Comments (6)
It's not a real issue with tool. The reason is that EAP 6.0.0 and 6.0.1 did not ship with 'jboss-cli-client.jar' and need a much longer classpath as the equivalent:
/home/tom/i/eap/601 is my EAP installation directory:
/home/tom/i/eap/601/modules/org/jboss/remoting3/remoting-jmx/main/remoting-jmx-1.0.4.Final-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/remoting3/main/jboss-remoting-3.2.14.GA-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/logging/main/jboss-logging-3.1.2.GA-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/xnio/main/xnio-api-3.0.7.GA-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/xnio/nio/main/xnio-nio-3.0.7.GA-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/sasl/main/jboss-sasl-1.0.3.Final-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/marshalling/main/jboss-marshalling-1.3.15.GA-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/marshalling/river/main/jboss-marshalling-river-1.3.15.GA-redhat-1.jar:/home/tom/i/eap/601/modules/org/jboss/as/cli/main/jboss-as-cli-7.1.3.Final-redhat-4.jar:/home/tom/i/eap/601/modules/org/jboss/staxmapper/main/staxmapper-1.1.0.Final-redhat-2.jar:/home/tom/i/eap/601/modules/org/jboss/as/protocol/main/jboss-as-protocol-7.1.3.Final-redhat-4.jar:/home/tom/i/eap/601/modules/org/jboss/dmr/main/jboss-dmr-1.1.1.Final-redhat-2.jar:/home/tom/i/eap/601/modules/org/jboss/as/controller-client/main/jboss-as-controller-client-7.1.3.Final-redhat-4.jar:/home/tom/i/eap/601/modules/org/jboss/threads/main/jboss-threads-2.0.0.GA-redhat-2.jar:/home/tom/i/eap/601/modules/org/jboss/as/controller/main/jboss-as-controller-7.1.3.Final-redhat-4.jar
Basically take a copy of bin/jconsole.sh and replace the last line with:
java -cp
the CLASSPATH will be constructed automatically by the script.
from profilecloner.
Hi, thanks for your reply - whilst socket cloning works, I am still having issues with profile cloning, please see below:
FYI - jboss home = /usr/share/jboss-as
When trying to clone the full profile:
java -cp $CLASSPATH:/usr/share/jboss-as/bin/profilecloner.jar org.jboss.tfonteyne.profilecloner.Main -c hostname -p 9999 -u dave -p **** /profile=full full-copy
WARN: can't load the config file because JBOSS_HOME environment variable is not set.
WARN: can't load the config file because JBOSS_HOME environment variable is not set.
May 28, 2015 10:52:11 AM org.xnio.Xnio
INFO: XNIO Version 3.0.7.GA-redhat-1
May 28, 2015 10:52:11 AM org.xnio.nio.NioXnio
INFO: XNIO NIO Implementation Version 3.0.7.GA-redhat-1
May 28, 2015 10:52:11 AM org.jboss.remoting3.EndpointImpl
INFO: JBoss Remoting version 3.2.14.GA-redhat-1
java.lang.IllegalArgumentException: Unknown type: PROPERTY
at org.jboss.tfonteyne.profilecloner.GenericCloner.getNode(GenericCloner.java:290)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getList(GenericCloner.java:255)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getNode(GenericCloner.java:288)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getObject(GenericCloner.java:269)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getNode(GenericCloner.java:286)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getList(GenericCloner.java:255)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getNode(GenericCloner.java:288)
at org.jboss.tfonteyne.profilecloner.GenericCloner.handleProperty(GenericCloner.java:201)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getChildResource(GenericCloner.java:112)
at org.jboss.tfonteyne.profilecloner.GenericCloner.handleProperty(GenericCloner.java:229)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getChildResource(GenericCloner.java:112)
at org.jboss.tfonteyne.profilecloner.GenericCloner.handleProperty(GenericCloner.java:229)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getChildResource(GenericCloner.java:112)
at org.jboss.tfonteyne.profilecloner.GenericCloner.handleProperty(GenericCloner.java:229)
at org.jboss.tfonteyne.profilecloner.GenericCloner.getChildResource(GenericCloner.java:159)
at org.jboss.tfonteyne.profilecloner.GenericCloner.copy(GenericCloner.java:75)
at org.jboss.tfonteyne.profilecloner.Main.(Main.java:133)
at org.jboss.tfonteyne.profilecloner.Main.main(Main.java:112)
Successful attempt at cloning full-ha-sockets:
java -cp $CLASSPATH:/usr/share/jboss-as/bin/profilecloner.jar org.jboss.tfonteyne.profilecloner.Main -c hostname -p 9999 -u dave -p **** /socket-binding-group=full-ha-sockets full-ha-sockets-copy
WARN: can't load the config file because JBOSS_HOME environment variable is not set.
WARN: can't load the config file because JBOSS_HOME environment variable is not set.
May 28, 2015 10:50:46 AM org.xnio.Xnio
INFO: XNIO Version 3.0.7.GA-redhat-1
May 28, 2015 10:50:46 AM org.xnio.nio.NioXnio
INFO: XNIO NIO Implementation Version 3.0.7.GA-redhat-1
May 28, 2015 10:50:46 AM org.jboss.remoting3.EndpointImpl
INFO: JBoss Remoting version 3.2.14.GA-redhat-1
batch
/socket-binding-group="full-ha-sockets-copy":add(default-interface="public",name="full-ha-sockets")
/socket-binding-group="full-ha-sockets-copy"/remote-destination-outbound-socket-binding="mail-smtp":add(fixed-source-port="false",host="localhost",port="25")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="ajp":add(fixed-port="false",name="ajp",port="8009")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="http":add(fixed-port="false",name="http",port="8080")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="https":add(fixed-port="false",name="https",port="8443")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="jacorb":add(fixed-port="false",interface="unsecure",name="jacorb",port="3528")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="jacorb-ssl":add(fixed-port="false",interface="unsecure",name="jacorb-ssl",port="3529")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="jgroups-mping":add(fixed-port="false",multicast-address="${jboss.default.multicast.address:230.0.0.4}",multicast-port="45700",name="jgroups-mping",port="0")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="jgroups-tcp":add(fixed-port="false",name="jgroups-tcp",port="7600")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="jgroups-tcp-fd":add(fixed-port="false",name="jgroups-tcp-fd",port="57600")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="jgroups-udp":add(fixed-port="false",multicast-address="${jboss.default.multicast.address:230.0.0.4}",multicast-port="45688",name="jgroups-udp",port="55200")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="jgroups-udp-fd":add(fixed-port="false",name="jgroups-udp-fd",port="54200")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="messaging":add(fixed-port="false",name="messaging",port="5445")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="messaging-group":add(fixed-port="false",multicast-address="${jboss.messaging.group.address:231.7.7.7}",multicast-port="${jboss.messaging.group.port:9876}",name="messaging-group",port="0")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="messaging-throughput":add(fixed-port="false",name="messaging-throughput",port="5455")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="modcluster":add(fixed-port="false",multicast-address="224.0.1.105",multicast-port="23364",name="modcluster",port="0")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="osgi-http":add(fixed-port="false",interface="management",name="osgi-http",port="8090")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="remoting":add(fixed-port="false",name="remoting",port="4447")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="txn-recovery-environment":add(fixed-port="false",name="txn-recovery-environment",port="4712")
/socket-binding-group="full-ha-sockets-copy"/socket-binding="txn-status-manager":add(fixed-port="false",name="txn-status-manager",port="4713")
run-batch
from profilecloner.
ah... you hit an incompatibility between 6.0/x and 6.1 and higher which I more or less forgot about.
In 6.0.x the "module-options" of a login-module (security subsystem) were rather inflexible. Login modules was a LIST, and the options all together a single OBJECT. Starting in 6.1 this was redone and login-modules was made a proper child resource with the options underneath.
Considering how old 6.0.1 is I have no plan to modify the cloner to support this very old version.
Keep in mind that 6.0.1 still has many known issues (also security issues!!) so upgrading should be a high priority.
workaround is easy: manually removed all "module-option" attributes, run the cloner, then add the options again.
from profilecloner.
Hi again,
Unfortunately our application vendor mandates on JBoss EAP 6.0.1 and all major development has been against this version. It won't be for another 1-2 years that we are likely to be able to upgrade to a newer version :(.
I take your response as though there is a workaround for 6.0.1, however are you able to give an example of a module-option that you remove to ensure I interpret your statement correctly?
For instance, via jboss-cli in domain mode, going to /profile=full/subsystem=security I see the following:
pwd
/profile=full/subsystem=security
[domain@hostname:9999 subsystem=security] ls
security-domain vault deep-copy-subject-mode=false
Looking in the domain.xml file I can see an examples of lines that have module-option. here is such an entry in the jboss-cli:
pwd
/profile=full/subsystem=security/security-domain=other/authentication=classic
[domain@hostname:9999 authentication=classic] :read-resource
{
"outcome" => "success",
"result" => {"login-modules" => [
{
"code" => "Remoting",
"flag" => "optional",
"module-options" => [("password-stacking" => "useFirstPass")]
},
{
"code" => "RealmDirect",
"flag" => "required",
"module-options" => [("password-stacking" => "useFirstPass")]
}
]}
}
So in the example above, would it just be a case of removing the 2 module-options lines for Remoting and RealmDirect? Or alternatively, did you remove both login-modules completely and re-add them.
I'd be interested in seeing your cli examples.
Thanks again!
from profilecloner.
yes, for example from the "full" profile you have:
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
Change that manually into:
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
</login-module>
<login-module code="RealmDirect" flag="required">
</login-module>
</authentication>
</security-domain>
and repeat for any other domains you may have added.
Then run the cloner with /profile=full full-copy
and add those options manually back in. Adding them back is best done be editing the xml.
One of the reasons for the 6.1+ change was that your only choice in 6.0 was to add/modify the whole "login-modules" in one go which becomes a horrible CLI command when there are a number of options. If you really need it all in CLI, then start with manually bringing the original config down to:
<security-domain name="other" cache-type="default">
</security-domain>
and add the below to the resulting CLI code immediately after the :add() for the security-domain
/profile=full/subsystem=security/security-domain=other/authentication=classic:write-attribute(name=login-modules, value=[{"code" => "Remoting","flag" => "optional","module-options" => [("password-stacking" => "useFirstPass")] }, {"code" => "RealmDirect","flag" => "required","module-options" => [("password-stacking" => "useFirstPass")]} ] )
You can imagine that for more complicated authentication setups this becomes a bit of a mess to write/read.
Btw, your original statement used -p for port and password. You can only use "-p" for the password. The port option must be the full "--port=9999"
from profilecloner.
Fantastic!
Pleased to confirm this now works! I've become very accustomed to some of the nuances with the 6.0.1. cli, especially around adding JVM options and as you say, having to add things in one go.
I'll work on a cli to remove the bits in the xml and then use your examples to help me add the options back in.
Appreciate your time and help on this. Certainly looking forward to upgrading to a newer JBoss version at some point in the future.
Fingers crossed the generated batch statements work as well!
Regards,
David.
from profilecloner.
Related Issues (9)
- java.lang.IllegalArgumentException: newValue is null HOT 1
- How to make a clone of server instances. any idea? HOT 1
- JBOSS EAP 6.4.23 Problem with injection of name="default" for some clone results. HOT 2
- Error exporting jgroup TCPPING HOT 3
- Wildfly 9.0.1.Final jgroups stack does not like :add-protocol() but does like the standard :add() HOT 3
- Not working on WildFly 10.0.0.RC5 HOT 3
- Wildfly 10 - CLI is running in a non-modular environment and cannot load commands from management extensions HOT 5
- outbound-socket-binding not exported
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from profilecloner.