Jboss ON installation waiting for server - jboss

I'm trying to install Jboss Operations Network server and have issues during the step where installer tries to connect to local Jboss server. Hence, I'm constantly getting this info message:
INFO [org.rhq.server.control.command.Install] Still waiting for server to start...
Exact defect in redhat hub is described here
Thing is, I believe my properties file is correctly set up and certainly both jboss.bind.address and jboss.bind.address.management are set. Tried and bindings, also tried to not set it at all, however then the installation wouldn't start at all - rhs-server.properties validation error with reason null.
According to server.log the server itself did start correctly. Although strangely enough password doesn't work when logging in to management console, but that's other issue.
#################### RHQ Server Configuration Properties ####################
# Database Settings
# -----------------
# All properties must be explicitly set for the desired database vendor.
# These should point to the database that your RHQ Server will use as
# its backend RDBMS storage.
# If you are using Oracle:
# - comment out the Postgres settings
# - uncomment the Oracle settings below
# - adjust the values to match your environment
# NOTE: rhq.server.database.password is not to be set to the actual password
# but instead should be the encoded password value as generated by:
# rhq-encode-value.sh(.bat)
# PostgreSQL database
# rhq.server.database.connection-url=jdbc:postgresql://
# rhq.server.database.user-name=rhqadmin
# rhq.server.database.password=1eeb2f255e832171df8592078de921bc
# rhq.server.database.type-mapping=PostgreSQL
# rhq.server.database.server-name=
# rhq.server.database.port=5432
# rhq.server.database.db-name=rhq
# hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
# rhq.server.quartz.driverDelegateClass=org.quartz.impl.jdbcjobstore.PostgreSQLDelegate
# Oracle database
# Server Settings
# ---------------
# UPGRADE ACTION REQUIRED! The following property must be explicitly set:
# rhq.server.high-availability.name
# These are miscellaneous settings that the server will use to customize itself
# to the environment in which it is running. These are settings you usually
# want to change or at least be aware of.
# Defines what this server's name is to be known as to the RHQ system.
# It doesn't necessarily have to be an IP address or hostname, but it can be.
# If left blank, the RHQ Server will pick a name for itself based on the
# hostname it is running on.
# NOTE! If you are upgrading an existing server, this must be the same name
# as the server being upgraded.
# Email settings used to connect to an SMTP server to send alert emails.
# Host and Port Bindings
# ----------------------
# INSTALLATION ACTION REQUIRED! The following property must be explicitly set:
# jboss.bind.address
# These define the ports the RHQ Server will bind to. Most of the time
# you can leave these alone. You can change these default values to
# conform to your own environment's requirements, such as the IP address
# the RHQ Server will bind to (jboss.bind.address) and the ports
# browsers will use to access the RHQ web application
# (rhq.server.socket.binding.port.http, rhq.server.socket.binding.port.https)
# If you change the binding address, you might also want to change
# "rhq.autoinstall.public-endpoint-address" as well.
# The bind address for the RHQ server (jboss server). To bind the server on
# all network interfaces set to, otherwise a specific IP address.
# jboss.bind.address=
# By default only local management connections
# Installer Settings
# ------------------
# INSTALLATION ACTION REQUIRED! Review the default settings:
# These enable the installer when starting for the first time. To do so,
# first ensure all values in this properties file are appropriately set
# for your environment. Once you are sure all values are as you want them,
# set rhq.autoinstall.enabled=true and run the server then run the installer.
# rhq.autoinstall.enabled
# This must be true to trigger the automatic install.
# rhq.autoinstall.database
# Allowed values: auto, overwrite, skip:
# auto : create a new schema if one does not exist, otherwise
# upgrade the existing schema as needed (keep existing data).
# overwrite: create a new schema even if one exists (lose existing data).
# skip : leave existing database as is. WARNING! You must ensure your
# database schema already exists and is up to date.
# rhq.autoinstall.public-endpoint-address
# The public IP/hostname that all agents will use to talk to this server.
# If not set, a value to use is determined at auto-install time.
# rhq.autoinstall.public-endpoint-port
# rhq.autoinstall.public-endpoint-secure-port
# The public ports that all agents will use to talk to this server.
# If not set, values to use will be determined at auto-install time.
# You can normally leave these empty unless you have a special setup
# where the server's bind ports are exposed differently to remote
# clients (e.g. within a Docker container).
# rhq.autoinstall.server.admin.password
# The password for the built-in "rhqadmin" superuser. If not set the
# password will be prompted for by the "rhqctl install" command.
# NOTE: rhq.autoinstall.server.admin.password is not to be set to the
# actual password but instead should be the encoded password value
# as generated by: rhq-encode-value.sh(.bat)
# Advanced Settings
# -----------------
# The settings below can usually be left as-is. These are advanced settings
# and should only be changed if you know what you are doing.
# Enable debug messages from RHQ code
# Set this to true to have the server reject agent requests upon startup.
# RHQ Server's remote endpoint for agents to talk to
# bind-address and bind-port are derived from the HA server definition,
# if you set the address/port here, they will override the HA server
# definition found in the database
# Multicast detector configuration for auto-discovery
# Server-side SSL Security Configuration for HTTPS thru Tomcat
# These are used for browser https access and
# for incoming messages from agents over sslservlet transport.
# [Due to issue https://issues.jboss.org/browse/WFLY-1177, you cannot change
# rhq.server.tomcat.security.keystore.file or rhq.server.tomcat.security.truststore.file
# after you install RHQ. If you need to change those again, you must manually do so in standalone-full.xml.]
# Note that security algorithm settings are commented out - the defaults will be determined at runtime
# based on the JVM the server is running in (for IBM JVMs, the algorithm will default to "IbmX509",
# for all other JVMs, the algorithm will default to "SunX509"). If you need a specific algorithm value,
# you may hardcode it here in this file by uncommenting the lines and setting the values explicitly.
# Server-side SSL Security Configuration (for incoming messages from agents)
# These are used when secure transports other than sslservlet are used
# Client-side SSL Security Configuration (for outgoing messages to agents)
# Operations/controls timeout
# Defines the default timeout for all operations (specified in seconds)
# Additional Quartz settings
# Concurrency limits for incoming UI and agent messages
# Content Local Filesystem Repository
# The frequency (in millis) the server checks for updated plugins
# When this is enabled, the server at start up will compare its endpoint
# address to the host name/address found on the host machine. If they differ,
# the server endpoint address will be updated to the value found on the host
# machine. This is targeted for use in cloud deployments where IP addresses
# change frequently, but it can be of use in other deployment settings where
# you have to deal with IP address changes.
# When this is enabled, the server will request that agents send content for
# for binary files that are being monitored for drift. The content for those
# files will then be persisted on the server. By default, the server does not
# persist content for well known binary file types like .ear, .war, .zip, .so,
# etc. The server does however persist content for text files or any other
# files that are not known binary types.
# The installer will create a default EAP management user named 'rhqadmin'.
# The password is generated and obfuscated and specified here. This should
# not be edited.
# Storage cluster configuration settings
# - Storage Node properties will be stored in the database
# after the initial install. The server will use database stored
# properties during operation and after restarts.
# - Additional servers in an HA topology will use database stored Storage
# Node properties. So properties set in this configuration file will be
# overriden on install with the database values.
# The username RHQ will use to authenticate against the Storage Cluster.
# The value is generated and should not be edited.
# The password RHQ will use to authenticate against the Storage Cluster.
# The value is generated and obfuscated and should not be edited.
# A comma-delimited list of storage nodes. Each Storage node uses this list as
# contact points to find other nodes in the cluster and learn the ring
# topology. The RHQ server(s) use this list to connect to the cluster;
# therefore, this property MUST BE SET in order for RHQ to talk to the Storage.
# Cluster. The of an entry is as follows:
# hostname1,hostname2
# Note that this is actually an installer setting. Changing the value after
# installation will have no effect.
# The ports used by storage nodes to communicate with each other
# and used by the RHQ server(s) to communicate with the cluster.
# Both properties are required.
# Storage client settings
# The following are advanced settings the client (i.e., driver) that
# communicates with the storage cluster
# The request limit will automatically change by this amount when there is a
# topology change event. The change will be persisted to this file. Topology
# change events include nodes being added/removed and nodes going up/down.
# Defaults 30,000 if undefined.. If specified the value is parsed as a double.
# When a request times out, the request limit as specified by
# rhq.storage.request.limit will be decreased. The change will be persisted to
# this file. The value is parsed as a double and should be expressed as a
# percentage (i.e., a value between 0 and 1). For example, a value of 0.3 means
# that on a request timeout, the the request limit will decrease by 30%.
# Defaults to 0.2 if undefined.
# If a request timeout occurs, there is a good possibility that it could be
# followed by successive timeouts due to read/write patterns. This property
# specifies a dampening period such that the request throughput will only be
# decreased once for all timeouts that occur during said period. Defaults to
# 30 seconds if undefined. The value is specified in milliseconds and is parsed
# as a long.
# Sets the maximum throttling. In other words, the request limit will not
# decrease lower than this value. Defaults to 5,000 if undefined. The value is
# parsed as a double.
# Metrics aggregation settings
# Note that if you commit the RHQ Server into inventory, these settings can be
# managed through the resource configuration of the Measurement Subsystem.
# Changes made through the Measurement Subsystem resource are applied
# dynamically at runtime whereas directly editing these properties requires a
# a server restart for changes to take effect.
# Specifies the number of schedules for which data will be fetched per thread.
# A higher value can improve aggregation performance at the cost of greater
# memory utilization.
# Specifies the number of batches that can be processed in parallel. A higher
# value can improve aggregation performance at the cost of greater memory
# utilization.
# The number of threads to use during aggregation. It defaults to
# ceiling(5, num_cores).
# A limit, specified in days, on the age of raw data that is ingested. If raw
# data has a timestamp that is more than limit days old, then it is not stored.
# This prevents raw data that is for example a year old from being stored.

This defect was solved in v3.3 update 9. Installing most recent update from here should solve the problem.


How to configure ClamAV's freshclam.conf to point to a local nexus repository?

My company has tasked me with installing clamAV on a large amount of machines running RHEL6, none of which have internet access. I know freshclam.conf can be edited to point to a local mirror of the virus database, in this section of the file:
# This option allows you to easily point freshclam to private mirrors.
# If PrivateMirror is set, freshclam does not attempt to use DNS
# to determine whether its databases are out-of-date, instead it will
# use the If-Modified-Since request or directly check the headers of the
# remote database files. For each database, freshclam first attempts
# to download the CLD file. If that fails, it tries to download the
# CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo
# and ScriptedUpdates. It can be used multiple times to provide
# fall-back mirrors.
# Default: disabled
#PrivateMirror mirror1.mynetwork.com
#PrivateMirror mirror2.mynetwork.com
The company has sonatype-nexus repositories available, with which we can push the database files to at an interval of our choosing once I have access. I know I can get a link to said repository once it has been created. Do I just paste that link where mirror1.mynetwork.com currently is in its entirety, or are there additions I have to make? I'm losing my mind trying to find this simple answer and not being able to find any examples, as I have zero experience with any of this.

How to fully automate unattended virt-install?

Let me start by saying what I want to do. I'd like to fully automate, in an unattended way, the building of QEMU/KVM VM images using virt-install. I know that some folks use the GUI tool to do this, or they edit a pre-existing image's XML description, but I want to start from scratch.
I've Googled around and examples of doing this are hard to find. What I have found is that virt-install is the command to use, and that it can be used interactively with a TTY console attached (you manually answer configuration questions during the install). For a fully automated solution, you can specify a kickstart file (typically preseed.cfg) to provide answers to questions that you'd normally enter manually. The kickstart file can also specify additional software to install, disk and network configuration, etc.).
I think I've got this mostly working except that the installation hangs shortly after install begins. I think it has something to do with the need (or not) to have a console attached to the install. Here is the virt-install command I am using:
virt-install --connect qemu:///system \
--name vm --ram 128 \
--disk path=./vm.qcow2,size=8,format=qcow2 \
--location 'http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/' \
--network user,model=virtio \
--initrd-inject preseed.cfg \
--extra-args="console=tty0 console=ttyS0,115200"
This is the preseed.cfg file (which I cribbed from many examples on the web and in the Ubuntu documentation):
### Localization
# Locale sets language and country.
d-i debian-installer/locale string en_US
# Keyboard selection.
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/modelcode string pc105
d-i keyboard-configuration/variantcode string
### Network configuration
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto
# Any hostname and domain names assigned from dhcp take precedence over
# values set here. However, setting the values still prevents the questions
# from being shown, even if values come from dhcp.
d-i netcfg/get_hostname string vm
d-i netcfg/get_domain string foobar.net
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
### Mirror settings
d-i mirror/country string manual
d-i mirror/http/hostname string us.archive.ubuntu.com
d-i mirror/http/directory string /ubuntu
d-i mirror/http/proxy string
### Partitioning
# Encrypt your home directory?
d-i user-setup/encrypt-home boolean false
# Alternatively, you can specify a disk to partition. The device name
# can be given in either devfs or traditional non-devfs format.
d-i partman-auto/disk string /dev/vda
# In addition, you'll need to specify the method to use.
# The presently available methods are: "regular", "lvm" and "crypto"
d-i partman-auto/method string regular
# You can choose from any of the predefined partitioning recipes.
d-i partman-auto/choose_recipe select atomic
# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
### Clock and time zone setup
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# You may set this to any valid setting for $TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string UTC
### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo).
d-i passwd/root-login boolean false
# To create a normal user account.
d-i passwd/user-fullname string VMuser
d-i passwd/username string vmuser
# Normal user's password, either in clear text
# or encrypted using an MD5 hash.
d-i passwd/user-password-crypted password CRACKMECRACKM
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true
### Package selection
d-i tasksel/first multiselect standard
# Individual additional packages to install
d-i pkgsel/include string openssh-server
### Finishing up the first stage install
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note
# How do you want to manage upgrades on this system?
d-i pkgsel/update-policy select none
After all that, when I execute the virt-install command I see:
WARNING Unable to connect to graphical console: virt-viewer not installed. Please install the 'virt-viewer' package.
WARNING No console to launch for the guest, defaulting to --wait -1
Starting install...
Retrieving file linux...
Retrieving file initrd.gz...
Allocating 'virtinst-linux.rCdX0h'
Transferring virtinst-linux.rCdX0h
Allocating 'virtinst-initrd.gz.BbRBMv'
Transferring virtinst-initrd.gz.BbRBMv
Creating domain...
Domain installation still in progress. Waiting for installation to complete.
and it just hangs. If I ^Z into the background and start virsh I see the vm in a running state.
I think I'm close, but need to fix it so that:
Install shows complete and virt-install returns to shell.
The new VM is shutdown and I'm left with the image file ready to go.
I think #2 can be accomplished in the preseed.cfg file with some kind of cleanup instructions (still researching this), but any help of fixing #1 would be greatly appreciated.
To have virt-install use a Kickstart file to initialize an operating system, you need to pass the ks= argument to the kernel by specifying it via the --extra-args parameter:
--initrd-inject preseed.cfg \
--extra-args="ks=file:/preseed.cfg console=tty0 console=ttyS0,115200"
The above example injects a local Kickstart file onto the guest operating system, to be used for automated installation.
You can also specify ks via HTTP:
or FTP:
or NFS:

Haproxy logging each call twice?

I'm using awslogs to send my haproxy logs to Cloudwatch from an EC2 instance running Ubuntu, and it's working fine, except that each log message is appearing twice.
This post seems to indicate that it's because log global is in global as well as defaults, but I can't find anything else about it.
Here's the log bits of the current configuration:
# Global settings
log local2
mode http
log global
I commented out 'log global' in defaults but I'm still seeing double log entries in Cloudwatch.
editing to add rsyslog 49-haproxy.conf:
# Create an additional socket in haproxy's chroot in order to allow logging via
# /dev/log to chroot'ed HAProxy processes
$AddUnixListenSocket /var/lib/haproxy/dev/log
# Send HAProxy messages to a dedicated logfile
if $programname startswith 'haproxy' then /var/log/haproxy.log

How do I get Salt Master to apply a basic SLS file to work against a Salt Minion?

I am programming and want to push down code with Salt. I have recently installed Salt minion and Salt master on on two CentOS 7.x servers. They are both Salt version 2015.8.7. My salt '*' test.ping worked. This, to me, proves /etc/salt/minion.yml and /etc/salt/master.yml were set up correctly on their respective servers. It proves the services are up and running.
Here are the contents of top.sls:
- core
Here are the content of core.sls:
{{ salt['runtests_helpers.get_sys_temp_dir_for_path']('testfile') }};
- managed
- source: salt://testfile
When I run
# salt 'fqdnOfSaltMinionServer' state.apply
I get an error like this "..No Top file or external nodes data matches found...Error: Minions returned with non-zero exit code"
How do I uninstall Salt master from the server that I want to be Salt minion? How do I get a basic .sls file to work? Ping works. I don't see what is wrong with my top.sls or core.sls files. I have a small, simple text file named testfile. I want to transfer it from the Salt master server to Salt minion. I don't see what is wrong with my set up.
are you using the yum/rpm provided salt master on centos? I was facing a similar issue and had to create a /srv/salt directory on the salt master server to hold my files (core.sls and testfile in your example) before I could get anywhere.
At least with salt 2016.11.1 (Carbon), this is the default setting (in /etc/salt/master) where the top file must reside:
##### File Server settings #####
# Salt runs a lightweight file server written in zeromq to deliver files to
# minions. This file server is built into the master daemon and does not
# require a dedicated port.
# The file server works on environments passed to the master, each environment
# can have multiple root directories, the subdirectories in the multiple file
# roots cannot match, otherwise the downloaded files will not be able to be
# reliably ensured. A base environment is required to house the top file.
# Example:
# file_roots:
# base:
# - /srv/salt/
# dev:
# - /srv/salt/dev/services
# - /srv/salt/dev/states
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
# base:
# - /srv/salt
As previous John answer, putting the top file in /srv/salt is what to do if you have not changed the default in /etc/salt/master.

How to enable HTTP Pipelining with Spray-Can

I read on the spray-can docs that it supports HTTP Pipelining. But there is no method or example specified anywhere on how to do it.
This is a config setting. See this or this doc for all available settings in Spay config.
This setting turns it on:
spray.can.host-connector.pipelining = off
And this one has to be > 1 to effectively enable it:
spray.can.server.pipelining-limit = 1
By default pipelining is off.
Relevant description of each setting:
# The maximum number of requests that are accepted (and dispatched to
# the application) on one single connection before the first request
# has to be completed.
# Incoming requests that would cause the pipelining limit to be exceeded
# are not read from the connections socket so as to build up "back-pressure"
# to the client via TCP flow control.
# A setting of 1 disables HTTP pipelining, since only one request per
# connection can be "open" (i.e. being processed by the application) at any
# time. Set to higher values to enable HTTP pipelining.
# Set to 'disabled' for completely disabling pipelining limits
# (not recommended on public-facing servers due to risk of DoS attacks).
# This value must be > 0 and <= 128.
pipelining-limit = 1
# If this setting is enabled, the `HttpHostConnector` pipelines requests
# across connections, otherwise only one single request can be "open"
# on a particular HTTP connection.
pipelining = off