Installing and configuring Red Hat Decision Manager on Red Hat JBoss EAP 7.3
Abstract
Preface
This document describes how to install Red Hat Decision Manager on a Red Hat JBoss Enterprise Application Platform 7.3 instance.
Prerequisites
- You have reviewed the information in Planning a Red Hat Decision Manager installation.
- You have installed the latest patch release of Red Hat JBoss Enterprise Application Platform 7.3. For information about installing Red Hat JBoss EAP, see the Red Hat JBoss Enterprise Application Platform installaton guide.
Chapter 1. About Red Hat Decision Manager
Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business.
Business assets such as rules, decision tables, and DMN models are organized in projects and stored in the Business Central repository. This ensures consistency, transparency, and the ability to audit across the business. Business users can modify business logic without requiring assistance from IT personnel.
Red Hat JBoss Enterprise Application Platform (Red Hat JBoss EAP) 7.3 is a certified implementation of the Java Enterprise Edition 8 (Java EE 8) full and web profile specifications. Red Hat JBoss EAP provides preconfigured options for features such as high availability, clustering, messaging, and distributed caching. It also enables users to write, deploy, and run applications using the various APIs and services that Red Hat JBoss EAP provides.
The instructions in this document explain how to install Red Hat Decision Manager in a Red Hat JBoss EAP 7.3 server instance.
For instructions on how to install Red Hat Decision Manager in other environments, see the following documents:
- Installing and configuring KIE Server on IBM WebSphere Application Server
- Installing and configuring KIE Server on Oracle WebLogic Server
- Deploying a Red Hat Decision Manager immutable server environment on Red Hat OpenShift Container Platform
- Deploying a Red Hat Decision Manager authoring or managed server environment on Red Hat OpenShift Container Platform
- Deploying a Red Hat Decision Manager environment on Red Hat OpenShift Container Platform using Operators
For information about supported components, see the following documents:
Chapter 2. Red Hat Decision Manager roles and users
To access Business Central or KIE Server, you must create users and assign them appropriate roles before the servers are started.
The Business Central and KIE Server use Java Authentication and Authorization Service (JAAS) login module to authenticate the users. If both Business Central and KIE Server are running on a single instance, then they share the same JAAS subject and security domain. Therefore, a user, who is authenticated for Business Central can also access KIE Server.
However, if Business Central and KIE Server are running on different instances, then the JAAS login module is triggered for both individually. Therefore, a user, who is authenticated for Business Central, needs to be authenticated separately to access the KIE Server (for example, to view or manage process definitions in Business Central). In case, the user is not authenticated on the KIE Server, then 401 error is logged in the log file, displaying Invalid credentials to load data from remote server. Contact your system administrator.
message in Business Central.
This section describes available Red Hat Decision Manager user roles.
The admin
, analyst
, and rest-all
roles are reserved for Business Central. The kie-server
role is reserved for KIE Server. For this reason, the available roles can differ depending on whether Business Central, KIE Server, or both are installed.
-
admin
: Users with theadmin
role are the Business Central administrators. They can manage users and create, clone, and manage the repositories. They have full access to make required changes in the application. Users with theadmin
role have access to all areas within Red Hat Decision Manager. -
analyst
: Users with theanalyst
role have access to all high-level features. They can model projects. However, these users cannot add contributors to spaces or delete spaces in the Design → Projects view. Access to the Deploy → Execution Servers view, which is intended for administrators, is not available to users with theanalyst
role. However, the Deploy button is available to these users when they access the Library perspective. -
rest-all
: Users with therest-all
role can access Business Central REST capabilities. -
kie-server
: Users with thekie-server
role can access KIE Server (KIE Server) REST capabilities.
Chapter 3. Downloading the Red Hat Decision Manager installation files
Depending on your environment and installation requirements, download a Red Hat Decision Manager distribution.
Procedure
Navigate to the Software Downloads page in the Red Hat Customer Portal (login required), and select the product and version from the drop-down options:
- Product: Decision Manager
- Version: 7.8
Download one of the following product distributions, depending on your preferred installation method:
NoteYou only need to download one of these distributions.
-
If you want to use the installer to install Red Hat Decision Manager on Red Hat JBoss EAP 7.3 download Red Hat Decision Manager 7.8.0 Installer (
rhdm-installer-7.8.0.jar
). The installer graphical user interface guides you through the installation process. If you want to install Red Hat Decision Manager on Red Hat JBoss EAP 7.3 using the deployable ZIP files, download the following files:
-
Red Hat Decision Manager 7.8.0 KIE Server for All Supported EE8 Containers (
rhdm-7.8.0-kie-server-ee8.zip
) -
Red Hat Decision Manager 7.8.0 KIE Server Deployable for EAP 7 (
rhdm-7.8.0-decision-central-eap7-deployable.zip
)
-
Red Hat Decision Manager 7.8.0 KIE Server for All Supported EE8 Containers (
-
To run Business Central without needing to deploy it to an application server, download Red Hat Decision Manager 7.8.0 Business Central Standalone (
rhdm-7.8.0-decision-central-standalone.jar
).
-
If you want to use the installer to install Red Hat Decision Manager on Red Hat JBoss EAP 7.3 download Red Hat Decision Manager 7.8.0 Installer (
Chapter 4. Using the Red Hat Decision Manager installer
This section describes how to install KIE Server and the headless Decision Manager controller using the installer JAR file. The JAR file is an executable file that installs Red Hat Decision Manager in an existing Red Hat JBoss EAP 7.3 server installation. You can run the installer in interactive or command line interface (CLI) mode.
The Red Hat Decision Manager JAR file installer does not support the Red Hat JBoss EAP distribution installed by yum or RPM Package Manager. If you want to install Red Hat Decision Manager in this type of Red Hat JBoss EAP installation, download the Red Hat Decision Manager 7.8 Deployable for Red Hat JBoss EAP 7.3 file and follow the steps in Chapter 5, Installing Red Hat Decision Manager from ZIP files.
Because IBM JDK cannot use keystores generated on other JDKs, you cannot install Red Hat Decision Manager into an existing Red Hat JBoss EAP installation running on IBM JDK with a keystore generated on another JDK.
Next steps:
Follow the instructions in one of the following sections:
4.1. Using the installer in interactive mode
The installer for Red Hat Decision Manager is an executable JAR file. You can use it to install Red Hat Decision Manager in an existing Red Hat JBoss EAP 7.3 server installation.
For security reasons, you should run the installer as a non-root user.
Prerequisites
- A supported JDK is installed. For a list of supported JDKs, see Red Hat Process Automation Manager 7 Supported Configurations.
- A backed-up Red Hat JBoss EAP 7.3 server installation is available.
- Sufficient user permissions to complete the installation are granted.
The JAR binary is included in
$PATH
environment variable. On Red Hat Enterprise Linux, it is included in thejava-$JAVA_VERSION-openjdk-devel
package.NoteRed Hat Decision Manager is designed to work with UTF-8 encoding. If a different encoding system is used by the underlying JVM, unexpected errors might occur. To ensure UTF-8 is used by the JVM, use the
"-Dfile.encoding=UTF-8"
system property.
Procedure
In a terminal window, navigate to the directory where you downloaded the installer JAR file and enter the following command:
java -jar rhdm-installer-7.8.0.jar
NoteWhen running the installer on Windows, you may be prompted to provide administrator credentials during the installation. To prevent this requirement, add the
izpack.mode=privileged
option to the installation command:java -Dizpack.mode=privileged -jar rhdm-installer-7.8.0.jar
Furthermore, when running the installer on a 32-bit Java virtual machine, you might encounter memory limitations. To prevent this issue, run this command:
java -XX:MaxHeapSize=4g -jar rhdm-installer-7.8.0.jar
The graphical installer displays a splash screen and a license agreement page.
- Click I accept the terms of this license agreement and click Next.
- Specify the Red Hat JBoss EAP 7.3 server home where you want to install Red Hat Decision Manager and click Next.
Select the components that you want to install and click Next.
NoteYou can install Business Central and KIE Server on the same server. However, you should install Business Central and KIE Server on different servers in production environments. To do this, run the installer twice.
Create a user and click Next. By default, if you install both Business Central and KIE Server in the same container the new user is given the
admin
,kie-server
, andrest-all
roles. If you install only KIE Server, the user is given thekie-server
role. To select another role, deselectadmin
. For more information, see Chapter 2, Red Hat Decision Manager roles and users.NoteMake sure that the specified user name is not the same as an existing user, role, or group. For example, do not create a user with the user name
admin
.The password must have at least eight characters and must contain at least one number and one non-alphanumeric character, but not & (ampersand).
Make a note of the user name and password. You will need them to access Business Central and KIE Server.
- On the Installation Overview page, click Next to start the installation. The Installation Overview page lists the components that you will install.
- When the installation has completed, click Next.
- When Processing finished appears at the top of the screen, click Next to complete the installation.
Optionally, click Generate Installation Script and Properties File to save the installation data in XML files, and then click Done.
The installer generates two files. The
auto.xml
file automates future installations and theauto.xml.variables
file stores user passwords and other sensitive variables. Use theauto.xml
file on multiple systems to easily repeat a Red Hat Decision Manager installation on the same type of server with the same configuration as the original installation. If necessary, update theinstallpath
parameter in theauto.xml
file. Enter the following command to perform an installation with the XML file:java -jar rhdm-installer-7.8.0.jar <path-to-auto.xml-file>
You have successfully installed Red Hat Decision Manager using the installer.
4.2. Using the installer in CLI mode
You can run the Red Hat Decision Manager installer through the command-line interface (CLI).
For security reasons, you should run the installer as a non-root user.
Prerequisites
- A supported JDK is installed. For a list of supported JDKs, see Red Hat Process Automation Manager 7 Supported Configurations.
- A backed-up Red Hat JBoss EAP 7.3 server installation is available.
- Sufficient user permissions to complete the installation are granted.
The JAR binary is included in the
$PATH
environment variable. On Red Hat Enterprise Linux, it is included in thejava-$JAVA_VERSION-openjdk-devel
package.NoteRed Hat Decision Manager is designed to work with UTF-8 encoding. If a different encoding system is used by the underlying JVM, unexpected errors might occur. To ensure UTF-8 is used by the JVM, use the
"-Dfile.encoding=UTF-8"
system property.
Procedure
In a terminal window, navigate to the directory where you downloaded the installer file and enter the following command:
java -jar rhdm-installer-7.8.0.jar -console
The command-line interactive process will start and display the End-User License Agreement.
press 1 to continue, 2 to quit, 3 to redisplay.
Read the license agreement, enter
1
, and press Enter to continue:Specify the home directory of one of the following servers: Red Hat JBoss EAP 7.3 or Red Hat JBoss Web Server 5.3.1
Enter the parent directory of an existing Red Hat JBoss EAP 7.3 installation.
The installer will verify the location of the installation at the location provided. Enter
1
to confirm and continue.NoteYou can install Business Central and KIE Server on the same server. However, you should install Business Central and KIE Server on different servers in production environments.
Follow the instructions in the installer to complete the installation.
NoteWhen you create the user name and password, make sure that the specified user name does not conflict with any known title of a role or a group. For example, if there is a role called
admin
, you should not create a user with the user nameadmin
.The password must have at least eight characters and must contain at least one number and one non-alphanumeric character (not including the character
&
).Make a note of the user name and password. You will need them to access Business Central and KIE Server.
When the installation has completed, you will see this message:
Would you like to generate an automatic installation script and properties file?
-
Enter
y
to create XML files that contain the installation data, orn
to complete the installation. If you entery
, you are prompted to specify a path for the XML files. Enter a path or press the Enter key to accept the suggested path.
The installer generates two files. The
auto.xml
file automates future installations and theauto.xml.variables
file stores user passwords and other sensitive variables. Use theauto.xml
file on multiple systems to easily repeat a Red Hat Decision Manager installation on the same type of server with the same configuration as the original installation. If necessary, update theinstallpath
parameter in theauto.xml
file. Enter the following command to perform an installation with the XML file:java -jar rhdm-installer-7.8.0.jar <path-to-auto.xml-file>
- If you installed only Business Central, repeat these steps to install KIE Server on a separate server.
Chapter 5. Installing Red Hat Decision Manager from ZIP files
The Red Hat Decision Manager ZIP files (one for Business Central and one for KIE Server) do not require a graphical user interface.
You should install Business Central and the KIE Server on different servers in production environments.
For information about installing the headless Decision Manager controller, see Chapter 10, Installing and running the headless Decision Manager controller.
5.1. Installing Business Central from the ZIP file
Business Central is a web console that enables you to create, manage, and edit your rules and related assets in a unified web-based environment.
Prerequisites
-
A backed-up Red Hat JBoss EAP installation version 7.3 is available. The base directory of the Red Hat JBoss EAP installation is referred to as
EAP_HOME
. - Sufficient user permissions to complete the installation are granted.
The following file is downloaded as described in Chapter 3, Downloading the Red Hat Decision Manager installation files:
rhdm-7.8.0-decision-central-eap7-deployable.zip
Procedure
-
Extract the
rhdm-7.8.0-decision-central-eap7-deployable.zip
file to a temporary directory. In the following examples this directory is calledTEMP_DIR
. Copy the contents of the
TEMP_DIR/rhdm-7.8.0-decision-central-eap7-deployable/jboss-eap-7.3
directory toEAP_HOME
. When prompted, merge or replace files.WarningEnsure the names of the Red Hat Decision Manager deployments you copy do not conflict with your existing deployments in the Red Hat JBoss EAP instance.
5.2. Installing KIE Server from the ZIP file
KIE Server provides the runtime environment for business assets and accesses the data stored in the assets repository (knowledge store).
Prerequisites
-
A backed-up Red Hat JBoss EAP installation version 7.3 is available. The base directory of the Red Hat JBoss EAP installation is referred to as
EAP_HOME
. - Sufficient user permissions to complete the installation are granted.
The following file is downloaded as described in Chapter 3, Downloading the Red Hat Decision Manager installation files:
rhdm-7.8.0-kie-server-ee8.zip
Procedure
-
Extract the
rhdm-7.8.0-kie-server-ee8.zip
archive to a temporary directory. In the following examples this directory is calledTEMP_DIR
. Copy the
TEMP_DIR/rhdm-7.8.0-kie-server-ee8/kie-server.war
directory toEAP_HOME/standalone/deployments/
.WarningEnsure the names of the Red Hat Decision Manager deployments you copy do not conflict with your existing deployments in the Red Hat JBoss EAP instance.
-
Copy the contents of the
TEMP_DIR/rhdm-7.8.0-kie-server-ee8/rhdm-7.8.0-kie-server-ee8/SecurityPolicy/
toEAP_HOME/bin
. When asked to overwrite files, click Replace. -
In the
EAP_HOME/standalone/deployments/
directory, create an empty file namedkie-server.war.dodeploy
. This file ensures that KIE Server is automatically deployed when the server starts.
5.3. Configuring JDBC data sources for KIE Server
A data source is an object that enables a Java Database Connectivity (JDBC) client, such as an application server, to establish a connection with a database. Applications look up the data source on the Java Naming and Directory Interface (JNDI) tree or in the local application context and request a database connection to retrieve data. You must configure data sources for KIE Server to ensure proper data exchange between the servers and the designated database.
For production environments, specify an actual data source. Do not use the example data source in production environments.
Prerequisites
- The JDBC providers that you want to use to create database connections are configured on all servers on which you want to deploy KIE Server, as described in the "Creating Datasources" and "JDBC Drivers" sections of the Red Hat JBoss Enterprise Application Server Configuration Guide.
- The Red Hat Decision Manager 7.8.0 Add Ons (rhdm-7.8.0-add-ons.zip) file is downloaded from the Software Downloads page in the Red Hat Customer Portal.
Procedure
Complete the following steps to prepare your database:
-
Extract
rhdm-7.8.0-add-ons.zip
in a temporary directory, for exampleTEMP_DIR
. -
Extract
TEMP_DIR/rhdm-7.8.0-migration-tool.zip
. -
Change your current directory to the
TEMP_DIR/rhdm-7.8.0-migration-tool/ddl-scripts
directory. This directory contains DDL scripts for several database types. Import the DDL script for your database type into the database that you want to use, for example:
psql jbpm < /ddl-scripts/postgresql/postgresql-jbpm-schema.sql
NoteIf you are using PostgreSQL or Oracle in conjunction with Spring Boot, you must import the respective Spring Boot DDL script, for example
/ddl-scripts/oracle/oracle-springboot-jbpm-schema.sql
or/ddl-scripts/postgresql/postgresql-springboot-jbpm-schema.sql
.
-
Extract
-
Open
EAP_HOME/standalone/configuration/standalone-full.xml
in a text editor and locate the<system-properties>
tag. Add the following properties to the
<system-properties>
tag where<DATASOURCE>
is the JNDI name of your data source and<HIBERNATE_DIALECT>
is the hibernate dialect for your database.NoteThe default value of the
org.kie.server.persistence.ds
property isjava:jboss/datasources/ExampleDS
. The default value of theorg.kie.server.persistence.dialect
property isorg.hibernate.dialect.H2Dialect
.<property name="org.kie.server.persistence.ds" value="<DATASOURCE>"/> <property name="org.kie.server.persistence.dialect" value="<HIBERNATE_DIALECT>"/>
The following example shows how to configure a datasource for the PostgreSQL hibernate dialect:
<system-properties> <property name="org.kie.server.repo" value="${jboss.server.data.dir}"/> <property name="org.kie.example" value="true"/> <property name="org.jbpm.designer.perspective" value="full"/> <property name="designerdataobjects" value="false"/> <property name="org.kie.server.user" value="rhdmUser"/> <property name="org.kie.server.pwd" value="rhdm123!"/> <property name="org.kie.server.location" value="http://localhost:8080/kie-server/services/rest/server"/> <property name="org.kie.server.controller" value="http://localhost:8080/decision-central/rest/controller"/> <property name="org.kie.server.controller.user" value="kieserver"/> <property name="org.kie.server.controller.pwd" value="kieserver1!"/> <property name="org.kie.server.id" value="local-server-123"/> <!-- Data source properties. --> <property name="org.kie.server.persistence.ds" value="java:jboss/datasources/KieServerDS"/> <property name="org.kie.server.persistence.dialect" value="org.hibernate.dialect.PostgreSQLDialect"/> </system-properties>
The following dialects are supported:
-
DB2:
org.hibernate.dialect.DB2Dialect
-
MSSQL:
org.hibernate.dialect.SQLServer2012Dialect
-
MySQL:
org.hibernate.dialect.MySQL5InnoDBDialect
-
MariaDB:
org.hibernate.dialect.MySQL5InnoDBDialect
-
Oracle:
org.hibernate.dialect.Oracle10gDialect
-
PostgreSQL:
org.hibernate.dialect.PostgreSQL82Dialect
-
PostgreSQL plus:
org.hibernate.dialect.PostgresPlusDialect
-
Sybase:
org.hibernate.dialect.SybaseASE157Dialect
5.4. Creating users
Before you can log in to Business Central or KIE Server, you must create users. This section shows you how to create a Business Central user with the admin
, rest-all
, and kie-server
roles and a KIE Server user that has the kie-server
role. For information about roles, see Chapter 2, Red Hat Decision Manager roles and users.
Prerequisites
-
Red Hat Decision Manager is installed in the base directory of the Red Hat JBoss EAP installation (
EAP_HOME
).
Procedure
-
In a terminal application, navigate to the
EAP_HOME/bin
directory. Create a user with the
admin
,rest-all
, andkie-server
roles.NoteUsers with the
admin
role are Business Central administrators. Users withrest-all
role can access Business Central REST capabilities. Users with thekie-server
role can access KIE Server (KIE Server) REST capabilities.In the following command, replace
<username>
and<password>
with the user name and password of your choice.$ ./add-user.sh -a --user <USERNAME> --password <PASSWORD> --role admin,rest-all,kie-server
NoteMake sure that the specified user name is not the same as an existing user, role, or group. For example, do not create a user with the user name
admin
.The password must have at least eight characters and must contain at least one number and one non-alphanumeric character, but not & (ampersand).
Create a user with the
kie-server
role that you will use to log in to KIE Server.$ ./add-user.sh -a --user <USERNAME> --password <PASSWORD> --role kie-server
Make a note of your user names and passwords.
NoteIf you installed Business Central and KIE Server in the same server instance, you can create a single user that has both of these roles:
$ ./add-user.sh -a --user <USERNAME> --password <PASSWORD> --role admin,rest-all,kie-server
You should install Business Central and KIE Server on different servers in production environments.
5.5. Configuring KIE Server with the integrated Decision Manager controller
Only make the changes described in this section if KIE Server will be managed by Business Central and you installed Red Hat Decision Manager from the ZIP files. If you did not install Business Central, you can use the headless Decision Manager controller to manage KIE Server, as described in Chapter 10, Installing and running the headless Decision Manager controller.
KIE Server can be managed or it can be unmanaged. If KIE Server is unmanaged, you must manually create and maintain KIE containers (deployment units). If KIE Server is managed, the Decision Manager controller manages the KIE Server configuration and you interact with the Decision Manager controller to create and maintain KIE containers.
The Decision Manager controller is integrated with Business Central. If you install Business Central, you can use the Execution Server page in Business Central to interact with the Decision Manager controller.
If you installed Red Hat Decision Manager from the ZIP files, you must edit the standalone-full.xml
file in both the KIE Server and Business Central installations to configure KIE Server with the integrated Decision Manager controller.
Prerequisites
Business Central and KIE Server are installed in the base directory of the Red Hat JBoss EAP installation (
EAP_HOME
) as described in the following sections:- Section 5.1, “Installing Business Central from the ZIP file”
Section 5.2, “Installing KIE Server from the ZIP file”
NoteYou should install Business Central and KIE Server on different servers in production environments. However, if you install KIE Server and Business Central on the same server, for example in a development environment, make the changes described in this section in the shared
standalone-full.xml
file.
On Business Central server nodes, a user with the
rest-all
role exists.For more information, see Section 5.4, “Creating users”.
Procedure
In the Business Central
EAP_HOME/standalone/configuration/standalone-full.xml
file, uncomment the following properties in the<system-properties>
section and replace<USERNAME>
and<USER_PWD>
with the credentials of a user with thekie-server
role:<property name="org.kie.server.user" value="<USERNAME>"/> <property name="org.kie.server.pwd" value="<USER_PWD>"/>
In the KIE Server
EAP_HOME/standalone/configuration/standalone-full.xml
file, uncomment the following properties in the<system-properties>
section.<property name="org.kie.server.controller.user" value="<CONTROLLER_USER>"/> <property name="org.kie.server.controller.pwd" value="<CONTROLLER_PWD>"/> <property name="org.kie.server.id" value="<KIE_SERVER_ID>"/> <property name="org.kie.server.location" value="http://<HOST>:<PORT>/kie-server/services/rest/server"/> <property name="org.kie.server.controller" value="<CONTROLLER_URL>"/>
Replace the following values:
-
Replace
<CONTROLLER_USER>
and<CONTROLLER_PWD>
with the credentials of a user with therest-all
role. -
Replace
<KIE_SERVER_ID>
with the ID or name of the KIE Server installation, for example,rhdm-7.8.0-kie-server-1
. -
Replace
<HOST>
with the ID or name of the KIE Server host, for example,localhost
or192.7.8.9
. Replace
<PORT>
with the port of the KIE Server host, for example,8080
.NoteThe
org.kie.server.location
property specifies the location of KIE Server.Replace
<CONTROLLER_URL>
with the URL of Business Central. KIE Server connects to this URL during startup.If you installed Business Central using the installer or Red Hat JBoss EAP zip installations,
<CONTROLLER_URL>
has this format:http://<HOST>:<PORT>/decision-central/rest/controller
If you are running Business Central using the
standalone.jar
file,<CONTROLLER_URL>
has this format:http://<HOST>:<PORT>/rest/controller
-
Replace
Chapter 6. Securing passwords with a keystore
You can use a keystore to encrypt passwords that are used for communication between Business Central and KIE Server. You should encrypt both controller and KIE Server passwords. If Business Central and KIE Server are deployed to different application servers, then both application servers should use the keystore.
Use Java Cryptography Extension KeyStore (JCEKS) for your keystore because it supports symmetric keys. Use KeyTool, which is part of the JDK installation, to create a new JCEKS.
If KIE Server is not configured with JCEKS, KIE Server passwords are stored in system properties in plain text form.
Prerequisites
- KIE Server is installed in Red Hat JBoss EAP.
- Java 8 or higher is installed.
Procedure
In the Red Hat JBoss EAP home directory, enter the following command to create a KIE Server user with the
kie-server
role and specify a password. In the following example, replace<USER_NAME>
and<PASSWORD>
with the user name and password of your choice.$<EAP_HOME>/bin/add-user.sh -a -e -u <USER_NAME> -p <PASSWORD> -g kie-server
To use KeyTool to create a JCEKS, enter the following command in the Java 8 home directory:
$<JAVA_HOME>/bin/keytool -importpassword -keystore <KEYSTORE_PATH> -keypass <ALIAS_KEY_PASSWORD> -alias <PASSWORD_ALIAS> -storepass <KEYSTORE_PASSWORD> -storetype JCEKS
In this example, replace the following variables:
-
<KEYSTORE_PATH>
: The path where the keystore will be stored -
<KEYSTORE_PASSWORD>
: The keystore password -
<ALIAS_KEY_PASSWORD>
: The password used to access values stored with the alias -
<PASSWORD_ALIAS>
: The alias of the entry to the process
-
- When prompted, enter the password for the KIE Server user that you created.
Set the following system properties in the
EAP_HOME/standalone/configuration/standalone-full.xml
file and replace the placeholders as listed in the following table:<system-properties> <property name="kie.keystore.keyStoreURL" value="<KEYSTORE_URL>"/> <property name="kie.keystore.keyStorePwd" value="<KEYSTORE_PWD>"/> <property name="kie.keystore.key.server.alias" value="<KEY_SERVER_ALIAS>"/> <property name="kie.keystore.key.server.pwd" value="<KEY_SERVER_PWD>"/> <property name="kie.keystore.key.ctrl.alias" value="<KEY_CONTROL_ALIAS>"/> <property name="kie.keystore.key.ctrl.pwd" value="<KEY_CONTROL_PWD>"/> </system-properties>
Table 6.1. System properties used to load a KIE Server JCEKS System property Placeholder Description kie.keystore.keyStoreURL
<KEYSTORE_URL>
URL for the JCEKS that you want to use, for example
file:///home/kie/keystores/keystore.jceks
kie.keystore.keyStorePwd
<KEYSTORE_PWD>
Password for the JCEKS
kie.keystore.key.server.alias
<KEY_SERVER_ALIAS>
Alias of the key for REST services where the password is stored
kie.keystore.key.server.pwd
<KEY_SERVER_PWD>
Password of the alias for REST services with the stored password
kie.keystore.key.ctrl.alias
<KEY_CONTROL_ALIAS>
Alias of the key for default REST Process Automation Controller where the password is stored
kie.keystore.key.ctrl.key.ctrl.pwd
<KEY_CONTROL_PWD>
Password of the alias for default REST Process Automation Controller with the stored password
- Start KIE Server to verify the configuration.
Chapter 7. Configuring SSH to use RSA
SSH is used to clone Git repositories. By default, the DSA encryption algorithm is provided by Business Central. However, some SSH clients, for example SSH clients in the Fedora 23 environment, use the RSA algorithm instead of the DSA algorithm. Business Central contains a system property that you can use to switch from DSA to RSA if required.
SSH clients on supported configurations, for example Red Hat Enterprise Linux 7, are not affected by this issue. For a list of supported configurations, see Red Hat Decision Manager 7 Supported Configurations.
Procedure
Complete one of the following tasks to enable this system property:
Modify the
~/.ssh/config
file on client side as follows to force the SSH client to accept the deprecated DSA algorithm:Host <SERVER_IP> HostKeyAlgorithms +ssh-dss
Include the
-Dorg.uberfire.nio.git.ssh.algorithm=RSA
parameter when you start Business Central, for example:$ ./standalone.sh -c standalone-full.xml -Dorg.uberfire.nio.git.ssh.algorithm=RSA
Chapter 8. Verifying the Red Hat Decision Manager installation
After you have installed Red Hat Decision Manager, create an asset to verify that the installation is working.
Procedure
In a terminal window, navigate to the
EAP_HOME/bin
directory and enter the following command to start Red Hat Decision Manager:./standalone.sh -c standalone-full.xml
NoteIf you deployed Business Central without KIE Server, you can start Business Central with the
standalone.sh
script without specifying thestandalone-full.xml
file. In this case, ensure that you make any configuration changes to thestandalone.xml
file before starting Business Central.In a web browser, enter
localhost:8080/decision-central
.If Red Hat Decision Manager has been configured to run from a domain name, replace
localhost
with the domain name, for example:http://www.example.com:8080/decision-central
If Red Hat Decision Manager has been configured to run in a cluster, replace
localhost
with the IP address of a particular node, for example:http://<node_IP_address>:8080/decision-central
-
Enter the
admin
user credentials that you created during installation. The Business Central home page appears. - Select Menu → Deploy → Execution Servers.
- Confirm that default-kieserver is listed under Server Configurations.
- Select Menu → Design → Projects.
- Open the MySpace space.
- Click Try Samples → Mortgages → OK. The Assets window appears.
- Click Add Asset → Data Object.
-
Enter
MyDataObject
in the Data Object field and click OK. -
Click Spaces → MySpace → Mortgages and confirm that
MyDataObject
is in the list of assets. - Delete the Mortgages project.
Chapter 9. Running Red Hat Decision Manager
Use this procedure to run the Red Hat Decision Manager on Red Hat JBoss EAP in standalone mode.
Prerequisites
- Red Hat Decision Manager is installed and configured.
If you changed the default host (localhost
) or the default port (9990
), then before you run Red Hat Decision Manager, you must edit the business-central.war/WEB-INF/classes/datasource-management.properties
and business-central.war/WEB-INF/classes/security-management.properties
files as described in Solution 3519551.
Procedure
-
In a terminal application, navigate to
EAP_HOME/bin
. Run the standalone configuration:
On Linux or UNIX-based systems:
$ ./standalone.sh -c standalone-full.xml
On Windows:
standalone.bat -c standalone-full.xml
NoteIf you deployed Business Central without KIE Server, you can start Business Central with the
standalone.sh
script without specifying thestandalone-full.xml
file. In this case, ensure that you make any configuration changes to thestandalone.xml
file before starting Business Central.On Linux or UNIX-based systems:
$ /standalone.sh
On Windows:
standalone.bat
-
In a web browser, open the URL
localhost:8080/decision-central
. - Log in using the credentials of the user that you created for Business Central in Section 5.4, “Creating users”.
Chapter 10. Installing and running the headless Decision Manager controller
You can configure KIE Server to run in managed or unmanaged mode. If KIE Server is unmanaged, you must manually create and maintain KIE containers (deployment units). If KIE Server is managed, the Decision Manager controller manages the KIE Server configuration and you interact with the Decision Manager controller to create and maintain KIE containers.
Business Central has an embedded Decision Manager controller. If you install Business Central, use the Execution Server page to create and maintain KIE containers. If you want to automate KIE Server management without Business Central, you can use the headless Decision Manager controller.
10.1. Installing the headless Decision Manager controller
You can install the headless Decision Manager controller and use the REST API or the KIE Server Java Client API to interact with it.
Prerequisites
-
A backed-up Red Hat JBoss EAP installation version 7.3 is available. The base directory of the Red Hat JBoss EAP installation is referred to as
EAP_HOME
. - Sufficient user permissions to complete the installation are granted.
Procedure
Navigate to the Software Downloads page in the Red Hat Customer Portal (login required), and select the product and version from the drop-down options:
- Product: Decision Manager
- Version: 7.8
-
Download Red Hat Decision Manager 7.8.0 Add Ons (the
rhdm-7.8.0-add-ons.zip
file). -
Unzip the
rhdm-7.8.0-add-ons.zip
file. Therhdm-7.8.0-controller-ee7.zip
file is in the unzipped directory. -
Extract the
rhdm-7.8.0-controller-ee7
archive to a temporary directory. In the following examples this directory is calledTEMP_DIR
. Copy the
TEMP_DIR/rhdm-7.8.0-controller-ee7/controller.war
directory toEAP_HOME/standalone/deployments/
.WarningEnsure that the names of the headless Decision Manager controller deployments you copy do not conflict with your existing deployments in the Red Hat JBoss EAP instance.
-
Copy the contents of the
TEMP_DIR/rhdm-7.8.0-controller-ee7/SecurityPolicy/
directory toEAP_HOME/bin
. When asked to overwrite files, select Yes. -
In the
EAP_HOME/standalone/deployments/
directory, create an empty file namedcontroller.war.dodeploy
. This file ensures that the headless Decision Manager controller is automatically deployed when the server starts.
10.1.1. Creating a headless Decision Manager controller user
Before you can use the headless Decision Manager controller, you must create a user that has the kie-server
role.
Prerequisites
-
The headless Decision Manager controller is installed in the base directory of the Red Hat JBoss EAP installation (
EAP_HOME
).
Procedure
-
In a terminal application, navigate to the
EAP_HOME/bin
directory. Enter the following command and replace
<USER_NAME>
and<PASSWORD>
with the user name and password of your choice.$ ./add-user.sh -a --user <username> --password <password> --role kie-server
NoteMake sure that the specified user name is not the same as an existing user, role, or group. For example, do not create a user with the user name
admin
.The password must have at least eight characters and must contain at least one number and one non-alphanumeric character, but not & (ampersand).
- Make a note of your user name and password.
10.1.2. Configuring KIE Server and the headless Decision Manager controller
If KIE Server will be managed by the headless Decision Manager controller, you must edit the standalone-full.xml
file in KIE Server installation and the standalone.xml
file in the headless Decision Manager controller installation, as described in this section.
Prerequisites
-
KIE Server is installed in the base directory of the Red Hat JBoss EAP installation (
EAP_HOME
) as described in Chapter 5, Installing Red Hat Decision Manager from ZIP files section. The headless Decision Manager controller is installed in an
EAP_HOME
.NoteYou should install KIE Server and the headless Decision Manager controller on different servers in production environments. However, if you install KIE Server and the headless Decision Manager controller on the same server, for example in a development environment, make these changes in the shared
standalone-full.xml
file.-
On KIE Server nodes, a user with the
kie-server
role exists. On the server nodes, a user with the
kie-server
role exists.For more information, see Section 5.4, “Creating users”.
Procedure
In the
EAP_HOME/standalone/configuration/standalone-full.xml
file, add the following properties to the<system-properties>
section and replace<USERNAME>
and<USER_PWD>
with the credentials of a user with thekie-server
role:<property name="org.kie.server.user" value="<USERNAME>"/> <property name="org.kie.server.pwd" value="<USER_PWD>"/>
In the KIE Server
EAP_HOME/standalone/configuration/standalone-full.xml
file, add the following properties to the<system-properties>
section:<property name="org.kie.server.controller.user" value="<CONTROLLER_USER>"/> <property name="org.kie.server.controller.pwd" value="<CONTROLLER_PWD>"/> <property name="org.kie.server.id" value="<KIE_SERVER_ID>"/> <property name="org.kie.server.location" value="http://<HOST>:<PORT>/kie-server/services/rest/server"/> <property name="org.kie.server.controller" value="<CONTROLLER_URL>"/>
In this file, replace the following values:
-
Replace
<CONTROLLER_USER>
and<CONTROLLER_PWD>
with the credentials of a user with thekie-server
role. -
Replace
<KIE_SERVER_ID>
with the ID or name of the KIE Server installation, for example,rhdm-7.8.0-kie-server-1
. -
Replace
<HOST>
with the ID or name of the KIE Server host, for example,localhost
or192.7.8.9
. Replace
<PORT>
with the port of the KIE Server host, for example,8080
.NoteThe
org.kie.server.location
property specifies the location of KIE Server.-
Replace
<CONTROLLER_URL>
with the URL of the headless Decision Manager controller.
-
Replace
- KIE Server connects to this URL during startup.
10.2. Running the headless Decision Manager controller
After you have installed the headless Decision Manager controller on Red Hat JBoss EAP, use this procedure to run the headless Decision Manager controller.
Prerequisites
-
The headless Decision Manager controller is installed and configured in the base directory of the Red Hat JBoss EAP installation (
EAP_HOME
).
Procedure
-
In a terminal application, navigate to
EAP_HOME/bin
. If you installed the headless Decision Manager controller on the same Red Hat JBoss EAP instance as the Red Hat JBoss EAP instance where you installed the KIE Server, enter one of the following commands:
On Linux or UNIX-based systems:
$ ./standalone.sh -c standalone-full.xml
On Windows:
standalone.bat -c standalone-full.xml
If you installed the headless Decision Manager controller on a separate Red Hat JBoss EAP instance from the Red Hat JBoss EAP instance where you installed the KIE Server, you can start the headless Decision Manager controller with the
standalone.sh
script:NoteIn this case, ensure that you made all required configuration changes to the
standalone.xml
file.On Linux or UNIX-based systems:
$ ./standalone.sh
On Windows:
standalone.bat
To verify that the headless Decision Manager controller is working on Red Hat JBoss EAP, enter the following command where
<CONTROLLER>
and<CONTROLLER_PWD>
is the user name and password combination that you created in Section 10.1.1, “Creating a headless Decision Manager controller user”. The output of this command provides information about the KIE Server instance.curl -X GET "http://<HOST>:<PORT>/controller/rest/controller/management/servers" -H "accept: application/xml" -u '<CONTROLLER>:<CONTROLLER_PWD>'
Alternatively, you can use the KIE Server Java API Client to access the headless Decision Manager controller.
Chapter 11. Running standalone Business Central
You can use the Business Central standalone JAR file to run Business Central without needing to deploy it to an application server such as Red Hat JBoss EAP.
Red Hat supports this installation type only when it is installed on Red Hat Enterprise Linux.
Example configuration files are available in rhdm-7.8.0-standalone-sample-configuration.zip
of rhdm-7.8.0-addons.zip
.
Prerequisites
-
The Red Hat Decision Manager 7.8.0 Business Central Standalone (
rhdm-7.8.0-decision-central-standalone.jar
) file has been downloaded from the Software Downloads page for Red Hat Decision Manager 7.8, as described in Chapter 3, Downloading the Red Hat Decision Manager installation files.
Procedure
-
Download the
rhdm-7.8.0-addons.zip
file from the Software Downloads page for Red Hat Decision Manager 7.8. -
Unzip the downloaded
rhdm-7.8.0-addons.zip
to a temporary directory. -
Navigate to the
rhdm-7.8.0-addons
folder and unzip therhdm-7.8.0-standalone-sample-configuration.zip
. -
Navigate to the
rhdm-7.8.0-standalone-sample-configuration
folder and copy the contents to the directory containing yourrhdm-7.8.0-decision-central-standalone.jar
file. To run the standalone sample configuration, enter the following command:
java -jar rhdm-7.8.0-decision-central-standalone.jar -s sample-standalone-config.yml
See Section 11.1, “Business Central system properties” for more information.
11.1. Business Central system properties
The Business Central system properties listed in this section are passed to standalone*.xml
files. To install standalone Business Central, you can use the listed properties in the following command:
java -jar rhdm-7.8.0-decision-central-standalone.jar -s application-config.yaml -D<property>=<value> -D<property>=<value>
In this command, <property>
is a property from list and <value>
is a value that you assign to that property.
- Git directory
Use the following properties to set the location and name for the Business Central Git directory:
-
org.uberfire.nio.git.dir
: Location of the Business Central Git directory. -
org.uberfire.nio.git.dirname
: Name of the Business Central Git directory. Default value:.niogit
. -
org.uberfire.nio.git.ketch
: Enables or disables Git ketch. -
org.uberfire.nio.git.hooks
: Location of the Git hooks directory.
-
- Git over HTTP
Use the following properties to configure access to the Git repository over HTTP:
-
org.uberfire.nio.git.proxy.ssh.over.http
: Specifies whether SSH should use an HTTP proxy. Default value:false
. -
http.proxyHost
: Defines the host name of the HTTP proxy. Default value:null
. -
http.proxyPort
: Defines the host port (integer value) of the HTTP proxy. Default value:null
. -
http.proxyUser
: Defines the user name of the HTTP proxy. -
http.proxyPassword
: Defines the user password of the HTTP proxy. -
org.uberfire.nio.git.http.enabled
: Enables or disables the HTTP daemon. Default value:true
. -
org.uberfire.nio.git.http.host
: If the HTTP daemon is enabled, it uses this property as the host identifier. This is an informative property that is used to display how to access the Git repository over HTTP. The HTTP still relies on the servlet container. Default value:localhost
. -
org.uberfire.nio.git.http.hostname
: If the HTTP daemon is enabled, it uses this property as the host name identifier. This is an informative property that is used to display how to access the Git repository over HTTP. The HTTP still relies on the servlet container. Default value:localhost
. -
org.uberfire.nio.git.http.port
: If the HTTP daemon is enabled, it uses this property as the port number. This is an informative property that is used to display how to access the Git repository over HTTP. The HTTP still relies on the servlet container. Default value:8080
.
-
- Git over HTTPS
Use the following properties to configure access to the Git repository over HTTPS:
-
org.uberfire.nio.git.proxy.ssh.over.https
: Specifies whether SSH uses an HTTPS proxy. Default value:false
. -
https.proxyHost
: Defines the host name of the HTTPS proxy. Default value:null
. -
https.proxyPort
: Defines the host port (integer value) of the HTTPS proxy. Default value:null
. -
https.proxyUser
: Defines the user name of the HTTPS proxy. -
https.proxyPassword
: Defines the user password of the HTTPS proxy. -
user.dir
: Location of the user directory. -
org.uberfire.nio.git.https.enabled
: Enables or disables the HTTPS daemon. Default value:false
-
org.uberfire.nio.git.https.host
: If the HTTPS daemon is enabled, it uses this property as the host identifier. This is an informative property that is used to display how to access the Git repository over HTTPS. The HTTPS still relies on the servlet container. Default value:localhost
. -
org.uberfire.nio.git.https.hostname
: If the HTTPS daemon is enabled, it uses this property as the host name identifier. This is an informative property that is used to display how to access the Git repository over HTTPS. The HTTPS still relies on the servlet container. Default value:localhost
. -
org.uberfire.nio.git.https.port
: If the HTTPS daemon is enabled, it uses this property as the port number. This is an informative property that is used to display how to access the Git repository over HTTPS. The HTTPS still relies on the servlet container. Default value:8080
.
-
- JGit
-
org.uberfire.nio.jgit.cache.instances
: Defines the JGit cache size. -
org.uberfire.nio.jgit.cache.overflow.cleanup.size
: Defines the JGit cache overflow cleanup size. -
org.uberfire.nio.jgit.remove.eldest.iterations
: Enables or disables whether to remove eldest JGit iterations. -
org.uberfire.nio.jgit.cache.evict.threshold.duration
: Defines the JGit evict threshold duration. -
org.uberfire.nio.jgit.cache.evict.threshold.time.unit
: Defines the JGit evict threshold time unit.
-
- Git daemon
Use the following properties to enable and configure the Git daemon:
-
org.uberfire.nio.git.daemon.enabled
: Enables or disables the Git daemon. Default value:true
. -
org.uberfire.nio.git.daemon.host
: If the Git daemon is enabled, it uses this property as the local host identifier. Default value:localhost
. -
org.uberfire.nio.git.daemon.hostname
: If the Git daemon is enabled, it uses this property as the local host name identifier. Default value:localhost
-
org.uberfire.nio.git.daemon.port
: If the Git daemon is enabled, it uses this property as the port number. Default value:9418
. org.uberfire.nio.git.http.sslVerify
: Enables or disables SSL certificate checking for Git repositories. Default value:true
.NoteIf the default or assigned port is already in use, a new port is automatically selected. Ensure that the ports are available and check the log for more information.
-
- Git SSH
Use the following properties to enable and configure the Git SSH daemon:
-
org.uberfire.nio.git.ssh.enabled
: Enables or disables the SSH daemon. Default value:true
. -
org.uberfire.nio.git.ssh.host
: If the SSH daemon enabled, it uses this property as the local host identifier. Default value:localhost
. -
org.uberfire.nio.git.ssh.hostname
: If the SSH daemon is enabled, it uses this property as local host name identifier. Default value:localhost
. org.uberfire.nio.git.ssh.port
: If the SSH daemon is enabled, it uses this property as the port number. Default value:8001
.NoteIf the default or assigned port is already in use, a new port is automatically selected. Ensure that the ports are available and check the log for more information.
-
org.uberfire.nio.git.ssh.cert.dir
: Location of the.security
directory where local certificates are stored. Default value: Working directory. -
org.uberfire.nio.git.ssh.idle.timeout
: Sets the SSH idle timeout. -
org.uberfire.nio.git.ssh.passphrase
: Pass phrase used to access the public key store of your operating system when cloning git repositories with SCP style URLs. Example:git@github.com:user/repository.git
. -
org.uberfire.nio.git.ssh.algorithm
: Algorithm used by SSH. Default value:RSA
. -
org.uberfire.nio.git.gc.limit
: Sets the GC limit. -
org.uberfire.nio.git.ssh.ciphers
: A comma-separated string of ciphers. The available ciphers areaes128-ctr
,aes192-ctr
,aes256-ctr
,arcfour128
,arcfour256
,aes192-cbc
,aes256-cbc
. If the property is not used, all available ciphers are loaded. org.uberfire.nio.git.ssh.macs
: A comma-separated string of message authentication codes (MACs). The available MACs arehmac-md5
,hmac-md5-96
,hmac-sha1
,hmac-sha1-96
,hmac-sha2-256
,hmac-sha2-512
. If the property is not used, all available MACs are loaded.NoteIf you plan to use RSA or any algorithm other than DSA, make sure you set up your application server to use the Bouncy Castle JCE library.
-
- KIE Server nodes and Decision Manager controller
Use the following properties to configure the connections with the KIE Server nodes from the Decision Manager controller:
-
org.kie.server.controller
: The URL is used to connect to the Decision Manager controller. For example,ws://localhost:8080/decision-central/websocket/controller
. -
org.kie.server.user
: User name used to connect to the KIE Server nodes from the Decision Manager controller. This property is only required when using this Business Central installation as a Decision Manager controller. -
org.kie.server.pwd
: Password used to connect to the KIE Server nodes from the Decision Manager controller. This property is only required when using this Business Central installation as a Decision Manager controller.
-
- Maven and miscellaneous
Use the following properties to configure Maven and other miscellaneous functions:
kie.maven.offline.force
: Forces Maven to behave as if offline. If true, disables online dependency resolution. Default value:false
.NoteUse this property for Business Central only. If you share a runtime environment with any other component, isolate the configuration and apply it only to Business Central.
-
org.uberfire.gzip.enable
: Enables or disables Gzip compression on theGzipFilter
compression filter. Default value:true
. -
org.kie.workbench.profile
: Selects the Business Central profile. Possible values areFULL
orPLANNER_AND_RULES
. A prefixFULL_
sets the profile and hides the profile preferences from the administrator preferences. Default value:FULL
-
org.appformer.m2repo.url
: Business Central uses the default location of the Maven repository when looking for dependencies. It directs to the Maven repository inside Business Central, for example,http://localhost:8080/business-central/maven2
. Set this property before starting Business Central. Default value: File path to the innerm2
repository. -
appformer.ssh.keystore
: Defines the custom SSH keystore to be used with Business Central by specifying a class name. If the property is not available, the default SSH keystore is used. -
appformer.ssh.keys.storage.folder
: When using the default SSH keystore, this property defines the storage folder for the user’s SSH public keys. If the property is not available, the keys are stored in the Business Central.security
folder. -
appformer.experimental.features
: Enables the experimental features framework. Default value:false
. -
org.kie.demo
: Enables an external clone of a demo application from GitHub. -
org.uberfire.metadata.index.dir
: Place where the Lucene.index
directory is stored. Default value: Working directory. -
org.uberfire.ldap.regex.role_mapper
: Regex pattern used to map LDAP principal names to the application role name. Note that the variable role must be a part of the pattern as the application role name substitutes the variable role when matching a principle value and role name. -
org.uberfire.sys.repo.monitor.disabled
: Disables the configuration monitor. Do not disable unless you are sure. Default value:false
. -
org.uberfire.secure.key
: Password used by password encryption. Default value:org.uberfire.admin
. -
org.uberfire.secure.alg
: Crypto algorithm used by password encryption. Default value:PBEWithMD5AndDES
. -
org.uberfire.domain
: Security-domain name used by uberfire. Default value:ApplicationRealm
. -
org.guvnor.m2repo.dir
: Place where the Maven repository folder is stored. Default value:<working-directory>/repositories/kie
. -
org.guvnor.project.gav.check.disabled
: Disables group ID, artifact ID, and version (GAV) checks. Default value:false
. -
org.kie.build.disable-project-explorer
: Disables automatic build of a selected project in Project Explorer. Default value:false
. -
org.kie.verification.disable-dtable-realtime-verification
: Disables the real-time validation and verification of decision tables. Default value:false
.
- Decision Manager controller
Use the following properties to configure how to connect to the Decision Manager controller:
-
org.kie.workbench.controller
: The URL used to connect to the Decision Manager controller, for example,ws://localhost:8080/kie-server-controller/websocket/controller
. -
org.kie.workbench.controller.user
: The Decision Manager controller user. Default value:kieserver
. -
org.kie.workbench.controller.pwd
: The Decision Manager controller password. Default value:kieserver1!
. -
org.kie.workbench.controller.token
: The token string used to connect to the Decision Manager controller.
-
- Java Cryptography Extension KeyStore (JCEKS)
Use the following properties to configure JCEKS:
-
kie.keystore.keyStoreURL
: The URL used to load a Java Cryptography Extension KeyStore (JCEKS). For example,file:///home/kie/keystores/keystore.jceks.
-
kie.keystore.keyStorePwd
: The password used for the JCEKS. -
kie.keystore.key.ctrl.alias
: The alias of the key for the default REST Decision Manager controller. -
kie.keystore.key.ctrl.pwd
: The password of the alias for the default REST Decision Manager controller.
-
- Rendering
Use the following properties to switch between Business Central and KIE Server rendered forms:
-
org.jbpm.wb.forms.renderer.ext
: Switches the form rendering between Business Central and KIE Server. By default, the form rendering is performed by Business Central. Default value:false
. -
org.jbpm.wb.forms.renderer.name
: Enables you to switch between Business Central and KIE Server rendered forms. Default value:workbench
.
-
Chapter 12. Maven settings and repositories for Red Hat Decision Manager
When you create a Red Hat Decision Manager project, Business Central uses the Maven repositories that are configured for Business Central. You can use the Maven global or user settings to direct all Red Hat Decision Manager projects to retrieve dependencies from the public Red Hat Decision Manager repository by modifying the Maven project object model (POM) file (pom.xml
). You can also configure Business Central and KIE Server to use an external Maven repository or prepare a Maven mirror for offline use.
For more information about Red Hat Decision Manager packaging and deployment options, see Packaging and deploying a Red Hat Decision Manager project.
12.1. Adding Maven dependencies for Red Hat Decision Manager
To use the correct Maven dependencies in your Red Hat Decision Manager project, add the Red Hat Business Automation bill of materials (BOM) files to the project’s pom.xml
file. The Red Hat Business Automation BOM applies to both Red Hat Decision Manager and Red Hat Process Automation Manager. When you add the BOM files, the correct versions of transitive dependencies from the provided Maven repositories are included in the project.
For more information about the Red Hat Business Automation BOM, see What is the mapping between Red Hat Decision Manager and the Maven library version?.
Procedure
Declare the Red Hat Business Automation BOM in the
pom.xml
file:<dependencyManagement> <dependencies> <dependency> <groupId>com.redhat.ba</groupId> <artifactId>ba-platform-bom</artifactId> <version>7.8.0.redhat-00005</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <dependencies> <!-- Your dependencies --> </dependencies>
-
Declare dependencies required for your project in the
<dependencies>
tag. After you import the product BOM into your project, the versions of the user-facing product dependencies are defined so you do not need to specify the<version>
sub-element of these<dependency>
elements. However, you must use the<dependency>
element to declare dependencies which you want to use in your project. For standalone projects that are not authored in Business Central, specify all dependencies required for your projects. In projects that you author in Business Central, the basic decision engine dependencies are provided automatically by Business Central.
- For a basic Red Hat Decision Manager project, declare the following dependencies, depending on the features that you want to use:
For a basic Red Hat Decision Manager project, declare the following dependencies:
Embedded decision engine dependencies
<dependency> <groupId>org.drools</groupId> <artifactId>drools-compiler</artifactId> </dependency> <!-- Dependency for persistence support. --> <dependency> <groupId>org.drools</groupId> <artifactId>drools-persistence-jpa</artifactId> </dependency> <!-- Dependencies for decision tables, templates, and scorecards. For other assets, declare org.drools:business-central-models-* dependencies. --> <dependency> <groupId>org.drools</groupId> <artifactId>drools-decisiontables</artifactId> </dependency> <dependency> <groupId>org.drools</groupId> <artifactId>drools-templates</artifactId> </dependency> <dependency> <groupId>org.drools</groupId> <artifactId>drools-scorecards</artifactId> </dependency> <!-- Dependency for loading KJARs from a Maven repository using KieScanner. --> <dependency> <groupId>org.kie</groupId> <artifactId>kie-ci</artifactId> </dependency>
To use the KIE Server, declare the following dependencies:
Client application KIE Server dependencies
<dependency> <groupId>org.kie.server</groupId> <artifactId>kie-server-client</artifactId> </dependency>
To create a remote client for Red Hat Decision Manager, declare the following dependency:
Client dependency
<dependency> <groupId>org.uberfire</groupId> <artifactId>uberfire-rest-client</artifactId> </dependency>
When creating a JAR file that includes assets, such as rules and process definitions, specify the packaging type for your Maven project as
kjar
and useorg.kie:kie-maven-plugin
to process thekjar
packaging type located under the<project>
element. In the following example,${kie.version}
is the Maven library version listed in What is the mapping between Red Hat Decision Manager and the Maven library version?:<packaging>kjar</packaging> <build> <plugins> <plugin> <groupId>org.kie</groupId> <artifactId>kie-maven-plugin</artifactId> <version>${kie.version}</version> <extensions>true</extensions> </plugin> </plugins> </build>
12.2. Configuring an external Maven repository for Business Central and KIE Server
You can configure Business Central and KIE Server to use an external Maven repository, such as Nexus or Artifactory, instead of the built-in repository. This enables Business Central and KIE Server to access and download artifacts that are maintained in the external Maven repository.
"Artifacts in the repository do not receive automated security patches as Maven requires that artifacts be immutable. As a result, artifacts that are missing patches for known security flaws will remain in the repository to avoid breaking builds that depend on them. Patched artifacts have their version number incremented". For more information, see JBoss Enterprise Maven Repository.
For information about configuring an external Maven repository for an authoring environment on Red Hat OpenShift Container Platform, see the following documents:
Prerequisites
- Business Central and KIE Server are installed. For installation options, see Planning a Red Hat Decision Manager installation.
Procedure
-
Create a Maven
settings.xml
file with connection and access details for your external repository. For details about thesettings.xml
file, see the Maven Settings Reference. -
Save the file in a known location, for example,
/opt/custom-config/settings.xml
. -
In your Red Hat Decision Manager installation directory, navigate to the
standalone-full.xml
file. For example, if you use a Red Hat JBoss EAP installation for Red Hat Decision Manager, go to$EAP_HOME/standalone/configuration/standalone-full.xml
. Open
standalone-full.xml
and under the<system-properties>
tag, set thekie.maven.settings.custom
property to the full path name of thesettings.xml
file.For example:
<property name="kie.maven.settings.custom" value="/opt/custom-config/settings.xml"/>
- Start or restart Business Central and KIE Server.
Next steps
For each Business Central project that you want to export or push as a KJAR artifact to the external Maven repository, you must add the repository information in the project pom.xml
file. For instructions, see Packaging and deploying a Red Hat Decision Manager project.
12.3. Preparing a Maven mirror repository for offline use
If your Red Hat Decision Manager deployment does not have outgoing access to the public Internet, you must prepare a Maven repository with a mirror of all the necessary artifacts and make this repository available to your environment.
You do not need to complete this procedure if your Red Hat Decision Manager deployment is connected to the Internet.
Prerequisites
- A computer that has outgoing access to the public Internet is available.
Procedure
On the computer that has an outgoing connection to the public Internet, complete the following steps:
-
Click Red Hat Process Automation Manager 7.8.0 Offliner Content List to download the
rhdm-7.8.0-offliner.zip
product deliverable file from the Software Downloads page of the Red Hat Customer Portal. -
Extract the contents of the
rhdm-7.8.0-offliner.zip
file into any directory. Change to the directory and enter the following command:
./offline-repo-builder.sh offliner.txt
This command creates a
repository
subdirectory and downloads the necessary artifacts into this subdirectory.If a message reports that some downloads have failed, run the same command again. If downloads fail again, contact Red Hat support.
-
Click Red Hat Process Automation Manager 7.8.0 Offliner Content List to download the
If you developed services outside Business Central and they have additional dependencies, add the dependencies to the mirror repository. If you developed the services as Maven projects, you can use the following steps to prepare these dependencies automatically. Complete the steps on the computer that has an outgoing connection to the public Internet.
-
Create a backup of the local Maven cache directory (
~/.m2/repository
) and then clear the directory. -
Build the source of your projects using the
mvn clean install
command. For every project, enter the following command to ensure that Maven downloads all runtime dependencies for all the artifacts generated by the project:
mvn -e -DskipTests dependency:go-offline -f /path/to/project/pom.xml --batch-mode -Djava.net.preferIPv4Stack=true
Replace
/path/to/project/pom.xml
with the correct path to thepom.xml
file of the project.-
Copy the contents of the local Maven cache directory (
~/.m2/repository
) to therepository
subdirectory that was created.
-
Create a backup of the local Maven cache directory (
-
Copy the contents of the
repository
subdirectory to a directory on the computer on which you deployed Red Hat Decision Manager. This directory becomes the offline Maven mirror repository. -
Create and configure a
settings.xml
file for your Red Hat Decision Manager deployment, according to instructions in Section 12.2, “Configuring an external Maven repository for Business Central and KIE Server”. Make the following changes in the
settings.xml
file:-
Under the
<profile>
tag, if a<repositories>
or<pluginRepositores>
tag is absent, add the tags as necessary. Under
<repositories>
add the following sequence:<repository> <id>offline-repository</id> <url>file:///path/to/repo</url> <releases> <enabled>true</enabled> </releases> <snapshots> <enabled>false</enabled> </snapshots> </repository>
Replace
/path/to/repo
with the full path to the local Maven mirror repository directory.Under
<pluginRepositories>
add the following sequence:<repository> <id>offline-plugin-repository</id> <url>file:///path/to/repo</url> <releases> <enabled>true</enabled> </releases> <snapshots> <enabled>false</enabled> </snapshots> </repository>
Replace
/path/to/repo
with the full path to the local Maven mirror repository directory.
-
Under the
-
Set the
kie.maven.offline.force
property for Business Central totrue
. For instructions about setting properties for Business Central, see Section 11.1, “Business Central system properties”.
Chapter 13. Importing projects from Git repositories
Git is a distributed version control system. It implements revisions as commit objects. When you save your changes to a repository, a new commit object in the Git repository is created.
Business Central uses Git to store project data, including assets such as rules and processes. When you create a project in Business Central, it is added to a Git repository that is embedded in Business Central. If you have projects in other Git repositories, you can import those projects into the Business Central Git repository through Business Central spaces.
Prerequisites
- Red Hat Decision Manager projects exist in an external Git repository.
- You have the credentials required for read access to that external Git repository.
Procedure
- In Business Central, click Menu → Design → Projects.
- Select or create the space into which you want to import the projects. The default space is MySpace.
To import a project, do one of the following:
- Click Import Project.
- Select Import Project from the drop-down list.
- In the Import Project window, enter the URL and credentials for the Git repository that contains the projects that you want to import and click Import. The projects are added to the Business Central Git repository and are available from the current space.
Chapter 14. Customizing the branding of Business Central
You can customize the branding of the Business Central login page and application header by replacing the images with your own.
14.1. Customizing the Business Central login page
You can customize the company logo and the project logo on the Business Central login page.
Procedure
- Start Red Hat JBoss EAP and open Business Central in a web browser.
-
Copy a SVG format image to the
EAP_HOME/standalone/deployments/decision-central.war/img/
directory in your Red Hat Decision Manager installation. -
In the
EAP_HOME/standalone/deployments/decision-central.war/img/
directory, either move or rename the existingredhat_logo.png
file. -
Rename your PNG file
redhat_logo.png
. -
To change the project logo that appears above the User name and Password fields, replace the default image
BC_Logo.png
with a new SVG file. - Force a full reload of the login page, bypassing the cache, to view the changes. For example, in most Linux and Windows web browsers, press Ctrl+F5.
14.2. Customizing Business Central application header
You can customize the Business Central application header.
Procedure
- Start Red Hat JBoss EAP, open Business Central in a web browser, and log in with your user credentials.
-
Copy your new application header image in the SVG format to the
EAP_HOME/standalone/deployments/decision-central.war/banner/
directory in your Red Hat Decision Manager installation. -
Open the
EAP_HOME/standalone/deployments/decision-central.war/banner/banner.html
file in a text editor. Replace
logo.png
in the<img>
tag with the file name of your new image:admin-and-config/<img src="banner/logo.png"/>
- Force a full reload of the login page, bypassing the cache, to view the changes. For example, in most Linux and Windows web browsers, press Ctrl+F5.
Chapter 15. Integrating LDAP and SSL
With Red Hat Decision Manager you can integrate LDAP and SSL through RH-SSO. For more information, see the Red Hat Single Sign-On Server Administration Guide.
Chapter 16. Dashbuilder runtimes
Dashbuilder Runtime is an add-on application for Red Hat Decision Manager that you can use to run dashboards in standalone installations without requiring to use Business Central for business metrics. Dashbuilder Runtime is available as a WAR file that you can run on Red Hat JBoss EAP. To use Dashbuilder Runtime, you first author dashboards in Business Central, export the assets from Business Central, and run them on a web application. For more information about exporting Dashbuilder data, see Exporting and importing Dashbuilder data in the Configuring Business Central settings and properties guide.
Users with access to Dashbuilder Runtime are able to import the assets and explore the dashboards without using Business Central. If no static dashboards are configured then Dashbuilder Runtime prompts the user to upload a dashboard. When the dashboard is uploaded the runtime will only use that dashboard until the runtime is restarted.
The navigation between pages is the same as the configuration in Business Central. This means that if "page 1" is in "group1" and "page 2" is in "group2", then the same group will be imported and will remain as the navigation in Dashbuilder Runtime. If a page is not in the navigation tree the page is added to the "dashboards" menu group. If there is no navigation exported then all pages are added to the "dashboards" menu group.
16.1. Installing Dashbuilder Runtime
Dashbuilder Runtime is a Java web application and it is distributed in the form of a WAR that can be deployed in a Wildfly 18 installation.
Prerequisites
- Wildfly 18 is installed on the system.
Procedure
-
Download the Dashbuilder Runtime WAR file
dashbuilder-runtime.war
. Move
dashbuilder-runtime.war
to{WILDFLY_HOME}/standalone/deployments
.NoteBy default this uses the root web context
/
and the other security domain, making it protected by default.To create a user with the admin role using the
add-user.sh
utility, perform the following tasks:In the terminal, enter the following:
/wildfly/bin/add-user.sh
-
Select the type of user you want to add:
Application User (application-users.properties)
. -
Enter the username:
admin
. -
Select
Update the existing user password and roles
. - Enter a password.
-
To confirm the password, enter
yes
. - Re-enter the password.
-
Enter the groups you want the user to belong to:
admin
. Enter
no
The
admin
user is created.
16.2. KIE Server datasets on Dashbuilder Runtime
KIE Servers use Business Central as a controller. This means KIE Server containers are created by using Business Central. If other services need to retrieve KIE Server information then they should use the KIE Server REST API. Dashbuilder Runtime uses the KIE Server REST API to run queries from the imported datasets.
When a KIE Server dataset is created in Business Central the server template information is provided and it is used by Runtime to look for the KIE Server information. For example:
org.dashbuilder.kieserver.serverTemplate.{SERVER_TEMPLATE}.location={LOCATION} org.dashbuilder.kieserver.serverTemplate.{SERVER_TEMPLATE}.user={USER} org.dashbuilder.kieserver.serverTemplate.{SERVER_TEMPLATE}.password={PASSWORD} org.dashbuilder.kieserver.serverTemplate.{SERVER_TEMPLATE}.token={TOKEN}
It is also possible to setup KIE Server per dataset. For example:
org.dashbuilder.kieserver.dataset.{DATA_SET_NAME}.location={LOCATION} org.dashbuilder.kieserver.dataset.{DATA_SET_NAME}.user={USER} org.dashbuilder.kieserver.dataset.{DATA_SET_NAME}.password={PASSWORD} org.dashbuilder.kieserver.dataset.{DATA_SET_NAME}.token={TOKEN}
Notice that token authentication is not used if credentials are provided. One may also want to run the dashboard against another KIE Server installation. Let’s say that datasets were created on a KIE Server in DEV environment, it means that the datasets queries were created on the DEV KIE Server. When the dashboards are exported go, let’s say, to PROD, with another KIE Server. In that KIE Server the queries you created in DEV won’t be available, so an error will be thrown. In such cases it is possible to port queries from a dataset to another KIE Server by using the replace query functionality. It can also be set by dataset or by server template. For example:
org.dashbuilder.kieserver.serverTemplate.{SERVER_TEMPLATE}.replace_query=true
Alternatively:
org.dashbuilder.kieserver.dataset.{DATA_SET_NAME}.replace_query=true
It needs to be set only one time so Runtime creates the queries. Once the queries are created you can remove this system property.
16.3. Customizing Dashbuilder Runtime
You can customize Dashbuilder Runtime by using the system properties.
- Dashboards Path
When a dashboard is uploaded it is stored in the filesystem. The path where it is stored is controlled by the system property
org.dashbuilder.import.base.dir
. The default is/tmp/dashbuilder
.The system property is the root path for any dashboard model. For example, if there are multiple files on this path, the file can be imported by accessing Dashbuilder Runtime and passing a query parameter import with the name of the file that should be loaded. For example, if you want to load the
sales_dashboard
, executeruntime_host?import=sales_dashboard
and Dashbuilder Runtime will try to load the file/tmp/dashbuilder/sales_dashboard.zip
.- Static Dashboard
-
If you want the runtime instance to load a specific dashboard, you can change the system property
dashbuilder.runtime.import
. Setting the property to a local file path will cause that specific dashboard to be loaded during Runtime startup. - Controlling upload size
-
Application servers control POST request size by default. You can control the allowable size of uploaded dashboards by using the system property
dashbuilder.runtime.upload.size
. The size should be in KB and by default the value is 96kb, meaning that if someone tries to upload a file larger than 96kb then an error will be displayed and the dashboard won’t be installed. - Loading external dashboards
A Dashboard that is located at an accessible URL can be accessed by Dashbuilder Runtime. You can access the URL by passing the URL with the import query parameter such as
runtime_host?import=http://filesHost/sales_dashboard.zip
.NoteFor security reasons this option is disabled by default. You can enable it by setting the system property
dashbuilder.runtime.allowExternal
as true.
Chapter 17. Additional resources
Chapter 18. Next steps
Appendix A. Versioning information
Documentation last updated on Thursday, September 08, 2020.