Remote Kie Server

[Anusha D]

Hi,

We are trying to deploy drools-workbench and kie-server as docker containers. Ideally we do not want to restrict them to be deployed on same host and link them using docker --link command. Is there a way to configure drools-workbench to connect to remote kie-server? On trying to register the server from "rule deployments", we tried filling in the rest url for Kie-server as "Identifier" . That did not help, as the container that was created, showed endpoint value as blank.

Thanks,

Anusha.

[Roger Martinez]

Hello,

In order to perform the connection between the workbench and the execution server you have to consider at least two things:

• In order to register the execution server -> on the exec server startup you have to specify the URL for the workbench service endpoint etc
• The maven settings in the execution server container must point to your workbench maven repository

So you need to figure out when running an execution server, at least, the host and port for using the remote workbench's endpoint. This is why in the images we are using the docker link feature, as you have not to deal with IP / port resolutions manually.

If you need different addresses, looking at the docker image sources now I see that you can just specify the following variables as your needs, and just do not add the --link argument when running them:

• KIE_SERVER_LOCATION
• KIE_SERVER_CONTROLLER
  
• KIE_MAVEN_REPO

PS: You can take a look at the image sources and see how it works and use as example, some links:

• Dockerfile for the execution server image
• The maven settings used in the execution server image
• The startup script that runs the execution server and specify some environment vars used in the application

Hope this helps!!

Roger

[Roger Martinez]

And yes, you can set manually this info by using the workbench's user interface for it, but then you probably have to deal with different addresses on each container re-start and thinks like that. So for the docker approach where the container addressing is usually not static, I would suggest doing it as the official images does or similar to avoid things like that.

El jueves, 18 de febrero de 2016, 19:36:51 (UTC+1), Anusha D escribió:

[Anusha D]

Hi,

Thanks for your response. I did get this working yesterday by modifying exactly the three variables you mentioned to point to workbench's ip and port.

Thanks,

Anusha.

[Roger Martinez]

Nice to hear that!! :)

[Anusha D]

Hi Roger,

I am trying to use REST API's on drools workbench container to create organizational units and repositories. However when I try to use curl command to hit the REST endpoint on drools-wb container, I get 403 Forbidden and following error in container logs . It appears its because of the roles set we have in the container. I am using admin user for testing. The url I am trying to hit is

curl -vvv  <hostip:mappedport>/drools-wb/rest/repositories -u admin:admin. Any help will be greatly appreciated.

[org.jboss.resteasy.core.ExceptionHandler] (default task-416) failed to execute: javax.ws.rs.ForbiddenException: HTTP 403 Forbidden

        at org.jboss.resteasy.plugins.interceptors.RoleBasedSecurityFilter.filter(RoleBasedSecurityFilter.java:45) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:264) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:237) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.10.Final.jar:]

        at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.10.Final.jar:]

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]

        at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]

        at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]

        at org.uberfire.ext.security.server.BasicAuthSecurityFilter.doFilter(BasicAuthSecurityFilter.java:53) [uberfire-servlet-security-0.7.3.Final.jar:0.7.3.Final]

        at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]

        at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]

        at org.uberfire.ext.security.server.SecureHeadersFilter.doFilter(SecureHeadersFilter.java:53) [uberfire-servlet-security-0.7.3.Final.jar:0.7.3.Final]

        at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]

[Roger Martinez]

Hello!

Yes it seems an authorization issue. I'm not sure right now which role/s are the ones defined for using such remote services :( 

Please let me try it and if so, ask or research about it. Will give you feedback as soon as possible :)

Thanks

El jueves, 18 de febrero de 2016, 19:36:51 (UTC+1), Anusha D escribió:

[Anusha D]

Hi ,

Thanks for your response. I figured that out with help from Michael. It requires "rest-all" role.

Thanks,

Anusha.

[Roger Martinez]

Okkk great! I had this on my todo list but really busy with lots of tasks yet... glad to hear you can move forward :)

thanks for the feedback!
Roger

[Roger Martinez]

Hi, i have opneded this issue for fixing this on the new release/tag (comming soon)

https://github.com/jboss-dockerfiles/drools/issues/6

Thanks for the feedback!