Posts

Showing posts from December, 2012

Create custom log4j appender for Karaf and Pax Logging

Karaf leverages Pax Logging for the logging layer. Pax Logging provides an abstraction service for most popular logging frameworks, like SLF4J, Log4j, commons-logging, etc. Karaf provides a default logging configuration in etc/org.ops4j.pax.logging.cfg file. By default, all INFO log messages (rootLogger) are send into a file appender (in data/log/karaf.log). The file appender “maintains” one file of 1MB, and store up to 10 backup files. Adding a new appender configuration, example with Syslog appender We can add new appender configuration in the Karaf logging module. For instance, we can add a syslog appender in etc/org.ops4j.pax.logging.cfg: log4j.rootLogger = INFO, out, syslog, osgi:* ... # Syslog appender log4j.appender.syslog=org.apache.log4j.net.SyslogAppender log4j.appender.syslog.layout=org.apache.log4j.PatternLayout log4j.appender.syslog.layout.ConversionPattern=[%p] %c:%L - %m%n log4j.appender.syslog.syslogHost=localhost log4J.appender.syslog.facility=KARAF log4j.appender.sysl

How to enable HTTPS certificate client auth with Karaf

I received many times messages from users asking how we can “trust” HTTP clients in Karaf. The purpose is to exchange certificates and allow only “trusted” clients to use the Karaf HTTP service. Enable HTTP client auth First of all, we have to enable the HTTP client auth support in Karaf. When you install the HTTP feature, Karaf leverages Pax-Web to provide HTTP OSGi service: karaf@root> features:install http Now, we have to add a custom etc/org.ops4j.pax.web.cfg file: org.osgi.service.http.port=8181 org.osgi.service.http.port.secure=8443 org.osgi.service.http.secure.enabled=true org.ops4j.pax.web.ssl.keystore=./etc/keystores/keystore.jks org.ops4j.pax.web.ssl.password=password org.ops4j.pax.web.ssl.keypassword=password #org.ops4j.pax.web.ssl.clientauthwanted=false org.ops4j.pax.web.ssl.clientauthneeded=true NB: clientauthwanted and clientauthneeded properties are valid for Karaf 2.2.x which use Pax Web 1.0.x. Thanks to the clientauthneeded property, we “force” the client to be trus

Apache Karaf Cellar 2.2.5 released !

During the ApacheCon EU , I made a demo of Karaf and Cellar all together. During this demo, I used Cellar 2.2.5-SNAPSHOT. Now, Cellar 2.2.5 is released ! But, what’s new in this version ? Groups are now persistent In Cellar 2.2.4, the empty groups disappear after a restart. You created a new cluster group without any member (empty group) with: karaf@root> cluster:group-create foobar karaf@root> cluster:group-list|grep -i foobar foobar [] If you restart Cellar (or Karaf), the empty groups were lost: karaf@root> cluster:group-list|grep -i foobar To avoid this, in Cellar 2.2.5, the cluster groups are now persistent on each node. We introduced a new groups property in etc/org.apache.karaf.cellar.groups.cfg to store the list of groups. Cellar now reads this property as startup to populate the cluster groups not present on the cluster. On the other hand, the groups property in etc/org.apache.karaf.cellar.node.cfg defines the group membership of the local node. If you restart Kar