David Ghedini

Linux, Java, Oracle, and PostgreSQL


David Ghedini

Monday Jun 15, 2015

Set Google Nameservers in resolv.conf on CentOS

This post will cover setting Google for your namesever resolvers in CentOS.

It's a simple task, but my OnApp does not set them for my CentOS templates for some reason.

If they have not been set, the first time you will likely notice is when you go to use yum and it throws PYCURL errors.

Log in as root via SSH and issue 'vi /etc/resolv.conf' to edit your resolv.conf file:

[root@david etc]# vi /etc/resolv.conf


If, like me, you have no nameserver resolvers set, you will see something like this:

# Automatically generated by OnApp (3.0.8)
domain davidghedini.com
~
~


Hit "i" for insert and add the Google Nameservers (8.8.8.8 and 8.8.4.4) as shown below, one per line:

# Automatically generated by OnApp (3.0.8)
domain davidghedini.com
nameserver 8.8.8.8
nameserver 8.8.4.4


Hit Escape and then ':wq' to save your changes

Bookmark and Share



Monday Jul 23, 2012

Install JBoss 7.1 on CentOS 6

This post will cover installing JBoss 7.1.1 on CentOS 6.x.

We'll also set up JBoss to run as a service, as well as set up access to the management console

Finally, we will look at how run JBoss on port 80 or, alternatively, placing JBoss behind Apache.

In this post, we will set up the JBoss 7.1.1 in Standalone mode. In a subsequent post we will look at setting up JBoss 7.1.1 in Domain mode.

Step 1: Install the Java 6 or 7


Firstly, we will need to install Java.

JBoss 7.1.1 will work with JDK 6 or JDK 7.

I'm using JDK 7, update 5.

You can download the JDK here: http://www.oracle.com/technetwork/java/javase/downloads/index.html

The instructions below will also work with JDK 6, you just need to change the file names accordingly.


Start by creating a directory /usr/java.

[root@dev2 ~]# mkdir /usr/java


Download jdk-7u5-linux-x64.tar.gz (or latest) and save to /usr/java directory you created above.


[root@dev2 java]# ls
jdk-7u5-linux-x64.tar.gz



Extract it:

[root@dev2 java]# tar -zxf  jdk-7u5-linux-x64.tar.gz


This will create the directory, /usr/java/jdk1.7.0_05, this will be our JAVA_HOME.

[root@dev2 java]# ls
jdk1.7.0_05  jdk-7u5-linux-x64.tar.gz
[root@dev2 java]# cd jdk1.7.0_05
[root@dev2 jdk1.7.0_05]# pwd
/usr/java/jdk1.7.0_05


Note: If you decided to use JDK 6 rather than 7 as we did above, simply save the JDK 6 bin file to /opt (or another location), then navigate to /usr/java and issue: 'sh /opt/jdk-6u33-linux-x64.bin' as shown below (substitute whichever version you downloaded). This will create a JAVA Home of /usr/java/jdk1.6.0.33

[root@dev2 ~]#cd /usr/java
[root@dev2 java]# sh /opt/jdk-6u33-linux-x64.bin



Step 2: Download and Install JBoss 7.1.1 Application Server


Change to the /usr/share directory:

[root@dev2 jdk1.7.0_05]# cd /usr/share


Download jboss-as-7.1.1.Final.zip at http://www.jboss.org/jbossas/downloads and save it to /usr/share. Or, use wget:


[root@dev2 share]# wget http://download.jboss.org/jbossas/7.1/jboss-as-7.1.1.Final/jboss-as-7.1.1.Final.zip



Unzip the file:


[root@dev2 share]# unzip -q jboss-as-7.1.1.Final.zip



Rename jboss-as-7.1.1.Final to jboss-as. This isn't strictly necessary, but it will save you the bother of changing the start up script later.


[root@dev2 share]# mv jboss-as-7.1.1.Final jboss-as


Our JBOSS_HOME is '/usr/share/jboss-as'.

[root@dev2 share]# cd jboss-as
[root@dev2 jboss-as]# pwd
/usr/share/jboss-as


Step 3: Create the user jboss, who will own and run JBoss


Since we will want to run JBoss as a non-root user with minimal privileges, we'll create a user, jboss, who will own the JBoss files and JBoss will run under his account.

To do this, do the following.

Create a new group, jboss, and then create the user jboss and add the user to the jboss group.

[root@dev2 share]# groupadd jboss
[root@dev2 share]# useradd -s /bin/bash -g jboss jboss


Change ownership of the JBoss home directory, /usr/share/jboss-as so all files are owned by the user jboss we created.

[root@dev2 share]# chown -Rf jboss.jboss /usr/share/jboss-as/


Step 4: Put Java into the path of jboss and root


Now, we need to put Java into the path of the users jboss and root (as well as any other users you like)

The JAVA_HOME is where we installed the JDK above: /usr/java/jdk1.7.0_05

Add the following to the .bash_profile of the user jboss and the user root:

JAVA_HOME=/usr/java/jdk1.7.0_05
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH


As root, issue '. ~/.bash_profile' as below to put JAVA into the path of root immediately.

[root@dev2 ~]# . ~/.bash_profile


Check that JAVA is now in the path of root by issuing 'java -version' as below.
[root@dev2 ~]# java -version
java version "1.7.0_05"
Java(TM) SE Runtime Environment (build 1.7.0_05-b06)
Java HotSpot(TM) 64-Bit Server VM (build 23.1-b03, mixed mode)
[root@dev2 ~]#



We need to have JAVA in the path of user root for when we add a Management User for JBoss console in Step 8 below.

Finally, switch to the user jboss and issue 'java -version' to verify that Java is now in the path of user jboss.


[root@dev2 ~]# su - jboss
[jboss@dev2 ~]$ java -version
java version "1.7.0_05"
Java(TM) SE Runtime Environment (build 1.7.0_05-b06)
Java HotSpot(TM) 64-Bit Server VM (build 23.1-b03, mixed mode)
[jboss@dev2 ~]$



Step 5: Create a start/stop/restart script for JBoss.


To create our JBoss script, we will copy the jboss-as-standalone.sh script located under /usr/share/jboss-as/bin/init.d

As root, copy jboss-as-standalone.sh to /etc/init.d and rename it jboss

.
[root@dev2 ~]# cd /usr/share/jboss-as/bin/init.d
[root@dev2 bin]# cp jboss-as-standalone.sh /etc/init.d/jboss


The only change I needed to make two changes to the script

The first was to change line #5 below from it's original '# chkconfig: - 80 20' to '# chkconfig: 234 80 20' The second was to set the JBOSS_USER.

To set the JBOSS_USER, add the following lines to script:

JBOSS_USER=jboss
export JBOSS_USER

You can add the lines just under 'export JAVA_HOME' on line 18 or so below. So the beginning of your script will look like this:

#!/bin/sh
#
# JBoss standalone control script
#
# chkconfig: 234 80 20
# description: JBoss AS Standalone
# processname: standalone
# pidfile: /var/run/jboss-as/jboss-as-standalone.pid
# config: /etc/jboss-as/jboss-as.conf

# Source function library.
. /etc/init.d/functions

# Load Java configuration.
[ -r /etc/java/java.conf ] && . /etc/java/java.conf
export JAVA_HOME

JBOSS_USER=jboss
export JBOSS_USER

# Load JBoss AS init.d configuration.
if [ -z "$JBOSS_CONF" ]; then
  JBOSS_CONF="/etc/jboss-as/jboss-as.conf"
fi

[ -r "$JBOSS_CONF" ] && . "${JBOSS_CONF}"

# Set defaults.

if [ -z "$JBOSS_HOME" ]; then
  JBOSS_HOME=/usr/share/jboss-as
fi
export JBOSS_HOME


Step 6: Run JBoss as a Service.


To run JBoss as a service and enable start up at boot, make the script we created above executable and add it to our chkconfig so it starts at boot.

[root@dev2 init.d]# chmod 755 jboss
[root@dev2 init.d]# chkconfig --add jboss
[root@dev2 init.d]# chkconfig --level 234 jboss on


We should now be able to Start, Stop, and Restart JBoss as a service.

Start JBoss (JBoss can take some time to start, but it is faster than JBoss 6).:

[root@dev2 init.d]# service jboss start
Starting jboss-as:                                         [  OK  ]
[root@dev2 init.d]# 


Stop JBoss:
[root@dev2 init.d]# service jboss stop
Stopping jboss-as: *** JBossAS process (25794) received TERM signal ***
                                                           [  OK  ]


Step 7: Change bind address to make JBoss accessible.


By default, JBoss 7.1.1 is bound to the loopback IP of 127.0.0.1, so if we want to make it available on the web, we need to change this.

Locate standalone.xml under /usr/share/jboss-as/standalone/configuration/.

Open standalone.xml in vi or a text editor and look for the public interfaces node as shown below.

<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>

To make JBoss publicly accessible, change 127.0.0.1 to either 0.0.0.0 to allow access on all interfaces or to your public IP.

So, for example, if your public IP is 173.194.35.177, you would change it as so:

<interfaces>
        <interface name="management">
            <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
        </interface>
        <interface name="public">
            <inet-address value="${jboss.bind.address:173.194.35.177}"/>
        </interface>
        <!-- TODO - only show this if the jacorb subsystem is added  -->
        <interface name="unsecure">
            <!--
              ~  Used for IIOP sockets in the standard configuration.
              ~                  To secure JacORB you need to setup SSL 
              -->
            <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
        </interface>
    </interfaces>



Again, if you wish to have JBoss publicly accessible on all interfaces, use 0.0.0.0 in place of your IP above.

Save your changes, start up JBoss, and check it is publicly accessible via http://yourIP:8080

[root@dev2 init.d]# service jboss start
Starting jboss-as:                                         [  OK  ]


Woo-hoo! JBoss 7:

JBoss 7.1.1 Welcome Page



Step 8: Accessing the JBoss 7 Admin Console and adding a Management User


If you try to access the JBoss Admin Console via the link on the home page (or by going directly to http://YourIP:9990, you will be greeted with the following:

java -jar



While the error page tells you how to add a user, you will also need to update the standalone.xml as we did earlier if you want to allow access over your public IP.


Let's start with adding a Management user as shown on the error page:

As root, navigate to /usr/share/jboss-as/bin

[root@dev2 etc]# cd /usr/share/jboss-as/bin


Issue './add-user.sh' to run the script to add a Management user. Follow the prompts. Some defaults are provided.

[root@dev2 bin]# ./add-user.sh

What type of user do you wish to add?
 a) Management User (mgmt-users.properties)
 b) Application User (application-users.properties)
(a):

Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : david
Password :
Re-enter Password :
About to add user 'david' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'david' to file '/usr/share/jboss-as/standalone/configuration/mgmt-users.properties'
Added user 'david' to file '/usr/share/jboss-as/domain/configuration/mgmt-users.properties'
[root@dev2 bin]# 


While you can now access the Admin console on localhost (127.0.0.1), if you want to access it publicly, we need to update standalone.xml under /usr/share/jboss-as/standalone/configuration/ as we did earlier in Step 7.

Open standalone.xml in vi or a text editor and look for the management interface node as shown below.

<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>

To make the JBoss Admin console publicly accessible, change 127.0.0.1 to your your public IP or to 0.0.0.0 for all interfaces.

So, for example, if your public IP is 173.194.35.177, you would change it as so:

<interfaces>
        <interface name="management">
            <inet-address value="${jboss.bind.address.management:173.194.35.177}"/>
        </interface>
        <interface name="public">
            <inet-address value="${jboss.bind.address:173.194.35.177}"/>
        </interface>
        <!-- TODO - only show this if the jacorb subsystem is added  -->
        <interface name="unsecure">
            <!--
              ~  Used for IIOP sockets in the standard configuration.
              ~                  To secure JacORB you need to setup SSL 
              -->
            <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
        </interface>
    </interfaces>



Again, if you wish to have the Admin console publicly accessible on all interfaces, use 0.0.0.0 in place of your IP above.

Retstart JBoss to reload the the change to standalone.xml:

[root@dev2 init.d]# service jboss stop
Stopping jboss-as: *** JBossAS process (25794) received TERM signal ***
                                                           [  OK  ]
[root@dev2 init.d]# service jboss start
Starting jboss-as:                                         [  OK  ]


Now, navigate back to http://YourIP:9990 and you should be prompted for the Management user credentials you just created:


JBoss 7 Management User Log In



Below, we are now logged in to the Admin console as the Management user we created:


JBoss 7 Admin Console



Step 9 (Optional): Running JBoss on Port 80.


To run services below port 1024 as user other than root, you can use port forwarding.

You can do this by adding the following to your IP tables:

[root@sv2 ~]# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
[root@sv2 ~]# iptables -t nat -A PREROUTING -p udp -m udp --dport 80 -j REDIRECT --to-ports 8080


Be sure to save and restart your IP Tables.

Step 10 (Optional): Putting Apache in Front of JBoss.


As an alternative to running JBoss on port 80, if you have Apache in front of JBoss, you can use mod_proxy as well as ajp connector to map your domain to your JBoss applications using an Apache vhost as shown below:

While both Tomcat and JBoss have improved their standalone performance, I still prefer to have Apace in front for a number of reasons.

Note that when using proxy, if you will be proxy to localhost (which you should be), you will need to set your public interface bind address to either 0.0.0.0 (for all interfaces) or to 127.0.0.1 for localhost only.
<VirtualHost *:80>
    ServerAdmin admin@domain.com
    ServerName domain.com
    ServerAlias www.domain.com


    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
       Order allow,deny
       Allow from all
    </Proxy>


    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/


    ErrorLog logs/domain.com-error_log
    CustomLog logs/domain.com-access_log common

</VirtualHost>



Alternatively, with the AJP connector enabled, you can use ajp as well:


<VirtualHost *:80>
    ServerAdmin admin@domain.com
    ServerName domain.com
    ServerAlias www.domain.com


    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
       Order allow,deny
       Allow from all
    </Proxy>


    ProxyPass / ajp://localhost:8009/
    ProxyPassReverse / ajp://localhost:8009/


    ErrorLog logs/domain.com-error_log
    CustomLog logs/domain.com-access_log common

</VirtualHost>


The AJP connector is NOT enabled by default. To enable the AJP connector:

1. Log into the Admin console
2. Click Profile on the top right.
3. On the left menu, go to Web > Servlet/HTTP.
3. Click on the "add" button at right.


JBoss 7.1.1 Profile



4. Enter the following in the Create Connector dialogue box as shown below.

5. Click Save.

JBoss 7.1.1 Welcome Page



The AJP connector is now enabled.

JBoss 7.1.1  AJP Connector



One final note above the vhost examples above (proxy and ajp).

In both vhost examples above, we are "mapping" the domain to the root.

If we wish to map to an application such as domain.com/myapp, we can add some rewrite as shown below.

This will rewrite all requests for domain.com to domain.com/myapp.


<VirtualHost *:80>
    ServerAdmin admin@domain.com
    ServerName domain.com
    ServerAlias www.domain.com

    RewriteEngine On
    RewriteRule ^/$ myapp/ [R=301]


    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
       Order allow,deny
       Allow from all
    </Proxy>


    ProxyPass / ajp://localhost:8009/
    ProxyPassReverse / ajp://localhost:8009/


    ErrorLog logs/domain.com-error_log
    CustomLog logs/domain.com-access_log common

</VirtualHost>


JBoss 7.1.1 Docs



JBoss and WildFly Hosting

Bookmark and Share



Sunday Jul 22, 2012

VNC Server on CentOS 6

This post will cover installing VNC with GNOME Desktop on a remote server running CentOS 6.

Installation has changed a bit since CentOS 5, but is still simple and straight forward.

1. Install Tigervnc Server


[root@demo ~]# yum -y install tigervnc-server



2. Install X Windows and GNOME.

This used to be yum groupinstall "X Window System" "GNOME Desktop Environment", but is now simply:


yum groupinstall "X Window System" "Desktop"



3. Create a user (or use and existing user) and create VNC login.


[root@demo ~]# useradd david
[root@demo ~]# passwd david
Changing password for user david.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@demo ~]# su - david



4. Switch to the user (su - user) and issue 'vncpasswd' to set the VNC password



[david@demo ~]$ vncpasswd
Password:
Verify:
[david@demo ~]$



5. Start VNC using 'vncserver :1'


[david@demo ~]$ vncserver :1
xauth:  creating new authority file /home/david/.Xauthority

New 'demo.domain.net:1 (david)' desktop is demo.domain.net:1

Creating default startup script /home/david/.vnc/xstartup
Starting applications specified in /home/david/.vnc/xstartup
Log file is /home/david/.vnc/demo.domain.net:1.log

[david@demo ~]$





6. Stop VNC using using 'vncserver -kill :1'


[david@demo ~]$ vncserver -kill :1



7. Setting resolution:


In /etc/sysconfig/vncservers, add a line for each user.

NOTE: if you if you need to install Oracle software, use geometry 1024x768.

You can also do this via the shell using: vncserver :1 -geometry 1024x768 -depth xx

# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own).  You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.  
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted!  For a secure way of using VNC, see this URL:
# http://kbase.redhat.com/faq/docs/DOC-7028

# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.

# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel.  See the "-via" option in the
# `man vncviewer' manual page.

# VNCSERVERS="2:myusername"
# VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
VNCSERVERS="1:david"
VNCSERVERARGS[1]="-geometry 1024x768"


For multiple users, simply add the user to the VNCSERVERS list and add a VNCSERVERARGS[x] entry.

So for three users:

VNCSERVERS="1:david 2:bill 3:john"
VNCSERVERARGS[1]="-geometry 1024x768"
VNCSERVERARGS[2]="-geometry 1024x768"
VNCSERVERARGS[3]="-geometry 640x480"


8. Open the port for the user, in this case 5801.



-A INPUT -m state --state NEW -m tcp -p tcp --dport 5801 -j ACCEPT


Save and restart IP Tables (/etc/init.d/iptables save | restart)

9. Connect using VNC Viewer with IP:1




10. You should now be connected to your CentOS desktop




CentOS Wiki: VNC ( Virtual Network Computing )

Bookmark and Share




Main Menu

Built With

Pages

LinkedIn

Tag Cloud

Hosted by:

Navigation

Visitors

Sponsors

petiole Cloud

Feeds