13.3.5. Configure a mod_cluster Worker Node

Configure a mod_cluster worker node

A mod_cluster worker node consists of an JBoss Enterprise Application Platform server. This server can be part of a server group in a Managed Domain, or a standalone server. A separate process runs within JBoss Enterprise Application Platform, which manages all of the nodes of the cluster. This is called the master. For more conceptual information about worker nodes, refer to Section 13.1.4, “Worker Node”. For an overview of HTTPD load balancing, refer to Section 13.1.3, “Overview of HTTP Connectors”.

The master is only configured once, via the mod_cluster subsystem. To configure the mod_cluster subsystem, refer to Section 13.3.2, “Configure the mod_cluster Subsystem”. Each worker node is configured separately, so repeat this procedure for each node you wish to add to the cluster.
If you use a managed domain, each server in a server group is a worker node which shares an identical configuration. Therefore, configuration is done to an entire server group. In a standalone server, configuration is done to a single JBoss JBoss Enterprise Application Platform instance. The configuration steps are otherwise identical.

Worker Node Configuration

  • If you use a standalone server, it must be started with the standalone-ha profile.
  • If you use a managed domain, your server group must use the ha or full-ha profile, and the ha-sockets or full-ha-sockets socket binding group. JBoss Enterprise Application Platform ships with a cluster-enabled server group called other-server-group which meets these requirements.


Where Management CLI commands are given, they assume you use a managed domain. If you use a standalone server, remove the /profile=full-ha portion of the commands.

Procedure 13.9. Configure a Worker Node

  1. Configure the network interfaces.

    By default, the network interfaces all default to Every physical host which hosts either a standalone server or one or more servers in a server group needs its interfaces to be configured to use its public IP address, which the other servers can see.
    To change the IP address of a JBoss Enterprise Application Platform host, you need to shut it down and edit its configuration file directly. This is because the Management API which drives the Management Console and Management CLI relies on a stable management address.
    Follow these steps to change the IP address on each server in your cluster to the master's public IP address.
    1. Shut down the server completely.
    2. Edit either the host.xml, which is in EAP_HOME/domain/configuration/ for a managed domain, or the standalone-ha.xml file, which is in EAP_HOME/standalone/configuration/ for a standalone server.
    3. Locate the <interfaces> element. Three interfaces are configured, management, public, and unsecured. For each of these, change the value to the external IP address of the host.
    4. For hosts that participate in a managed domain but are not the master, locate the <host element. Note that it does not have the closing > symbol, because it contains attributes. Change the value of its name attribute from master to a unique name, a different one per slave. This name will also be used for the slave to identify to the cluster, so make a note of it.
    5. For newly-configured hosts which need to join a managed domain, find the <domain-controller> element. Comment out or remove the <local /> element, and add the following line, changing the IP address (X.X.X.X) to the address of the domain controller. This step does not apply for a standalone server.
      <remote host="X.X.X.X" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/>
    6. Save the file and exit.
  2. Configure authentication for each slave server.

    Each slave server needs a username and password created in the domain controller's or standalone master's ManagementRealm. On the domain controller or standalone master, run the EAP_HOME/add-user.sh command. Add a user with the same username as the slave, to the ManagementRealm. When asked if this user will need to authenticate to an external JBoss AS instance, answer yes. An example of the input and output of the command is below, for a slave called slave1, with password changeme.
    user:bin user$ ./add-user.sh
    What type of user do you wish to add? 
     a) Management User (mgmt-users.properties) 
     b) Application User (application-users.properties)
    (a): a
    Enter the details of the new user to add.
    Realm (ManagementRealm) : 
    Username : slave1
    Password : changeme
    Re-enter Password : changeme
    About to add user 'slave1' for realm 'ManagementRealm'
    Is this correct yes/no? yes
    Added user 'slave1' to file '/home/user/jboss-eap-6.0/standalone/configuration/mgmt-users.properties'
    Added user 'slave1' to file '/home/user/jboss-eap-6.0/domain/configuration/mgmt-users.properties'
    Is this new user going to be used for one AS process to connect to another AS process e.g. slave domain controller?
    yes/no? yes
    To represent the user add the following to the server-identities definition <secret value="Y2hhbmdlbWU=" />
  3. Copy the <secret> element from the add-user.sh output.

    Copy the value from the last line of the add-user.sh output. You need to add this value to your slave's configuration file in the next step.
  4. Modify the slave host's security realm to use the new authentication.

    Re-open the slave host's host.xml or standalone-ha.xml file and locate the <security-realms> element. Add the following block of XML code directly below the <security-realm name="ManagementRealm"> line, replacing the <secret value="Y2hhbmdlbWU="/> line with the one from the previous step.
               <secret value="Y2hhbmdlbWU="/>
    Save and exit the file.
  5. Restart the server.

    The slave will now authenticate to the master using the its host name as the username and the encrypted string as its password.

Your standalone server, or servers within a server group of a managed domain, are now configured as mod_cluster worker nodes. If you deploy a clustered application, its sessions are replicated to all cluster nodes for failover, and it can accept requests from an external HTTPD server or load balancer. Each node of the cluster discovers the other nodes using automatic discovery, by default. To configure automatic discovery, and the other specific settings of the mod_cluster subsystem, refer to Section 13.3.2, “Configure the mod_cluster Subsystem”. To configure the Apache HTTPD server, refer to Section 13.2.10, “Use an External HTTPD as the Web Front-end for JBoss Enterprise Application Platform Applications”.