Glassfish
References
- How To Install Glassfish 4.0 on Ubuntu 12.04.3
- Install Glassfish 4 on a Debian 8 VPS
- How To Determine java heap size From GC Logs
- Tuning Your Java VM
- Java Platform, HotSpot Virtual Machine Garbage Collection Tuning Guide
- What is Java Heap?
Prerequisites
- Debian
- Java
GlassFish is an open-source enterprise level application server with high reliability and performance, which can run any Java EE project.
Clustering
A cluster is a collection of GlassFish Server instances that work together as one logical entity. A cluster provides a runtime environment for one or more Java Platform, Enterprise Edition (Java EE) applications. A cluster provides high availability through failure protection, scalability, and load balancing.
Install Glassfish
# Download Glassfish
$ wget http://download.oracle.com/glassfish/5.0.1/nightly/latest-glassfish.zip
# Unzip Glassfish
$ apt-get install unzip
$ unzip latest-glassfish.zip -d /opt
In order to visit admin page (your_server_IP:4848) remotely, you need to enable secure admin not to get “Secure Admin must be enabled to access the DAS remotely” error
cd /opt/glassfish5/bin
# Make the asadmin script executable
chmod +x asadmin
$ asadmin --host your_server_IP --port 4848 enable-secure-admin
You will receive the below error:
remote failure: At least one admin user has an empty password, which secure admin does not permit. Use the change-admin-password command or the admin console to create non-empty passwords for admin accounts.
Command enable-secure-admin failed.
If it is failed as above, change admin password first (default: username admin, password empty)
$ asadmin --port 15123 change-admin-password
Now run this command again:
$ asadmin --host your_server_IP --port 4848 enable-secure-admin
You must restart all running servers for the change in secure admin to take effect.
$ asadmin restart-domain domain1
To change port from 8080 to 80, edit
nano /opt/glassfish5/glassfish/domains/domain1/config/domain.xml
change port to 80
<network-listener protocol="http-listener-1" port="8080"
To change application context root, edit
nano /opt/glassfish5/glassfish/domains/domain1/config/domain.xml
change context-root to /
<application context-root="/application"
Fine-tuning
Display a list of command-line options that are passed to the Java application launcher when GlassFish Server is started.
asadmin list-jvm-options
To change jvm options, edit
nano /opt/glassfish5/glassfish/domains/domain1/config/domain.xml
Lists the instrumented HotSpot Java Virtual Machines. Get pid just like ps in linux.
jps
Prints a histogram of the heap.
jmap -histo:live <pid>
Prints a heap summary.
jmap -heap <pid>
Guidelines for Calculating Java Heap Sizing
| Space | Command Line Option | Occupancy Factor |
|---|---|---|
| Java heap | -Xms and -Xmx | 3x to 4x old generation space occupancy after full garbage collection |
| Permanent Generation | -XX:PermSize -XX:MaxPermSize | 1.2x to 1.5x permanent generation space occupancy after full garbage collection |
| Young Generation | -Xmn | 1x to 1.5x old generation space occupancy after full garbage collection |
| Old Generation | Implied from overall Java heap size minus the young generation size | 2x to 3x old generation space occupancy after full garbage collection |
As a sample
- Having 2GB RAM => -Xms512m -Xmx1024m -XX:CompileThreshold=8000 -XX:PermSize=256m -XX:MaxPermSize=512m
- Having 8GB RAM => -Xms2048m -Xmx4096m -XX:CompileThreshold=8000 -XX:PermSize=1024m -XX:MaxPermSize=2048m
Commands
change-master-password
The default master password is changeit. You may want to change it by following command:
asadmin change-master-password --savemasterpassword=true mydomain
Using --savemasterpassword=true will save the password to the disk so that asadmin start-domain command doesn’t prompt for password. If you don’t want to store the password, omit this option.
Starting, Stopping, Restarting
$ asadmin start-domain
$ asadmin stop-domain
$ asadmin restart-domain
Adding Resources
$ asadmin add-resources "/path/to/glassfish-resources.xml"
Creating AuthRealm
$ asadmin create-auth-realm --classname realm_class [--help] [--property(name=value)[:name=value]*][--target target_name] auth_realm_name
During the creation of AuthRealm, if you get “remote failure: Creation of Authrealm jdbcbid failed.”, it turns out that the problem was locale language of JVM. After adding the following properties to JVM Options in Glassfish, everything will begin to work properly.
$ asadmin create-jvm-options -Duser.language=en
$ asadmin create-jvm-options -Duser.region=US
Then restart server to apply changes.
Deploying, Undeploying
$ asadmin deploy "/path/to/[application-name].war"
$ asadmin undeploy [application-name]
To prevent password entry each time
In order to save typing “admin username” and “password” every time you deploy or undeploy an application, create a password file pwdfile with content:
AS_ADMIN_PASSWORD=your_admin_password
Add –passwordfile in command:
$ asadmin --passwordfile pwdfile deploy /path/to/[application-name].war
Now the prompt for username/password won’t appear.
Recover Glassfish admin password
changeit
admin;{SSHA256}dvCEGFNHGtSyXIhJvwR5FnviH+u8fCadrUIqp6uJc1tP9Bv10CGT7A==;asadmin
empty
admin;{SSHA256}2GiTMM0n4ulpMfRaMPMImYvVF522XY6nW2cKSXoY1EoM2QlHrHUkDQ==;asadmin
Glassfish mail-resource for domain, gmail and yandex using no-ssl, ssl, tls
Domain settings with no-ssl
<mail-resource jndi-name="mail/myMailSession"
host="mail.domain.com"
user="user@domain.com"
from="user@domain.com"
object-type="user"
store-protocol="imap"
store-protocol-class="com.sun.mail.imap.IMAPStore"
transport-protocol="smtp"
transport-protocol-class="com.sun.mail.smtp.SMTPTransport"
debug="true"
enabled="true">
<property name="mail.smtp.auth" value="true"/>
<property name="mail.smtp.port" value="587"/>
<property name="mail.smtp.password" value="PASSWORD"/>
<property name="mail.smtp.starttls.enable" value="false"/>
</mail-resource>
Gmail settings with ssl
<mail-resource jndi-name="mail/myMailSession"
host="smtp.gmail.com"
user="user@gmail.com"
from="user@gmail.com"
object-type="user"
store-protocol="imaps"
store-protocol-class="com.sun.mail.imap.IMAPSSLStore"
transport-protocol="smtps"
transport-protocol-class="com.sun.mail.smtp.SMTPSSLTransport"
debug="true"
enabled="true">
<property name="mail.smtps.auth" value="true"/>
<property name="mail.smtps.password" value="PASSWORD"/>
</mail-resource>
Yandex settings with ssl
<mail-resource jndi-name="mail/myMailSession"
host="smtp.yandex.com.tr"
user="user@domain.com.tr"
from="user@domain.com.tr"
object-type="user"
store-protocol="imaps"
store-protocol-class="com.sun.mail.imap.IMAPSSLStore"
transport-protocol="smtps"
transport-protocol-class="com.sun.mail.smtp.SMTPSSLTransport"
debug="true"
enabled="true">
<property name="mail.smtps.auth" value="true"/>
<property name="mail.smtps.password" value="PASSWORD"/>
</mail-resource>
alternatedocroot example
glassfish-web.xml
<property description="Uploaded images" name="alternatedocroot_1" value="from=/images/* dir=/Users/[username]/Developments/backup"/>
xhtml file
<p:graphicImage value="/images/logo.png"/>
Note: Be sure that there is “/Users/[username]/Developments/backup/images” directory Note: use “value” attribute, not “name” attribute
Configurations
According to the Glassfish Documentation, you can basically use server-config.
The default-config configuration is a special configuration that acts as a template for creating named configurations. Clusters and instances cannot refer to the default-config configuration. The default-config configuration can only be copied to create configurations.
So, below commands makes the same changes.
$ [GLASSFISH_HOME]/bin/asadmin create-jvm-options -Xmx=4g
$ [GLASSFISH_HOME]/bin/asadmin create-jvm-options --target server-config -- '-Xmx4096m'
Performance
Refer the documentation Optimize GlassFish Performance in a Production Environment