JBoss.orgCommunity Documentation
This section will describe how to install Overlord Runtime Governance in different environments.
If switchyard is not installed, then you won’t be able to use the quickstarts, which are based around providing runtime governance for a switchyard application.
ant [ -Dpath=<root-folder> ] [ -Dtype=<installation-type> ]
If the <root-folder> is not explicitly provided on the command line, then the user will be prompted for the information.
The <installation-type> value can be:
| Value | Description |
|---|---|
all | This will result in the full server configuration being installed into the server, including activity collector (for obtaining activities generated within that server), activity server (for receiving activity information whether from a remote client or internal activity collector), event processor network (to analyse the events), active collections (to maintain result information) and a collection of REST services to support remote access to the information. This is the default value. |
client | This will result in only the activity collector functionality being installed, using a RESTful client to communicate with a remote Runtime Governance server. |
To uninstall, simply perform the following command in the root folder of the installation:
ant uninstall [ -Dpath=<root-folder> ] [ -Dtype=<installation-type> ]
To start the server, go to the EAP bin folder and run:
./standalone.sh -c standalone-full.xml
Due to some issues with the fuse 6.1 distribution, it is necessary to patch the environment. Download the zip file attached to the article https://developer.jboss.org/wiki/RTGovDeploymentOnFuse61WithAndWithoutFabric and unpack it over the fuse environment.
Add the JBoss public maven repository to the file etc/org.ops4j.pax.url.mvn.cfg, by appending the following URL to the org.ops4j.pax.url.mvn.repositories property:
https://repository.jboss.org/nexus/content/groups/public@id=jboss.public
bin/fuse command, and then enter the following commands:
features:addurl mvn:org.overlord.rtgov/overlord-rtgov-features-fuse6/<version>/xml/features features:install rtgov-karaf-commands
<version> in the first command should be replaced by the RTGov version that you wish to use, e.g. 2.0.0.Final.
If wanting to install the all profile (representing the RTGov server and co-located activity collector), then run:
overlord:rtgov:all:configure <password> features:install rtgov-all
where <password> is the overlord administration password for this rtgov environment.
However, if just wanting to install the client profile (co-located activity collector), then run:
overlord:rtgov:client:configure <username> <password> features:install rtgov-client
where <username> and <password> are the credentials of the rtgov server environment that this client environment will report activity information to. The <password> is also used to configure the local overlord keystore used to hold the remote rtgov server’s credentials.
If using SwitchYard, then also run:
features:install rtgov-switchyard
This registers the event listener on SwitchYard, to capture activity and report it to RTGov.
The configuration properties for the Runtime Governance capability are common across all platforms. However their location varies:
| Value | Description |
|---|---|
jboss-eap-6 | The properties are found in the standalone*.xml files in the <root>/standalone/configuration folder, or domain.xml file in <root>/domain/configuration folder. The properties are defined under a configuration element with an attribute "name=overlord-rtgov". |
fuse-6.1 | The properties are found in the <root>/etc/overlord-rtgov.properties file. |
Although there will be some properties that are independent of the installation type, some will be specific and therefore are listed in separate sections below.
Common
The common properties available across all installation types are:
| Property | Description |
|---|---|
collectionEnabled | This property will determine whether activity information is collected when the server is initially started. This value can be changed at runtime using the ActivityCollector MBean (see the chapter on Managing the Infrastructure). |
ActivityServerLogger.activityListQueueSize | This property defines the queue size for pending activity lists, that are awaiting being reported to the Activity Server. |
ActivityServerLogger.durationBetweenFailureReports | To avoid logs being overlorded with failure reports, failures will only be reported once within the defined time interval (in milliseconds). |
ActivityServerLogger.freeActivityListQueueSize | This property defines the queue size to manage free activity lists that can be reused. |
ActivityServerLogger.maxThreads | This property is an integer that represents the maximum number of threads that should be used to report activity events to the server (whether remote or embedded). |
BatchedActivityUnitLogger.maxTimeInterval | The maximum wait interval (in milliseconds) before sending any held activity units to the Activity Server. |
BatchedActivityUnitLogger.maxUnitCount | The maximum number of activity units that should be held before sending as a batch to the Activity Server. |
All Type
| Property | Description |
|---|---|
ActiveCollectionManager.houseKeepingInterval | Time interval (in milliseconds) between house keeping tasks being invoked. |
ActivityStore.class | The class associated with the Activity Store implementation to be used. |
Elasticsearch.server | URL to the Elasticsearch server (HTTP port). |
infinispan.container | The infinispan container to use. |
MVELSeverityAnalyzer.scriptLocation | Optional location of a MVEL script used to determine severity levels for nodes and links within the service overview diagram. |
SituationStore.class | The class associated with the Situation Store implementation to be used. |
Activity and Situation Store implementation specific properties will be discussed in the database section below.
Client Type
This installation type is used to configure an execution environment that will be sending its activity information to a remote Runtime Governance server using REST. The relevant properties are:
| Property | Description |
|---|---|
RESTActivityServer.serverURL | This is the URL of the activity server collecting the activity events. |
RESTActivityServer.serverUsername | The username used to access the REST service. |
RESTActivityServer.serverPassword | The password used to access the REST service. |
This section described the configuration of the supported database options.
This is the default "out of the box" configuration.
To use Elasticsearch as the Activity and Situation Store implementation, the following property values need to be defined:
ActivityStore.class=org.overlord.rtgov.activity.store.elasticsearch.ElasticsearchActivityStore SituationStore.class=org.overlord.rtgov.analytics.situation.store.elasticsearch.ElasticsearchSituationStore
with the additional support properties:
| Property | Description |
|---|---|
Elasticsearch.hosts | Either has value "embedded" (the default), or a list of <host>:<port> values representing nodes in the Elasticsearch cluster, the port representing the TCP transport connection. |
Elasticsearch.schedule | When using batched mode, the interval (in milliseconds) between updates being sent to the Elasticsearch server. |
Elasticsearch.ActivityStore.responseSize | Maximum size for the response (default value 100000). |
Elasticsearch.ActivityStore.timeout | "Best effort" timeout value (milliseconds) (default value 10000ms). |
Elasticsearch.SituationStore.responseSize | Maximum size for the response (default value 100000). |
Elasticsearch.SituationStore.timeout | "Best effort" timeout value (milliseconds) (default value 10000ms). |
The following information describes the Elasticsearch clustering options that are supported with RTGov. For more information please see http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/modules-node.html
Out of the box, RTGov starts up with an in-VM Elasticsearch node for convenience. Such a setup is not recommended for a production environment for the following reasons:
RTGov does not attempt to wrap or hide the standard Elasticsearch configurations. If you know how to tweak and tune an Elasticsearch node then these configuration changes can be applied to the appropriate location (dependent upon platform):
| Value | Description |
|---|---|
jboss-eap-6 | The properties are found in the standalone*.xml files in the <root>/standalone/configuration folder, or domain.xml file in <root>/domain/configuration folder. The properties are defined under a configuration element with an attribute "name=overlord-rtgov-elasticsearch". |
fuse-6.1 | The properties are found in the <root>/etc/overlord-rtgov-elasticsearch.properties file. |
If you want to learn how to configure and tune Elasticsearch then please reference the Elasticsearch documentation at http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html
Some of those configuration properties that may need to be changed include:
There are 3 ways Elasticsearch cluster communication can be configured within RTGov:
Local Elasticsearch embedded server
node.local=true
This configuration does not communicate outside of the VM, only performing discovery of Elasticsearch nodes started on the same same VM.
Client only with no local data
When you start an Elasticsearch client, the most important decision is whether it should hold data or not. In other words, should indices and shards be allocated to it. Many times we would like to have the clients just be clients, without shards being allocated to them. This is simple to configure by setting either:
node.data=false
and/or
node.client=true
With this configuration, the client is cluster aware and can route its data to the responsible shards avoiding a double hop.
Clustered client with local data
This is the default "out of the box" configuration for RTGov. This starts a simple Elasticsearch node that can hold data and also join other Elasticsearch nodes in a cluster.
node.data=true node.client=false node.local=true
To use a SQL database as the Activity and Situation Store implementation, the following property values need to be defined:
| Property | Value |
|---|---|
ActivityStore.class |
|
SituationStore.class |
|
with the additional support properties:
| Property | Description |
|---|---|
JPAActivityStore.jndi.datasource | The JNDI name used to retrieve the datasource. |
JPAEventProcessor.jndi.datasource | The JNDI name used to retrieve the datasource. |
JPASituationStore.jndi.datasource | The JNDI name used to retrieve the datasource. |
JpaStore.jtaPlatform | The JTA platform Java implementation class. |
As of RTGov 2.x, Elasticsearch is the main supported implementation of the Activity and Situation Store.
When RTGov has been installed, try out the samples to get an understanding of its capabilities, and check that your environment has been correctly installed/configured.
To install the samples into JBoss EAP go to the samples folder in the distribution. You will need to install Apache Maven to be able to use the examples.
The key examples are explained below. Each quickstart also has a readme providing the instructions for use.
The samples/ordermgmt folder contains examples related to an Order Management system implemented using a SwitchYard application.
The samples/ordermgmt/app folder contains the switchyard application, with some additional interceptors to execute policies synchronously (see Activity Validators section for more information, and the Synchronous Policy quickstart more a specific example of its use).
The samples/ordermgmt/epn folder contains an Event Processor Network (see later section for details) that is used to convert switchyard application exceptions into "Situations", which is a form of alert used by the Runtime Governance platform.
The samples/ordermgmt/ip folder contains an Information Processor (see later sectoin for details) that is used to extract additional information from message payloads, that will be useful when analysing the activity events.
The samples/policy/sync folder contains a policy that is invoked synchronously - it determines whether a user has invoked the service more than once every two seconds, and if so, blocks the service invocation.
The samples/policy/async folder contains a policy for asynchronously calculating the debt associated with a customer, and suspending their account if it goes above a defined level. The suspended status of the customer is checked when they next invoke the service, and the service invocation blocked if they have been suspended.
To try out the samples in Fuse, you will need to start up the Fuse console.
To install an OSGi application to provide a simple order management capabilty, with an Event Processor Network to convert exceptions into Situations, run the following command from the fuse console:
features:install rtgov-samples-ordermgmt-epn
Send some requests to the order management service, at the URL http://localhost:8181/cxf/orderservice/orders/submit, with basic authentication username=admin, password=admin (as defined in the etc/user.properties file). For example, send the message:
{"orderId":"1","itemId":"BUTTER","quantity":100,"customer":"Fred"}
which should return the result:
{
"total": 125,
"accepted": true,
"customer": "Fred",
"orderId": "1",
"status": "Order Accepted"
}
If you then send:
{"orderId":"6","itemId":"ERROR","quantity":100,"customer":"Fred"}
you will get the response:
Failed with an error
and a Situation will be created in the RTGov UI.
To install a policy that will check for SLA violations, run the following command from the fuse console:
features:install rtgov-samples-sla
Send some requests to the order management service, at the URL http://localhost:8181/cxf/orderservice/orders/submit, with basic authentication username=admin, password=admin (as defined in the etc/user.properties file). For example, send the message:
{"orderId":"3","itemId":"JAM","quantity":100,"customer":"Fred"}
which should return the result after a slight delay:
{
"total": 240,
"accepted": true,
"customer": "Fred",
"orderId": "3",
"status": "Order Accepted"
}
The delay is caused by the request for itemId JAM, and results in the policy detecting a SLA violation which are reported as two Situation events that can be viewed in the RTGov UI.
To install a policy that will be evaluated immediately, to prevent a customer from invoking a service more than once within two seconds, run the following comand from the fuse console:
features:install rtgov-samples-policy-sync
Send the following request twice in quick succession, to the order management service at the URL http://localhost:8181/cxf/orderservice/orders/submit, with basic authentication username=admin, password=admin (as defined in the etc/user.properties file):
{"orderId":"1","itemId":"BUTTER","quantity":100,"customer":"Fred"}
The first request will return the expected:
{
"total": 125,
"accepted": true,
"customer": "Fred",
"orderId": "1",
"status": "Order Accepted"
}
However the second invocation (if performed within two seconds of the first) will return:
Customer 'Fred' cannot perform more than one request every 2 seconds
To install a policy that will evaluate a customer’s debt level, and suspend their account if it becomes too high, run the following comand from the fuse console:
features:install rtgov-samples-policy-async
Send some requests to the order management service, at the URL http://localhost:8181/cxf/orderservice/orders/submit, with basic authentication username=admin, password=admin (as defined in the etc/user.properties file). For example, send the message:
{"orderId":"1","itemId":"BUTTER","quantity":100,"customer":"Fred"}
When the credit limit has been reached, the customer will be suspended, resulting in a response "Customer Fred has been suspended".
If we then sent the following request, to the URL http://localhost:8181/cxf/orderservice/orders/pay, to clear some of customer Fred’s debt:
{"amount":400,"customer":"Fred"}
we will then be able to send further order requests.
The database is defined by the datasource configuration located here: $JBOSS_HOME/standalone/deployment/overlord-rtgov/rtgov-ds.xml as part of the server installation type.
The default SQL database is the H2 file based database, and is created during the installation of the all type.
The following sections discuss changes to the standalone-full.xml configuration file. If using a clustered
environment, then these changes should be applied to the standalone-full-ha.xml instead.
MySQL
$JBossAS/modules/mysql/main.
$JBossAS/modules/mysql/main folder, e.g. mysql-connector-java-5.1.12.jar.
$JBossAS/modules/mysql/main folder, with the contents:
<module xmlns="urn:jboss:module:1.1" name="mysql">
<resources>
<resource-root path="mysql-connector-java-5.1.12.jar"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.transaction.api"/>
</dependencies>
</module>
$JBossAS/standalone/configuration/standalone-full.xml file to include the MySQL driver:
<subsystem xmlns="urn:jboss:domain:datasources:1.0">
<datasources>
.....
<drivers>
...
<driver name="mysql" module="mysql">
<xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</xa-datasource-class>
</driver>
</drivers>
</datasources>
</subsystem>
$JBossAS/standalone/deployments/overlord-rtgov/rtgov-ds.xml, the contents should be:
<?xml version="1.0" encoding="UTF-8"?>
<datasources>
<datasource jndi-name="java:jboss/datasource/OverlordRTGov" pool-name="OverlordRTGov" enabled="true" use-java-context="true">
<connection-url>jdbc:mysql://localhost:3306/rtgov</connection-url>
<driver>mysql</driver>
<security>
<user-name>root</user-name>
<password></password>
</security>
</datasource>
</datasources>
Postgres
$JBossAS/modules/org/postgresql/main folder.
$JBossAS/modules/org/postgresql/main folder, e.g. postgresql-9.1-902.jdbc4.jar.
$JBossAS/modules/org/postgresql/main folder, with the contents:
<module xmlns="urn:jboss:module:1.1" name="org.postgresql">
<resources>
<resource-root path="postgresql-9.1-902.jdbc4.jar"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.transaction.api"/>
</dependencies>
</module>
$JBossAS/standalone/configuration/standalone-full.xml file to include the PostgresSQL driver:
<subsystem xmlns="urn:jboss:domain:datasources:1.0">
<datasources>
.....
<drivers>
...
<driver name="postgresql" module="org.postgresql">
<xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class>
</driver>
</drivers>
</datasources>
</subsystem>
$JBossAS/standalone/deployments/overlord-rtgov/rtgov-ds.xml, the contents should be:
<?xml version="1.0" encoding="UTF-8"?>
<datasources>
<datasource jndi-name="java:jboss/datasource/OverlordRTGov" pool-name="OverlordRTGov" enabled="true" use-java-context="true">
<connection-url>jdbc:postgresql://localhost:5432/rtgov</connection-url>
<driver>postgresql</driver>
<security>
<user-name>....</user-name>
<password>....</password>
</security>
</datasource>
</datasources>
The EPN and Active Collection mechanisms both have the ability to make use of caching provided by infinispan. When running the server in clustered mode (i.e. with standalone-full-ha.xml).
First step is to uncomment the infinispan.container property in the overlord-rtgov.properties file and set it to the JNDI name of the cache container (java:jboss/infinispan/container/rtgov in the example below). This property represents the default cache container to be used by EPN and Active Collection Source configurations that do not explicitly provide a container JNDI name.
The next step is to create the cache container configuration, and the specific caches, under the infinispan subsystem in the standalone-full-ha.xml file. As an example, the following cache entry for the "Principals" cache has been defined, for use with the Policy Enforcement examples:
<cache-container name="rtgov" jndi-name="java:jboss/infinispan/container/rtgov" start="EAGER">
<transport lock-timeout="60000"/>
<replicated-cache name="Principals" mode="SYNC">
<locking isolation="REPEATABLE_READ"/>
<transaction mode="FULL_XA" locking="PESSIMISTIC"/>
</replicated-cache>
</cache-container>