The jboss-as-7 plugin handles discovering and managing JBoss AS 7.x and JBoss EAP/SOA-P/etc. 6.x.
JBoss AS 7.x Servers can always be auto-discovered, but in order to collect metrics and execute operations, the plugin must be able to connect to the server http(s) management interface.
Hostname, Port, and Secure connection properties are determined during the discovery phase. The plugin will find the values by inspecting the AS7 configuration file.
The most common way to authenticate is to provide the credentials of an AS7 management user. For a standard server, adding a management user can be achieved by running ./add-user.sh in the server's bin-folder. This will add the user to both standalone and domain configuration files. See: https://docs.jboss.org/author/display/AS72/add-user+utility.
Once the user has been added, select the domain controller or standalone server in the RHQ GUI, then select the inventory tab and click "Connection Settings". Enter the username and password for the management user and click "Save".
It is also possible to authenticate with client certificates over an https connection. See the Secure Connection Settings appendix.
Before enabling HTTP Response-Time metric collection in your JBoss AS Server "Web Runtime" Resources, you will need to configure the RHQ RT filter module and either configure the RT filter globally (i.e. for all deployed webapps) by deploying the RT filter subsystem, or for specific webapps by updating their web.xml files.
For this to work you need to download two zip files from the RHQ Server and install them into AS7:
- rhq-rtfilter-module.zip – Install the RT Filter Module
- rhq-rtfilter-subsystem-module.zip – Configure RT Filter Globally
The next two paragraphs describe how to install them.
The filter jar is packaged as AS7 module. To configure the module in your AS7 instance, first install the jar and the associated module.xml file:
Then globally deploy the module by adding the following element as a child of the <subsystem xmlns="urn:jboss:domain:ee:1.0"> element in standalone.xml or domain.xml:
This should now look like this:
In case of a later server version, this may also be urn:jboss:domain:ee:1.1 as in
Also you may need to add an extension tag as in
You can deploy the filter for all webapps or individually for selected ones - this is shown below.
To configure the filter for all deployed webapps, first install the RT filter subsystem jar and the associated module.xml file:
Then deploy the subsystem by adding the following element as a child of the <extensions> element in standalone.xml or domain.xml:
and adding the following element as a child of the <profile> element in standalone.xml or domain.xml:
You can either configurre the filter globally as previously seen or per app. For each webapp for which you wish to configure the filter, add the following lines to the webapp's WEB-INF/web.xml then redeploy the webapp:
After installing the filter module and/or filter subsystem, JBoss AS must be restarted to pick up the changes.
The Connection Settings tab has a Secure Connection Settings section:
You will have to customize these settings manually in order to connect over https, with or without client certificate authentication.
There are three ways to configure the https management endpoint
The socket-binding node attribute is either https or http:
The ManagementRealm must declare:
- a keystore for transport encryption
- a truststore, optionally, for client certificate authentication
Paste the commands below in a console in order to create a server and a client keystores with selfsigned certificates.
You can now use these keystores to setup the managed AS7 server and the corresponding RHQ server resource.
Optionally, you can create a PKCS12 variant of your keystores: