Configure Jboss AS 7.1.1 master-slave clustering in domain mode

This post demonstrates the installation and configuration of  jboss AS 7.1.1 on CentOS 6.4. There are many articles/posts all over the internet regarding jboss installation for both domain and standalone mode. But, i have tried to make this one more illustrative and accurate than any of them.

Lets go step by step.

  • Make sure the iptables are flushed.
  • Make sure selinux is in disabled mode.
  • Make sure the following ports are open: 80,443,8080,8443,8230,8330,9990,9999,8090

Setting up Java:

Setting up Jboss requires jdk to be installed. I am using jdk-7u60 for the configuration. Download jdk-7u60-linux-x64.rpm from here.
#rpm -ivh  jdk-7u60-linux-x64.rpm

#alternatives --install /usr/bin/java java /usr/java/jdk1.7.0_60/jre/bin/java 2000

#update-alternatives --config java

There is 1 program that provides 'java'.

  Selection    Command
*+ 1           /usr/java/jdk1.7.0_60/jre/bin/java

Enter to keep the current selection[+], or type selection number: 1

Download JBoss AS7.1.1:

First we should download the Jboss AS7.1.1 from this location:

After the download has completed, we have the zip file:

In case you want to check running the jboss in domain mode, just unzip the above package and execute the file.

#cd jboss-as-7.1.1.Final/bin

Domain Configuration:

Interface configuration on master server:

In this section we'll setup both master and slave for them to run in domain mode. And we will configure master to be the domain controller.

First open the host.xml in master AS7.1.1 for editing:

vi domain/configuration/host.xml

The default settings for interface in this file is like:

<interface name="management">
<inet-address value="${}"/>
</interface><interface name="public">
<inet-address value="${jboss.bind.address:}"/>
<interface name="unsecure">
<inet-address value="${jboss.bind.address.unsecure:}"/>

We need to change the address to the management interface with that of master's ip address so slave can connect to master. Similarly, change the ip address for other interfaces as well. The public interface allows the application to be accessed by non-local HTTP, and the unsecured interface allows remote RMI access.

Interface configuration on slave server:

Now we will setup interfaces on slave. First we need to remove the domain.xml from slave, because slave will not act as domain controller and is under the management of master. So, we rename the domain.xml to domain.xml-bak so it won't be processed by AS7.1.1:

mv domain/configuration/domain.xml domain/configuration/domain.xml-bak

Then let's edit host.xml. Similar to the steps on master, open host.xml first:

vi domain/configuration/host.xml

The configuration we'll use on slave is a little bit different because we need to let slave connect to master. First we need to set the hostname. We change the name property from:

<host name="master" xmlns="urn:jboss:domain:1.2"> to
<host name="slave" xmlns="urn:jboss:domain:1.2">

Then we need to modify domain-controller section so slave AS7.1.1 can connect to master's management port:

<remote host="master-ip" port="9999" security-realm="ManagementRealm"/>

Finally, we also need to configure interfaces section and expose the management ports to public address:

<interface name="management">
<inet-address value="${}"/>
<interface name="public">
<inet-address value="${jboss.bind.address:}"/>
<interface name="unsecure">
<inet-address value="${jboss.bind.address.unsecure:}"/>

Replace with ip address of the slave.

Security Configuration

Because we haven't properly set up the authentication between master and slave. Now let's work on it.

Security configuration for master:

Adding users in master:

In bin directory there is a script called, we'll use it to add new users to the properties file used for domain management authentication:


What type of user do you wish to add?
a) Management User (
b) Application User (
(a): a

Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : admin
Password :
Re-enter Password :
The username 'admin' is easy to guess
Are you sure you want to add user 'admin' yes/no? yes
About to add user 'admin' for realm 'ManagementRealm'
Is this correct yes/no? yes

Added user 'admin' to file '/home/root/jobss/jboss-as-7.1.1/standalone/configuration/'
Added user 'admin' to file '/home/root/jboss/jboss-as-7.1.1/domain/configuration/'

As shown above, we have created a user named 'admin' and its password is 'redhat'. Then we add another user called 'slave' with password 'redhat':


What type of user do you wish to add?
a) Management User (
b) Application User (
(a): a

Enter the details of the new user to add.
Realm (ManagementRealm) :
Username : slave
Password :
Re-enter Password :
The username 'slave' is easy to guess
Are you sure you want to add user 'slave' yes/no? yes
About to add user 'slave' for realm 'ManagementRealm'
Is this correct yes/no? yes

Added user 'slave' to file '/home/root/jobss/jboss-as-7.1.1/standalone/configuration/'
Added user 'slave' to file '/home/root/jboss/jboss-as-7.1.1/domain/configuration/'

We will use this user “slave” for slave AS7.1.1 host to connect to master.
Notice that the username must be same as the name given in the slave's host element, that is,

<host name="slave" xmlns="urn:jboss:domain:1.2">

That also means that for each additional host you need a user.

Security configuration for slave:

In slave we need to configure host.xml for authentication. We should change the security-realms section as following:

<security-realm name="ManagementRealm">
<secret value="cmVkaGF0"/>

In the secret value property we have 'cmVkaGF0', which is the base64 code for 'redhat'. 'redhat' is the password we provided for user “slave” we created in master. You can generate this value by using a base64 calculator such as the one at

Setup HornetQ

The newer version of JBoss AS7.1.1 has enforced the security checking for HornetQ. So you need to some additional configuration in domain controller. We have disabled it in our case. To disable, open domain.xml of master and find:

<subsystem xmlns="urn:jboss:domain:messaging:1.1">

By default, there are 3 servers listed in host.xml. We modify the host.xml for both master & slave according to our purpose.

For master:

<server name="server-master" group="HA" auto-start="true">

For slave:

<server name="server-slave" group="HA" auto-start="true">

There is port-offset defined by default but we need to run both servers on 80, so we remove that part from host configurations.

To open jboss on port 80 instead of 8080, change the port 8080 in the socket-binding-group being used while defining the server-groups.

<socket-binding name="http" port="8080"/>  to  <socket-binding name="http" port="80"/>

Also, we modify domain.xml as per our requirement. This will be done in case of master only, as slave won't have domain.xml file.

<server-group name="HA" profile="ha">
<jvm name="default">
<heap size="64m" max-size="512m"/>
<socket-binding-group ref="ha-sockets"/>

Note that, we use the ha profile here and make sure we use the same profile for any configuration changes, whenever we do.

Datasource configuration for master:

The database we are using is mysql and mysql jdbc driver version is 5.1.15.
The following changes are to be made in the domain.xml file of the master server. 

<datasource jta="true" jndi-name="java:jboss/datasources/OmsSchema" pool-name="OmsSchema_Pool" use-java-context="true" use-ccm="true">

<check-valid-connection-sql>SELECT 1</check-valid-connection-sql>
<driver name="mysql" module="com.mysql">

To make the JDBC driver classes available to the JBoss Application Server, copy the archive mysql-connector-java-5.1.5-bin.jar to jboss-7.1.1/modules/com/mysql/main/ along with module.xml.

Download the driver from

cat module.xml

<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.0" name="com.mysql">
<resource-root path="mysql-connector-java-5.1.15-bin.jar"/>
<module name="javax.api"/>

The datasource configuration can be done from admin console as well. There is no datasource configuration required to be done on the slave host.

Now, we are done with the jboss master-slave cluster configuration in domain mode. If every thing goes as expected, you will have your jboss cluster up & running.

To start the servers, we will use the scripts on both master & slave servers. Start the master server and then the slave server, which then registers itself to the master server. Now, if any war/ear deployment file is deployed on master server, which is also the domain controller here, the file is deployed on the connected slave server automatically. It takes 3-4 minutes depending on the content and size of the deployment file.

Also, in web.xml of the deployment file, we've enabled session replication by adding following entry:


There is no other additional changes required in the deployment file to enable the session replication, jboss is smart enough to handle rest of the functionalities.

Now, once scripts are finished running on both master & slave, you will have the below admin console appearing on the domain controller.

By default, jboss runs on port 8080 but as we have redirected it to port 80, we can simply open it by hitting the server ip from the browser. Now, war/ear files can be deployed from the Deployments>Manage Deployments section as you can see above.



open source 5347175181334509383

Post a Comment



Recent Posts


Join Us