User Tools

Site Tools


wildfly

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
wildfly [2018/11/09 12:59]
mstraub [HTTPS & TLS Certificate]
wildfly [2020/10/29 14:13] (current)
mstraub [Timeouts]
Line 16: Line 16:
 sudo chown --no-dereference wildfly:​wildfly /​opt/​wildfly sudo chown --no-dereference wildfly:​wildfly /​opt/​wildfly
 sudo chown -HR wildfly:​wildfly /​opt/​wildfly sudo chown -HR wildfly:​wildfly /​opt/​wildfly
 +</​code>​
 +
 +Create a management user
 +<code bash>
 +sudo -u wildfly /​opt/​wildfly/​bin/​add-user.sh ​
 </​code>​ </​code>​
  
Line 22: Line 27:
 sudo -u wildfly /​opt/​wildfly/​bin/​standalone.sh sudo -u wildfly /​opt/​wildfly/​bin/​standalone.sh
 </​code>​ </​code>​
 +
 +Visit the managment console: https://​localhost:​9990
  
  
Line 40: Line 47:
 </​code>​ </​code>​
  
-==== System Service ​==== +==== systemd service ​====
- +
-=== systemd === +
- +
-Since Ubuntu 15.04 systemd replaced upstart as default init system.+
  
 Create the file ''/​etc/​systemd/​system/​wildfly.service''​ and adapt the IP to the IP the service is publicly accessible with: Create the file ''/​etc/​systemd/​system/​wildfly.service''​ and adapt the IP to the IP the service is publicly accessible with:
Line 78: Line 81:
 </​code>​ </​code>​
  
-=== Upstart === 
  
-Create ''/​etc/​init/​wildfly.conf''​ and adapt the IP to the IP the service is publicly accessible with: +==== Timeouts ====
-<​code>​ +
-start on (local-filesystems and net-device-up IFACE!=lo)+
  
-# stop on normal shutdown +In case your deployments have a long setup time you must extend the default limit of 300 seconds.
-stop on runlevel [016]+
  
-# -b binds the IP for port 8080, -bmanagement for port 9990 +Add these system properties to your ''​/​opt/​wildfly/​standalone/​configuration/​standalone.xml''​. The system-properties are a child element of server and must come after the extensions sectionThe timeout value is in seconds: 
-exec sudo -u wildfly ​/​opt/​wildfly/​bin/​standalone.sh -b 127.0.0.-bmanagement 127.0.0.1+ 
 +<code xml> 
 +<server..
 +    <​extensions>​ 
 +        ... 
 +    </​extensions>​ 
 +    <system-properties>​ 
 +        <​property name="​jboss.as.management.blocking.timeout"​ value="​900"/>​ 
 +    </​system-properties>​ 
 +    ​...
 </​code>​ </​code>​
  
-The log ''/​var/​log/​upstart/​wildfly.log''​ even includes system outs, messages printed from JNI code or crash / segfault information.+Also add the timeout to the deployment-scanner:​
  
-Optionally select a specific config, e.g''​--server-config=standalone.xml''​ or use port offset when running several instances of WildFly ​on one machine with ''​-Djboss.socket.binding.port-offset=1''​+<code xml> 
 +<​profile>​ 
 +    <​subsystem xmlns="​urn:​jboss:​domain:​deployment-scanner:​2.0">​ 
 +        <​deployment-scanner path="​deployments"​ relative-to="​jboss.server.base.dir"​  
 +          scan-interval="​5000"​ deployment-timeout="​900"​  
 +          runtime-failure-causes-rollback= 
 +            "​${jboss.deployment.scanner.rollback.on.failure:​false}"/>​ 
 +    </​subsystem>​ 
 +    ​..
 +</​profile>​ 
 +</​code>​
  
 +And to allow long transactions (if your logs contain tasks cancelled by the TransactionReaper) configure the default-timeout of the transaction subsystem:
  
-Then start and stop WildFly with +<​code ​xml
-<​code ​bash+<​profile>​ 
-sudo start wildfly +    <​subsystem xmlns="​urn:​jboss:​domain:​transactions:​5.0">​ 
-sudo stop wildfly+        <​core-environment node-identifier="​${jboss.tx.node.id:​1}">​ 
 +            <​process-id>​ 
 +                <​uuid/>​ 
 +            </​process-id>​ 
 +        </​core-environment>​ 
 +        <​recovery-environment socket-binding="​txn-recovery-environment"​ status-socket-binding="​txn-status-manager"/>​ 
 +        <​coordinator-environment default-timeout="​900"​ statistics-enabled="​${wildfly.transactions.statistics-enabled:​${wildfly.statistics-enabled:​false}}"/>​ 
 +        <​object-store path="​tx-object-store"​ relative-to="​jboss.server.data.dir"/>​ 
 +    </​subsystem>​ 
 +    ... 
 +</​profile>​
 </​code>​ </​code>​
- 
  
 ==== Enabling GZIP Compression ==== ==== Enabling GZIP Compression ====
Line 184: Line 212:
  
 When using HTTPS you should most probably also provide a valid [[https://​de.wikipedia.org/​wiki/​Transport_Layer_Security|TLS]] (aka SSL) certificate. Otherwise browsers tend to block access to your page or at least give a big warning that the page is not secure. When using HTTPS you should most probably also provide a valid [[https://​de.wikipedia.org/​wiki/​Transport_Layer_Security|TLS]] (aka SSL) certificate. Otherwise browsers tend to block access to your page or at least give a big warning that the page is not secure.
 +
 +FIXME explore: there seems to be a new way to configure Letsencrypt directly via the WildFly CLI since WildFly 14: https://​developer.jboss.org/​people/​fjuma/​blog/​2018/​08/​31/​obtaining-certificates-from-lets-encrypt-using-the-wildfly-cli
  
 The certificate must be present in a Java Keystore file. Copy ''​com.example.jks''​ to ''/​opt/​wildfly/​standalone/​configuration''​. The certificate must be present in a Java Keystore file. Copy ''​com.example.jks''​ to ''/​opt/​wildfly/​standalone/​configuration''​.
wildfly.1541764769.txt.gz · Last modified: 2018/11/09 12:59 by mstraub