue 174).
JBoss EAP only works with RHEL-based OS's unless you provide custom scripts.
This bug might also be a problem for standalone-full-ha
users of JBoss EAP < 7.
Development
Testing
This module uses puppet-lint, rubocop, rspec-puppet, beaker and travis-ci. We hope you use them before submitting your PR.
gem install bundler --no-rdoc --no-ri
bundle install --without development
bundle exec rake syntax
bundle exec rake lint
bundle exec rubocop
bundle exec rake spec
Acceptance tests (Beaker) can be executed using ./acceptance.sh
. There is a 4x6 matrix (Wildfly 8/8.2/9/10 X Centos 6/7, Debian 7/8, Ubuntu 12.04/14.04).
I suggest you create a ~/.vagrant.d/Vagrantfile
file and install vagrant-cachier
plugin with the following content to speed up the execution:
Vagrant.configure(2) do |config|
if Vagrant.has_plugin?('vagrant-cachier')
config.cache.scope = :box
config.cache.enable :yum
config.cache.enable :apt
config.cache.enable :generic, 'wget' => { cache_dir: '/var/cache/wget' }
end
end
It takes ~3 minutes per test.
New features
JBoss/Wildfly configuration management is based on three custom types, wildfly_resource
, wildfly_cli
and wildfly_deployment
. And you can do virtually any configuration that is possible through JBoss-CLI or XML configuration using them.
So, before build your awesome definition to manage a new resource or introduce a new configuration in an existing resource, check wildfly::*
(wildfly::deployment
, wildfly::datasources::*
, wildfly::undertow::*
, wildfly::messaging::*
) for guidance.
If you can't figure out how to achieve your configuration, feel free to open an issue.
Author/Contributors
- Edwin Biemond (biemond at gmail dot com)
- Jairo Junior (junior.jairo1 at gmail dot com)
- More
Documentation
Comprehensive documentation generated by puppet-strings can be found online
Types in this module release
History
2.3.2
- Fixes to CLI parser
- Improve init paramters
2.3.1
- Fix install_source validation
2.3.0
- Override wildfly user home
- Support for overlays installation
- Fixes for EL7 systemd unit file
- Parameterized username, password, host and port on resource wrappers
2.2.0
- Fix title patterns.
- Fix unauthorized race condition.
- Fix systemd service permissions
- JMS Connection Factory
2.1.0
- Fix class containment in init.pp
- Fix undefined comparison for wildfly::cli
- Remove string comparison support.
- Remove sorting of array elements.
- Remove data obfuscation for sensitive values.
- Refactor wildfly_resource to use Puppet::Property subclass.
2.0.3
- Introduce data types.
- Remove unnecessary v1 code.
- Introduce external facts.
- Fix patch::online
2.0.2
- Fix wildfly_resource's with array of hashes values.
- Allow custom templates or file for module.xml.
- Support for jgroups stacks
- Rewrite functions in Puppet language.
2.0.1
- Bring cache_dir back.
- Introduce deployment cache dir.
- Remove WILDFLY_HOME management with package installation in order to proper support packages.
2.0.0
- Introduce Puppet 4 features (epp, data types and etc)
- Introduce puppet-strings
- Small fixes fori JBoss-CLI Parser.
1.2.8
- Fix summary
- Improve CLI parser error message
1.2.7
- Keep compatibility with Ruby 1.8.7 (necessary while claiming compatibility with 2.7/3.8)
1.2.6
- Major wildfly_resource refactor
- Recursively stringify array values to avoid non-idempotent behavior
- Allow resources with special characters in its name using quotes
1.2.5
- Fix for deployment in domain mode
- Fix custom types docs.
1.2.4
- Fix for wildfly 10 with systemd
1.2.3
- Use composite namevar for wildfly_resource to allow management of multiple instance from a single node.
- EAP7 topics and queues.
- Infinispan/JDG template.
1.2.2
- Update supported OS's list and add propert suport for upstart through sysvinit
- Introduce remote_user parameter
1.2.1
- Use a unique name for service resource with different name attribute value.
1.2.0
- Installation from system packages
- Bundle gems with the module
1.1.0
- Introduce patch management feature
- Move providers dependencies to a single place
1.0.1
- Fix for Wildfly 10 with systemd.
1.0.0
- Improve domain support
- Out of the box support for a wide range of versions (EAP 6.1+/EAP7, Wildfly 8/9/10)
- Better tests/code coverage, both unit and acceptance (version X OS matrix).
- Use properties file instead of Augeas to manage port/address binding.
- Introduce a proper CLI parser.
- Lots of minor issues fixes.
- Support for operation-headers in wildfly_resource and wildfly_deployment.
- Move things from wildfly::util to wildfly.
- Major refactoring of custom types/providers and puppet_x namespace.
0.5.7
- Replace each_with_object (193) with inject (187)
0.5.6
- Fix wildfly_resource when non managed properties are a hash
0.5.5
- Fix non idempotent behavior in wildfly_resource when resource contains a nested hash.
- Obfuscate sensitive data in wildfly_resource change_to_s.
0.5.4
- Fix for digest authentication in Wildfly 10.
- Fix wildfly_cli should_execute? condition
- Excluded-contexts for modcluster configuration.
- HTTPS support for AS7/EAP6.
0.5.3
- Fix for true/false comparison in custom types.
- Improved wildfly::modcluster::config.
- Fix version comparison.
- SSL for Wildfly 9+
- Still support Ruby 1.8.7.
0.5.2
- Support file and puppet protocol for module/deployment installation
- Download timeout parameter
- Login module management
- Optional package dependencies management
- wildfly_reload custom type/provider
- Fix wildfly service in EL7
- Fix wildfly_resource when HTTP API return numbers
- Support digest authentication
- Ignore HTTP Proxy in net/http
- Improve acceptance tests
0.5.1
- Support datasource database properties
- Support logging::category, only for full profiles
- Support system property, only for full profiles
- Be able to provide your own service wildfly initd script
- Wildfy Service enable & ensure parameters
- Fix module installation
0.5.0
- Removed nanliu-archive dependency
- Removed nexus deployment support
- Rename deploy to deployment
- Simplify user management
0.4.3
- Allow setting the uid/gid for the wildfly user and group
- Uses JBOSS_OPTS to configure socket binding and bind address. (Operation mode independent)
- Improve Domain mode support. (Easy master/slave setup)
- User management defined types name refactor. (Breaking change)
- Non destructive update initial support.
0.4.2
- Adds timeout parameter for wildfly_deploy custom type.
0.4.1
- Template fixes so it also works for puppet 4.2.1
- Standalone mode also works with an empty java_opts
0.4.0
- Unified deploy for domain/standalone modes (wildfly::deploy)
- Removed wildfly::standalone namespace since domain and standalone configurations share the same defitions
- Fix wildfly service to detect profile changes
- Remove params of private classes. init.pp is suposed to be the only public class.
0.3.7
- Update README.md content and format to follow recommended guidelines
- Add acceptance test for Wildfly 9
0.3.6
- Service needs to restart if we change anything in the standalone.conf
- Several fixes for domain mode
- Support escaped slashes in resource names
- Support ensure parameter in resource util
- Support installing non-system modules
- Update definitions optional parameters.
- CLI, Support for 'has' operator to check if item is in array
0.3.5
- Changes to allow wildfly module to deploy jboss EAP
- java_opts parameters which will override the default
- puppet 4 templates path fix
- XA datasource support
0.3.4
- deploy from nexus
- manage_user parameter for controling the default creation of the wildfly user/group
0.3.3
- Beaker unit tests for CentOS 6.6, 7.0 and Debian 7
- fix debian wildlfy configuration file /etc/default/wildfly
0.3.2
- More improvements
0.3.1
- Code quality improvement and support for onlyif in wildfly_cli
0.3.0
- Introducing custom types/providers in replacement of cli-wrapper and jboss-cli.sh. These custom types/providers use HTTP API instead of JBoss-CLI. It maks it 5-10x faster and easier to maintain. More info here: cpitman/puppet-jboss_admin#68
- Using archive in replacement of wget cause it's faster and incredible simple.
- Removing nexus deployment support since cescoffier/puppet-nexus is not in forge and not being active developed, I'll try to work on a PR for archive (some sort of archive::nexus) and have a single define for deployment that accepts multiple formats of deployment.
- Users still can download from Nexus outside deploy and pass file URL as a parameter.
0.2.4
- Debian fix so wildfly-init-debian.sh will be used instead of redhat
0.2.3
- update readme
0.2.2
- Configure wildfly log with console_log parameter
- Deployment option
- User management
- Module installation
- Datasource configuration
- HTTPS/SSL & Identity store
- Modcluster (Only for HA profiles)
- Messaging Queue or Topics
0.2.1
- All port & interface sed actions has been replaced by augeas
0.2.0
- Major re-factoring by Jairo Junior
- Extracted some resources to new manifests in order to avoid excessive relationships (require, notify, before, after, etc).
- Created new manifests to express new concepts (wildfly user management).
- Removed shell script templates in order to use package script (wildfly/bin/init.d).
- Using only class { 'wildfly' } instead of class { 'wildfly:install' } cause it gives the impression that i am able to instantiate multiple instances*, like tomcat module (https://forge.puppetlabs.com/puppetlabs/tomcat).
- Removing $install_file parameter cause it can be inferred (file_name_from_url.rb).
- The wildfly management user password is declared in plain text and hash is performed internally (password_hash.rb).
- Introduced new dependencies (wget and stdlib)
0.1.9
- some exec executed on every puppet run
0.1.8
- Added license
- Support for Wildfly 8.2
- Removed the password on the wildfly user
0.1.7
- fix for updating user mgmt file
0.1.6
- Fix for Debian, Ubuntu
Dependencies
- puppetlabs/stdlib (>=4.13.1 < 5.0.0)
- jethrocarr/initfact (>=1.0.1 < 2.0.0)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.