Hi Russell, If we start the server by "geronimo run", the karaf remote shell does not turn on by default. we can modify the CONSOLE_OPTS in *geronimo.bat/.sh *to enable the karaf remote shell.
I have a suggestion, maybe we could provide some commands to change the karaf shell settings whenever the server is running or shutdown. On Wed, Aug 31, 2011 at 4:47 AM, Russell E Glaue <[email protected]> wrote: > How about this idea. > Have the ability to turn the karaf SSH service on and off. And have it off > by default. Then we do not have to worry about telling novice users what to > do, and more expert users will figure it out only when they want that extra > service. > > > In the configuration file: /etc/org.apache.karaf.shell.**cfg > Keep the "sshPort" attribute as it is. > Add another attribute (e.g. "serviceStart") that has a true/false value. > > By default the "serviceStart" would be false. > If a user wanted the SSH service, they would have to set the attribute to > true. And if they wanted more than one instance, they would have to set the > sshPort for each instance - as you discussed. > > Then, put in a JIRA issue to have the karaf "sshPort" attribute integrated > into the "var/config-substitutions.**properties". Which can happen way > down the road. > > > And with this, this extra service can be used by more expert users who do > not mind editing the configuration in multiple places. Novice users don't > have to worry about it - so it won't be in the way to cause extra confusion. > > Also, having the SSH service off (false) should decrease the memory > footprint (as opposed to when true) as that service should not start up. > Having the SSH service on means the admin user additionally needs to secure > that port on the server. So having that turned off by default also makes > Geronimo more secure out of the box. > > > > -RG > > > > On 08/30/2011 11:28 AM, David Jencks wrote: > >> Hi Rex, >> >> I don't have a good idea how to do something like this in karaf. It would >> have >> to work through config admin since any service opening a socket should get >> the >> port from config admin (the shell does). So I think we would need some >> kind of >> config admin administration tool that would shift all the port values by >> some >> constant. I haven't looked into anything about how to implement something >> like >> this. >> >> thanks >> david jencks >> >> On Aug 30, 2011, at 2:29 AM, Rex Wang wrote: >> >> Hi Devs >>> >>> I send this mail to only Geronimo mailing list because I hope we could >>> discuss >>> it first before we request this ability in karaf. >>> >>> Currently, in Geronimo 3.0, all the port/portoffset settings have been >>> unified >>> in config-substitutions.**properties like before, except the settings >>> for >>> o.a.karaf.shell.ssh. >>> karaf.shell.ssh can help user access our shell from remote through the >>> port >>> 8101. In Geronimo startup script, by setting >>> CONSOLE_OPTS=-Dkaraf.**startLocalConsole=true *-Dkaraf.startRemoteShell= >>> **true*, >>> we can enable this feature. It retrieves the settings in >>> /etc/org.apache.karaf.shell.**cfg from config admin service. >>> However, it did not define the port offset value. If user wanna start 2 >>> server >>> instances in one machine, he has to manually set the portoffset in >>> config-substitutions and also modify the "sshPort" in the >>> /etc/org.apache.karaf.shell.**cfg. Otherwise, the port 8101 will only >>> work for >>> the server instance that start later. >>> >>> The question is, if we want karaf add the ability to set the port offset, >>> how >>> do we hope them implement it? They indeed can simply add a setting in >>> org.apache.karaf.shell.cfg named "sshPortoffset" to do this. But our user >>> still need change 2 places if they want to change the portoffset. Shall >>> we >>> persuade them to add the ability to load the settings from a >>> location(i.e. >>> var/config-substitutions.**properties for us) or there are better >>> practices? >>> >>> David, IIRC, you ever mentioned you hope get rid of the >>> config-substitutions >>> in future geronimo. Then how to unify the portoffset settings, that is, >>> changing in one place will make all components take the effect? >>> >>> Any insights? >>> >>> thanks, >>> -- >>> Lei Wang (Rex) >>> rwonly AT apache.org <http://apache.org/> >>> >> >> -- Best regards! John Xiao
