Thank Brian, I’d like to do a little more research with wildfly domain mode in openshift before responding. Won’t be long ...

On 5 Dec 2014, at 20:00, Brian Stansberry <> wrote:

On 12/5/14, 7:36 AM, Thomas Diesler wrote:

I’ve recently been looking at WildFly container deployments on OpenShift
V3. The following setup is documented here

   The example architecture consists of a set of three high available
   (HA) servers running REST endpoints.
   For server replication and failover we use Kubernetes. Each server
   runs in a dedicated Pod that we access via Services.

This approach comes with a number of benefits, which are sufficiently
explained in various OpenShift
<> and
Docker <> materials, but also with a number of
challenges. Lets look at those in more detail …

In the example above Kubernetes replicates a number of standalone
containers and isolates them in a Pod each with limited access from the
outside world.

* The management interfaces are not accessible
* The management consoles are not visible

With WildFly-Camel we have a
<> console
that allows us to manage Camel Routes configured or deployed to the
WildFly runtime.
The WildFly console manages aspects of the appserver.

In a more general sense, I was wondering how the WildFly domain model
maps to the Kubernetes runtime environment and how these server
instances are managed and information about them relayed back to the

Your questions below mostly relate (correctly) to what *should* be done
but I'll preface by discussing what *could* be done. Please forgive noob
mistakes as I'm an admitted Kubernetes noob.

AIUI a Kubernetes services exposes a single endpoint to outside callers,
but the containers in the pods can open an arbitrary number of client
connections to other services.

This should work fine with WildFly domain management, as there can be a
Service for the Domain Controller, which is the management interaction
point for the sysadmin. And then the WildFly instance in the container
for any other Service can connect and register with that Domain
Controller service. The address/port those other containers use can be
the same one that sysadmins use.

a) Should these individual wildfly instances somehow be connected to
each other (i.e. notion of domain)?

Depends on the use case, but I expect certainly some users will
centralized management, even if it's just for monitoring.

b) How would an HA singleton service work?

WildFly *domain management* itself does not have an HA singleton notion, but

i) Kubernetes replication controllers themselves provide a form of this,
but I assume with a period of downtime while a new pod is spun up.

ii) WildFly clustering has an HA singleton service concept that can be
used. There are different mechanisms JGroups supports for group
communication, but one involves each peer in the group connecting to a
central coordination process. So presumably that coordination process
could be deployed as a Kubernetes Service.

c) What level of management should be exposed to the outside?

As much as possible this should be a user choice. Architecturally, I
believe we can expose everything. I'm not real keen on trying to disable
things in Kubernetes-specific ways. But I'm quite open to features to
disable things that work in any deployment environment.

d) Should it be possible to modify runtime behaviour of these servers
(i.e. write access to config)?

See c). We don't have a true read-only mode, athough I think it would be
fairly straightforward to add such a thing if it were a requirement.

e) Should deployment be supported at all?

See c). Making removing deployment capability configurable is also
doable, although it's likely more work than a simple read-only mode.

f) How can a server be detected that has gone bad?

I'll need to get a better understanding of Kubernetes to say anything
useful about this.

g) Should logs be aggregated?

This sounds like something that belongs at a higher layer, or as a
general purpose WildFly feature unrelated to Kubernetes.

h) Should there be a common management view (i.e. console) for these

I don't see why not. I think some users will want that, others won't,
and others will want a console that spans things beyond WildFly servers.

i) etc …

Are these concerns already being addressed for WildFly?

Somewhat. As you can see from the above, a fair bit of stuff could just
work. I know Heiko Braun has been thinking a bit about Kubernetes use
cases too, or at least wanting to do so. ;)

Is there perhaps even an already existing design that I could look at?

Kubernetes specific stuff? No.

Can such an effort be connected to the work that is going on in Fabric8?

The primary Fabric8-related thing we (aka Alexey Loubyansky) are doing
currently is working to support non-xml based persistence of our config
files and a mechanism to support server detection of changes to the
filesystem, triggering updates to the runtime. Goal being to integrate
with the git-based mechanisms Fabric8 uses for configuration.


PS: it would be area that we @ wildfly-camel were interested to work on

Great! :)

Brian Stansberry
Senior Principal Software Engineer
JBoss by Red Hat
wildfly-dev mailing list