According to several sources we queried, more than 33 percent of the world's web servers are running Apache Tomcat, while other sources show that it's 48 percent of application servers. Some of these instances have been containerized over the years, but many still run in the traditional setup of a virtual machine with Linux.
Red Hat JBoss Web Server (JWS) combines a web server (Apache HTTPD), a servlet engine (Apache Tomcat), and modules for load balancing (mod_jk and mod_cluster). Ansible is an automation engine that provides a suite of tools for managing an enterprise at scale. In this article, we'll show how 1+1 becomes 11 by using Ansible to completely automate the deployment of a JBoss Web Server instance on a Red Hat Enterprise Linux 8 server.
A prior article covered this subject, but now you can use the Red Hat certified content collection for JBoss Web Server, which has been available since the 5.7 release.
In this article, you will automate a JBoss Web Server deployment through the following tasks:
- Retrieve the archive containing the JBoss Web Server from a repository and install the files on the system.
- Configure the Red Hat Enterprise Linux operating system, creating of users, groups, and the required setup files to enable JBoss Web Server as a systemd service.
- Fine-tune the configuration of the JBoss Web Server server, such as binding it to the appropriate interface and port.
- Deploy a web application and start the systemd service.
- Perform a health check to ensure that the deployed application is accessible.
Ansible fully automates all those operations, so no manual steps are required.
Preparing the target environment
Before you start the automation, you need to specify your target environment. In this case, you'll be using Red Hat Enterprise Linux 8 with Python 3.6. You'll use this setup on both the Ansible control node (where Ansible is executed) and the Ansible target (the system being configured).
On the control node, confirm the following requirements:
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 8.7 (Ootpa)
$ ansible --version
ansible [core 2.13.3]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.9.13 (main, Nov 9 2022, 13:16:24) [GCC 8.5.0 20210514 (Red Hat 8.5.0-15)]
jinja version = 3.1.2
libyaml = True
Note: The procedure in this article might not execute successfully if you use a different Python version or target operating system.
Installing the Red Hat Ansible Certified Content Collection
Once you have Red Hat Enterprise Linux 8 set up and Ansible ready to go, you need to install the Red Hat Ansible Certified Content Collection 1.2 for Red Hat JBoss Web Server. Ansible uses the collection to perform the following tasks on JBoss Web Server:
- Ensure that the required system dependencies (e.g., unzip) are installed.
- Install Java (if it is missing and requested).
- Install the web server binaries and integrate the software into the system (setting the user, group, etc.).
- Deploy the configuration files.
- Start and enable JBoss Web Server as a systemd service.
To install the certified collection for JBoss Web Server, you'll have to configure Ansible to use Red Hat Automation Hub as a Galaxy server. Follow the instructions on Automation Hub to retrieve your token and update the ansible.cfg
configuration file in your project directory. Update the <your-token>
field with the token obtained from Automation Hub:
[galaxy]
server_list = automation_hub, galaxy
[galaxy_server.galaxy]
url=https://galaxy.ansible.com/
[galaxy_server.automation_hub]
url=https://cloud.redhat.com/api/automation-hub/api/galaxy/
auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
token=<your-token>
Install the certified collection:
# ansible-galaxy collection install redhat.jws
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://console.redhat.com/api/automation-hub/v3/plugin/ansible/content/published/collections/artifacts/redhat-jws-1.2.4.tar.gz to /root/.ansible/tmp/ansible-local-302vpskp5wg/tmp2t223yjz/redhat-jws-1.2.4-nrnqzn5k
Downloading https://console.redhat.com/api/automation-hub/v3/plugin/ansible/content/published/collections/artifacts/redhat-runtimes_common-1.1.3.tar.gz to /root/.ansible/tmp/ansible-local-302vpskp5wg/tmp2t223yjz/redhat-runtimes_common-1.1.3-mwgt5h9r
Installing 'redhat.jws:1.2.4' to '/root/.ansible/collections/ansible_collections/redhat/jws'
redhat.jws:1.2.4 was installed successfully
'ansible.posix:1.5.4' is already installed, skipping.
Installing 'redhat.runtimes_common:1.1.3' to '/root/.ansible/collections/ansible_collections/redhat/runtimes_common'
redhat.runtimes_common:1.1.3 was installed successfully
Ansible Galaxy fetches and downloads the collection's dependencies. These dependencies include the redhat_csp_download collection, which helps facilitate the retrieval of the archive containing the JBoss Web Server server from either the Red Hat customer portal or a specified local or remote location. For more information about this step, please refer to the official documentation for Red Hat.
Installing the Red Hat JBoss Web server
The configuration steps in this section include downloading JBoss Web Server, installing Java, and enabling JBoss Web Server as a system service (systemd
).
Downloading the archive
First, you need to download the archive for JBoss Web Server from the Red Hat Customer Portal. By default, the collection expects the archive to be in the root folder of the Ansible project. The only remaining requirement is to specify the version of JBoss Web Server being used (5.7) in the playbooks. Based upon this information, the collection determines the path and the full name of the archive.
Therefore, update the value of jws_version
in the jws-article.yml
playbook:
---
- name: "Red Hat JBoss Web Server installation and configuration"
hosts: all
vars:
jws_setup: True
jws_version: 5.7.0
jws_home: /opt/jws-5.7/tomcat
…
Installing Java
JBoss Web Server is a Java-based server, so the target system must have a Java Virtual Machine (JVM) installed. Although Ansible primitives can perform such tasks natively, the redhat.jws collection can also take care of this task, provided that the jws_java_version variable is defined:
jws_home: /opt/jws-5.7/tomcat
jws_java_version: 1.8.0
…
Note: This feature works only if the target system's distribution belongs to the Red Hat family.
Enabling JBoss Web Server as a system service (systemd)
The JBoss Web Server server on the target system should run as a service system. The collection can also take care of this task, if the jws_systemd_enabled
variable is defined as True
:
jws_java_version: 1.8.0
jws_systemd_enabled: True
jws_service_name: jws
Note: This configuration works only when systemd is installed and the system belongs to the Red Hat family.
Now that you have defined all the required variables to deploy JBoss Web Server, finish the playbook:
...
jws_service_name: jws
collections:
- redhat.jws
roles:
- role: jws
Running the playbook
Run the playbook to see whether it works as expected:
$ ansible-playbook -i inventory jws_devto_article.yml
PLAY [Red Hat JBoss Web Server installation and configuration] *****************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
TASK [redhat.jws.jws : Validating arguments against arg spec 'main'] ***********
ok: [localhost]
TASK [redhat.jws.jws : Set default values] *************************************
skipping: [localhost]
TASK [redhat.jws.jws : Set default values (jws)] *******************************
ok: [localhost]
TASK [redhat.jws.jws : Set jws_home to /opt/jws-5.7/tomcat if not already defined] ***
skipping: [localhost]
TASK [redhat.jws.jws : Check that jws_home has been defined.] ******************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [redhat.jws.jws : Add firewalld to dependencies list (if enabled).] *******
skipping: [localhost]
TASK [redhat.jws.jws : Install required dependencies] **************************
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/fastpackage.yml for localhost => (item=zip)
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/fastpackage.yml for localhost => (item=unzip)
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/fastpackage.yml for localhost => (item=tzdata)
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Test if package zip is already installed] ***************
ok: [localhost]
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Test if package unzip is already installed] *************
ok: [localhost]
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Test if package tzdata is already installed] ************
ok: [localhost]
TASK [redhat.jws.jws : Install required dependencies for natives] **************
skipping: [localhost] => (item=openssl)
skipping: [localhost] => (item=apr)
skipping: [localhost]
TASK [redhat.jws.jws : Ensure tomcatjss rpm is not installed] ******************
ok: [localhost]
TASK [redhat.jws.jws : Include tasks for java jvm installation] ****************
skipping: [localhost]
TASK [redhat.jws.jws : Create group: tomcat] ***********************************
changed: [localhost]
TASK [redhat.jws.jws : Create user: tomcat] ************************************
changed: [localhost]
TASK [redhat.jws.jws : Check state of install_dir: /opt] ***********************
ok: [localhost]
TASK [redhat.jws.jws : Ensure install dir is created: /opt] ********************
skipping: [localhost]
TASK [redhat.jws.jws : Include install tasks] **********************************
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/install.yml for localhost
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Check working directory /work for local repository] *****
ok: [localhost]
TASK [redhat.jws.jws : Display install method] *********************************
ok: [localhost] => {
"msg": "Install method: zipfiles"
}
TASK [redhat.jws.jws : Set defaults values based on facts (if values not provided)] ***
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/install/defaults.yml for localhost
TASK [redhat.jws.jws : Set filename for JWS zipfile] ***************************
ok: [localhost]
TASK [redhat.jws.jws : Set native zipfile architecture (if not provided)] ******
ok: [localhost]
TASK [redhat.jws.jws : Set RHEL major version based on facts (if not provided).] ***
ok: [localhost]
TASK [redhat.jws.jws : Set filename for JWS native zipfile] ********************
ok: [localhost]
TASK [redhat.jws.jws : Include installation tasks using zipfiles method] *******
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/install/local.yml for localhost
TASK [redhat.jws.jws : Deploy jws-5.7.0-application-server.zip to target.] *****
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/install/deploy_archive.yml for localhost
TASK [redhat.jws.jws : Check that required parameters have been provided.] *****
ok: [localhost]
TASK [redhat.jws.jws : Check download archive path on target: /opt/jws-5.7.0-application-server.zip] ***
ok: [localhost]
TASK [redhat.jws.jws : Retrieve zipfiles, if missing, from RHN (if credentials provided)] ***
skipping: [localhost]
TASK [redhat.jws.jws : Retrieve zipfiles from URL (if provided).] **************
skipping: [localhost]
TASK [redhat.jws.jws : Copy archives /work/jws-5.7.0-application-server.zip to target nodes: /opt/jws-5.7.0-application-server.zip] ***
changed: [localhost]
TASK [redhat.jws.jws : Deploy jws-5.7.0-application-server-RHEL8-x86_64.zip to target.] ***
skipping: [localhost]
TASK [redhat.jws.jws : Include installation tasks for zip operations] **********
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/install/zipfiles.yml for localhost
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Add zipfile to unarchive list] **************************
ok: [localhost]
TASK [redhat.jws.jws : Add native zipfile to unarchive list] *******************
skipping: [localhost]
TASK [redhat.jws.jws : Install Jboss Web Server and required binaries from local zipfiles (install method: zipfiles)] ***
changed: [localhost] => (item={'src': 'jws-5.7.0-application-server.zip', 'creates': '/opt/jws-5.7/tomcat/bin'})
TASK [redhat.jws.jws : Move the zipfile extracted directory to custom jws_home] ***
skipping: [localhost]
TASK [redhat.jws.jws : Move the version.txt to custom jws_home] ****************
skipping: [localhost]
TASK [redhat.jws.jws : Include installation tasks for rpm method] **************
skipping: [localhost]
TASK [redhat.jws.jws : Include systemd tasks] **********************************
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/systemd/systemd.yml for localhost
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Ensure requirements for systemd] ************************
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/fastpackage.yml for localhost => (item=systemd)
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/fastpackage.yml for localhost => (item=procps-ng)
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Test if package systemd is already installed] ***********
ok: [localhost]
TASK [redhat.jws.jws : Check arguments] ****************************************
ok: [localhost]
TASK [redhat.jws.jws : Test if package procps-ng is already installed] *********
ok: [localhost]
TASK [redhat.jws.jws : Set required default for jws_service_conf if not provided.] ***
ok: [localhost]
TASK [redhat.jws.jws : Set required default for jws_service_conf if not provided.] ***
ok: [localhost]
TASK [redhat.jws.jws : Set required default for jws_service_conf if not provided.] ***
ok: [localhost]
TASK [redhat.jws.jws : Ensure service script is deployed] **********************
changed: [localhost]
TASK [redhat.jws.jws : Ensure service configurations files is deployed: /opt/jws-5.7/tomcat/conf/jws.conf] ***
changed: [localhost]
TASK [redhat.jws.jws : Ensure systemd service is configured] *******************
changed: [localhost]
TASK [redhat.jws.jws : Include patch install tasks] ****************************
skipping: [localhost]
TASK [redhat.jws.jws : Ensure /opt/jws-5.7/tomcat/ directories have appropriate privileges] ***
ok: [localhost] => (item=conf)
ok: [localhost] => (item=temp)
ok: [localhost] => (item=logs)
ok: [localhost] => (item=webapps)
ok: [localhost] => (item=bin)
TASK [redhat.jws.jws : Ensure /opt/jws-5.7/tomcat/ files have the recommended priviliges, owner and group] ***
changed: [localhost] => (item=./conf/catalina.properties)
changed: [localhost] => (item=./conf/catalina.policy)
changed: [localhost] => (item=./conf/logging.properties)
changed: [localhost] => (item=./conf/jaspic-providers.xml)
changed: [localhost] => (item=conf/tomcat-users.xml)
TASK [redhat.jws.jws : Include ajp sanity check tasks] *************************
skipping: [localhost]
TASK [redhat.jws.jws : Include https sanity check tasks] ***********************
skipping: [localhost]
TASK [redhat.jws.jws : Deploy custom configuration files] **********************
changed: [localhost] => (item={'template': 'templates/server.xml.j2', 'dest': '/opt/jws-5.7/tomcat/./conf/server.xml'})
changed: [localhost] => (item={'template': 'templates/web.xml.j2', 'dest': '/opt/jws-5.7/tomcat/./conf/web.xml'})
changed: [localhost] => (item={'template': 'templates/context.xml.j2', 'dest': '/opt/jws-5.7/tomcat/./conf/context.xml'})
changed: [localhost] => (item={'template': 'templates/catalina.properties.j2', 'dest': '/opt/jws-5.7/tomcat/./conf/catalina.properties'})
TASK [redhat.jws.jws : Include selinux configuration tasks] ********************
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/systemd/selinux.yml for localhost
TASK [redhat.jws.jws : Ensure required parameters are provided.] ***************
ok: [localhost]
TASK [redhat.jws.jws : Check if archive contains a selinux policy] *************
ok: [localhost]
TASK [redhat.jws.jws : Install selinux-policy-devel] ***************************
skipping: [localhost]
TASK [redhat.jws.jws : Check if archive contains a selinux policy] *************
skipping: [localhost]
TASK [redhat.jws.jws : Create selinux policy] **********************************
skipping: [localhost]
TASK [redhat.jws.jws : Allow jws.to listen to port] ****************************
skipping: [localhost] => (item=8080)
skipping: [localhost] => (item=8443)
skipping: [localhost] => (item=8009)
skipping: [localhost] => (item=8005)
skipping: [localhost]
TASK [redhat.jws.jws : Remove apps] ********************************************
ok: [localhost] => (item=examples)
TASK [redhat.jws.jws : Create vault configuration (if enabled)] ****************
skipping: [localhost]
TASK [redhat.jws.jws : Ensure firewalld, if enabled, allows communication over 8080.] ***
skipping: [localhost]
RUNNING HANDLER [redhat.jws.jws : Reload Systemd] ******************************
ok: [localhost]
RUNNING HANDLER [redhat.jws.jws : Ensure Jboss Web Server runs under systemd] ***
included: /root/.ansible/collections/ansible_collections/redhat/jws/roles/jws/tasks/systemd/service.yml for localhost
RUNNING HANDLER [redhat.jws.jws : Check arguments] *****************************
ok: [localhost]
RUNNING HANDLER [redhat.jws.jws : Enable jws.service] **************************
changed: [localhost]
RUNNING HANDLER [redhat.jws.jws : Start jws.service] ***************************
changed: [localhost]
RUNNING HANDLER [redhat.jws.jws : Restart Jboss Web Server service] ************
changed: [localhost]
PLAY RECAP *********************************************************************
localhost : ok=62 changed=12 unreachable=0 failed=0 skipped=22 rescued=0 ignored=0
As you can see, quite a lot happened during this execution. Indeed, the redhat.jws role took care of the entire setup:
- Deploying a base configuration
- Removing unused applications
- Starting the web server
Deploying a web application
Now that JBoss Web Server is running, modify the playbook to facilitate the deployment of a web application:
...
roles:
- role: jws
tasks:
- name: " Checks that server is running"
ansible.builtin.uri:
url: "http://localhost:8080/"
status_code: 404
return_content: no
- name: "Deploy demo webapp"
ansible.builtin.get_url:
url: 'https://people.redhat.com/~rpelisse/info-1.0.war'
dest: "{{ jws_home }}/webapps/info.war"
notify:
- "Restart Jboss Web Server service"
The configuration uses a handler, provided by the redhat.jws
collection, to ensure that the JBoss Web Server is restarted once the application is downloaded.
Automation saves time and reduces the chance of error
The Red Hat Ansible Certified Content Collection encapsulates, as much as possible, the complexities and the inner workings of Red Hat JBoss Web Server deployment. With the help of the collection, you can focus on your business use case, such as deploying applications, instead of establishing the underlying application server. The result is reduced complexity and faster time to value. The automated process is also repeatable and can be used to set up as many systems as needed.
Top comments (0)