Full Description
Drools Workbench Docker image
JBoss Drools Workbench Docker image.
Table of contents
- Introduction
- Usage
- Users and roles
- Logging
- GIT internal repository
- Extending this image
- Experimenting
- Notes
- Release notes
Introduction
The image contains:
JBoss Wildfly 11.0.0.Final
JBoss Drools Workbench 7.10.0.Final
This image provides the JBoss Drools Workbench web application. It's intended to be extended so you can add your custom configurations.
If you don't want to extend this image and you just want to try Drools Workbench, please take a look at the jboss/drools-workbench-showcase:latest Docker image, it contains some default configurations.
Usage
To run a container:
docker run -p 8080:8080 -p 8001:8001 -d --name drools-workbench jboss/drools-workbench:latest
Once container starts, you can navigate into the Drools Workbench at:
http://localhost:8080/drools-wb
Users and roles
The application have no users or roles configured, so you cannot not access it by default,
In order to use it, at least you have to create an application user in JBoss Wildfly with role admin.
If you are looking for a Drools Workbench image that does not require to add custom configurations, try our jboss/drools-workbench-showcase:latest Docker image.
If you want to create your custom configuration and users, role, etc, you can take a look at section Extending this image
Logging
You can see all logs generated by the standalone binary running:
docker logs [-f] <container_id>
You can attach the container by running:
docker attach <container_id>
The Drools Workbench web application logs can be found inside the container at path:
/opt/jboss/wildfly/standalone/log/server.log
Example:
sudo nsenter -t $(docker inspect --format '{{ .State.Pid }}' $(docker ps -lq)) -m -u -i -n -p -w
-bash-4.2# tail -f /opt/jboss/wildfly/standalone/log/server.log
GIT internal repository
The workbench stores all the project artifacts in an internal GIT repository. By default, the protocol available for accessing the GIT repository is SSH at port 8001.
You can clone the GIT repository by running:
git clone ssh://admin@localhost:8001/system
By default, the GIT repository is created when the application starts for first time at $WORKING_DIR/.niogit, considering $WORKING_DIR as the current directory where the application server is started.
You can specify a custom repository location by setting the following Java system property to your target file system directory:
-Dorg.uberfire.nio.git.dir=/home/youruser/some/path
NOTE: This directory can be shared with your docker host and with another containers using shared volumes when running the container, if you need so.
If necessary you can make GIT repositories available from outside localhost using the following Java system property:
-org.uberfire.nio.git.ssh.host=0.0.0.0
You can set this Java system properties permanent by adding the following lines in your standalone-full.xml file as:
<system-properties>
<!-- Custom repository location. -->
<property name="org.uberfire.nio.git.dir" value="/home/youruser/some/path"/>
<!-- Make GIT repositories available from outside localhost. -->
<property name="org.uberfire.nio.git.ssh.host" value="0.0.0.0"/>
</system-properties>
NOTE: Users and password for ssh access are the same that for the web application users defined at the realm files.
Extending this image
You can extend this image and add your custom layers in order to add custom configurations, users, roles, etc.
In order to extend this image, your Dockerfile must inherit from:
FROM jboss/drools-workbench:latest
Configuring Wildfly
The Wildfly configuration files are located at
/opt/jboss/wildfly/standalone/configuration
In this file you can modify all Wildfly's subsystem configurations
Drools Workbench requires running Wildfly using full profile, so custom modifications should be done in standalone-full.xml configuration file
Users and roles
By default this image does not provide users and roles for Drools Workbench
The available roles for Drools Workbench examples are:
ROLE DESCRIPTION
*
admin The administrator
analyst The analyst
developer The developer
manager The manager
user The end user
kiemgmt KIE management user
Accounting Accounting role
PM Project manager role
HR Human resources role
sales Sales role
IT IT role
These are the steps to create your custom users and roles by using realm files in Widlfly:
1.- Create a realm properties file for users and deploy it in /opt/jboss/wildfly/standalone/configuration:
drools-users.properties
---------------------
#admin=admin
admin=207b6e0cc556d7084b5e2db7d822555c
#analyst=analyst
analyst=047ca331957b5ce5021e8e01d3322a13
#developer=developer
developer=97df44a197a58de9674af3cd139df47e
#manager=manager
manager=e5148a68341fbc5afbe08fb4ab6da2c5
#user=user
user=c5568adea472163dfc00c19c6348a665
2.- Create a realm properties file for roles and deploy it in /opt/jboss/wildfly/standalone/configuration:
drools-roles.properties
---------------------
admin=admin
analyst=analyst
developer=developer
manager=manager
user=user
3.- Modify your standalone-full.xml in order to:
3.1 - In the management section, modify default the security-realm for the ApplicationRealm as:
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="drools-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="drools-roles.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
3.2 - In the security subsystem, modify default the other security-domain for as:
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
You can find an example by looking at the Dockerfile for jboss/drools-workbench-showcase:latest image.
Experimenting
To spin up a shell in one of the containers try:
docker run -p 8080:8080 -p 8001:8001 -d --name drools-workbench jboss/drools-workbench:latest /bin/bash
You can then noodle around the container and run stuff & look at files etc.
Troubleshoot
If the application can't be accessed via browser (http://localhost:8080/drools-wb) please run the container in host network mode. It seems that latest docker versions have some restrictions on the networking side. Using an older daemon version this does not happen.
Try:
docker run .... --network="host .."
Notes
The context path for Drools Workbench web application is drools-wb
Drools Workbench version is 7.10.0.Final
Drools Workbench requires running JBoss Wildfly 11.0.0.Final using the full server profile
No users or roles are configured by default
No support for clustering
Use of embedded H2 database server by default
No support for Wildfly domain mode, just standalone mode
This image is not intended to be run on cloud environments such as RedHat OpenShift or Amazon EC2, as it does not meet all the requirements.
Please give us your feedback or report a issue at Drools Setup or Drools Usage Google groups.
Release notes
7.10.0.Final
See release notes for Drools
Docker Pull Command
docker pull jboss/drools-workbench
https://hub.docker.com/r/jboss/drools-workbench/
