Tag cloud

JBoss (16) Fedora (5) Linux (4) Red Hat (4) JON (3) command line (3) 4.3 (2) JEE (2) JVM (2) Java (2) KVM (2) Oracle (2) Portal (2) Weblogic (2) installation (2) vs (2) /boot partition (1) Add-ons (1) Apache (1) Bundles (1) Business model (1) Byteman (1) CLASSPATH (1) EAP (1) EPP (1) Eclipse (1) Failover (1) Gnome (1) JAVA_OPTS (1) JBDS (1) JBoss Tools (1) JBossON (1) JConsole (1) JDK (1) JMS (1) JVM options (1) KDE (1) MBean (1) Network (1) Open Source (1) RHQ (1) Red Hat subscription (1) Thunderbird (1) Troubleshooting (1) Virtulization (1) WS (1) Webservices (1) Wireshark (1) classloading (1) clustering (1) comparison (1) debug (1) deployment (1) disable SELinux (1) disksize (1) error (1) fun (1) jboss.org (1) log (1) log4j (1) lvm (1) messaging (1) multiple WARs (1) patent FOSS (1) performance tuning (1) provisionning (1) scripting (1) services (1) switch (1) troll (1) upgrade (1) video (1) war (1) webapp (1) yum (1)

01 March 2011

JBoss and JMS

Over the years the JMS providers have changed within JBoss, here an overview:

JBoss JMS Messaging
Community project
(newest on top)
JBoss versions
Latest supported
enterprise version
JBoss HornetQ
EAP 5.2+
EAP 5.2 (n/a yet)
JBoss Messaging
EAP4.3 -
EAP 5.1 (1.4.6.GA-SP1)
(only with JBossAS)
Until JbossAS4.0.5
End of life
Note that all cited versions are compliant to the JMS specification 1.1 !
The enterprise version was renamed in 2006 from JBossAS to EAP ! 

Clustering JMS :
For JBoss Messaging follow http://community.jboss.org/wiki/JBMCluster.
JMS redelivery
JBoss transaction exist from JbossMQ on. But the idea of DLQ (Dead Letter Queue) only exist from JBoss Messaging on. The idea is that after a couple of unsuccessful deliveries of a message (meaning that message is non-acknoleged and client session timed out) the message will be put in a special queue (DLQ) and won't be delivered again. You can set the number of tries with the parameter DefaultMaxDeliveryAttempts which defaults to 10. You can also retry to send the message by delaying it with DefaultRedeliveryDelay (defaults to 0).
JMS transaction
- local transactions
- distributed transactions XA


Example of inline code


public class ConditionCheck
    private GUIInstallData installdata;
    private ResourceManager resourceManager;
    private RulesEngine rules;

    public ConditionCheck(GUIInstallData installdata, ResourceManager resourceManager, RulesEngine rules)
        this.installdata = installdata;
        this.resourceManager = resourceManager;
        this.rules = rules;

    public void check() throws Exception
        // Check for already running instance


28 February 2011

JVM Performance tuning

To understand that tuning your Java Virtual Machine should not be underestimated, take a look at the various parameter that can be set starting your Java program (dates 28 Aug 2007):
or the official Oracle list:
and the Tagtraum list:

Also check out the article "Java Performance Tuning, Profiling, and Memory Management" on Dzone by :

And the last good pointer is the article of Pete Freitag:

I also really liked this JVM deck of Simon Ritter :

Ritter points out that:
--> Most new objects will die young
--> Concentrate effort on young generation (Eden)
--> Use the right tool for the job (Different GC algorithms for each generation)

Howto read gc.log
After adding the following JVM options:
-verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xloggc:/tmp/gc.log
You will find in the generated /tmp/gc.log something like:
[GC 34000 kb -> 21000 kb (0.018 sec] (The GC collects the young generation)
[Full GC 60000 kb -> 12000 kb (0.430 sec] (The Full GC collects the old generation, costs more CPU)

To analyse the /tmp/gc.log open it with the tool GCViewer.

Choose the Just-In-Time compiler
-classic (no JIT)
-client  (a lot of JIT compiling)
-server (optimized JIT compiling, for production environment)
this JVM option needs to be the first one in the list

JVM options to consider

For JVM performance tuning you will have to choose the
- Young generation option
- Old generation option

JVM options
Serial New
(default until J2EE 1.4)
Single-threaded, stop-the-world, copying collector
Parallel Scavenge /
(default JEE 5+)
Multi-threaded, stop-the-world, copying collector (CAN NOT to be used with CMS). Automatically used when -XX:+AggressiveHeap was specified.
Parallel New
Multi-threaded, stop-the-world, copying collector CAN be used along with CMS. Automatically used when CMS was specified for Old Gen.
Serial Old /
Mark Sweep

Single-threaded, stop-the-world, mark-sweep-compact (MSC) collector
Parallel Old
(JEE 6+)
Multi-threaded, stop-the-world, copying collector
Concurrent Mark-Sweep / Concurrent Low Pause
Concurrent low pause collector that works sharing the application threads.
For example :
-server -Xms2000m -Xmx2000m -Xss512k -XX:+AggressiveHeap -XX:+UseParallelGC -verbose:gc -XX:+PrintGCTimeStamps -XX:+DisableExplicitGC -Xloggc:/tmp/jboss_GC.log

Sets the ratio between young and old generation.
-XX:NewRatio=3 means that the ratio between the young and old generation is 1:3; in other words, the combined size of eden and the survivor spaces will be one fourth of the heap.

Use cases
Q: Which GC to use when I have applications with a very large young generation heaps ?
A: -XX:+UseParallelGC

Monitor your JVM

As you probably still have questions, refer to:


09 February 2011

Fedora yum usage within a VM

When using a virtual machine with the network sitting behind a host that has a internet connection via a proxy, consider the following steps:

vi /etc/yum.conf -->
add line proxy=http://myproxy:8080/ (replace myproxy with actual IP address to avoid DNS lookup problems)
change line: gpgcheck=1 to gpgcheck=0

vi /etc/hosts --> add line:          mirrors.fedoraproject.org

vi /etc/yum.repos.d/fedora.repo -->
- change line: gpgcheck=1 to gpgcheck=0
- uncomment line: baseurl ...
- comment line: #mirrorlist ...

Problems you might run into:
[root]# yum update
Loaded plugins: presto, refresh-packagekit
Error: Cannot retrieve repository metadata (repomd.xml) for repository: fedora. Please verify its path and try again

[root]# yum update
[Errno 14] PYCURL ERROR 7 - "" fedora

02 February 2011

Troubleshooting JON server

After having imported elements into your JON server, you might face the problem that some are not available.
If it is a JBoss EAP server that is not available, the JMX credientials might be missing!

Solution :
Click on the JBoss server that is having the red 'not available' sign and click on Inventory. Scroll down and click 'Edit' to be able to change the credentials. After having saved the changes the green availability sign should come up.

24 January 2011

Howto recompile and patch JBoss from SVN

Within this post you will see
1. Howto download JBoss sources
2. Howto compile the downloaded JBoss sources
3. Howto run tests to check the integrity of the code (you might change a class to see the difference)

Main post:

- The first thing to do is to get a user/pw for jboss.org
- Then you will have to install Subversion (SVN) on your machine

- Download the current source code with the command line "svn export https://svn.jboss.org/repos/jbossas/trunk /app/my_jboss_dev/" (takes more than an hour)

- If you want to get an older/specific JBoss.org version browse all version with Firefox:
and adapt the URL in the command line, for example :

$ svn export https://svn.jboss.org/repos/jbossas/branches/JBPAPP_4_3_0_GA_CP08_JBPAPP-5432 /app/my_jboss_dev/

- After having downloaded the source files make sure to use the right Java compiler (JEE 5 in my case)
$ export JAVA_HOME=/app/java/jdk1.5.0_21/
$ export PATH=$PATH:$JAVA_HOME/bin

- Install the right ANT version (in my case 1.6 (not 1.7+). When using Fedora remove the latest ant from your machine via "sudo yum remove ant"
$ export ANT_HOME=/app/middleware/apache-ant-1.6.5
$ export PATH=$PATH:$ANT_HOME/bin

- Set the flag to be able to run test cases
$ cd <JBoss>/build
$ vi build.properties
(change build.unsecure=true)

- Build the server
$ cd <JBoss>/build
$ ./build.sh
(output can be found in <JBoss>/build/output)
- Start the server
$ cd <JBoss>/build/output/jboss-4.3.0.GA_CP08/bin
$ ./run.sh -c production

- Build all the testcase ( choose the right ANT version, here 1.6)
$ cd <JBoss>/testsuite
(output can be found in <JBoss>/testsuite/output)
$ export ANT_HOME=/app/middleware/apache-ant-1.6.5/
$ export PATH=$PATH:$ANT_HOME/bin
$ ./build.sh

- Run the testcases one by one
$ ./build.sh one-test -Dtest=org.jboss.test.cmp2.optimisticlock.test.OptimisticLockUnitTestCase
result: [junit] Running org.jboss.test.cmp2.optimisticlock.test.OptimisticLockUnitTestCase
    [junit] Tests run: 18, Failures: 0, Errors: 0, Time elapsed: 5.276 sec

$ ./build.sh one-test -Dtest=org.jboss.test.tm.test.TransactionManagerUnitTestCase
result: [junit] Running org.jboss.test.tm.test.TransactionManagerUnitTestCase
    [junit] Tests run: 28, Failures: 0, Errors: 0, Time elapsed: 0.823 sec

10 January 2011

Howto install JBoss Tools to Eclipse

If you want to use the ESB / BPEL, etc. features of Red Hat JBoss within your Eclipse, just add the following URL to your Eclipse software repositories:
(check on http://download.jboss.org/jbosstools/updates to find latest stable version)
Help --> Install new software ... Add after "Work with:" the URL above and hit Enter...

Than you can choose the JBoss developpment tools you want to install.

To get the nightly build versions of JBoss Tools do the following :
Goto http://download.jboss.org/jbosstools/builds/nightly/trunk/latestBuild.html
--> all --> repo --> copy the URL from your browser -->
Paste it into "Work with:" and you can start installing...

03 January 2011

Howto add JVM options to JBoss

There are two useful files to add JVM options to JBoss.

1. <JBOSS>/bin/run.sh (when you need to reference the JBoss path)
Add this after line 12 GREP="grep" in the run.sh file for JBoss 4.3
or  this for JBoss 5
In this example I needed to specify the complete path of the JBoss instance using the $DIRNAME variable which points to the directory of the run.sh file. You see in 2. that via the run.conf file you will not be able to do this.

2. <JBOSS>/bin/run.conf (when no path is needed)
# Add this at the end of the file: Enables the jconsole agent locally
JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote"

01 December 2010

Byteman JBoss scripting

When your HA system crashes with JEE application running on JBoss you might want to try JBoss Byteman, an bytecode injection tool that lets you add logging without touching the application itself.

Main post:

The steps to debug an application using
1. Download byteman-1.0.3.CP02 (for JDK5) or byteman-1.3 (for JDK6)
2. Extract the zip into $BYTEMAN_HOME
3. Modify your JBoss startup configuration by adding the following 3 lines at the end of $JBOSS_HOME/jboss-as/bin/run.conf:
# Adding extra logging to standard output (BYTEMAN_HOME needs to be addapted)
JAVA_OPTS="$JAVA_OPTS -javaagent:$BYTEMAN_HOME/lib/byteman.jar=script:$BYTEMAN_HOME/script.txt"

4. For JDK5 add the file $BYTEMAN_HOME/script.txt :
RULE trace RepositoryClassLoader.loadClassImpl entry
CLASS RepositoryClassLoader
METHOD loadClassImpl
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") ENTRY in " + Thread.currentThread())

RULE trace RepositoryClassLoader.loadClassImpl exit
CLASS RepositoryClassLoader
METHOD loadClassImpl
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") EXIT in " + Thread.currentThread())

RULE trace RepositoryClassLoader.loadClassImpl CALL wait
CLASS RepositoryClassLoader
METHOD loadClassImpl
AT INVOKE Object.wait()
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") CALL wait in " + Thread.currentThread())

RULE trace RepositoryClassLoader.loadClassImpl CALL notifyAll
CLASS RepositoryClassLoader
METHOD loadClassImpl
AT INVOKE Object.notifyAll()
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") CALL wait in " + Thread.currentThread())

5. For JDK6 add the file $BYTEMAN_HOME/script.txt :
RULE trace RepositoryClassLoader.loadClassImpl entry
CLASS RepositoryClassLoader
METHOD loadClassImpl
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") ENTRY in " + Thread.currentThread())

RULE trace RepositoryClassLoader.loadClassImpl exit
CLASS RepositoryClassLoader
METHOD loadClassImpl
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") EXIT in " + Thread.currentThread())

RULE trace RepositoryClassLoader.loadClassImpl CALL wait
CLASS RepositoryClassLoader
METHOD loadClassImpl
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") CALL wait in " + Thread.currentThread())

RULE trace RepositoryClassLoader.loadClassImpl CALL notifyAll
CLASS RepositoryClassLoader
METHOD loadClassImpl
AT CALL notifyAll ALL
DO traceln("*** " + $0 + ".loadClassImpl(" + $1 + ", " + $2 + ", " + $3
+ ") CALL wait in " + Thread.currentThread())

6. After having starting your JBoss you should see in the standard out a lot of logging...
7. That should help you to find memory leaks, deadlocks ...

15 November 2010

Using POJOCache with AOP - Troubleshooting


./run.sh -c all -Djboss.service.binding.set=ports-default -Djboss.messaging.ServerPeerID=1

./run.sh -c all2 -Djboss.service.binding.set=ports-02 -Djboss.messaging.ServerPeerID=2

./run.sh -c all -g DefaultPartition2 -b localhost -Djboss.service.binding.set=ports-02

./run.sh -c all -g DefaultPartition2 -b localhost -Djboss.service.binding.set=ports-01
./run.sh -c all -g DefaultPartition2 -b "-Djboss.service.binding.set=ports-01 bind_addr="


You might run into an AOP error:
ERROR [Instrumentor] [warn] AOP Instrumentor failed to transform org.richfaces.ui.component.HighlightImpl
java.lang.RuntimeException: javassist.NotFoundException: com.uwyn.jhighlight.renderer.Renderer
at org.jboss.aop.pointcut.FieldMatcher.visit(FieldMatcher.java:113)
at org.jboss.aop.pointcut.ast.ASTField.jjtAccept(ASTField.java:44)
at org.jboss.aop.pointcut.FieldMatcher.visit(FieldMatcher.java:157)
at org.jboss.aop.pointcut.ast.ASTFieldExecution.jjtAccept(ASTFieldExecution.java:37)
at org.jboss.aop.pointcut.MatcherHelper.visit(MatcherHelper.java:89)
at org.jboss.aop.pointcut.MatcherHelper.matches(MatcherHelper.java:83)
at org.jboss.aop.pointcut.PointcutExpression.matchesGet(PointcutExpression.java:212)
at org.jboss.aop.instrument.JoinpointClassifier$1.matches(JoinpointClassifier.java:90)
at org.jboss.aop.instrument.JoinpointSimpleClassifier.classifyJoinpoint(JoinpointSimpleClassifier.java:63)
at org.jboss.aop.instrument.JoinpointClassifier.classifyFieldGet(JoinpointClassifier.java:227)
at org.jboss.aop.instrument.FieldAccessTransformer.buildFieldWrappers(FieldAccessTransformer.java:91)
at org.jboss.aop.instrument.Instrumentor.transform(Instrumentor.java:778)
at org.jboss.aop.instrument.GeneratedAdvisorInstrumentor.transform(GeneratedAdvisorInstrumentor.java:117)
at org.jboss.aop.SuperClassesFirstWeavingStrategy.instrumentClass(SuperClassesFirstWeavingStrategy.java:202)
at org.jboss.aop.SuperClassesFirstWeavingStrategy.translate(SuperClassesFirstWeavingStrategy.java:69)
at org.jboss.aop.AspectManager.translate(AspectManager.java:1077)
at org.jboss.aop.AspectManager.transform(AspectManager.java:1021)
at org.jboss.aop.standalone.AOPTransformer.aspectTransform(AOPTransformer.java:87)
at org.jboss.aop.standalone.AOPTransformer.transform(AOPTransformer.java:75)

Modfiy /jboss-eap-5.1/jboss-as/server/all/conf/bootstrap/aop.xml:
You already changed the value from false to true (otherwise the error wouldn't have appeared)
Now you just have to add exclusion rules (otherwise those classes will try to be aspectized, but they do not have AOP support)

See also:

When setting up AOP, JGroups is enabled and will try to send out UDP messages:

ERROR [UDP] failed sending message to null (76 bytes)
java.lang.Exception: dest=/ (79 bytes)
at org.jgroups.protocols.UDP._send(UDP.java:361)
at org.jgroups.protocols.UDP.sendToAllMembers(UDP.java:302)
at org.jgroups.protocols.TP.doSend(TP.java:1478)
at org.jgroups.protocols.TP.send(TP.java:1468)
at org.jgroups.protocols.TP.down(TP.java:1186)
at org.jgroups.protocols.TP$ProtocolAdapter.down(TP.java:2308)
at org.jgroups.protocols.PING.sendMcastDiscoveryRequest(PING.java:278)
at org.jgroups.protocols.PING.sendGetMembersRequest(PING.java:259)
at org.jgroups.protocols.Discovery$PingSenderTask$1.run(Discovery.java:407)
at org.jgroups.util.TimeScheduler$RobustRunnable.run(TimeScheduler.java:196)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:351)
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:178)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:165)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:267)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:636)
Caused by: java.io.IOException: Invalid argument
at java.net.PlainDatagramSocketImpl.send(Native Method)
at java.net.DatagramSocket.send(DatagramSocket.java:629)
at org.jgroups.protocols.UDP._send(UDP.java:352)
... 17 more

ERROR [MPING] failed sending discovery request


You will have to start multiple instances with the following option

./run.sh -c all -Djboss.service.binding.set=ports-01 -Djboss.messaging.ServerPeerID=1
./run.sh -c all -Djboss.service.binding.set=ports-02 -Djboss.messaging.ServerPeerID=2

See also:
JGroups ports and addresses: http://community.jboss.org/wiki/SystemProps

Starting 2 jboss instances on same machine


ERROR [AbstractKernelController] Error installing to Start: name=jboss:database=localDB,service=Hypersonic state=Create mode=Manual requiredState=Installed
java.sql.SQLException: The database is already in use by another process: org.hsqldb.persist.NIOLockFile@79409313[file =/home/rbrackma/middleware/jboss-eap-5.1/jboss-as/server/all/data/hypersonic/localDB.lck, exists=true, locked=false, valid=false, fl =null]: java.lang.Exception: checkHeartbeat(): lock file [/home/rbrackma/middleware/jboss-eap-5.1/jboss-as/server/all/data/hypersonic/localDB.lck] is presumably locked by another process.
at org.hsqldb.jdbc.Util.sqlException(Unknown Source)
at org.hsqldb.jdbc.jdbcConnection.(Unknown Source)
at org.hsqldb.jdbcDriver.getConnection(Unknown Source)
at org.hsqldb.jdbcDriver.connect(Unknown Source)
at java.sql.DriverManager.getConnection(DriverManager.java:620)

21 October 2010

Clustering JBoss 5 (porting Weblogic dizzyworld example)

If you are coming from the Weblogic world you might have done training and seen the dizzyworld example, i.e. the example environment of at least Weblo 9,10 and 11.
In this post I will try to show some

Main post:

Troubleshooting when starting multiple JBoss instances on one machine (one binded to localhost, the other to your_hostname)
WARN [NAKACK] 55200 discarded message from non-member 55200, my view is ...

20 October 2010

Software patents a threat for innovation?

Lately many IT companies have been suing competitors for using their patents. Furthermore patent trolls (companies with the business model of buying patents and suing companies -- congratulations!) have been accreting and have been attacking companies.

Here some references on that:

12 October 2010

Howto write JBoss Java MBeans to expose to a JMX Client

Sometime you will find yourself in the situation of wanting to monitor your application, but no monitoring capability is given. So you will have to write your own Java MBean that will expose information of your JBoss application to a JMX Client.

Main post:
Examples: jboss-eap-4.3_CP08/jboss-as/docs/examples/jmx/logging-monitor
From the JBoss SVN you can get sample MBean classes:

Have your MBean interface extend the org.jboss.system.Service and org.jboss.system.ServiceMBean interface.
org.jboss.system.Service and org.jboss.system.ServiceMBean can be found in:  

  • Add the classes

  • You can see two MBean that are almost the same (up to the fact that one extends the org.jboss.system.ServiceMBean class)
    Attributes: JndiName
    Operations: start / stop
    Extents the class org.jboss.system.ServiceMBean -- you can see that this class gives you out of the 
    Attributes: Name / JndiName / StateString / State
    Operations: destroy / start / stop /create / jbossInternalLifecycle

    Explanation on standard Java MBean like RuntimeMXBean, ThreadMXBean, MemoryPoolMXBean, ... can be found here: http://download.oracle.com/javase/1.5.0/docs/guide/management/overview.html

    Jacorb to be found in:
    org.jacorb.util.threadpool.ThreadPool.class (here we have to get the information on the thread pool counter.
    In class ThreadPool within method createNewThread() the following line:
    localThread.setName(this.namePrefix + this.threadCount++);

    Jacorb example:

    Set up environment:

    11 October 2010

    Troubleshooting JBoss Portal 4.3

    Problems that might occure while working with JBoss Portal:

    - Admin link is not visible (between Dashboard and Logout)

    That occurs when the admin is not in upper case in the LDAP. See the example of two *.ldif files. One works, the other does not.
    Does not work:
    dn: cn=admin,ou=Roles,o=rbrackma,dc=redhat,dc=com
    objectClass: top
    objectClass: groupOfNames
    cn: admin
    description: Administrators
    member: uid=admin,ou=People,o=rbrackma,dc=redhat,dc=com

    dn: cn=Admin,ou=Roles,o=rbrackma,dc=redhat,dc=com
    objectClass: top
    objectClass: groupOfNames
    cn: Admin
    description: Administrators
    member: uid=admin,ou=People,o=rbrackma,dc=redhat,dc=com

    In the EPP logs you might also find another error:

    - ERROR [LDAPUserProfileModuleImpl] No such attribute ('title') in entry: uid=admin,ou=People,o=example,dc=jboss,dc=com
    LDAP is looking for the attribute title, but does not find it within the RHDS LDAP. Does not cause any problem within the system, but is annoying.

    07 October 2010

    Howto setup LDAP with Red Hat EPP (JBoss Portal / GateIn)

    When you first start with Red Hat's Enterprise Portal Platform you will be able to connect to the portal with admin/admin or user/user. The credentials will be checked against the default users within the portals in-memory database HSQL. Mostly you would want the credentials to be checked against your companies LDAP.
    This post will cover setting up an LDAP and configuring EPP4.3 to use it.
    - Install LDAP
    - Start LDAP services
    - Setup LDAP
    - Install EPP4.3
    - Setup EPP4.3 to use LDAP for credentials
    - Connect to the portal http://localhost:8080/portal

    Main post:
    Install LDAP
    Before starting be aware that the only supported LDAP servers are:
    Red Hat Directory Server, OpenDS and OpenLDAP.

    Within this post the open source LDAP server "Red Hat Directory Server" will be used.
    Installing it is pretty straight forward.
    First install the software :
    sudo yum install 389-ds
    sudo yum install fedora-idm-console

    Then configure the RHDS with this document:
    If the document is not available call the following command line and follow the install instructions which are pretty straight forward
    # setup-ds-admin.pl

    At the End you should remember:
    Directory Manager: cn=Directory Manager
    Password: your_password
    Admin port: 9830
    LDAP port: 389

    Start LDAP services

    sudo service dirsrv start
    sudo service dirsrv-admin start
    sudo service httpd start

    Setup LDAP

    Run the earlier installed LDAP browser fedora-idm-console (you can use any other LDAP browser)
    $ fedora-idm-console

    Choose the Directory Server (1) and choose Open (2).

    Then you just have to choose 'Import Databases' and import a *.ldif (save the following text into a test.ldif file). After that you should be able to browse you LDAP tree in the Directory tab...

    dn: o=your_host,dc=your_domain,dc=com
    objectclass: top
    objectclass: dcObject
    objectclass: organization
    o: your_host
    dc: your_host
    dn: ou=People,o=your_host,dc=your_domain,dc=com
    objectclass: top
    objectclass: organizationalUnit
    ou: People
    dn: uid=admin,ou=People,o=your_host,dc=your_domain,dc=com
    objectclass: top
    objectclass: inetOrgPerson
    objectclass: person
    uid: admin
    cn: Administrator
    sn: Duke
    userPassword: admin
    mail: admin@your_host.your_domain.com
    dn: uid=user,ou=People,o=your_host,dc=your_domain,dc=com
    objectclass: top
    objectclass: inetOrgPerson
    objectclass: person
    uid: user
    cn: User
    sn: Sample
    userPassword: user
    mail: user@your_host.your_domain.com
    dn: uid=jduke,ou=People,o=your_host,dc=your_domain,dc=com
    objectclass: top
    objectclass: inetOrgPerson
    objectclass: person
    uid: jduke
    cn: Java
    sn: Duke
    userPassword: theduke
    mail: jduke@your_host.your_domain.com
    dn: ou=Roles,o=your_host,dc=your_domain,dc=com
    objectclass: top
    objectclass: organizationalUnit
    ou: Roles
    dn: cn=Admin,ou=Roles,o=your_host,dc=your_domain,dc=com
    objectClass: top
    objectClass: groupOfNames
    cn: Admin
    description: Administrators
    member: uid=admin,ou=People,o=your_host,dc=your_domain,dc=com
    dn: cn=User,ou=Roles,o=your_host,dc=your_domain,dc=com
    objectClass: top
    objectClass: groupOfNames
    cn: User
    description: Users
    member: uid=admin,ou=People,o=your_host,dc=your_domain,dc=com
    member: uid=user,ou=People,o=your_host,dc=your_domain,dc=com
    member: uid=jduke,ou=People,o=your_host,dc=your_domain,dc=com

    Install EPP4.3
    The installation of EPP4.3 is extremly simple.
    First download the jboss-epp-4.3.GA_CP0X-src.zip here. You will need a Red Hat login and a valid subscription to download, if you don't know why: I covered it in an earlier post.
    Then extract the zip file into the directory jboss-epp-4.3. That's it.

    Setup EPP4.3 to use LDAP for credentials
    You will have to change the following files in red to make LDAP work.

    1. Within jboss-epp-4.3/jboss-as/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml


    2. Within jboss-epp-4.3/jboss-as/server/default/deploy/jboss-portal.sar/conf/identity/ldap_identity-config.xml
    adapt the value tags that are linked to the following tags:
    (the be sure to choose the right value for userCtxDN and roleCtxDN connect to your LDAP browser and check the values)

    3. Within jboss-epp-4.3/jboss-as/server/default/deploy/jboss-portal.sar/conf/identity/standardidentity-config.xml

    adapt the value tags that are linked to the 5 tags seen in the section above.

    4. Within jboss-epp-4.3/jboss-as/server/default/deploy/jboss-portal.sar/conf/login-config.xml
    comment (do not use)
    login-module code="org.jboss.portal.identity.auth.IdentityLoginModule"
    uncomment (use)
    login-module code="org.jboss.portal.identity.auth.SynchronizingLDAPExtLoginModule"
    and adapt the variable to your configuration.
    Connect to the portal
    Now you should be able to connect to the portal:
    with the user admin and password admin.
    The default HSQL database users that come with the portal out of the box are admin and user. After migrating to LDAP they will only work if you have configured your portal properly. For example you have the possibility to authenticate users against LDAP + DB or only against LDAP. In this post users are only authenicated against LDAP! And 3 users available are the ones imported into the LDAP with the *.ldif file: admin, user, jduke.

    If you still have problems check out the section "Troubleshooting JBoss Portal"

    16 September 2010

    Howto resize a partition

    Command line:
    [root]# df -m
    [root]# lvm
    (starts lvm command line)
    Within lvm command line:
    lvm> lvdisplay

    -- resize swap to 1G
    lvm> lvresize /dev/vg_f13v1/lv_swap --size 1G

    -- after the operation your LV size is:( LV Size  1.00 GiB)
    lvm> lvdisplay

    --now add all remaining free space
    lvresize -L +1.6GB /dev/vg_f13v1/lv_root

    --trigger the resizing process
    [root@f13-jon jon]# resize2fs -p /dev/vg_f13v1/lv_root

    06 September 2010

    sudo package-cleanup --cleandupes

    yum downgrade libvirt\*


    02 September 2010

    virt-manager fails to reboot guests (no solution found yet)


    Additional info:

    1. Error persists even if selinux is disabled.

    2. Error message in log :

    tail -F /var/log/messages

    libvirtd: 23:19:34.302: error : this function is not supported by the
    hypervisor: virDomainReboot

    tail -F /var/log/libvirt/qemu/guest.log


    2. Shutdown does nothing , guest still running, no error message.

    3. Force off -> error message / warning -> restart guest is only option.