Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-14995

Unable to configure JMX in Yaml with multiple endpoint definitions

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • 15.0.0.Dev01, 14.0.11.Final
    • Configuration
    • None
    • Hide

      Start the server with the following infinispan.yml and the command ./bin/server.sh --jmx 9999 -c infinispan.yml.

      infinispan: 
  cacheContainer: 
    name: default
    statistics: true
    jmx: 
      enabled: true
    security: 
      authorization: {}
  server: 
    endpoints: 
    - connectors: 
        hotrod: 
          hotrodConnector: null
        rest: 
          restConnector: null
      securityRealm: default
      socketBinding: default
    - connectors: 
        rest: 
          restConnector: 
            authentication: 
              mechanisms: BASIC
      securityRealm: metrics
      socketBinding: metrics
    interfaces: 
    - inetAddress: 
        value: ${infinispan.bind.address:127.0.0.1}
      name: public
    security: 
      credentialStores: 
      - clearTextCredential: 
          clearText: secret
        name: credentials
        path: credentials.pfx
      securityRealms: 
      - name: default
        propertiesRealm: 
          groupProperties: 
            path: groups.properties
          groupsAttribute: Roles
          userProperties: 
            path: users.properties
      - name: metrics
        propertiesRealm: 
          groupProperties: 
            path: metrics-groups.properties
            relativeTo: infinispan.server.config.path
          groupsAttribute: Roles
          userProperties: 
            path: metrics-users.properties
            relativeTo: infinispan.server.config.path
    socketBindings: 
      defaultInterface: public
      portOffset: ${infinispan.socket.binding.port-offset:0}
      socketBinding: 
      - name: default
        port: 11222
      - name: metrics
        port: 11223

      Observe that the following is always logged by the ElytronJmxAuthenticator:

      WARN  (main) [org.infinispan.SERVER] ISPN080072: JMX remoting enabled without a default security realm. All connections will be rejected.
      Show
      Start the server with the following infinispan.yml and the command ./bin/server.sh --jmx 9999 -c infinispan.yml . infinispan: cacheContainer: name: default statistics: true jmx: enabled: true security: authorization: {} server: endpoints: - connectors: hotrod: hotrodConnector: null rest: restConnector: null securityRealm: default socketBinding: default - connectors: rest: restConnector: authentication: mechanisms: BASIC securityRealm: metrics socketBinding: metrics interfaces: - inetAddress: value: ${infinispan.bind.address: 127 . 0 . 0 . 1 } name: public security: credentialStores: - clearTextCredential: clearText: secret name: credentials path: credentials.pfx securityRealms: - name: default propertiesRealm: groupProperties: path: groups.properties groupsAttribute: Roles userProperties: path: users.properties - name: metrics propertiesRealm: groupProperties: path: metrics-groups.properties relativeTo: infinispan.server.config.path groupsAttribute: Roles userProperties: path: metrics-users.properties relativeTo: infinispan.server.config.path socketBindings: defaultInterface: public portOffset: ${infinispan.socket.binding.port-offset: 0 } socketBinding: - name: default port: 11222 - name: metrics port: 11223 Observe that the following is always logged by the ElytronJmxAuthenticator : WARN (main) [org.infinispan.SERVER] ISPN080072: JMX remoting enabled without a default security realm. All connections will be rejected.

      In order for the server to be started with the --jmx flag, it's necessary for a default security-realm to be defined on the root endpoints element in the server configuration. However, this is not possible in yaml when multiple endpoint definitions exist as it's not possible to configure the root attributes and multiple endpoints without a parser exception being thrown.

      Tried yaml subset:

        server: 
    endpoints: 
      securityRealm: default
      socketBinding: default
      endpoints: 
      - connectors: 
          hotrod: 
            hotrodConnector: null
          rest: 
            restConnector: null
        securityRealm: default
        socketBinding: default
      - connectors: 
          rest: 
            restConnector: 
              authentication: 
                mechanisms: BASIC
        securityRealm: metrics
        socketBinding: metrics

      Exception:

      2023-06-28 12:36:23,231 INFO  (main) [BOOT] JVM OpenJDK 64-Bit Server VM Red Hat, Inc. 17.0.7+7
2023-06-28 12:36:23,236 INFO  (main) [BOOT] JVM arguments = [-server, --add-exports, java.naming/com.sun.jndi.ldap=ALL-UNNAMED, --add-opens, java.base/java.util=ALL-UNNAMED, --add-opens, java.base/java.util.concurrent=ALL-UNNAMED, -Xlog:gc*:file=/tmp/infinispan-server-14.0.11.Final/server/log/gc.log:time,uptimemillis:filecount=5,filesize=3M, -Xms64m, -Xmx512m, -XX:MetaspaceSize=64M, -Djava.net.preferIPv4Stack=true, -Djava.awt.headless=true, -Dcom.sun.management.jmxremote.port=9999, -Djava.security.auth.login.config=./bin/server-jaas.config, -Dcom.sun.management.jmxremote.login.config=ServerJMXConfig, -Dcom.sun.management.jmxremote.ssl=false, -Dvisualvm.display.name=infinispan-server, -Djava.util.logging.manager=org.infinispan.server.loader.LogManager, -Dinfinispan.server.home.path=/tmp/infinispan-server-14.0.11.Final, -classpath, :/tmp/infinispan-server-14.0.11.Final/boot/infinispan-server-runtime-14.0.11.Final-loader.jar, org.infinispan.server.loader.Loader, org.infinispan.server.Bootstrap, -o, 1, -c, infinispan.yml]
2023-06-28 12:36:23,238 INFO  (main) [BOOT] PID = 102076
2023-06-28 12:36:23,259 INFO  (main) [org.infinispan.SERVER] ISPN080000: Infinispan Server 14.0.11.Final starting
2023-06-28 12:36:23,260 INFO  (main) [org.infinispan.SERVER] ISPN080017: Server configuration: infinispan.yml
2023-06-28 12:36:23,260 INFO  (main) [org.infinispan.SERVER] ISPN080032: Logging configuration: /tmp/infinispan-server-14.0.11.Final/server/conf/log4j2.xml
null
java.lang.reflect.InvocationTargetException
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.infinispan.server.loader.Loader.run(Loader.java:106)
	at org.infinispan.server.loader.Loader.main(Loader.java:51)
Caused by: org.infinispan.commons.CacheConfigurationException: ISPN000327: Cannot find a parser for element 'endpoints' in namespace '' at /tmp/infinispan-server-14.0.11.Final/server/conf/infinispan.yml[62,19]. Check that your configuration is up-to-date for Infinispan '14.0.11.Final' and you have the proper dependency in the classpath
	at org.infinispan.configuration.parsing.ParserRegistry.parseCacheName(ParserRegistry.java:219)
	at org.infinispan.configuration.parsing.ParserRegistry.findNamespaceParser(ParserRegistry.java:245)
	at org.infinispan.configuration.parsing.ParserRegistry.parseElement(ParserRegistry.java:206)
	at org.infinispan.configuration.parsing.ConfigurationBuilderHolder.handleAnyElement(ConfigurationBuilderHolder.java:139)
	at org.infinispan.commons.configuration.io.AbstractConfigurationReader.handleAny(AbstractConfigurationReader.java:66)
	at org.infinispan.server.configuration.ServerConfigurationParser.parseEndpoint(ServerConfigurationParser.java:1523)
	at org.infinispan.server.configuration.ServerConfigurationParser.parseEndpoints(ServerConfigurationParser.java:1461)
	at org.infinispan.server.configuration.ServerConfigurationParser.parseServerElements(ServerConfigurationParser.java:132)
	at org.infinispan.server.configuration.ServerConfigurationParser.readElement(ServerConfigurationParser.java:104)
	at org.infinispan.configuration.parsing.ParserRegistry.parseElement(ParserRegistry.java:209)
	at org.infinispan.configuration.parsing.ConfigurationBuilderHolder.handleAnyElement(ConfigurationBuilderHolder.java:139)
	at org.infinispan.commons.configuration.io.AbstractConfigurationReader.handleAny(AbstractConfigurationReader.java:66)
	at org.infinispan.configuration.parsing.Parser.readElement(Parser.java:99)
	at org.infinispan.configuration.parsing.ParserRegistry.parseElement(ParserRegistry.java:209)
	at org.infinispan.configuration.parsing.ParserRegistry.parse(ParserRegistry.java:187)
	at org.infinispan.configuration.parsing.ParserRegistry.parse(ParserRegistry.java:175)
	at org.infinispan.configuration.parsing.ParserRegistry.parse(ParserRegistry.java:169)
	at org.infinispan.server.Server.parseConfiguration(Server.java:319)
	at org.infinispan.server.Server.<init>(Server.java:234)
	at org.infinispan.server.Bootstrap.runInternal(Bootstrap.java:171)
	at org.infinispan.server.tool.Main.run(Main.java:98)
	at org.infinispan.server.Bootstrap.main(Bootstrap.java:56)
	... 6 more
2023-06-28 12:36:23,465 INFO  (Thread-0) [org.infinispan.SERVER] ISPN080002: Infinispan Server stopping
2023-06-28 12:36:23,465 INFO  (Thread-0) [org.infinispan.SERVER] ISPN080003: Infinispan Server stopped

            ttarrant@redhat.com Tristan Tarrant
            remerson@redhat.com Ryan Emerson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: