Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Gyrex/Administrator Guide/Console

< Gyrex‎ | Administrator Guide
Revision as of 06:52, 4 March 2013 by Gunnar.wagenknecht.org (Talk | contribs) (added description about SSL/BASIC authentication support)

Web Console

A web based administration console is available in Gyrex. By default it is started using a separate, embedded Jetty engine on an internal port. This allows for maximum flexibility and is independent of the main Jetty web server in Gyrex.

To open the web console please open a browser and enter the URL http://localhost:3110/.

Protecting Access to the Web Console

Access to the web console is not protected by default in development mode. The console runs on a different port which should have protected access by firewalls already. In addition it's also possible to secure access to the web console using a pluggable authentication scheme. Out of the box, BASIC authentication with encryption using SSL is possible.

In order to enable secure encryption and basic authentication the following two system properties must be set (either in config.ini or using command line arguments when launching the server.

  -Dgyrex.admin.secure=true
  -Dgyrex.admin.auth=BASIC/username/passwordhash

Please have a look at Secure Passwords for instructions on how to produce the password hash.

OSGi Console

Gyrex integrates the Equinox Console which is based on the Apache GoGo Shell. Countless console commands are provided in order to simplify administration of a Gyrex cloud. The Equinox Console is extensible and Gyrex also includes ARGS4J which allows developing additional commands using annotations.

Terminal

In order to activate the OSGi Console one simply needs to pass the "-console" command line argument when starting Gyrex using the gyrex executable. This is the default in all Gyrex server packages.

SSH

The OSGi Console is also available via SSH. This is the recommended way of connecting to production systems. However, please be careful with the close/exit commands. The SSH console listens on port 3122.

Authorization

Currently only key-based authorization is supported in the Gyrex bundled SSH console. Also, the OSGi SSH console does not support different roles/permissions. Thus, every logged in user can execute all commands. In order to be able to login an authorized_keys file need to be created in the instance data location at <runtime-workspace>/etc/.ssh/authorized_keys. That's a regular authorized_keys file as typically found on Linux systems. When connecting to the SSH console using a key any username is sufficient.

Copyright © Eclipse Foundation, Inc. All Rights Reserved.