A web based administration console is available in Gyrex. By default it is started using a separate, embedded Jetty engine on an internal port. This allows for maximum flexibility and is independent of the main Jetty web server in Gyrex.
To open the web console please open a browser and enter the URL
Protecting Access to the Web Console
Access to the web console is not protected by default in development mode. The console runs on a different port which should have protected access by firewalls already. In addition it's also possible to secure access to the web console using a pluggable authentication scheme. Out of the box, BASIC authentication with encryption using SSL is possible.
In order to enable secure encryption and basic authentication the following two system properties must be set (either in config.ini or using command line arguments when launching the server.
Please have a look at Secure Passwords for instructions on how to produce the password hash.
Gyrex integrates the Equinox Console which is based on the Apache GoGo Shell. Countless console commands are provided in order to simplify administration of a Gyrex cloud. The Equinox Console is extensible and Gyrex also includes ARGS4J which allows developing additional commands using annotations.
In order to activate the OSGi Console one simply needs to pass the "
-console" command line argument when starting Gyrex using the
gyrex executable. This is the default in all Gyrex server packages.
The OSGi Console is also available via SSH. This is the recommended way of connecting to production systems. However, please be careful with the close/exit commands. The SSH console listens on port 3122.
Currently only key-based authorization is supported in the Gyrex bundled SSH console. Also, the OSGi SSH console does not support different roles/permissions. Thus, every logged in user can execute all commands. In order to be able to login an
authorized_keys file need to be created in the instance data location at
<runtime-workspace>/etc/.ssh/authorized_keys. That's a regular
authorized_keys file as typically found on Linux systems (1, 2). When connecting to the SSH console using a key any username is sufficient.