Martin Peřina has uploaded a new change for review. Change subject: setup: Adds service configuration based on provided JBoss ......................................................................
setup: Adds service configuration based on provided JBoss Adds detection of provided JBoss version (WildFly 8 or EAP 6) and links service configuration file ovirt-engine.xml.in based on detected version. Change-Id: Ic35f8a0c276735b9685affea1e068f6ef7298f8c Bug-Url: https://bugzilla.redhat.com/1121327 Signed-off-by: Martin Perina <mper...@redhat.com> --- R packaging/services/ovirt-engine/ovirt-engine-eap.xml.in A packaging/services/ovirt-engine/ovirt-engine-wildfly.xml.in M packaging/setup/ovirt_engine_setup/engine/constants.py M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/jboss.py 4 files changed, 737 insertions(+), 32 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/52/40152/1 diff --git a/packaging/services/ovirt-engine/ovirt-engine.xml.in b/packaging/services/ovirt-engine/ovirt-engine-eap.xml.in similarity index 82% rename from packaging/services/ovirt-engine/ovirt-engine.xml.in rename to packaging/services/ovirt-engine/ovirt-engine-eap.xml.in index 0294afc..8f4eef6 100644 --- a/packaging/services/ovirt-engine/ovirt-engine.xml.in +++ b/packaging/services/ovirt-engine/ovirt-engine-eap.xml.in @@ -1,4 +1,4 @@ -<?xml version="1.0" ?> +<?xml version='1.0' encoding='UTF-8'?> <server xmlns="urn:jboss:domain:1.1"> @@ -33,24 +33,26 @@ <!-- Enable compression for html content and REST api --> <property name="org.apache.coyote.http11.Http11Protocol.COMPRESSION" value="on"/> - <property name="org.apache.coyote.http11.Http11Protocol.COMPRESSION_MIME_TYPES" value="text/javascript,text/css,text/html,text/xml,text/json,application/x-yaml,application/xml,application/json"/> + <property + name="org.apache.coyote.http11.Http11Protocol.COMPRESSION_MIME_TYPES" + value="text/javascript,text/css,text/html,text/xml,text/json,application/x-yaml,application/xml,application/json"/> </system-properties> - <!-- We need to enable the management subsystem because it is an - indirect dependency of the Infinispan subsystem (since version - 7.2 of the application server) but at the same time we don't - want anyone (other than the root and ovirt users) to be able - to connect to the management port, so we just use an empty - users file: --> <management> <security-realms> + <!-- We need to enable the management subsystem because it is an indirect + dependency of the Infinispan subsystem (since version 7.2 of the + application server) but at the same time we don't want anyone (other + than the root and ovirt users) to be able to connect to the + management port, so we just use an empty users file: --> <security-realm name="management"> <authentication> <properties path="/dev/null"/> </authentication> </security-realm> </security-realms> + <management-interfaces> <native-interface security-realm="management"> <socket-binding native="management"/> @@ -59,10 +61,11 @@ </management> <profile> - <subsystem xmlns="urn:jboss:domain:logging:1.1"> - - <custom-handler name="ovirt-logger" class="org.ovirt.engine.core.logger.LoggerHandler" module="org.ovirt.engine.core.logger"> + <custom-handler + name="ovirt-logger" + class="org.ovirt.engine.core.logger.LoggerHandler" + module="org.ovirt.engine.core.logger"> <level name="ALL"/> </custom-handler> @@ -114,9 +117,9 @@ <handlers> <handler name="ENGINE"/> <handler name="ovirt-logger"/> - #if $getboolean('ENGINE_LOG_TO_CONSOLE') - <handler name="CONSOLE"/> - #end if + #if $getboolean('ENGINE_LOG_TO_CONSOLE') + <handler name="CONSOLE"/> + #end if </handlers> </logger> <logger category="org.ovirt.engine.core.bll"> @@ -136,13 +139,10 @@ <handler name="SERVER"/> </handlers> </root-logger> - </subsystem> <subsystem xmlns="urn:jboss:domain:datasources:1.0"> - <datasources> - <datasource jndi-name="java:/ENGINEDataSource" pool-name="ENGINEDataSource" enabled="true" use-ccm="false"> <connection-url><![CDATA[$getstring('ENGINE_DB_URL')]]></connection-url> <driver>postgresql</driver> @@ -166,7 +166,12 @@ </validation> </datasource> - <datasource jndi-name="java:/ENGINEDataSourceNoJTA" pool-name="ENGINEDataSourceNoJTA" enabled="true" use-ccm="false" jta="false"> + <datasource + jndi-name="java:/ENGINEDataSourceNoJTA" + pool-name="ENGINEDataSourceNoJTA" + enabled="true" + use-ccm="false" + jta="false"> <connection-url><![CDATA[$getstring('ENGINE_DB_URL')]]></connection-url> <driver>postgresql</driver> <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation> @@ -194,17 +199,15 @@ <xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class> </driver> </drivers> - </datasources> - </subsystem> <subsystem xmlns="urn:jboss:domain:deployment-scanner:1.1"> <deployment-scanner path="$jboss_runtime/deployments" deployment-timeout="1200" #if $getboolean('ENGINE_DEPLOYMENT_SCANNER') - scan-interval="5000" + scan-interval="5000" #else - scan-interval="0" + scan-interval="0" #end if /> </subsystem> @@ -225,8 +228,16 @@ </mdb> <pools> <bean-instance-pools> - <strict-max-pool name="slsb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> - <strict-max-pool name="mdb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> + <strict-max-pool + name="slsb-strict-max-pool" + max-pool-size="20" + instance-acquisition-timeout="5" + instance-acquisition-timeout-unit="MINUTES"/> + <strict-max-pool + name="mdb-strict-max-pool" + max-pool-size="20" + instance-acquisition-timeout="5" + instance-acquisition-timeout-unit="MINUTES"/> </bean-instance-pools> </pools> <caches> @@ -246,7 +257,11 @@ </subsystem> <subsystem xmlns="urn:jboss:domain:infinispan:1.1" default-cache-container="ovirt-engine"> - <cache-container name="ovirt-engine" default-cache="timeout-base" jndi-name="java:jboss/infinispan/ovirt-engine" start="EAGER"> + <cache-container + name="ovirt-engine" + default-cache="timeout-base" + jndi-name="java:jboss/infinispan/ovirt-engine" + start="EAGER"> <local-cache name="timeout-base"> <transaction mode="NONE"/> <eviction max-entries="10000"/> @@ -258,7 +273,7 @@ <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/> <subsystem xmlns="urn:jboss:domain:jca:1.1"> - <archive-validation enabled="false" fail-on-error="false" fail-on-warn="false"/> + <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/> <bean-validation enabled="true"/> <default-workmanager> <short-running-threads> @@ -302,11 +317,13 @@ </login-module> </authentication> </security-domain> + <security-domain name="jboss-web-policy" cache-type="default"> <authorization> <policy-module code="Delegating" flag="required"/> </authorization> </security-domain> + <security-domain name="jboss-ejb-policy" cache-type="default"> <authorization> <policy-module code="Delegating" flag="required"/> @@ -326,7 +343,6 @@ </login-module> </authentication> </security-domain> - </security-domains> </subsystem> @@ -344,15 +360,37 @@ <subsystem xmlns="urn:jboss:domain:web:1.1" native="false" default-virtual-server="default-host"> #if $getboolean('ENGINE_HTTP_ENABLED') - <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http" redirect-port="$getinteger('ENGINE_HTTPS_PORT')"/> + <connector + name="http" + protocol="HTTP/1.1" + scheme="http" + socket-binding="http" + redirect-port="$getinteger('ENGINE_HTTPS_PORT')"/> #end if #if $getboolean('ENGINE_HTTPS_ENABLED') - <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true"> - <ssl name="ssl" password="mypass" certificate-key-file="$getstring('ENGINE_PKI')/keys/jboss.p12" keystore-type="PKCS12" key-alias="1" protocol="$getstring('ENGINE_HTTPS_PROTOCOLS')" verify-client="false"/> + <connector + name="https" + protocol="HTTP/1.1" + scheme="https" + socket-binding="https" + secure="true"> + <ssl + name="ssl" + password="mypass" + certificate-key-file="$getstring('ENGINE_PKI')/keys/jboss.p12" + keystore-type="PKCS12" + key-alias="1" + protocol="$getstring('ENGINE_HTTPS_PROTOCOLS')" + verify-client="false"/> </connector> #end if #if $getboolean('ENGINE_AJP_ENABLED') - <connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp" redirect-port="$getinteger('ENGINE_PROXY_HTTPS_PORT')"/> + <connector + name="ajp" + protocol="AJP/1.3" + scheme="http" + socket-binding="ajp" + redirect-port="$getinteger('ENGINE_PROXY_HTTPS_PORT')"/> #end if <virtual-server name="default-host" enable-welcome-root="false"> <alias name="localhost"/> @@ -387,5 +425,4 @@ <socket-binding name="txn-status-manager" port="8705"/> <socket-binding name="management" port="8706"/> </socket-binding-group> - </server> diff --git a/packaging/services/ovirt-engine/ovirt-engine-wildfly.xml.in b/packaging/services/ovirt-engine/ovirt-engine-wildfly.xml.in new file mode 100644 index 0000000..3ec259a --- /dev/null +++ b/packaging/services/ovirt-engine/ovirt-engine-wildfly.xml.in @@ -0,0 +1,598 @@ +<?xml version='1.0' encoding='UTF-8'?> + +<server xmlns="urn:jboss:domain:2.1"> + + <extensions> + <extension module="org.jboss.as.clustering.infinispan"/> + <extension module="org.jboss.as.connector"/> + <extension module="org.jboss.as.deployment-scanner"/> + <extension module="org.jboss.as.ee"/> + <extension module="org.jboss.as.ejb3"/> + <extension module="org.jboss.as.jaxrs"/> + <extension module="org.jboss.as.jdr"/> + <extension module="org.jboss.as.jmx"/> + <extension module="org.jboss.as.jpa"/> + <extension module="org.jboss.as.jsf"/> + <extension module="org.jboss.as.logging"/> + <extension module="org.jboss.as.mail"/> + <extension module="org.jboss.as.naming"/> + <extension module="org.jboss.as.pojo"/> + <extension module="org.jboss.as.remoting"/> + <extension module="org.jboss.as.sar"/> + <extension module="org.jboss.as.security"/> + <extension module="org.jboss.as.transactions"/> + <extension module="org.jboss.as.weld"/> + <extension module="org.wildfly.extension.batch"/> + <extension module="org.wildfly.extension.io"/> + <extension module="org.wildfly.extension.undertow"/> + </extensions> + + <system-properties> + <!-- Don't let quartz call home to check for updates: --> + <property name="org.quartz.scheduler.skipUpdateCheck" value="true"/> + + <!-- Configure quartz thread pool: --> + <property name="org.quartz.threadPool.class" value="org.quartz.simpl.SimpleThreadPool"/> + <property name="org.quartz.threadPool.threadCount" value="100"/> + <property name="org.quartz.jobStore.misfireThreshold" value="60000"/> + <property name="org.quartz.jobStore.class" value="org.quartz.simpl.RAMJobStore"/> + + </system-properties> + + <management> + <security-realms> + <!-- We need to enable the management subsystem because it is an indirect + dependency of the Infinispan subsystem (since version 7.2 of the + application server) but at the same time we don't want anyone (other + than the root and ovirt users) to be able to connect to the + management port, so we just use an empty users file: --> + <security-realm name="management"> + <authentication> + <properties path="/dev/null"/> + </authentication> + </security-realm> + + #if $getboolean('ENGINE_HTTPS_ENABLED') + <!-- This is required by the HTTPS listener: --> + <security-realm name="https"> + <server-identities> + <ssl> + <keystore + alias="1" + key-password="mypass" + keystore-password="mypass" + path="$getstring('ENGINE_PKI')/keys/jboss.p12" + provider="PKCS12" + /> + </ssl> + </server-identities> + </security-realm> + #end if + </security-realms> + + <management-interfaces> + <http-interface security-realm="management" http-upgrade-enabled="true"> + <socket-binding http="management"/> + </http-interface> + </management-interfaces> + </management> + + <profile> + <subsystem xmlns="urn:jboss:domain:logging:2.0"> + <custom-handler + name="ovirt-logger" + class="org.ovirt.engine.core.logger.LoggerHandler" + module="org.ovirt.engine.core.logger"> + <level name="ALL"/> + </custom-handler> + + <!-- All the application server messages go here: --> + <file-handler name="SERVER"> + <level name="INFO"/> + <formatter> + <pattern-formatter pattern="%d %-5p [%c] (%t) %s%E%n"/> + </formatter> + <file path="$getstring('ENGINE_LOG')/server.log"/> + <append value="true"/> + </file-handler> + + <!-- Only the engine messages go here: --> + <file-handler name="ENGINE" autoflush="true"> + <level name="ALL"/> + <formatter> + <pattern-formatter pattern="%d %-5p [%c] (%t) [%X{ovirtCorrelationId}] %s%E%n"/> + </formatter> + <file path="$getstring('ENGINE_LOG')/engine.log"/> + <append value="true"/> + </file-handler> + + <!-- Console --> + <console-handler name="CONSOLE" autoflush="true"> + <level name="ALL"/> + <formatter> + <pattern-formatter pattern="%d %-5p [%c] (%t) [%X{ovirtCorrelationId}] %s%E%n"/> + </formatter> + </console-handler> + + <!-- Loggers for the application server: --> + <logger category="com.arjuna"> + <level name="WARN"/> + </logger> + <logger category="org.apache.tomcat.util"> + <level name="WARN"/> + </logger> + <logger category="sun.rmi"> + <level name="WARN"/> + </logger> + <logger category="jacorb"> + <level name="WARN"/> + </logger> + <logger category="jacorb.config"> + <level name="ERROR"/> + </logger> + + <!-- Loggers for the engine: --> + <logger category="org.ovirt" use-parent-handlers="false"> + <level name="INFO"/> + <handlers> + <handler name="ENGINE"/> + <handler name="ovirt-logger"/> + #if $getboolean('ENGINE_LOG_TO_CONSOLE') + <handler name="CONSOLE"/> + #end if + </handlers> + </logger> + <logger category="org.ovirt.engine.core.bll"> + <level name="INFO"/> + </logger> + <logger category="org.ovirt.engine.core.dal.dbbroker.PostgresDbEngineDialect\$PostgresJdbcTemplate"> + <level name="WARN"/> + </logger> + <logger category="org.springframework.ldap"> + <level name="ERROR"/> + </logger> + + <root-logger> + <level name="INFO"/> + <handlers> + <handler name="ovirt-logger"/> + <handler name="SERVER"/> + </handlers> + </root-logger> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:batch:1.0"> + <job-repository> + <in-memory/> + </job-repository> + + <thread-pool> + <max-threads count="10"/> + <keepalive-time time="30" unit="seconds"/> + </thread-pool> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:datasources:2.0"> + <datasources> + <datasource jndi-name="java:/ENGINEDataSource" pool-name="ENGINEDataSource" enabled="true" use-ccm="false"> + <connection-url><![CDATA[$getstring('ENGINE_DB_URL')]]></connection-url> + <driver>postgresql</driver> + <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation> + <pool> + <min-pool-size>$getinteger('ENGINE_DB_MIN_CONNECTIONS')</min-pool-size> + <max-pool-size>$getinteger('ENGINE_DB_MAX_CONNECTIONS')</max-pool-size> + <prefill>true</prefill> + </pool> + <security> + <user-name><![CDATA[$getstring('ENGINE_DB_USER')]]></user-name> + <password><![CDATA[$getstring('ENGINE_DB_PASSWORD')]]></password> + </security> + <statement> + <prepared-statement-cache-size>100</prepared-statement-cache-size> + <share-prepared-statements/> + </statement> + <validation> + <validate-on-match>true</validate-on-match> + <check-valid-connection-sql>select 1</check-valid-connection-sql> + </validation> + </datasource> + + <datasource + jndi-name="java:/ENGINEDataSourceNoJTA" + pool-name="ENGINEDataSourceNoJTA" + enabled="true" + use-ccm="false" + jta="false"> + <connection-url><![CDATA[$getstring('ENGINE_DB_URL')]]></connection-url> + <driver>postgresql</driver> + <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation> + <pool> + <min-pool-size>$getinteger('ENGINE_NON_JTA_DB_MIN_CONNECTIONS')</min-pool-size> + <max-pool-size>$getinteger('ENGINE_NON_JTA_DB_MAX_CONNECTIONS')</max-pool-size> + <prefill>true</prefill> + </pool> + <security> + <user-name><![CDATA[$getstring('ENGINE_DB_USER')]]></user-name> + <password><![CDATA[$getstring('ENGINE_DB_PASSWORD')]]></password> + </security> + <statement> + <prepared-statement-cache-size>100</prepared-statement-cache-size> + <share-prepared-statements/> + </statement> + <validation> + <validate-on-match>true</validate-on-match> + <check-valid-connection-sql>select 1</check-valid-connection-sql> + </validation> + </datasource> + + <drivers> + <driver name="postgresql" module="org.postgresql"> + <xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class> + </driver> + </drivers> + </datasources> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0"> + <deployment-scanner path="$jboss_runtime/deployments" deployment-timeout="1200" + #if $getboolean('ENGINE_DEPLOYMENT_SCANNER') + scan-interval="5000" + #else + scan-interval="0" + #end if + /> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:ee:2.0"> + <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement> + + <concurrent> + <context-services> + <context-service + name="default" + jndi-name="java:jboss/ee/concurrency/context/default" + use-transaction-setup-provider="true"/> + </context-services> + + <managed-executor-services> + <managed-executor-service + name="default" + jndi-name="java:jboss/ee/concurrency/executor/default" + context-service="default" + hung-task-threshold="60000" + core-threads="5" + max-threads="25" + keepalive-time="5000"/> + </managed-executor-services> + + <managed-scheduled-executor-services> + <managed-scheduled-executor-service + name="default" + jndi-name="java:jboss/ee/concurrency/scheduler/default" + context-service="default" + hung-task-threshold="60000" + core-threads="2" + keepalive-time="3000"/> + </managed-scheduled-executor-services> + + <managed-thread-factories> + <managed-thread-factory + name="default" + jndi-name="java:jboss/ee/concurrency/factory/default" + context-service="default"/> + </managed-thread-factories> + </concurrent> + + <default-bindings + context-service="java:jboss/ee/concurrency/context/default" + jms-connection-factory="java:jboss/DefaultJMSConnectionFactory" + managed-executor-service="java:jboss/ee/concurrency/executor/default" + managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" + managed-thread-factory="java:jboss/ee/concurrency/factory/default"/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:ejb3:2.0"> + <session-bean> + <stateful default-access-timeout="300000" cache-ref="simple" passivation-disabled-cache-ref="simple"/> + <singleton default-access-timeout="300000"/> + </session-bean> + <pools> + <bean-instance-pools> + <strict-max-pool + name="slsb-strict-max-pool" + max-pool-size="20" + instance-acquisition-timeout="5" + instance-acquisition-timeout-unit="MINUTES"/> + <strict-max-pool + name="mdb-strict-max-pool" + max-pool-size="20" + instance-acquisition-timeout="5" + instance-acquisition-timeout-unit="MINUTES"/> + </bean-instance-pools> + </pools> + <caches> + <cache name="simple"/> + <cache name="distributable" aliases="passivating clustered" passivation-store-ref="infinispan"/> + </caches> + <passivation-stores> + <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/> + </passivation-stores> + <async thread-pool-name="default"/> + <timer-service thread-pool-name="default" default-data-store="default-file-store"> + <data-stores> + <file-data-store name="default-file-store" path="$getstring('ENGINE_VAR')/timer-service-data"/> + </data-stores> + </timer-service> + <thread-pools> + <thread-pool name="default"> + <max-threads count="10"/> + <keepalive-time time="100" unit="milliseconds"/> + </thread-pool> + </thread-pools> + <default-security-domain value="other"/> + <default-missing-method-permissions-deny-access value="true"/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:io:1.1"> + <worker name="default"/> + <buffer-pool name="default"/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:infinispan:2.0"> + <cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan"> + <local-cache name="passivation" batching="true"> + <file-store passivation="true" purge="false"/> + </local-cache> + <local-cache name="persistent" batching="true"> + <file-store passivation="false" purge="false"/> + </local-cache> + </cache-container> + + <cache-container + name="ejb" + aliases="sfsb" + default-cache="passivation" + module="org.wildfly.clustering.ejb.infinispan"> + <local-cache name="passivation" batching="true"> + <file-store passivation="true" purge="false"/> + </local-cache> + <local-cache name="persistent" batching="true"> + <file-store passivation="false" purge="false"/> + </local-cache> + </cache-container> + + <cache-container name="hibernate" default-cache="local-query" module="org.hibernate"> + <local-cache name="entity"> + <transaction mode="NON_XA"/> + <eviction strategy="LRU" max-entries="10000"/> + <expiration max-idle="100000"/> + </local-cache> + <local-cache name="local-query"> + <transaction mode="NONE"/> + <eviction strategy="LRU" max-entries="10000"/> + <expiration max-idle="100000"/> + </local-cache> + <local-cache name="timestamps"> + <transaction mode="NONE"/> + <eviction strategy="NONE"/> + </local-cache> + </cache-container> + + <cache-container + name="ovirt-engine" + default-cache="timeout-base" + start="EAGER" + jndi-name="java:jboss/infinispan/ovirt-engine"> + <local-cache name="timeout-base"> + <transaction mode="NONE"/> + <eviction max-entries="10000"/> + <expiration interval="60000"/> + </local-cache> + </cache-container> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/> + + <subsystem xmlns="urn:jboss:domain:jca:2.0"> + <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/> + <bean-validation enabled="true"/> + <default-workmanager> + <short-running-threads> + <core-threads count="50"/> + <queue-length count="50"/> + <max-threads count="50"/> + <keepalive-time time="10" unit="seconds"/> + </short-running-threads> + <long-running-threads> + <core-threads count="50"/> + <queue-length count="50"/> + <max-threads count="50"/> + <keepalive-time time="10" unit="seconds"/> + </long-running-threads> + </default-workmanager> + <cached-connection-manager/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:jdr:1.0"/> + + <subsystem xmlns="urn:jboss:domain:jmx:1.3"> + <expose-resolved-model/> + <expose-expression-model/> + <remoting-connector/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:jpa:1.1"> + <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:jsf:1.0"/> + + <subsystem xmlns="urn:jboss:domain:mail:2.0"/> + + <subsystem xmlns="urn:jboss:domain:naming:2.0"> + <remote-naming/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:pojo:1.0"/> + + <subsystem xmlns="urn:jboss:domain:remoting:2.0"> + <endpoint worker="default"/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:resource-adapters:2.0"/> + + <subsystem xmlns="urn:jboss:domain:sar:1.0"/> + + <subsystem xmlns="urn:jboss:domain:security:1.2"> + + <security-domains> + <security-domain name="other" cache-type="default"> + <authentication> + <login-module code="Remoting" flag="optional"> + <module-option name="password-stacking" value="useFirstPass"/> + </login-module> + <login-module code="RealmDirect" flag="required"> + <module-option name="password-stacking" value="useFirstPass"/> + </login-module> + </authentication> + </security-domain> + + <security-domain name="jboss-web-policy" cache-type="default"> + <authorization> + <policy-module code="Delegating" flag="required"/> + </authorization> + </security-domain> + + <security-domain name="jboss-ejb-policy" cache-type="default"> + <authorization> + <policy-module code="Delegating" flag="required"/> + </authorization> + </security-domain> + + <security-domain name="oVirtKerb"> + <authentication> + <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required"/> + </authentication> + </security-domain> + + <security-domain name="oVirtKerbDebug"> + <authentication> + <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required"> + <module-option name="debug" value="true"/> + </login-module> + </authentication> + </security-domain> + </security-domains> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:transactions:2.0"> + <core-environment> + <process-id> + <uuid/> + </process-id> + </core-environment> + <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:undertow:1.1"> + <buffer-cache name="default"/> + + <server name="default-server"> + <!-- Listeners defined in the engine configuration: --> + #if $getboolean('ENGINE_HTTP_ENABLED') + <http-listener + name="http" + redirect-socket="redirect" + socket-binding="http" + /> + #end if + #if $getboolean('ENGINE_HTTPS_ENABLED') + <https-listener + name="https" + socket-binding="https" + security-realm="https" + enabled-protocols="$getstring('ENGINE_HTTPS_PROTOCOLS')" + /> + #end if + #if $getboolean('ENGINE_AJP_ENABLED') + <ajp-listener + name="ajp" + socket-binding="ajp" + redirect-socket="redirect" + /> + #end if + + <!-- Configure the compression filter so that it will compress all the + HTML static content and the output of the RESTAPI: --> + <host name="default-host" alias="localhost"> + <filter-ref + name="gzip" + predicate='regex[pattern="(text/(css|html|javascript|json|xml))|(application/(json|xml))", value=%{o,content-type}, full-match=true]' + /> + </host> + </server> + + <servlet-container name="default"> + <jsp-config/> + </servlet-container> + + <!-- Enable the gzip compression filter: --> + <filters> + <gzip name="gzip"/> + </filters> + </subsystem> + + <subsystem xmlns="urn:jboss:domain:weld:2.0"/> + </profile> + + <interfaces> + <interface name="loopback"> + <loopback/> + </interface> + <interface name="public"> + <any-address/> + </interface> + </interfaces> + + <socket-binding-group name="standard-sockets" default-interface="loopback"> + <!-- These are the ports where the application server will listen, if they + are enabled in the configuration: --> + #if $getboolean('ENGINE_HTTP_ENABLED') + <socket-binding + interface="public" + name="http" + port="$getinteger('ENGINE_HTTP_PORT')" + /> + #end if + #if $getboolean('ENGINE_HTTPS_ENABLED') + <socket-binding + interface="public" + name="https" + port="$getinteger('ENGINE_HTTPS_PORT')" + /> + #end if + #if $getboolean('ENGINE_AJP_ENABLED') + <socket-binding + name="ajp" + port="$getinteger('ENGINE_AJP_PORT')" + /> + #end if + + <!-- The application server never listen in this port, but it is needed to + tell the HTTP and AJP listener where to redirect HTTPS requests: --> + <socket-binding + name="redirect" + #if $getboolean('ENGINE_PROXY_ENABLED') + port="$getinteger('ENGINE_PROXY_HTTPS_PORT')" + #else if $getboolean('ENGINE_HTTPS_ENABLED') + port="$getinteger('ENGINE_HTTPS_PORT')" + #else + port="0" + #end if + /> + + <socket-binding name="txn-recovery-environment" port="8704"/> + <socket-binding name="txn-status-manager" port="8705"/> + <socket-binding name="management" port="8706"/> + </socket-binding-group> +</server> diff --git a/packaging/setup/ovirt_engine_setup/engine/constants.py b/packaging/setup/ovirt_engine_setup/engine/constants.py index 95973b6..339cde5 100644 --- a/packaging/setup/ovirt_engine_setup/engine/constants.py +++ b/packaging/setup/ovirt_engine_setup/engine/constants.py @@ -82,6 +82,19 @@ 'bin', ) + OVIRT_ENGINE_SERVICES_DIR = os.path.join( + OVIRT_ENGINE_DATADIR, + 'services', + ) + OVIRT_ENGINE_SVC_OVIRT_ENGINE_DIR = os.path.join( + OVIRT_ENGINE_SERVICES_DIR, + 'ovirt-engine', + ) + OVIRT_ENGINE_SVC_OVIRT_ENGINE_CONF = os.path.join( + OVIRT_ENGINE_SVC_OVIRT_ENGINE_DIR, + 'ovirt-engine.xml.in', + ) + OVIRT_ENGINE_DB_DIR = os.path.join( OVIRT_ENGINE_DATADIR, 'dbscripts', diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/jboss.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/jboss.py index ed6cae6..a0102c3 100644 --- a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/jboss.py +++ b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/jboss.py @@ -20,6 +20,7 @@ import gettext +import os from otopi import constants as otopicons from otopi import filetransaction, plugin, util @@ -86,5 +87,61 @@ ) ) + self._setupJBossConfig() + + def _detectJBossType(self): + rc, stdout, stderr = self.execute( + args=( + '{jbossHome}/bin/standalone.sh'.format( + jbossHome=self.environment[ + oengcommcons.ConfigEnv.JBOSS_HOME + ], + ), + '-v', + ), + # We need to bypass return code check, because by default + # standalone.sh -v returns 1 + raiseOnError=False, + envAppend={ + 'JAVA_HOME': self.environment[ + oengcommcons.ConfigEnv.JAVA_HOME + ], + }, + ) + + for line in stdout: + if 'WildFly' in line: + return 'WildFly' + elif 'JBoss EAP' in line: + return 'EAP' + + raise RuntimeError(_('Cannot detect JBoss version')) + + def _setupJBossConfig(self): + if self._detectJBossType() == 'EAP': + serviceConfig = 'ovirt-engine-eap.xml.in' + else: + serviceConfig = 'ovirt-engine-wildfly.xml.in' + + if os.path.exists( + oenginecons.FileLocations.OVIRT_ENGINE_SVC_OVIRT_ENGINE_CONF + ): + # Remove service configuration on each setup execution as provided + # JBOSS could be changed + os.remove( + oenginecons.FileLocations.OVIRT_ENGINE_SVC_OVIRT_ENGINE_CONF + ) + + os.symlink( + os.path.join( + oenginecons.FileLocations.OVIRT_ENGINE_SVC_OVIRT_ENGINE_DIR, + serviceConfig + ), + os.path.join( + oenginecons.FileLocations.OVIRT_ENGINE_SVC_OVIRT_ENGINE_DIR, + 'ovirt-engine.xml.in' + ), + ) + # vim: expandtab tabstop=4 shiftwidth=4 -- To view, visit https://gerrit.ovirt.org/40152 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ic35f8a0c276735b9685affea1e068f6ef7298f8c Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Martin Peřina <mper...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
