Search

Chapter 5. Reference

download PDF

5.1. Artifact Repository Mirrors

A repository in Maven holds build artifacts and dependencies of various types (all the project jars, library jar, plugins or any other project specific artifacts). It also specifies locations from where to download artifacts from, while performing the S2I build. Besides using central repositories, it is a common practice for organizations to deploy a local custom repository (mirror).

Benefits of using a mirror are:

  • Availability of a synchronized mirror, which is geographically closer and faster.
  • Ability to have greater control over the repository content.
  • Possibility to share artifacts across different teams (developers, CI), without the need to rely on public servers and repositories.
  • Improved build times.

Often, a repository manager can serve as local cache to a mirror. Assuming that the repository manager is already deployed and reachable externally at http://10.0.0.1:8080/repository/internal/, the S2I build can then use this manager by supplying the MAVEN_MIRROR_URL environment variable to the build configuration of the application as follows:

  1. Identify the name of the build configuration to apply MAVEN_MIRROR_URL variable against:

    oc get bc -o name
    buildconfig/jdg
  2. Update build configuration of jdg with a MAVEN_MIRROR_URL environment variable

    oc env bc/jdg MAVEN_MIRROR_URL="http://10.0.0.1:8080/repository/internal/"
    buildconfig "jdg" updated
  3. Verify the setting

    oc env bc/jdg --list
    # buildconfigs jdg
    MAVEN_MIRROR_URL=http://10.0.0.1:8080/repository/internal/
  4. Schedule new build of the application
Note

During application build, you will notice that Maven dependencies are pulled from the repository manager, instead of the default public repositories. Also, after the build is finished, you will see that the mirror is filled with all the dependencies that were retrieved and used during the build.

5.2. Information Environment Variables

The following information environment variables are designed to convey information about the image and should not be modified by the user:

Table 5.1. Information Environment Variables
Variable NameDescriptionValue

JBOSS_DATAGRID_VERSION

The full release that the containerized image is based from.

7.1.0.GA

JBOSS_HOME

The directory where the JBoss distribution is located.

/opt/datagrid

JBOSS_IMAGE_NAME

Image name, same as Name label

jboss-datagrid-7/datagrid71-openshift

JBOSS_IMAGE_RELEASE

Image release, same as Release label

Example: dev

JBOSS_IMAGE_VERSION

Image version, same as Version label

Example: 1.2

JBOSS_MODULES_SYSTEM_PKGS

 

org.jboss.logmanager

JBOSS_PRODUCT

 

datagrid

LAUNCH_JBOSS_IN_BACKGROUND

Allows the data grid server to be gracefully shutdown even when there is no terminal attached.

true

5.3. Configuration Environment Variables

Configuration environment variables are designed to conveniently adjust the image without requiring a rebuild, and should be set by the user as desired.

Table 5.2. Configuration Environment Variables
Variable NameDescriptionExample Value

ADMIN_GROUP

Comma-separated list of groups / roles to configure for the JDG user specified via the USERNAME variable.

Example: admin,___schema_manager,___script_manager

CACHE_CONTAINER_START

Should this cache container be started on server startup, or lazily when requested by a service or deployment. Defaults to LAZY

Example: EAGER

CACHE_CONTAINER_STATISTICS

Determines if the cache container collects statistics. Disable for optimal performance. Defaults to true.

Example: false

CACHE_NAMES

List of caches to configure. Defaults to default, memcached, and each defined cache will be configured as a distributed-cache with a mode of SYNC.

Example: addressbook, addressbook_indexed

CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS

Class of the custom principal to role mapper.

Example: com.acme.CustomRoleMapper

CONTAINER_SECURITY_ROLE_MAPPER

Set a role mapper for this cache container. Valid values are: identity-role-mapper, common-name-role-mapper, cluster-role-mapper, custom-role-mapper.

Example: identity-role-mapper

CONTAINER_SECURITY_ROLES

Define role names and assign permissions to them.

Example: admin=ALL, reader=READ, writer=WRITE

DATAGRID_SPLIT

Allow multiple instances of JBoss Data Grid server to share the same persistent volume. If enabled (set to true) each instance will use a separate area within the persistent volume as its data directory. Such persistent volume is required to be mounted at /opt/datagrid/standalone/partitioned_data path. Not set by default.

Example: true

DB_SERVICE_PREFIX_MAPPING

Define a comma-separated list of datasources to configure.

Example: test-mysql=TEST_MYSQL

DEFAULT_CACHE

Indicates the default cache for this cache container.

Example: addressbook

ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH

Whether to require client certificate authentication. Defaults to false.

Example: true

HOTROD_AUTHENTICATION

If defined the hotrod-connectors will be configured with authentication in the ApplicationRealm.

Example: true

HOTROD_ENCRYPTION

If defined the hotrod-connectors will be configured with encryption in the ApplicationRealm.

Example: true

HOTROD_SERVICE_NAME

Name of the OpenShift service used to expose HotRod externally.

Example: DATAGRID_APP_HOTROD

INFINISPAN_CONNECTORS

Comma separated list of connectors to configure. Defaults to hotrod, memcached, rest. Note that if authorization or authentication is enabled on the cache then memcached should be removed as this protocol is inherently insecure.

Example: hotrod

JAVA_OPTS_APPEND

The contents of JAVA_OPTS_APPEND is appended to JAVA_OPTS on startup.

Example: -Dfoo=bar

JGROUPS_CLUSTER_PASSWORD

A password to control access to JGroups. Needs to be set consistently cluster-wide. The image default is to use the OPENSHIFT_KUBE_PING_LABELS variable value; however, the JBoss application templates generate and supply a random value.

Example: miR0JaDR

MEMCACHED_CACHE

The name of the cache to use for the Memcached connector.

Example: memcached

OPENSHIFT_KUBE_PING_LABELS

Clustering labels selector.

Example: application=eap-app

OPENSHIFT_KUBE_PING_NAMESPACE

Clustering project namespace.

Example: myproject

PASSWORD

Password for the JDG user.

Example: p@ssw0rd

REST_SECURITY_DOMAIN

The security domain to use for authentication and authorization purposes. Defaults to none (no authentication).

Example: other

TRANSPORT_LOCK_TIMEOUT

Infinispan uses a distributed lock to maintain a coherent transaction log during state transfer or rehashing, which means that only one cache can be doing state transfer or rehashing at the same time. This constraint is in place because more than one cache could be involved in a transaction. This timeout controls the time to wait to acquire a distributed lock. Defaults to 240000.

Example: 120000

USERNAME

Username for the JDG user.

Example: openshift

Note

HOTROD_ENCRYPTION is defined:

  • If set to a non-empty string (e.g. true), or
  • If JDG for OpenShift image was deployed using some of the application templates allowing configuration of HTTPS (datagrid71-https, datagrid71-mysql, datagrid71-mysql-persistent, datagrid71-postgresql, or datagrid71-postgresql-persistent), and at the same time the HTTPS_NAME parameter is set when deploying that template.

5.4. Cache Environment Variables

The following environment variables all control behavior of individual caches; when defining these values for a particular cache substitute the cache’s name for CACHE_NAME.

Table 5.3. Cache Environment Variables
Variable NameDescriptionExample Value

<CACHE_NAME>_CACHE_TYPE

Determines whether this cache should be distributed or replicated. Defaults to distributed.

Example: replicated

<CACHE_NAME>_CACHE_START

Determines if this cache should be started on server startup, or lazily when requested by a service or deployment. Defaults to LAZY.

Example: EAGER

<CACHE_NAME>_CACHE_BATCHING

Enables invocation batching for this cache. Defaults to false.

Example: true

<CACHE_NAME>_CACHE_STATISTICS

Determines whether or not the cache collects statistics. Disable for optimal performance. Defaults to true.

Example: false

<CACHE_NAME>_CACHE_MODE

Sets the clustered cache mode, ASYNC for asynchronous operations, or SYNC for synchronous operations.

Example: ASYNC

<CACHE_NAME>_CACHE_QUEUE_SIZE

In ASYNC mode this attribute can be used to trigger flushing of the queue when it reaches a specific threshold. Defaults to 0, which disables flushing.

Example: 100

<CACHE_NAME>_CACHE_QUEUE_FLUSH_INTERVAL

In ASYNC mode this attribute controls how often the asynchronous thread runs to flush the replication queue. This should be a positive integer that represents thread wakeup time in milliseconds. Defaults to 10.

Example: 20

<CACHE_NAME>_CACHE_REMOTE_TIMEOUT

In SYNC mode the timeout, in milliseconds, used to wait for an acknowledgement when making a remote call, after which the call is aborted and an exception is thrown. Defaults to 17500.

Example: 25000

<CACHE_NAME>_CACHE_OWNERS

Number of cluster-wide replicas for each cache entry. Defaults to 2.

Example: 5

<CACHE_NAME>_CACHE_SEGMENTS

Number of hash space segments per cluster. The recommended value is 10 * cluster size. Defaults to 80.

Example: 30

<CACHE_NAME>_CACHE_L1_LIFESPAN

Maximum lifespan, in milliseconds, of an entry placed in the L1 cache. Defaults to 0, indicating that L1 is disabled.

Example: 100.

<CACHE_NAME>_CACHE_EVICTION_STRATEGY

Sets the cache eviction strategy. Available options are UNORDERED, FIFO, LRU, LIRS, and NONE (to disable eviction). Defaults to NONE.

Example: FIFO

<CACHE_NAME>_CACHE_EVICTION_MAX_ENTRIES

Maximum number of entries in a cache instance. If selected value is not a power of two the actual value will default to the least power of two larger than the selected value. A value of -1 indicates no limit. Defaults to 10000.

Example: -1

<CACHE_NAME>_CACHE_EXPIRATION_LIFESPAN

Maximum lifespan, in milliseconds, of a cache entry, after which the entry is expired cluster-wide. Defaults to -1, indicating that the entries never expire.

Example: 10000

<CACHE_NAME>_CACHE_EXPIRATION_MAX_IDLE

Maximum idle time, in milliseconds, a cache entry will be maintained in the cache. If the idle time is exceeded, then the entry will be expired cluster-wide. Defaults to -1, indicating that the entries never expire.

Example: 10000

<CACHE_NAME>_CACHE_EXPIRATION_INTERVAL

Interval, in milliseconds, between subsequent runs to purge expired entries from memory and any cache stores. If you wish to disable the periodic eviction process altogether, then set the interval to -1. Defaults to 5000.

Example: -1

<CACHE_NAME>_JDBC_STORE_TYPE

Type of JDBC store to configure. This value may either be string or binary.

Example: string

<CACHE_NAME>_JDBC_STORE_DATASOURCE

Defines the jndiname of the datasource.

Example: java:jboss/datasources/ExampleDS

<CACHE_NAME>_KEYED_TABLE_PREFIX

Defines the prefix prepended to the cache name used when composing the name of the cache entry table. Defaults to ispn_entry.

Example: JDG

<CACHE_NAME>_CACHE_INDEX

The indexing mode of the cache. Valid values are NONE, LOCAL, and ALL. Defaults to NONE.

Example: ALL

<CACHE_NAME>_INDEXING_PROPERTIES

Comma separated list of properties to pass on to the indexing system.

Example: default.directory_provider=ram

<CACHE_NAME>_CACHE_SECURITY_AUTHORIZATION_ENABLED

Enables authorization checks for this cache. Defaults to false.

Example: true

<CACHE_NAME>_CACHE_SECURITY_AUTHORIZATION_ROLES

Sets the valid roles required to access this cache.

Example: admin, reader, writer

<CACHE_NAME>_CACHE_PARTITION_HANDLING_ENABLED

If enabled, then the cache will enter degraded mode when it loses too many nodes. Defaults to true.

Example: false

5.5. Datasource Environment Variables

Datasource properties may be configured with the following environment variables:

Table 5.4. Datasource Environment Variables
Variable NameDescriptionExample Value

<NAME>_<DATABASE_TYPE>_SERVICE_HOST

Defines the database server’s hostname or IP to be used in the datasource’s connection_url property.

Example: 192.168.1.3

<NAME>_<DATABASE_TYPE>_SERVICE_PORT

Defines the database server’s port for the datasource.

Example: 5432

<PREFIX>_BACKGROUND_VALIDATION

When set to true database connections are validated periodically in a background thread prior to use. Defaults to false (<validate-on-match> method is enabled by default instead).

Example: true

<PREFIX>_BACKGROUND_VALIDATION_MILLIS

Specifies frequency of the validation (in miliseconds), when the <background-validation> database connection validation mechanism is enabled (<PREFIX>_BACKGROUND_VALIDATION variable is set to true). Defaults to 10000.

Example: 20000

<PREFIX>_CONNECTION_CHECKER

Specifies a connection checker class that is used to validate connections for the particular database in use.

Example: org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker

<PREFIX>_DATABASE

Defines the database name for the datasource.

Example: myDatabase

<PREFIX>_DRIVER

Defines Java database driver for the datasource.

Example: postgresql

<PREFIX>_EXCEPTION_SORTER

Specifies the exception sorter class that is used to properly detect and clean up after fatal database connection exceptions.

Example: org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter

<PREFIX>_JNDI

Defines the JNDI name for the datasource. Defaults to java:jboss/datasources/<name>_<database_type>, where name and database_type are taken from the triplet definition. This setting is useful if you want to override the default generated JNDI name.

Example: java:jboss/datasources/test-postgresql

<PREFIX>_JTA

Defines Java Transaction API (JTA) option for the non-XA datasource (XA datasource are already JTA capable by default). Defaults to true.

Example: false

<PREFIX>_MAX_POOL_SIZE

Defines the maximum pool size option for the datasource.

Example: 20

<PREFIX>_MIN_POOL_SIZE

Defines the minimum pool size option for the datasource.

Example: 1

<PREFIX>_NONXA

Defines the datasource as a non-XA datasource. Defaults to false.

Example: true

<PREFIX>_PASSWORD

Defines the password for the datasource.

Example: password

<PREFIX>_TX_ISOLATION

Defines the java.sql.Connection transaction isolation level for the database.

Example: TRANSACTION_READ_UNCOMMITTED

<PREFIX>_URL

Defines connection URL for the datasource.

Example: jdbc:postgresql://localhost:5432/postgresdb

<PREFIX>_USERNAME

Defines the username for the datasource.

Example: admin

5.6. Security Environment Variables

The following environment variables may be defined to customize the environment’s security domain:

Table 5.5. Security Environment Variables
Variable NameDescriptionExample Value

SECDOMAIN_NAME

Define in order to enable the definition of an additional security domain.

Example: myDomain

SECDOMAIN_PASSWORD_STACKING

If defined, the password-stacking module option is enabled and set to the value useFirstPass.

Example: true

SECDOMAIN_LOGIN_MODULE

The login module to be used. Defaults to UsersRoles.

Example: UsersRoles

SECDOMAIN_USERS_PROPERTIES

The name of the properties file containing user definitions. Defaults to users.properties.

Example: users.properties

SECDOMAIN_ROLES_PROPERTIES

The name of the properties file containing role definitions. Defaults to roles.properties.

Example: roles.properties

5.7. Exposed Ports

The following ports are exposed by default in the JDG for OpenShift Image:

ValueDescription

8443

Secure Web

8778

-

11211

memcached

11222

internal hotrod

11333

external hotrod

Important

The external hotrod connector is only available if the HOTROD_SERVICE_NAME environment variables has been defined.

5.8. Troubleshooting

In addition to viewing the OpenShift logs, you can troubleshoot a running JDG for OpenShift Image container by viewing its logs. These are outputted to the container’s standard out, and are accessible with the following command:

$ oc logs -f <pod_name> <container_name>
Note

By default, the OpenShift JDG for OpenShift Image does not have a file log handler configured. Logs are only sent to the container’s standard out.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.