Production Installation
To install Apache Brooklyn on a production server:
- Set up the prerequisites
- Download Apache Brooklyn
- Configuring brooklyn.cfg
- Configuring Karaf Security
- Configuring default.catalog.bom
- Test the installation
This guide covers the basics. You may also wish to configure:
Set up the Prerequisites
Check that the server meets the requirements. Then configure the server as follows:
- install Java JRE or JDK (version 8 or later)
- enable "Java Cryptography Extension" (already enabled out of the box of OpenJDK installs)
- install an SSH key, if not available
- if the "localhost" location will be used, enable passwordless ssh login
- create a
~/.brooklyndirectory on the host with$ mkdir ~/.brooklyn - check your
iptablesor other firewall service, making sure that incoming connections on port 8443 is not blocked - check that the Linux kernel entropy is sufficient
- check that the ulimit values are sufficiently high
- ensure external libraries are up-to-date, including
nssfor SSL. - ensure the time is continually accurate, ideally by running a service like the ntp daemon.
Download Apache Brooklyn
Download Brooklyn and obtain a binary build as described on the download page.
Expand the tar.gz archive (note: as this is a -SNAPSHOT version, your filename will be slightly different):
tar -zxf apache-brooklyn-dist-1.0.0-timestamp-dist.tar.gzThis will create a apache-brooklyn-1.0.0 folder.
Let's setup some paths for easy commands.
% cd apache-brooklyn-1.0.0
% BROOKLYN_DIR="$(pwd)"
% export PATH=$PATH:$BROOKLYN_DIR/bin/Configuring brooklyn.cfg
Set up brooklyn.cfg as described here:
- Configure the users who should have access
- Turn on HTTPS
- Supply credentials for any pre-defined clouds
Configuring Karaf Security
Out of the box, Apache Brooklyn includes the default Karaf security configuration. This configuration is used to manage connections to the ssh port of Karaf (which is available to localhost connections only). It is recommended that you update the credentials as detailed in the Karaf Security page.
Configuring the Catalog
By default Brooklyn loads the catalog of available application components and services from
default.catalog.bom on the classpath. The initial catalog is in conf/brooklyn/ in the dist.
If you have a preferred catalog, simply replace that file.
More information on the catalog is available here.
Confirm Installation
Launch Brooklyn in a disconnected session so it will remain running after you have logged out:
% nohup bin/brooklyn launch > /dev/null 2&>1 &
Apache Brooklyn should now be running on port 8081 (or other port if so specified).
To install on a different port edit config in etc/org.ops4j.pax.web.cfg.