Dealing with conflicting httpd packages from JBoss channels

Currently there is a bug in the httpd packages that ship in several JBoss channels. This causes problems for those installing OpenShift Enterprise because the packages from JBoss have a bug in the init script that will kill other Apache processes on the system. The symptom for this bug is that your Broker or Console will die whenever service httpd restart is run. The same goes for any users' Gears that rely on httpd.

Here's how you can tell if you have the issue:

rpm -qa | grep httpd
httpd-tools-2.2.22-14.ep6.el6.x86_64
httpd-2.2.22-14.ep6.el6.x86_64

Anything with ep in the name comes from the JBoss channels. Also, RHEL 6 only ships Apache 2.2.15.

Here's how you can undo this problem:

• Downgrade the packages

yum downgrade --disablerepo="jb*" --disablerepo="*jbeap*" --disablerepo="*jbews*"  httpd httpd-tools mod_ssl

Note: Those repository globs will match the official JBoss channels in the Red Hat Network as well as well as the Red Hat Update Infrastructure in the Amazon EC2. You may have to modify the glob if you are using custom repositories.

• To avoid this in the future add the following line to all JBoss yum repositories on your OpenShift Enterprise machines:

exclude = httpd httpd-tools mod_ssl

For example:

[jb-ews-2-for-rhel-6-server-rpms]
name = JBoss Enterprise Web Server 2 (RHEL 6 Server) (RPMs)
baseurl = https://cdn.redhat.com/content/dist/rhel/server/6/$releasever/$basearch/jbews/2/os
enabled = 1
gpgcheck = 1
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
sslverify = 1
sslcacert = /etc/rhsm/ca/redhat-uep.pem
sslclientkey = /etc/pki/entitlement/XXXXXXXXX.pem
sslclientcert = /etc/pki/entitlement/XXXXXXXXx.pem
metadata_expire = 86400
exclude = httpd httpd-tools mod_ssl

Once the JBoss bug fix is released, it should be safe to update using JBoss-supplied httpd and mod_ssl, but we still recommend the base RHEL 6 version for stability.