Labels

Thursday, August 7, 2014

Jboss apache integration

Apache JBOSS integration



1) Download mod_jk module from
http://www.gtlib.gatech.edu/pub/apache/tomcat/tomcat-connectors/jk/binaries/linux/jk-1.2.28/i586/

2) Copy mod_jk-1.2.28-httpd-2.2.X.so to /opt/apacheconf

3) Edit the httpd.conf and add the following line
Include /opt/apacheconf/mod-jk.conf

4) Create /opt/apacheconf/mod-jk.conf file with the following content
LoadModule jk_module /opt/apacheconf/mod_jk-1.2.28-httpd-2.2.X.so
JkWorkersFile /opt/apacheconf/workers.properties
JkLogFile /opt/apachelogs/mod_jk.log
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
JkOptions +ForwardKeySize +ForwardURICompatUnparsed -ForwardDirectories
JkRequestLogFormat "%w %V %T"

JkMountFile /opt/apacheconf/uriworkermap.properties
JkShmFile /opt/apachelogs/jk.shm

<Location /jkstatus>
JkMount status
#Order deny,allow
#Deny from all
#Allow from 127.0.0.1
</Location>

5) Create /opt/apacheconf/uriworkermap.properties file with the following content
# Simple worker configuration file
# Mount the Servlet context to the ajp13 worker
/jmx-console=loadbalancer
/jmx-console/*=loadbalancer
/web-console=loadbalancer
/web-console/*=loadbalancer
/testWeb/*=loadbalancer
!/testWeb/images/*=loadbalancer

6) Create /opt/apacheconf/workers.properties file with the following content
worker.list=loadbalancer,status
# Define Node1
# modify the host as your host IP or DNS name.
worker.node1.port=8009
worker.node1.host={jboss-server-ip-address goes here}
worker.node1.type=ajp13
worker.node1.lbfactor=1
worker.node1.prepost_timeout=10000 #Not required if using ping_mode=A
worker.node1.connect_timeout=10000 #Not required if using ping_mode=A
worker.node1.ping_mode=A #As of mod_jk 1.2.27
# worker.node1.connection_pool_size=10 (1)

# Define Node2
# modify the host as your host IP or DNS name.
#worker.node2.port=8009
#worker.node2.host= node2.mydomain.com
#worker.node2.type=ajp13
#worker.node2.lbfactor=1
#worker.node2.prepost_timeout=10000 #Not required if using ping_mode=A
#worker.node2.connect_timeout=10000 #Not required if using ping_mode=A
#worker.node2.ping_mode=A #As of mod_jk 1.2.27
# worker.node1.connection_pool_size=10 (1)

# Load-balancing behaviour
worker.loadbalancer.type=lb
#worker.loadbalancer.balance_workers=node1,node2
worker.loadbalancer.balance_workers=node1

# Status worker for managing load balancer
worker.status.type=status

The above configuration is to test with one app server functionally.

7) Update /opt/apacheconf/httpd-vhosts.conf with JkMount
Listen 9080
NameVirtualHost *
<VirtualHost *>
ServerName {server-name}
ServerAlias {alias}
JkMount /testWeb loadbalancer
JkMount /testWeb/* loadbalancer
</VirtualHost>

8) Update the following line to include jvmRoute in /opt/jboss-eap-5.0/jboss-as/server/default/deploy/jbossweb.sar/server.xml

<Engine name="jboss.web" defaultHost="localhost" jvmRoute="domain-name-goes-here">

9) Restart Apache and JBOSS server

10) Test the web server URL http://{domain-name}/testWeb/test.jsp


Apache 2.2.14 installation on RHEL 5 (statically linked Apache binary)

Apache 2.2.14 installation on RHEL 5 (statically linked Apache binary)


Benefit of a statically built Apache server is that at compile time users have to examine all modules needed. This insures the smallest memory footprint for the Apache binary, and can also result in a more secure server by limiting exposure to loaded modules. Once you build and run your Apache binary, you will know exactly the memory footprint of each child or
worker

1) Create user
#useradd -m apacheadm
#passwd apacheadm

2) Login as apacheadm

3) Download httpd-2.2.14.tar.gz source distribution to /opt/software

4) Prepare for install

chmod 755 httpd-2.2.14.tar.gz
gunzip httpd-2.2.14.tar.gz
tar -xvf httpd-2.2.14.tar
rm httpd-2.2.14.tar
cd httpd-2.2.14
./configure --prefix=/opt/apache --enable-headers --enable-proxy --enable-rewrite --with-included-apr
make

Optional:

i) To include modules of your choice: ./configure --prefix=/opt/apache --with-included-apr --enable-ssl --enable-module=proxy
ii) Compile Apache for dynamic loading: ./configure --prefix=/opt/apache --enable-so

5) Install Apache
make install

References:
Apache website
F5 LTM deployment guide for Apache

How to Install JBoss 6 on Linux

This post will cover installing JBoss 6.0 on CentOS 5.x.

(If you are looking to install JBoss 7, please see my post here: http://www.davidghedini.com/pg/entry/install_jboss_7_on_centos)

We'll also set up JBoss to run as a service, as well as secure the JMX and Web Service consoles

While there are similarities to JBoss 5.1 installation, the file locations have changed in some instances

Here is an outline of the steps we will follow:

1. Download and Install the Java Development Kit (JDK)
2. Download and Install JBoss 6.0 Application Server
3. Create the user, jboss, who will own and run JBoss
4. Set the required JAVA_HOME and JBOSS_HOME paths
5. Create a start/stop/restart script for JBoss
6. Configure JBoss to run as a service
7. Access the JBoss Admin console
8. Change the JBoss Admin Password
9. Secure the JMX Console
10. Securing the Web Service Console
11. Set memory parameters for JBoss using JAVA_OPTS
12. Configure JBoss to run on port 80
Step 1: Download and Install the Java Development Kit (JDK)


You can download the JDK here: http://www.oracle.com/technetwork/java/javase/downloads/index.html

I'm using JDK 6, update 24, the latest as of this post. The JDK is specific to 32 and 64 bit versions.

My CentOS box is 64 bit, so I'll need: jdk-6u24-linux-x64.bin.

If you are on 32 bit, you'll need: jdk-6u24-linux-i586.bin

Download the appropriate JDK and save it to a directory. I'm saving it to /root.

Move (mv) or copy (cp) the file to the /opt directory:


  1. [root@sv2 ~]# mv jdk-6u24-linux-x64.bin /opt/jdk-6u24-linux-x64.bin  


Create the directory /usr/java.


  1. [root@sv2 ~]# mkdir /usr/java  


Change to the /usr/java directory we created and install the JDK using 'sh /opt/jdk-6u24-linux-x64.bin'


  1. [root@sv2 ~]# cd /usr/java  
  2. [root@sv2 java]# sh /opt/jdk-6u24-linux-x64.bin  


We now have the JDK installed at /usr/java/jdk1.6.0_24. We'll use this for our JAVA_HOME a bit later in step


Step 2: Download and Install JBoss 6.0 Application Server


Download jboss-6.0.0.Final.zip at http://sourceforge.net/projects/jboss/files/JBoss/jboss-6.0.0.Final/ or use wget:


  1. [root@sv2 ~]# wget http://sourceforge.net/projects/jboss/files/JBoss/JBoss-6.0.0.Final/jboss-as-distribution-6.0.0.Final.zip/download  
  2. .  
  3. .  
  4. .  
  5. 100%[======================================>] 181,267,148  816K/s   in 3m 31s  
  6.   
  7. 2011-03-13 00:56:44 (839 KB/s) - `jboss-as-distribution-6.0.0.Final.zip' saved [181267148/181267148]  


Move (mv) or copy (cp) the file to /usr/share/jboss-6.0.0.Final.zip.


  1. [root@sv2 ~]# mv jboss-as-distribution-6.0.0.Final.zip /usr/share/jboss-as-distribution-6.0.0.Final.zip  


Change to the /usr/share directory and unzip the file:


  1. [root@sv2 ~]# cd /usr/share  
  2. [root@sv2 share]# unzip -q jboss-as-distribution-6.0.0.Final.zip  


The unzip will create the following directory: /usr/share/jboss-6.0.0.Final

This directory will be our JBOSS_HOME, which we will use below in Step 4.


Step 3: Create the user, jboss, who will own and run JBoss


Since we will want to run JBoss as a non-root user with minimal privileges, we'll create a user, jboss, who will own the JBoss files and JBoss will run under his account.

To do this, we can need to the following.

Create a new group, jboss, and then create the user jboss and add the user to the jboss group.


  1. [root@sv2 ~]# groupadd jboss  
  2. [root@sv2 ~]# useradd -s /bin/bash -g jboss jboss  


Change ownership of the JBoss home directory, /usr/share/jboss-6.0.0.Final so all files are owned by the user jboss we created.


  1. [root@sv2 ~]# chown -Rf jboss.jboss /usr/share/jboss-6.0.0.Final/  



Step 4: Set the required JAVA_HOME and JBOSS_HOME paths


We no need to set the JAVA_HOME and JBOSS_HOME.

The JAVA_HOME is where we installed the JDK above, /usr/java/jdk1.6.0_24, and the JBOSS_HOME is where we installed JBoss above /usr/share/jboss-6.0.0.Final.

Add the following to the jboss users .bash_profile:


  1. JAVA_HOME=/usr/java/jdk1.6.0_24  
  2. export JAVA_HOME  
  3. PATH=$JAVA_HOME/bin:$PATH  
  4. export PATH  
  5. JBOSS_HOME=/usr/share/jboss-6.0.0.Final  
  6. export JBOSS_HOME  


To set the JAVA_HOME for users, we add this to the user ~/.bashrc or ~/.bash_profile of the user. We can also add it /etc/profile and then source it to give to all users.


  1. JAVA_HOME=/usr/java/jdk1.6.0_24   
  2. export JAVA_HOME   
  3. PATH=$JAVA_HOME/bin:$PATH   
  4. export PATH  


Once you have added the above to ~/.bash_profile or ~/.bashrc, you should su to the user jboss and verify that the JAVA_HOME and JBOSS_HOME are set correctly.


  1. [root@sv2 ~]#  su jboss  
  2. [jboss@sv2 ~]#  echo $JAVA_HOME  
  3. /usr/java/jdk1.6.0_24  
  4. [jboss@sv2 ~]#  echo $JBOSS_HOME  
  5. /usr/share/jboss-6.0.0.Final  



Step 5: Create a start/stop/restart script for JBoss.


For our JBoss script we will simply copy the existing jboss_init_redhat.sh script located at at /usr/share/jboss-6.0.0.Final/bin, copy it to /etc/init.d and rename it to 'jboss':

So, as root:


  1. [root@sv2 ~]# cd /usr/share/jboss-6.0.0.Final/bin   
  2. [root@sv2 bin]# cp jboss_init_redhat.sh /etc/init.d/jboss  


In the jboss script (shown completed below), make the following changes:

1. Add lines 3,4, and 5:
# description: JBoss Start Stop Restart
# processname: jboss
# chkconfig: 234 20 80
2. Line 22, Set the JBOSS_HOME to where we unpacked JBoss in step 2 above:
JBOSS_HOME=${JBOSS_HOME:-"/usr/share/jboss-6.0.0.Final"}

3. Line 28. Set the JAVA_HOME to where we installed the JDK in step 1 above:
JAVAPTH=${JAVAPTH:-"/usr/java/jdk1.6.0_24"}

4. Add line 34, which sets the JBOSS_HOST to 0.0.0.0, allowing JBoss to bind to any IP.
JBOSS_HOST="0.0.0.0"


  1. #!/bin/sh  
  2. #  
  3. # description: JBoss Start Stop Restart  
  4. # processname: jboss6  
  5. # chkconfig: 234 20 80  
  6. #  
  7. # $Id: jboss_init_redhat.sh 81068 2008-11-14 15:14:35Z dimitris@jboss.org $  
  8. #  
  9. # JBoss Control Script  
  10. #  
  11. # To use this script run it as root - it will switch to the specified user  
  12. #  
  13. # Here is a little (and extremely primitive) startup/shutdown script  
  14. # for RedHat systems. It assumes that JBoss lives in /usr/local/jboss,  
  15. # it's run by user 'jboss' and JDK binaries are in /usr/local/jdk/bin.  
  16. # All this can be changed in the script itself.   
  17. #  
  18. # Either modify this script for your requirements or just ensure that  
  19. # the following variables are set correctly before calling the script.  
  20.  
  21. #define where jboss is - this is the directory containing directories log, bin, conf etc  
  22. JBOSS_HOME=${JBOSS_HOME:-"/usr/share/jboss-6.0.0.Final"}  
  23.  
  24. #define the user under which jboss will run, or use 'RUNASIS' to run as the current user  
  25. JBOSS_USER=${JBOSS_USER:-"jboss"}  
  26.  
  27. #make sure java is in your path  
  28. JAVAPTH=${JAVAPTH:-"/usr/java/jdk1.6.0_24"}  
  29.  
  30. #configuration to use, usually one of 'minimal', 'default', 'all'  
  31. JBOSS_CONF=${JBOSS_CONF:-"default"}  
  32.  
  33. #if JBOSS_HOST specified, use -b to bind jboss services to that address  
  34. JBOSS_HOST="0.0.0.0"  
  35. JBOSS_BIND_ADDR=${JBOSS_HOST:+"-b $JBOSS_HOST"}  
  36.  
  37. #define the classpath for the shutdown class  
  38. JBOSSCP=${JBOSSCP:-"$JBOSS_HOME/bin/shutdown.jar:$JBOSS_HOME/client/jnet.jar"}  
  39.  
  40. #define the script to use to start jboss  
  41. JBOSSSH=${JBOSSSH:-"$JBOSS_HOME/bin/run.sh -c $JBOSS_CONF $JBOSS_BIND_ADDR"}  
  42.   
  43. if [ "$JBOSS_USER" = "RUNASIS" ]; then  
  44.   SUBIT=""  
  45. else  
  46.   SUBIT="su - $JBOSS_USER -c "  
  47. fi  
  48.   
  49. if [ -n "$JBOSS_CONSOLE" -a ! -d "$JBOSS_CONSOLE" ]; then  
  50.   # ensure the file exists  
  51.   touch $JBOSS_CONSOLE  
  52.   if [ ! -z "$SUBIT" ]; then  
  53.     chown $JBOSS_USER $JBOSS_CONSOLE  
  54.   fi   
  55. fi  
  56.   
  57. if [ -n "$JBOSS_CONSOLE" -a ! -f "$JBOSS_CONSOLE" ]; then  
  58.   echo "WARNING: location for saving console log invalid: $JBOSS_CONSOLE"  
  59.   echo "WARNING: ignoring it and using /dev/null"  
  60.   JBOSS_CONSOLE="/dev/null"  
  61. fi  
  62.  
  63. #define what will be done with the console log  
  64. JBOSS_CONSOLE=${JBOSS_CONSOLE:-"/dev/null"}  
  65.   
  66. JBOSS_CMD_START="cd $JBOSS_HOME/bin; $JBOSSSH"  
  67. JBOSS_CMD_STOP=${JBOSS_CMD_STOP:-"java -classpath $JBOSSCP org.jboss.Shutdown --shutdown"}  
  68.   
  69. if [ -z "`echo $PATH | grep $JAVAPTH`" ]; then  
  70.   export PATH=$PATH:$JAVAPTH  
  71. fi  
  72.   
  73. if [ ! -d "$JBOSS_HOME" ]; then  
  74.   echo JBOSS_HOME does not exist as a valid directory : $JBOSS_HOME  
  75.   exit 1  
  76. fi  
  77.   
  78. echo JBOSS_CMD_START = $JBOSS_CMD_START  
  79.   
  80. case "$1" in  
  81. start)  
  82.     cd $JBOSS_HOME/bin  
  83.     if [ -z "$SUBIT" ]; then  
  84.         eval $JBOSS_CMD_START >${JBOSS_CONSOLE} 2>&1 &  
  85.     else  
  86.         $SUBIT "$JBOSS_CMD_START >${JBOSS_CONSOLE} 2>&1 &"   
  87.     fi  
  88.     ;;  
  89. stop)  
  90.     if [ -z "$SUBIT" ]; then  
  91.         $JBOSS_CMD_STOP  
  92.     else  
  93.         $SUBIT "$JBOSS_CMD_STOP"  
  94.     fi   
  95.     ;;  
  96. restart)  
  97.     $0 stop  
  98.     $0 start  
  99.     ;;  
  100. *)  
  101.     echo "usage: $0 (start|stop|restart|help)"  
  102. esac  



Step 6: Run JBoss as a Service.


To run JBoss as a service and enable start up at boot, make the script we created above executable and add it to our chkconfig so it starts at boot.


  1. [root@sv2 init.d]# chmod 755 jboss  
  2. [root@sv2 init.d]# chkconfig --add jboss  
  3. [root@sv2 init.d]# chkconfig --level 234 jboss on  


We should now be able to Start, Stop, and Restart JBoss as a service.

Start JBoss:

Note: JBoss can take some time to start.


  1. [root@sv2 init.d]# service jboss6 start  
  2. JBOSS_CMD_START = cd /usr/share/jboss-6.0.0.Final/bin; /usr/share/jboss-6.0.0.Final/bin/run.sh -c default -b 0.0.0.0  


Stop JBoss:
  1. [root@sv2 init.d]# service jboss6 stop  
  2. JBOSS_CMD_START = cd /usr/share/jboss-6.0.0.Final/bin; /usr/share/jboss-6.0.0.Final/bin/run.sh -c default -b 0.0.0.0  
  3. Shutdown message has been posted to the server.  
  4. Server shutdown may take a while - check logfiles for completion  



Step 7: Access the JBoss Admin.


Make sure JBoss is started and you should now be able to access the Jboss Console at:

http://yourdomain.com:8080 or http://yourip:8080

The default user name and password for the JBoss Admin Console is admin/admin




Access the Admin Console by clicking on the Administration Console link.





Step 8: Change the JBoss Admin Password


To change the default Admin Console password, go to:

/usr/share/jboss-6.0.0.Final/server/default/conf/props

Open the jmx-console-users.properties file in text editor and change the password.


  1. # A sample users.properties file for use with the UsersRolesLoginModule  
  2. admin=MyPassword  



Step 9: Secure the JMX Console


To secure the JMX Console, go to:

/usr/share/jboss-6.0.0.Final/common/deploy/jmx-console.war/WEB-INF

First, edit the web.xml file. Towards the bottom, you will find the security-constraint as shown below:


  1. <!-- A security constraint that restricts access to the HTML JMX console  
  2.    to users with the role JBossAdmin. Edit the roles to what you want and  
  3.    uncomment the WEB-INF/jboss-web.xml/security-domain element to enable  
  4.    secured access to the HTML JMX console.  
  5.    <security-constraint>  
  6.      <web-resource-collection>  
  7.        <web-resource-name>HtmlAdaptor</web-resource-name>  
  8.        <description>An example security config that only allows users with the  
  9.          role JBossAdmin to access the HTML JMX console web application  
  10.        </description>  
  11.        <url-pattern>/*</url-pattern>  
  12.      </web-resource-collection>  
  13.      <auth-constraint>  
  14.        <role-name>JBossAdmin</role-name>  
  15.      </auth-constraint>  
  16.    </security-constraint>  
  17.    -->  


Un-comment the security-constraint section so it appears thus:


  1. <security-constraint>  
  2.      <web-resource-collection>  
  3.        <web-resource-name>HtmlAdaptor</web-resource-name>  
  4.        <description>An example security config that only allows users with the  
  5.          role JBossAdmin to access the HTML JMX console web application  
  6.        </description>  
  7.        <url-pattern>/*</url-pattern>  
  8.      </web-resource-collection>  
  9.      <auth-constraint>  
  10.        <role-name>JBossAdmin</role-name>  
  11.      </auth-constraint>  
  12.    </security-constraint>  


Next, still in the WEB-INF directory, edit the jboss-web.xml file, which will look as below:


  1. <!DOCTYPE jboss-web PUBLIC  
  2.    "-//JBoss//DTD Web Application 5.0//EN"  
  3.    "http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">  
  4.      
  5. <jboss-web>  
  6.    <!-- Uncomment the security-domain to enable security. You will  
  7.       need to edit the htmladaptor login configuration to setup the  
  8.       login modules used to authentication users.  
  9.       <security-domain>java:/jaas/jmx-console</security-domain>  
  10.    -->  
  11. </jboss-web>  


Uncomment the security-domain so it appears thus:

<pre class="js" name="code"><!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 5.0//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd"> <jboss-web> <security-domain>java:/jaas/jmx-console</security-domain> </jboss-web>

At this point, the password for the JMX Console will be the same as the password we set for the Admin Console in step 8 above.

Both the Admin Console and JMX Console are are using the jmx-console-roles.properties and jmx-console-users.properties files.


Step 10: Secure the Web Service Console


To secure the Web Service Console, go to:

/usr/share/jboss-6.0.0.Final/common/deploy/jbossws-console.war/WEB-INF

First, edit the web.xml file. Towards the bottom, you will find the security-constraint as shown below:


  1. <!-- A security constraint that restricts access  
  2.    <security-constraint>  
  3.      <web-resource-collection>  
  4.        <web-resource-name>ContextServlet</web-resource-name>  
  5.        <description>An example security config that only allows users with the  
  6.          role 'friend' to access the JBossWS console web application  
  7.        </description>  
  8.        <url-pattern>/*</url-pattern>  
  9.      </web-resource-collection>  
  10.      <auth-constraint>  
  11.        <role-name>friend</role-name>  
  12.      </auth-constraint>  
  13.    </security-constraint>  
  14.    -->  


Un-comment the security-constraint section so it appears thus:


  1. <security-constraint>  
  2.      <web-resource-collection>  
  3.        <web-resource-name>ContextServlet</web-resource-name>  
  4.        <description>An example security config that only allows users with the  
  5.          role 'friend' to access the JBossWS console web application  
  6.        </description>  
  7.        <url-pattern>/*</url-pattern>  
  8.      </web-resource-collection>  
  9.      <auth-constraint>  
  10.        <role-name>friend</role-name>  
  11.      </auth-constraint>  
  12.    </security-constraint>  


Next, still in the WEB-INF directory, edit the jboss-web.xml file, which will look as below:


  1. <?xml version="1.0" encoding="ISO-8859-1"?>  
  2.   
  3. <!DOCTYPE jboss-web  
  4.     PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"  
  5.     "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">  
  6.   
  7. <jboss-web>  
  8.   
  9.   <!-- A security domain that restricts access  
  10.   <security-domain>java:/jaas/JBossWS</security-domain>  
  11.   -->  
  12.     
  13.   <context-root>jbossws</context-root>  
  14.   
  15. </jboss-web>  


Uncomment the security-domain so it appears thus:


  1. <?xml version="1.0" encoding="ISO-8859-1"?>  
  2.   
  3. <!DOCTYPE jboss-web  
  4.     PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"  
  5.     "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">  
  6.   
  7. <jboss-web>  
  8.   
  9.    
  10.   <security-domain>java:/jaas/JBossWS</security-domain>  
  11.    
  12.     
  13.   <context-root>jbossws</context-root>  
  14.   
  15. </jboss-web>  


The default user name and password are kermit/thefrog

To change this, go to:

/usr/share/jboss-6.0.0.Final/server/default/conf/props

Open jbossws-roles.properties in a text editor it should appear as below.


  1. # A sample roles.properties file for use with the UsersRolesLoginModule  
  2. kermit=friend  


Change 'kermit' to a new user name. For example, we'll change it to 'mywsuser' as shown below:


  1. # A sample roles.properties file for use with the UsersRolesLoginModule  
  2. mywsuser=friend  


Open jbossws-users.properties in a text editor it should appear as below.


  1. # A sample users.properties file for use with the UsersRolesLoginModule  
  2. kermit=thefrog  


Change 'kermit' to our new user name 'mywsuser' and change the password. For example, we'll change the password to it to 'MyWsPassword' as shown below:


  1. # A sample users.properties file for use with the UsersRolesLoginModule  
  2. mywsuser=MyWsPassword  



Step 11: Set JAVA_OPTS Memory Parameters


To set the memory limits for JBoss, go to: /usr/share/jboss-6.0.0.Final/bin

Open the run.sh file in a text editor.

Find the section below:


  1. # Setup JBoss specific properties  
  2. JAVA_OPTS="-Dprogram.name=$PROGNAME $JAVA_OPTS"  


Directly below this, add the desired parameters.


  1. # Setup JBoss specific properties  
  2. JAVA_OPTS="-Dprogram.name=$PROGNAME $JAVA_OPTS"  
  3. JAVA_OPTS="$JAVA_OPTS -Xms128m -Xmx256m"  


I'm installing this on a small VPS so I'm using JAVA_OPTS="$JAVA_OPTS -Xms128m -Xmx256m". You should set this to whatever is appropriate to your server and application.


Step 12: Running JBoss on Port 80.


To run services below port 1024 as user other than root, you can use port forwarding.

You can do this by adding the following to your IP tables:


  1. [root@sv2 ~]# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080  
  2. [root@sv2 ~]# iptables -t nat -A PREROUTING -p udp -m udp --dport 80 -j REDIRECT --to-ports 8080