[wildfly-dev] WildFly (domain) management in OpenShift V3

Thomas Diesler tdiesler at redhat.com
Mon Dec 8 04:08:33 EST 2014 

Thank Brian, I’d like to do a little more research with wildfly domain mode <https://github.com/wildfly-extras/wildfly-camel/issues/93> in openshift before responding. Won’t be long ...

> On 5 Dec 2014, at 20:00, Brian Stansberry <brian.stansberry at redhat.com> wrote:
> 
> On 12/5/14, 7:36 AM, Thomas Diesler wrote:
>> Folks,
>> 
>> I’ve recently been looking at WildFly container deployments on OpenShift
>> V3. The following setup is documented here
>> <https://github.com/wildfly-extras/wildfly-camel-book/blob/2.1/cloud/fabric8.md>
>> 
>> 
>>    The example architecture consists of a set of three high available
>>    (HA) servers running REST endpoints.
>>    For server replication and failover we use Kubernetes. Each server
>>    runs in a dedicated Pod that we access via Services.
>> 
>> This approach comes with a number of benefits, which are sufficiently
>> explained in various OpenShift
>> <https://blog.openshift.com/openshift-v3-platform-combines-docker-kubernetes-atomic-and-more/>,
>> Kubernetes
>> <https://github.com/GoogleCloudPlatform/kubernetes/blob/master/README.md> and
>> Docker <https://docs.docker.com/> materials, but also with a number of
>> challenges. Lets look at those in more detail …
>> 
>> In the example above Kubernetes replicates a number of standalone
>> containers and isolates them in a Pod each with limited access from the
>> outside world.
>> 
>> * The management interfaces are not accessible
>> * The management consoles are not visible
>> 
>> With WildFly-Camel we have a Hawt.io
>> <http://wildflyext.gitbooks.io/wildfly-camel/content/features/hawtio.html> console
>> that allows us to manage Camel Routes configured or deployed to the
>> WildFly runtime.
>> The WildFly console manages aspects of the appserver.
>> 
>> In a more general sense, I was wondering how the WildFly domain model
>> maps to the Kubernetes runtime environment and how these server
>> instances are managed and information about them relayed back to the
>> sysadmin
>> 
> 
> Your questions below mostly relate (correctly) to what *should* be done 
> but I'll preface by discussing what *could* be done. Please forgive noob 
> mistakes as I'm an admitted Kubernetes noob.
> 
> AIUI a Kubernetes services exposes a single endpoint to outside callers, 
> but the containers in the pods can open an arbitrary number of client 
> connections to other services.
> 
> This should work fine with WildFly domain management, as there can be a 
> Service for the Domain Controller, which is the management interaction 
> point for the sysadmin. And then the WildFly instance in the container 
> for any other Service can connect and register with that Domain 
> Controller service. The address/port those other containers use can be 
> the same one that sysadmins use.
> 
>> a) Should these individual wildfly instances somehow be connected to
>> each other (i.e. notion of domain)?
> 
> Depends on the use case, but I expect certainly some users will 
> centralized management, even if it's just for monitoring.
> 
>> b) How would an HA singleton service work?
> 
> WildFly *domain management* itself does not have an HA singleton notion, but
> 
> i) Kubernetes replication controllers themselves provide a form of this, 
> but I assume with a period of downtime while a new pod is spun up.
> 
> ii) WildFly clustering has an HA singleton service concept that can be 
> used. There are different mechanisms JGroups supports for group 
> communication, but one involves each peer in the group connecting to a 
> central coordination process. So presumably that coordination process 
> could be deployed as a Kubernetes Service.
> 
>> c) What level of management should be exposed to the outside?
> 
> As much as possible this should be a user choice. Architecturally, I 
> believe we can expose everything. I'm not real keen on trying to disable 
> things in Kubernetes-specific ways. But I'm quite open to features to 
> disable things that work in any deployment environment.
> 
>> d) Should it be possible to modify runtime behaviour of these servers
>> (i.e. write access to config)?
> 
> See c). We don't have a true read-only mode, athough I think it would be 
> fairly straightforward to add such a thing if it were a requirement.
> 
>> e) Should deployment be supported at all?
> 
> See c). Making removing deployment capability configurable is also 
> doable, although it's likely more work than a simple read-only mode.
> 
>> f) How can a server be detected that has gone bad?
> 
> I'll need to get a better understanding of Kubernetes to say anything 
> useful about this.
> 
>> g) Should logs be aggregated?
> 
> This sounds like something that belongs at a higher layer, or as a 
> general purpose WildFly feature unrelated to Kubernetes.
> 
>> h) Should there be a common management view (i.e. console) for these
>> servers?
> 
> I don't see why not. I think some users will want that, others won't, 
> and others will want a console that spans things beyond WildFly servers.
> 
>> i) etc …
>> 
>> Are these concerns already being addressed for WildFly?
>> 
> 
> Somewhat. As you can see from the above, a fair bit of stuff could just 
> work. I know Heiko Braun has been thinking a bit about Kubernetes use 
> cases too, or at least wanting to do so. ;)
> 
>> Is there perhaps even an already existing design that I could look at?
>> 
> 
> Kubernetes specific stuff? No.
> 
>> Can such an effort be connected to the work that is going on in Fabric8?
>> 
> 
> The primary Fabric8-related thing we (aka Alexey Loubyansky) are doing 
> currently is working to support non-xml based persistence of our config 
> files and a mechanism to support server detection of changes to the 
> filesystem, triggering updates to the runtime. Goal being to integrate 
> with the git-based mechanisms Fabric8 uses for configuration.
> 
> https://developer.jboss.org/docs/DOC-52773
> https://issues.jboss.org/browse/WFCORE-294
> https://issues.jboss.org/browse/WFCORE-433
> 
>> cheers
>> —thomas
>> 
>> PS: it would be area that we @ wildfly-camel were interested to work on
> 
> Great! :)
> 
> -- 
> Brian Stansberry
> Senior Principal Software Engineer
> JBoss by Red Hat
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20141208/71822768/attachment.html

More information about the wildfly-dev mailing list