Red Hat Training

A Red Hat training course is available for Red Hat JBoss Operations Network

Chapter 13. Deploying Applications

Applications that are deployed on a JBoss server are a special type of resource. They have a place in the JBoss ON inventory and are children of the JBoss AS/EAP server. In that way, they can be discovered or created as a resource. However, some JBoss child resources — EARs and WARs — are also content, so they are treated as software packages that are stored and then deployed to JBoss servers. For these applications, the child resource is created first, by uploading a package to the JBoss server. After that, they are managed like content, with updated packages added to a content repo and then applied to the JBoss server.

13.1. Setting Permissions for Agent and Resource Users

The assumption is that the JBoss ON agent and resources like a JBoss server or Tomcat server run as the same system user. This allows the agent and the application server itself to manage resource content and configuration simultaneously.
However, if the agent user is different than the resource user, then there can be problems when one entity makes a configuration change and the other attempts a change later.
For example, when deploying an application, the deployment operation is initiated by the agent and the content is supplied through the agent, and then the application server completes the actual deployment. When deleting an application, the application server handles the undeployment by itself.
If a WAR file is deployed exploded without a MANIFEST.MF file, the agent creates one when it writes the SHA-256 value for the package. When the JBoss EAP/AS server server tries to remove the WAR application later (and the JBoss EAP/AS server user is different than the agent user), then the removal fails. The JBoss EAP/AS server server cannot delete the MANIFEST.MF file. The agent then rediscovers the application directory and re-initiates the deployment operation for the removed WAR.

Note

This situation only occurs when the application is exploded and does not contain the MANIFEST.MF file — meaning, a situation where the agent creates a file within the deployment directory. Even if the agent and JBoss EAP/AS server users are different, this situation does not occur if the application is not exploded or where the agent does not write any files.
This situation can be avoided. If the agent user and resource user are different, then change the system settings:
  1. Add the agent user and the resource user to the same primary group.
  2. Set the umask value for the agent user to give read and write permissions to both user and group, such as 660. For example: 
    vim /home/rhqagent/.bashrc

umask 660