Under Fedora 34 how to make the Artemis management console accessible? - activemq-artemis

I have a problem after installing Apache ActiveMQ Artemis.
I have created a new broker. It starts well but the management console is inaccessible outside the machine. However, Cockpit is accessible.
I'm a noob on Linux, but I'm looking to improve and understand
apache-artemis-2.18.0
Linux fedora 5.11.12-300.fc34.x86_64
Can you help me?

By default the embedded web server which runs the web console binds to localhost:8161 which means it won't be accessible from a remote machine. The relevant configuration is in etc/bootstrap.xml, e.g.:
<web bind="http://localhost:8161" path="web">
<app url="activemq-branding" war="activemq-branding.war"/>
<app url="artemis-plugin" war="artemis-plugin.war"/>
<app url="console" war="console.war"/>
</web>
You can change the bind attribute to an IP address or hostname which is accessible to remote clients (e.g. 0.0.0.0).
If changing the ActiveMQ Artemis configuration doesn't help then it may be an environmental issue. You should try disabling the firewall that ships with Fedora (i.e. firewalld).

Related

Error on starting the WildFly server (address already in use)

I have a problem starting a wildfly app-server (wildfly-21.0.1) on a Solaris server (computer). I have read a lot of similar posts, but my problem seems to be different.
First, I make an SSH-tunnel in PuTTY:
My home machine is Windows, I connect to a remote Solaris server. I write the address of the server in a "Host name" field.
After this I create an SSH tunnel on a port of the server (I tried different and rare ones), so I put the port of the server I am connecting to in "Source port" field and the port of my personal machine (localhost:port_number) in the "Destination".
I have configured standalone.xml by changing on
<interface name="public">
<any-address/>
</interface>
and
<socket-binding name="http" port="${jboss.http.port:14384}"/>
I have configured PATH and JAVA_HOME on the server.
I start the server by
bash wildfly-21.0.1.Final/bin/standalone.sh
command.
After this I get the following error:
ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.undertow.listener.default: org.jboss.msc.service.StartException in service org.wildfly.undertow.listener.default: Address already in use /0.0.0.0:14384
It happens with any ports I tried, and I am sure that they aren't in use.
How can I fix this? Are there any known bugs in Wildfly that can cause this? Is it somehow connected with tunneling?
The discussion with #AndrewHenle made me think of ports usage in a tunneling procedure so I changed "Remote" parameter in "Tunnels" section on "Local" (since the destination is localhost). All the other parameters and values were left the same. Now everything works correctly, and WildFly doesn't recognise 14384 as a taken port.

How to configure ActiveMQ Artemis server for remote access?

I have ActiveMQ Artemis server installed on a Unix box. I am able to create an Artemis broker instance which provides me with link to web console which is running on localhost.
Now I want access web console from an external machine, probably running Windows.
Can you please guide me on step by step process to configure the ActiveMQ Artemis server so that I can access it from another machine?
The embedded Jetty web server which is used to host the web console is configured in the bootstrap.xml file in the etc directory of your Artemis instance. Look for the web element in that file. You'll need to change its bind attribute to use something other than localhost since localhost is only accessible from the machine where the server is running. Typically this will be the externally accessible host name or IP address of the server.
You can find more information about configuring the embedded Jetty web server in the Artemis documentation.

A web application running in JBoss EAP through Eclipse cannot be accessed from another computer in the same network

I have a web application (JSF2) running in JBoss EAP through Eclipse in my machine (Computer1). Computer1 is a Windows7 machine.
I can run the application using the Eclipse Internal Browser and Chrome in Computer1.
But when I try to access the application from another computer (Computer2) in the same network, I receive a ERR_CONNECTION_REFUSED error message.
I saw using netstat that Computer1 is listening at port 8080 and Computer1 has no firewall.
I can ping at Computer1 from Computer2.
Any help would be great!
By default JBoss is listening to the local interface only. A quick search reveals that you have to add an interface to your configuration, e.g.:
<interfaces>
...
<interface name="any">
<any-address/>
</interface>
</interfaces>
And then configure the socket-binding-group to use it:
<socket-binding-group name="standard-sockets" default-interface="any">
Reference: https://developer.jboss.org/thread/168789

Wildfly 8 Final - jconsole can't connect remotely

Good day, people,
I am trying to use jconsole to connect to remote Wildfly 8 Final servers. That did not work: Connection failed. After multiple tries and failures I attempted to make it connect at least to my 'localhost' jboss, but even that is not working. No errors, it simply doesn't connect and says "Connection failed".
Details:
Wildfly 8 Final server
Using jconsole from wildfly_installation/bin/jconsole.bat
Management users created. Tried with and without the username/password.
The standalone.xml is the original one, shipped with Wildfly 8 Final without changes
The url that I plug in jconsole to connect to is: service:jmx:remoting-jmx://localhost:9999
The Wildfly/jboss doesn't have anything deployed in it, no WARs/EARs.
Java version is 1.7 release 51. The latest on the moment of writing.
JAVA_HOME points to the only java 1.7 installed on the system.
JConsole can connect to local java process and works, but not remote connection.
Basically it's a brand new installation of Wildfly 8 Final with management user created and jconsole doesn't connect remotely to it.
What else I've tried: I've read many posts on people having troubles with jconsole and Jboss AS 7.x. I have tried the suggestions from those threads, but none worked. Also it seems Wildfly 8 has different JMX version (1.3 vs 1.1 in Jboss 7.x), so I assume that's why standalone.xml suggestions from Jboss 7.x didn't work for Wildfly 8 Final.
Java Mission Control JMX console and Flight Recorder profiler work on WildFly as well.
As already noted the proper JMX connection string is:
service:jmx:http-remoting-jmx://{insert server ip here}:9990
It requires a management user (details on the bottom).
As for the Flight Recorder, these should be added to the server runtime configuration in standalone.conf(.bat):
JAVA_OPTS=%JAVA_OPTS% -XX:+UnlockCommercialFeatures -XX:+FlightRecorder -XX:FlightRecorderOptions=defaultrecording=true
On a workstation where you want to run Java Mission Control you need to adjust the classpath in jmc.ini (located in bin directory of your JDK):
-Xbootclasspath/a:c:\Program Files\Java\jdk1.7.0_67\lib\jconsole.jar;c:\Program Files\Java\jdk1.7.0_67\lib\tools.jar;c:\wildfly-8.1.0.Final\bin\client\jboss-cli-client.jar`
Prerequisites (you most likely already configured this):
this assumes that you have installed JDK on workstation in c:\Program Files\Java\jdk1.7.0_67\
this assumes that you have installed WildFly on workstation in c:\wildfly-8.1.0.Final
on the server you need to have proper bind.address configurations (or <any-address>) in standalone.xml:
<interfaces>
<interface name="management">
<any-address/>
</interface>
<interface name="public">
<any-address/>
</interface>
<interface name="unsecure">
<any-address/>
</interface>
</interfaces>
You need to have a management user on the server, which you can add by using \bin\add-user.bat(.sh).
To test this connect to http://{insert server ip here}:9990 with a web browser which will open the server's web UI console.
Best regards!
Alright, got it figured out. The native management port (9999) was removed in the Final version of Wildfly 8. Now there's only 1 management port (9990) and it has multiple previous ports multiplexed over it, including the JMX. It was still available in the release candidate of Wildfly 8, hence all the confusion about the online instructions and configs available elsewhere online.
So the key is to specify the proper protocol, which is not the remoting-jmx now, but http-remoting-jmx. The URL to connect to the server must be like this:
service:jmx:http-remoting-jmx://<server_host_or_ip>:9990
(this is versus service:jmx:remoting-jmx://:9999 in previous jboss/wildfly servers)
Finally, no need to mess with standalone.xml config. All config tweaks to make it work on Jboss 7.x won't work for it. It all works out of the box with proper protocol and port number. Just make sure to create a jboss user in ManagementRealm.
This was a bug in WildFly that was recently fixed and will be part of 8.0.1 release.
See jira for more details.
You have to include jboss-cli-client.jar in the jconsole classpath:
jconsole -J-Djava.class.path=$JAVA_HOME/lib/jconsole.jar:$WILDFLY_HOME/bin/client/jboss-cli-client.jar
Replace $JAVA_HOME to something like /usr/lib/jvm/java-8-oracle/ and $WILDFLY_HOME to /opt/wildfly/ or wherever you have it unpacked.
And then the url is in the following format:
service:jmx:remote+http://${host}:9990
Also fill in the username and password with the credentials configured using add-user.sh
Below is how to enable the old native JMX interface, removed from WildFly 8 default configuration, which is backwards compatible with JMX tools.
This is required when the new HTTP interface is not an option, e.g. to integrate with legacy tools like Bamboo's JBoss 7 add-on.
Tested with WildFly 10, it should work with WildFly 8 and WildFly 9 as well.
Since the plug in does not support the HTTP management interface, to make it work, we need to enable the native JMX interface, which used to run on port 9999.
This can be done by adding the native-interface element under the management-interfaces section:
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket-binding native="management-native"/>
</native-interface>
<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket-binding http="management-http"/>
</http-interface>
</management-interfaces>
And defining the corresponding socket-binding
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-native" interface="management"
port="${jboss.management.native.port:9999}"/>
...
If in domain mode, to use the remote endpoint, you set use-management-endpoint to false.
<subsystem xmlns="urn:jboss:domain:jmx:1.3">
<expose-resolved-model/>
<expose-expression-model/>
<remoting-connector use-management-endpoint="false"/>
</subsystem>
Hope it may help anyone...
Reference:
https://docs.jboss.org/author/display/WFLY8/Admin+Guide#AdminGuide-NativeManagementEndpoint

Specifying Tomcat 7 to use port 8443 only in Eclipse

Normally, I configured my Tomcat 7 to perform redirect from port 8080 to 8443. Below is the portion of the configuration and everything works as expected.
server.xml
<Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1"
connectionTimeout="20000" redirectPort="8443" />
<!-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the
JSSE configuration, when using APR, the connector should be using the OpenSSL
style configuration described in the APR documentation -->
<Connector SSLEnabled="true" clientAuth="false"
keystoreFile="conf/somestore" keystorePass="somekey"
maxThreads="200" port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
scheme="https" secure="true" sslProtocol="TLS" />
Only today, I decided to removed the first connector from configuration. However after I hit start the server button in Eclipse everything seems fine except the message says Starting Tomcat 7 never ends.
and eventually this:
By the way, this issue only appears in Tomcat within Eclipse. Is it possible that Eclipse is still trying to access the application through the old port ? Any pointers is much appreciated.
UPDATED
After I double clicked the server instance, I am only able to see two ports number under Ports section.
Tomcat Admin Port which is 8005
SSL Port which is 8443
I had the same issue. Originally I had both a secure and non-secure port open and when I removed the non-secure connector, I had the same issue with Eclipse saying it failed to start.
I resolved the issue by putting a non-secure connector back in.
I am guessing Eclipse tries to access the application to verify it is running and doesn't handle secure ports very well.
Just goto the tomcat configuration console by double clicking on tomcat under the servers .
Check the port specified there .
If it doesn't help , delete the server and install the tomcat again in eclipse. It only takes a matter of seconds .
Also please try exiting all the tomcat processes from windows and then try to start the tomcat from eclipse once again .
Eclipse makes a copy of the server configuration and saves it under the "Servers" project.
In the Server View, double clic your server name and when configuration window opens you can edit under "Ports" section.
Edited***
You can go further by opening the "Servers" project, then editing server.xml directly looking for the "Connector" tag that holds the current 8080 port.
http://farm8.staticflickr.com/7390/9559799161_3a152c1ac1_o.jpg