-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for Red Hat JBoss Enterprise Application Platform
Chapter 1. Overview
Before getting started using JBoss EAP with containers, it is important to understand the basic concept behind Linux Containers as well as have Docker installed and configured.
Running JBoss EAP in a container lets you quickly and repeatably set up and tear-down instances of JBoss EAP in an isolated environment. Those containers are also extremely portable, tend to have a much smaller footprint than traditional virtual machines, and are extendable.
This guide covers the JBoss EAP 7 base image pulled from the Red Hat Docker Registry using Docker running on a Red Hat Enterprise Linux Server 7 host, specifically RHEL 7.2 x86_64 running Docker version 1.8.2-el7 or later. The Red Hat Docker Registry is configured and available by default when running Docker on Red Hat Enterprise Linux Server 7. Users attempting to pull images from the Red Hat Docker Registry from hosts other than Red Hat Enterprise Linux Server 7 must also include the Red Hat Docker Registry address when issuing the pull command: registry.access.redhat.com. More details on using the pull command with different registries can be found in the Getting images from remote Docker registries section of Red Hat Enterprise Linux Atomic Host 7 Getting Started with Containers.
The JBoss EAP base image for containers, registry.access.redhat.com/jboss-eap-7-tech-preview/eap70, distributed through the Red Hat Docker Registry is Technology Preview and is intended for development use only. It is NOT supported for use in production. This release is targeted at users and developers for experimentation purposes. This release is NOT targeting users who are running JBoss EAP containers in production. The Red Hat Docker Registry also requires that hosts have the appropriate entitlements to access this image. For more details on checking and configuring those entitlements, see Required Entitlements.
Limitations
The scope of this document is to describe how to use the JBoss EAP base image for containers in a development capacity. As a result, features such as high availability, clustering, load balancing, managed domains and Kubernetes are not covered. If you would like use any of those topics with JBoss EAP images you need to use the OpenShift Container Platform JBoss EAP images with OpenShift Container Platform. For more details, refer to the OpenShift Container Platform documentation.
1.1. Required Entitlements
In order to pull the JBoss EAP base image for containers, registry.access.redhat.com/jboss-eap-7-tech-preview/eap70, from the Red Hat Docker Registry, you must have at least one Red Hat Middleware entitlement associated with your subscription.
To view your current subscriptions:
$ subscription-manager list --consumed
If you do not have the appropriate entitlements, you can check if any of them are available to you
$ subscription-manager list --available --all
and attach to the appropriate subscription:
$ subscription-manager attach --pool=POOL_ID
Once you have attached to a subscription with the appropriate entitlements, a key and a certificate for those entitlements are created in /etc/pki/entitlement for each subscription you have attached. The key files are named SUBSCRIPTION_SERIAL-key.pem and the certificate files are named SUBSCRIPTION_SERIAL.pem. For example, if you had the following subscription:
$ subscription-manager list --consumed +-------------------------------------------+ Consumed Subscriptions +-------------------------------------------+ Subscription Name: .... .... Serial: 1122334455667788990 ....
You would see the following files:
$ ls /etc/pki/entitlement 1122334455667788990-key.pem 1122334455667788990.pem
To use your entitlements when pulling from the Red Hat Docker Registry, you need to ensure the corresponding keys and certificates are added to /etc/docker/certs.d/. This is accomplished using rhsmcertd-worker to refresh the local certificate store, which is part of the RHSM plugin: subscription-manager-plugin-container.
To install the RHSM plugin subscription-manager-plugin-container:
$ sudo yum install subscription-manager-plugin-container
You must have the rhel-7-server-optional-rpms repository enabled to install subscription-manager-plugin-container. Instructions for enabling this repository as well as all other required repositories are covered in the Get Started with Docker Formatted Container Images section of Red Hat Enterprise Linux Atomic Host 7 Getting Started with Containers.
To run rhsmcertd-worker to refresh the local certificate store:
$ sudo /usr/libexec/rhsmcertd-worker
rhsmcertd-worker must be run as the superuser, otherwise it may fail to work without a warning.
You also need to restart Docker:
$ systemctl restart docker
To verify that the certificates and keys were added to /etc/docker/certs.d/, ensure the following files are now present in /etc/docker/certs.d/:
$ ls -l /etc/docker/certs.d/ | grep access.redhat.com drwxr-xr-x. 2 root root 67 Jun 01 10:30 access.redhat.com drwxr-xr-x. 2 root root 67 Jun 01 10:30 registry.access.redhat.com
To verify you can access the JBoss EAP images in the Red Hat Docker Registry, a search for the image using docker search should return at least one result from the Red Hat Docker Registry:
$ docker search registry.access.redhat.com/jboss-eap-7-tech-preview/eap70 INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED redhat.com registry.access.redhat.com/jboss-eap-7-tech-preview/eap70 ... 0
