users@glassfish.java.net

Re: GlassFish domains on same server under own unix user credetials?

From: <glassfish_at_javadesktop.org>
Date: Mon, 11 Aug 2008 15:42:36 PDT

> I am OK with single process per domain, but for
> different domains I like to have separate
> credentials.

In your original post, you used the phrase virtual domains. Unfortunately, "domain" is a bit overloaded here as GF calls it's running "instances" domains.

So, to be clear, a GF Domain is a singular instance of GF, and it would run in its own process. You can have as many GF domains running under their own credentials as you like.

However, this is not the same with virtual host HTTP domains, which are all bound under a single GF server instance. Specifically, you can not have more than one instance of GF listening to port 80 on the same IP on the same machine.

> I.e. same server has domains: pika.boo.com and
> nano.boo.com,
> Server has pika and nano users and groups with
> /home/pika and /home/nano hoe folders.
> Developers of each group could go wild, messing each
> other within same domain.
> But they do not have even read permission on another
> domain.
> And processes could take as much CPU as given for
> user. Same for file system: size quota per-user
> applied by Unix.

Sure, but that's at the process level. Applications running within the GF server all share the same process, so you don't get that kind of individual control within GF.

> At the moment there is a solution:
> Apache server to redirect(ProxyPass/ProxyPassReverse)
> port 80 requests to appropriate GF instances. Each GF
> is independent installation.
> What is missing there, that nice admin UI for domain
> redirect and per-domain administration. A little
> thing which makes my admin life much easier. I prefer
> to write apps rather httpd.conf or admin scripts :))

Or you can multi-home the server, give each group their own IP on the same server, give each of them their own interface, and let them administer it -- and you can play help desk and lock down their processes using Unix tools. The UI makes GF pretty easy to use, I've even seen programmers and web designers themselves use it.

> PS. On my Solaris 8 there is no SMF...

Ah, yea, I've heard Solaris was upgraded once or twice in the past 8 years.

Feel free to make RFIs for parts you think are lacking, teams are always looking for input.
[Message sent by forum member 'whartung' (whartung)]

http://forums.java.net/jive/thread.jspa?messageID=292711
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.