glassfish in a zone
It’s been a while since I cared about j2ee, but it looks like Glassfish runs rails via jruby
(and I like a free nano as much as the next guy). Reason enough to kick the tyres.
a plastic castle…
I like to run services in a dedicated zone
(especially if I’m expecting to try, hate and delete them over the course of 15 minutes).
vera # zonecfg -z goldfish
goldfish: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:goldfish> create
zonecfg:goldfish> set zonepath=/zones/goldfish
zonecfg:goldfish> set autoboot=true
zonecfg:goldfish> add net
zonecfg:goldfish:net> set address=10.0.0.5/24
zonecfg:goldfish:net> set physical=iprb0
zonecfg:goldfish:net> end
zonecfg:goldfish> commit
zonecfg:goldfish> exit
vera #
vera # zoneadm -z goldfish install
vera # zoneadm -z goldfish boot
vera # zlogin -C goldfish
The last command connects us to the zones console (where sysidconfig sets up timezone, root password, etc.).
…and a treasure chest
I want to create snapshots and filesystems within the zone, so
I’ll let the zone have 4GB of my zpool, using the ‘add dataset’ command.
vera # zfs create tank/delegated ; zfs create tank/delegated/goldfish
vera # zfs set quota=4G tank/delegated/goldfish
vera # zfs set mountpoint=none tank/delegated/goldfish
vera # zonecfg -z goldfish 'add dataset; set name=tank/delegated/goldfish;end'
vera # zoneadm -z goldfish reboot
NB: mountpoint must be ‘none’ or you’ll get an error:
could not verify zfs dataset tank/delegated/goldfish: mountpoint cannot be inherited zoneadm: zone goldfish failed to verify
(this ensures we don’t inadvertantly leak information into the zone).
The zone can now see the dataset (its parents are visible too but you obviously can’t access them).
Note the quota we set earlier.
goldfish # zfs list
NAME USED AVAIL REFER MOUNTPOINT
tank 24.7G 11.5G 1.50K legacy
tank/delegated 49K 11.5G 24.5K legacy
tank/delegated/goldfish 24.5K 4.00G 24.5K none
goldfish # zfs create tank/delegated/goldfish/j2ee
goldfish # zfs set mountpoint=/j2ee tank/delegated/goldfish/j2ee
goldfish # zfs list tank/delegated/goldfish/j2ee
NAME USED AVAIL REFER MOUNTPOINT
tank/delegated/goldfish/j2ee 24.5K 4.00G 24.5K /j2ee
The global zone can still see the dataset, snapshot it, etc.
but it has a special property set – ‘zoned’ – which tells the global zone to ignore the mountpoint property (for security again).
vera # zfs list tank/delegated/goldfish/j2ee
NAME USED AVAIL REFER MOUNTPOINT
tank/delegated/goldfish/j2ee 24.5K 4.00G 24.5K /j2ee
vera # zfs get zoned tank/delegated/goldfish/j2ee
NAME PROPERTY VALUE SOURCE
tank/delegated/goldfish/j2ee zoned on inherited from tank/delegated/goldfish
vera # ls /j2ee
/j2ee: No such file or directory
vera # zfs set mountpoint=/wee tank/delegated/goldfish/j2ee
cannot set property for 'tank/delegated/goldfish/j2ee': 'mountpoint' cannot be set on dataset in a non-global zone
You can manually unset the zoned property if you like doing really stupid things.
installing glassfish
Now I ssh into the zone,
download the Java EE 5 SDK Update 3 Preview with JDK
and run it.
Plenty of Java-based installers crap out if you don’t have X installed.
Sun thoughtfully added a ’-console’ flag to the installer to allow text-only installs.
More importantly, when the X installer craps out it tells you to try rerunning it with the ’-console’ option.
If that sounds like an obvious thing to do you clearly haven’t run many commercial software installers.
goldfish # chmod +x java_ee_sdk-5_03-preview-solaris-i586.bin
goldfish # ./java_ee_sdk-5_03-preview-solaris-i586.bin -console
- change the install directory to /j2ee
- set an admin username and password
- accept the defaults for everything else
Product: Java Platform, Enterprise Edition 5 SDK Location: /j2ee Space Required: 265.56 MB ------------------------------------------------ Java 2 SDK, Standard Edition 6.0 Sun Java System Message Queue 4.0 Sun Java System Application Server Platform Edition 9 Sample Applications Java BluePrints Your First Cup: An Introduction to the Java EE Platform Ready to Install
When the installer completes, it tells you
- how to start the app server
- where the admin port is
- where the readmes are (in case the above doesn’t work)
goldfish # /j2ee/bin/asadmin start-domain domain1
Browse to yourzonesip.com:4848 , log in with the admin credentials, job done.
is that it?
Course, you don’t have to install it in a zone, but it takes 5 minutes and this way you don’t have to worry about running it as non-root.
Zones are great for hosting several glassfish instances on one physical server:
- they’re more lightweight than VMs, and have better observability
- you gain the ability to clone zones to provision servers in a few seconds
- it’s easy to apply resource controls to a zone (not that I don’t trust Glassfish, of course)
This will make it much easier to try out things like clustering.
First impressions of Glassfish itself are:
- the install was really painless
- 256Mb disk space for a full appserver with JDK is bugger all
- I didn’t have
to install any extra packages (even on a pretty cut down Solaris installation )
- a Google found surprisingly good Solaris integration (SMF, RBAC, privileges)
- the admin UI
- is nice and responsive, especially considering vera (the global zone) is doing a lot of other work already
- looks a lot nicer than Tomcat
- autodeploy seems to actually work, which is always nice.
I still won’t be surprised to find it floating upside down tomorrow.
update
Well, it’s still there I’ve since
deployed Roller to it
and added some resource caps
(about 600Mb seems to be much more than it needs).
Oh, and I won the Nano
from → glassfish, java, solaris, zfs, zones
-
2007 March 30Eduardo Pelegri-Llopart permalink
nice blog! I’ll spotlight it in the TheAquarium later today. And do let us know if your fish dies – eduardo
-
2007 March 31Dick Davies permalink
Thanks Eduardo – I installed it really as a ‘test load’ for my zone so I could play with resource controls etc. but it seems really good too. If you enjoy watching someone clueless trying to configure J2EE, stay tuned
Leave a Reply
Note: You can use basic XHTML in your comments. Your email address will never be published.
Subscribe to this comment feed via RSS