Deploy Azure Cloud Service on a subnet - azure-cloud-services

I want to deploy a Cloud Service on a subnet.
To do this, I have set the configuration file like this :
<?xml version="1.0" encoding="utf-8"?>
<ServiceConfiguration ...>
<Role name="WebRole1">
...
</Role>
<NetworkConfiguration>
<VirtualNetworkSite name="MyVirtualNetworkName" />
<AddressAssignments>
<InstanceAddress roleName="WebRole1">
<Subnets>
<Subnet name="Front" />
</Subnets>
</InstanceAddress>
</AddressAssignments>
</NetworkConfiguration>
</ServiceConfiguration>
But, after the deployment, if I look the subnet on the Azure Portal, I don't see the Cloud Service :
Should I do something else?

According to your description, I followed the section int this official tutorial about adding your Cloud Service to the Virtual Network. Here are some details, you could refer to them.
Modify ServiceConfiguration.Cloud.cscfg by adding NetworkConfiguration under ServiceConfiguration as follows:
<ServiceConfiguration serviceName="AzureCloudService" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration" osFamily="5" osVersion="*" schemaVersion="2015-04.2.6">
<Role name="MyWebRole">
<Instances count="1" />
<ConfigurationSettings>
...
</ConfigurationSettings>
</Role>
<NetworkConfiguration>
<!--VNet settings
VNet and subnet must be classic virtual network resources, not Azure Resource Manager resources.-->
<VirtualNetworkSite name="bruce-vnet-eastasia" />
<AddressAssignments>
<InstanceAddress roleName="MyWebRole">
<Subnets>
<Subnet name="Subnet-1" />
</Subnets>
</InstanceAddress>
</AddressAssignments>
<!--VNet settings-->
</NetworkConfiguration>
</ServiceConfiguration>
Note: VNet and subnet must be classic virtual network resources, not Azure Resource Manager resources.
After build and deploy it to Azure, you could find the CloudService resource under your VNet via the classical Azure Portal as follows:

Related

Two services with different host but same alias not working wildfly

We're using Wildfly-17.0.1
and we have 2 spring-boot microservices which are being deployed as war on wildfly
service-a.war
service-b.war
We have jboss-web.xml in both services under src/main/webapp/WEB-INF
service-a.war
<jboss-web>
<context-root>/</context-root>
<virtual-host>default-host</virtual-host>
</jboss-web>
service-b.war
<jboss-web>
<context-root>/</context-root>
<virtual-host>b-host</virtual-host>
</jboss-web>
standalone.xml
<subsystem xmlns="urn:jboss:domain:undertow:9.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
<buffer-cache name="default" />
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true" />
<https-listener name="https" socket-binding="https" security-realm="UndertowRealm" enable-http2="true" />
<host name="default-host" alias="alias" default-web-module="service-a.war" />
<host name="b-host" alias="alias" default-web-module="service-b.war" />
</server>
...
</subsystem>
Above alias is the machine name
In the server.log we see below message when both applications are deployed
...
Registered web context: '/' for server 'default-server'
...
Registered web context: '/' for server 'default-server'
But when we try to access both services only one of the service seems to be working, other gives
<html><head><title>Error</title></head><body>404 - Not Found</body></html>
We tried giving different context-root, and we saw this in log
...
Registered web context: '/a' for server 'default-server'
...
Registered web context: '/b' for server 'default-server'
but still only one works and other gives 404.
It works when we give different alias for both the hosts
Why giving the same alias for different hosts doesn't work?
I think the string you put as virtualhost in jboss-web.xml must match the alias (not the name) in standalone conf
Instead of
<host name="b-host" alias="alias" default-web-module="service-b.war" />
Try with:
<host name="vhost2" alias="b-host" default-web-module="service-b.war" />

How do you join a Liberty collective on Linux?

I am trying to set up a Liberty collective using Docker hosts running linux. The videos they have about setting up Liberty collectives at the moment use Windows and are all on the same machine.
To join the collective so it appears on adminCenter isn't too hard it is just a matter of collective join --host=...
The problem is the administration part i.e. changing the configuration file or stopping and starting the servers is not working.
I tried various ways of passing in hostInfo in server.xml or --sshPrivateKey Hard coding root passwords and none of them work.
According to the instructions all you needed was an openssh-server which I have already enabled and running I have already exposed the ports and verify I can connect to them using a certificate from the controller container as well.
In addition based on the REST API it uses a stringified SSH Private Key itself rather than a file and that should be sent through the collective registerHost but it does not appear to work and there is nothing in the command line logs even with .level=ALL and ...consolelogger...=ALL that show what the hostAuthInfo is.
The one of the commands I ran for collective join is
collective join defaultServer \
--host=controller \
--port=9443 \
--user=adminUser \
--password=adminPassword \
--autoAcceptCertificates \
--rpcUser=root \
--sshPrivateKey=$HOME/.ssh/id_rsa \
--keystorePassword=$PASSWORD \
--createConfigFile=/config/collective-join-include.xml
I say one of because I tried various combinations where I removed or changed --rpcuser, --sshPrivateKey and other authInfo related items.
server.xml of member is at this point ...
<?xml version="1.0" encoding="UTF-8"?>
<server description="Application Server">
<featureManager>
<feature>javaee-7.0</feature>
<feature>clusterMember-1.0</feature>
<!--<feature>scalingMember-1.0</feature>-->
</featureManager>
<remoteFileAccess>
<writeDir>${server.config.dir}</writeDir>
</remoteFileAccess>
<httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443" host="*"/>
<!--<hostSingleton name="ScalingMemberSingletonService" port="5164" />-->
<applicationManager autoExpand="true"/>
<!--<hostAuthInfo rpcUser="root" sshPublicKeyPath="/root/.ssh/id_rsa.pub" sshPrivateKeyPath="/root/.ssh/id_rsa"/>-->
<include location="${server.config.dir}/collective-join-include.xml"/>
<dataSource id="myds" jndiName="jdbc/sample" type="javax.sql.XADataSource">
<jdbcDriver javax.sql.ConnectionPoolDataSource="org.mariadb.jdbc.MariaDbDataSource" javax.sql.DataSource="org.mariadb.jdbc.MariaDbDataSource" javax.sql.XADataSource="org.mariadb.jdbc.MariaDbDataSource">
<library>
<file name="${server.config.dir}/mariadb-java-client-1.5.9.jar"/>
</library>
</jdbcDriver>
<properties databaseName="jeesample" password="password" serverName="database" user="jeeuser"/>
</dataSource>
<basicRegistry id="basic" realm="BasicRealm">
<user name="websphere" password="{xor}KDo9LC83Oi06"/>
</basicRegistry>
<ejbContainer>
<timerService>
<persistentExecutor taskStoreRef="mystore"/>
</timerService>
</ejbContainer>
<databaseStore dataSourceRef="myds" id="mystore"/>
</server>
Controller side
<?xml version="1.0" encoding="UTF-8"?>
<server description="Collective Controller">
<variable name="defaultHostName" value="controller"/>
<httpEndpoint id="defaultHttpEndpoint" host="*" httpPort="9080" httpsPort="9443"/>
<featureManager>
<!--<feature>scalingController-1.0</feature>-->
<feature>adminCenter-1.0</feature>
<feature>dynamicRouting-1.0</feature>
</featureManager>
<remoteFileAccess>
<writeDir>${server.config.dir}</writeDir>
</remoteFileAccess>
<!--<scalingDefinitions>
<defaultScalingPolicy enabled="true" min="2" max="2"/>
</scalingDefinitions>-->
<include location="${server.config.dir}/resources/collective/collective-create-include.xml"/>
<collectiveController user="adminUser" password="adminPassword"/>
</server>
By default, when ssh is properly configured and running on the linux machines (controller's and member's host machine), you only need to run the 'collective join' command from the member's wlp/bin dir. You should not need to specify hostInfo nor --sshPrivateKey via server.xml nor the collective updateHost/registHost commands. This flow will use the ssh keys generated by the collective.
The useHostCredentials flag is generally meant to be used with rpcUser and rpcUserPassword (provided via registerHost, updateHost, or server.xml) instead of ssh, especially useful for systems that do not have ssh configured (like windows by default). However, it can also be used to specify custom ssh keys.
If you're still having trouble, provide the collective join command that was ran from the member's wlp/bin, as well as the server.xml of the controller and member.

The username you provided is not allowed to use the text-based Tomcat Manager (error 403) when deploying on remote Tomcat8 using Jenkins

I am trying to deploy a WAR on the remote Tomcat (Remote Machine) using Jenkins deploy to container Plugin.
I have done the following configuration in tomcat-users.xml
<user username="deployer" password="deployer" roles="manager-gui,manager-script,admin" />
I have setup the proper username password and port in Jenkins deployer container plugin. The setup is working fine for the local Tomcat.
But for remote Tomcat I keep getting the following error:
Caused by: org.codehaus.cargo.container.tomcat.internal.TomcatManagerException: The username you provided is not allowed to use the text-based Tomcat Manager (error 403) at org.codehaus.cargo.container.tomcat.internal.TomcatManager.invoke(TomcatManager.java:555)
at org.codehaus.cargo.container.tomcat.internal.TomcatManager.list(TomcatManager.java:686)
at org.codehaus.cargo.container.tomcat.internal.TomcatManager.getStatus(TomcatManager.java:699)
at org.codehaus.cargo.container.tomcat.internal.AbstractTomcatManagerDeployer.redeploy(AbstractTomcatManagerDeployer.java:174)
... 16 more
Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: http://1.203.190.5:8080/manager/text/list
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at org.codehaus.cargo.container.tomcat.internal.TomcatManager.invoke(TomcatManager.java:544) ... 19 more
This seems to be a Jenkins bug but I got around the problem by setting up following configuration in Tomcat:
Edit the file /webapps/manager/META-INF/context.xml:
Previous:
<Context antiResourceLocking="false" privileged="true">
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
</Context>
Change this file to comment the Value:
<Context antiResourceLocking="false" privileged="true">
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
This resolved the issue.
I was facing the same issue while deploying artifact to tomcat with jenkins via container plugin,
Solution:- i have added manager-script and manager-gui in the roles of the user and provide the full access to webapps/* directory. It helps me to deploy the artifact successfully and able to view it with manager-app.
My OS : Debain 10
I solved this by editing file /opt/tomcat/conf/tomcat-users.xml and added manager-script role
<role rolename="admin-gui,manager-gui,manager-script,manager-jmx,manager-status,admin-gui"/>
<user username="admin" password="password" roles="admin-gui,manager-gui,manager-script"/>
You just need to add the jenkins IP address to the valve.
You need to update : /webapps/manager/META-INF/context.xml. Because it allows only localhost. If you know the specific hostname or IP, you can add it replacing XXX.XXX.XXX.XXX by the IP address.
It's realy important to keep the security in place.
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|XXX.XXX.XXX.XXX" />
</Context>
After that, you need to restart tomcat.
$CATALINA_HOME/bin/shutdown.sh && $CATALINA_HOME/bin/startup.sh
If nothing works simply create another user in tomcat-users.xml file with magnager-script role assigned and set this user credential to jenkins .
In tomcat-users.xml file
<tomcat-users>
<user username="deployuser" password="deployuser" roles="manager-script" />
<user username="admin" password="admin" roles="manager-gui" />
</tomcat-users>
In Tomcat 9, you don't need to add any manager-XXX roles. All you have to do is add the users and and assign the manager-gui (for GUI access) and manager-script (for access like Jenkins deployment ).
Also, make sure to edit the file /webapps/manager/META-INF/context.xml, either to comment out valve or define appropriate reg ex for allow attribute
Step 1:
We need to update : \webapps\manager\META-INF\context.xml. Bcs it allows only localhost. If you know the specific hostname or IP, you can add.
<Context antiResourceLocking="false" privileged="true" >
<!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
Step 2:
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<user username="tomcat" password="tomcat" roles="manager-gui, manager-script"/>
Deployment went successful.
I had the same issue. Changing the username to "admin" should do the work.

IBM Websphere Liberty Profile:How to map Public IP Address in Websphere

I am trying to map my server public ip addresss in Websphere LP server.xml file but when i tried to access it from outside i am getting a connection error. I tried giving host="localhost" and tried to access from server itself,it is working fine.
Is there anything i need to configure in Websphere LP to access it from outside.
Server.xml file
<server description="new server">
<!-- Enable features -->
<featureManager>
<feature>jsp-2.2</feature>
<feature>localConnector-1.0</feature>
</featureManager>
<httpEndpoint host="*" httpPort="8007" httpsPort="9443" id="defaultHttpEndpoint"/>
<applicationMonitor updateTrigger="mbean"/>
<library id="worklight-6.0.0">
<fileset dir="C:\IBM\Liberty\usr\shared\resources" includes="worklight-jee-library-6.0.0.jar"/>
</library>
<library id="apps-common">
<fileset dir="C:\IBM\Liberty\usr\shared\resources" includes="org.hsqldb.hsqldb_2.2.5.jar"/>
</library>
<application context-root="/DemoApp" id="DemoApplication" location="DemoApplication.war" name="DemoApplication" type="war">
<classloader commonLibraryRef="worklight-6.0.0,apps-common"/>
</application>
</server>
Any help is appreciated.
As per the InfoCenter document for the httpEndpoint configuration element, here: http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/topic/com.ibm.websphere.wlp.doc/autodita/rwlp_metatype_4ic.html?resultof=%22%68%74%74%70%65%6e%64%70%6f%69%6e%74%22%20#mtFile121
A hostname of * will bind to all available network interfaces - you do not need to do anything extra on the Liberty side, which I believe answers your question.
Setting the hostname to 'localhost' will mean the http endpoint is only accessible from your machine.
Using the configuration as supplied (hostName of *), this should work remotely - so it is likely a firewall issue.
You can check the /servers/yourServer/logs/messages.log file to verify which interfaces your endpoint is binding to - look for a message of the form
WWKO0219I: TCP Channel defaultHttpEndpoint has been started and is now listening for requests on host localhost (IPv4: 127.0.0.1) port 9080.

Spring deployment-level configuration

When I wrote Java EE apps, I used JBoss Datasources to control which databases the deployment used. E.g. the dev versions would use a throwaway hibernate db, the ref and ops would use stable MySQL deployments. I also used MBeans to configure various other services and rules.
Now that I'm using Spring, I'd like the same functionality - deploy the same code, but with different configuration. Crucially, I'd also like Unit Tests to still run with stub services. My question is this - is there a way, in JBoss, to inject configuration with files which live outside of the WAR/EAR, and also include these files in test resources.
It is possible to add objects into the JNDI context by placing a file named xxx-service.xml into jboss's deploy directory. The app could then lookup the values via JNDI. In the example below the string "development" is added at java:/modes/deployment. To use JNDI in your unit tests use the org.springframework.mock.jndi package.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE server PUBLIC "-//JBoss//DTD MBean Service 4.0//EN"
"http://www.jboss.org/j2ee/dtd/jboss-service_4_0.dtd">
<server>
<mbean code="org.jboss.naming.JNDIBindingServiceMgr"
name="c3po.naming:service=jndi-bindings">
<attribute name="BindingsConfig" serialDataType="jbxb">
<jndi:bindings
xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jndi="urn:jboss:jndi-binding-service:1.0"
xs:schemaLocation="urn:jboss:jndi-binding-service:1.0 resource:jndi-binding-service_1_0.xsd"
>
<jndi:binding name="java:/modes/deployment">
<jndi:value type="java.lang.String">development</jndi:value>
</jndi:binding>
<jndi:binding name="java:/sites/abc">
<jndi:value type="java.lang.String">dev.site.example.com</jndi:value>
</jndi:binding>
<!-- Examples:
<jndi:binding name="urls/jboss-home">
<jndi:value type="java.net.URL">http://www.jboss.org</jndi:value>
</jndi:binding>
<jndi:binding name="hosts/localhost">
<jndi:value editor="org.jboss.util.propertyeditor.InetAddressEditor">
127.0.0.1
</jndi:value>
</jndi:binding>
<jndi:binding name="maps/testProps">
<java:properties xmlns:java="urn:jboss:java-properties"
xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
xs:schemaLocation="urn:jboss:java-properties resource:java-properties_1_0.xsd">
<java:property>
<java:key>key1</java:key>
<java:value>value1</java:value>
</java:property>
<java:property>
<java:key>key2</java:key>
<java:value>value2</java:value>
</java:property>
</java:properties>
</jndi:binding>
-->
</jndi:bindings>
</attribute>
<depends>jboss:service=Naming</depends>
</mbean>
</server>

Resources