Bug 1316623
Summary: | Add a way to setup SSL settings in jboss-cli.xml | ||
---|---|---|---|
Product: | [JBoss] JBoss Operations Network | Reporter: | Hayk Hovsepyan <hhovsepy> |
Component: | Plugin -- JBoss EAP 7 | Assignee: | Michael Burman <miburman> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Hayk Hovsepyan <hhovsepy> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | JON 3.3.5 | CC: | fbrychta, hhovsepy, loleary, lzoubek, miburman, rhatlapa, spinder, theute |
Target Milestone: | ER01 | Keywords: | Triaged |
Target Release: | One-off release | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | 1236631 | Environment: | |
Last Closed: | 2016-06-06 18:58:08 UTC | Type: | Enhancement |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1314853 |
Comment 1
Michael Burman
2016-03-10 16:23:58 UTC
Tested on revision: jon-plugin-pack-eap-3.3.0.GA-update-03-DR02 Hited a problem while executing CLI commands on secured EAP7. Error message is: 2016-03-23 12:34:28,796 INFO [ResourceContainer.invoker.nonDaemon-8] (modules.plugins.wildfly10.util.ProcessExecutionLogger)- Output from process execution: ----------------------- Failed to connect to the controller: The controller is not available at 127.0.0.1:10093: java.net.ConnectException: WFLYPRT0053: Could not connect to http-remoting://127.0.0.1:10093. The connection failed: WFLYPRT0053: Could not connect to http-remoting://127.0.0.1:10093. The connection failed: XNIO000812: Connection closed unexpectedly ----------------------- Steps executed: 1. Register secured EAP7 into JON server which has new plugins. 2. Do all configurations and make sure EAP7 is shown UP. 3. Execute "Setup CLI" operation. 4. Try to schedule some CLI command to be executed by agent on EAP7, for isntance ":whoami". It will fail. The same steps work for secured EAP6. Additional Info: The same steps work for unsecured EAP7. (after making sure that "Native Host/Port" parameters are set correctly) After discussion with Thomas Segismont, it was decided to test this with RHQ master. The reason to test on RHQ is that "Native Host/Port" parameters will be gone for JON and are already removed from RHQ for EAP7 servers. The same problem was found on RHQ as well. The reason is this, we only supply hostname + port, not in case of the https the https-remoting part also. I don't think EAP6 required this, so something potentially has changed in the EAP7. # Connecting to the secured EAP7 instance --controller - the default controller host and port to connect to when --connect option (described below) is specified or when the connect command is issued w/o the arguments. The default controller host is localhost and the port is 9990. # With just hostname + port [miburman@miranda bin]$ ./jboss-cli.sh -c -u=rhqadmin -p=rhqadmin --commands=:whoami --controller=127.0.0.1:9993 Failed to connect to the controller: The controller is not available at 127.0.0.1:9993: java.net.ConnectException: WFLYPRT0053: Could not connect to http-remoting://127.0.0.1:9993. The connection failed: WFLYPRT0053: Could not connect to http-remoting://127.0.0.1:9993. The connection failed: XNIO000812: Connection closed unexpectedly # By defining https-remoting + hostname + port [miburman@miranda bin]$ ./jboss-cli.sh -c -u=rhqadmin -p=rhqadmin --commands=:whoami --controller=https-remoting://127.0.0.1:9993 { "outcome" => "success", "result" => {"identity" => { "username" => "rhqadmin", "realm" => "httpsRealm" }} } # Without defining [miburman@miranda bin]$ ./jboss-cli.sh -c -u=rhqadmin -p=rhqadmin --commands=:whoami { "outcome" => "success", "result" => {"identity" => { "username" => "rhqadmin", "realm" => "httpsRealm" }} } [miburman@miranda bin]$ Fixed in the master: commit 417f4994eb1fd05ee311ca415346d3a314b0c170 Author: Michael Burman <miburman> Date: Fri Apr 8 13:56:01 2016 +0300 [BZ 1316623] Add https-remoting:// to the controller path if connection is secured Verified on revision jon33-eap-update04 ER01. |