Bug 1498964

Summary: OpenDaylight does not support binding websocket server to specific IP
Product: Red Hat OpenStack Reporter: Tim Rozet <trozet>
Component: opendaylightAssignee: Josh Hershberg <jhershbe>
Status: CLOSED ERRATA QA Contact: Itzik Brown <itbrown>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 12.0 (Pike)CC: jhershbe, knylande, mkolesni, nyechiel, roxenham
Target Milestone: betaKeywords: Triaged
Target Release: 13.0 (Queens)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: opendaylight-8.0.0-1.el7ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
N/A
Last Closed: 2018-06-27 13:37:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Tim Rozet 2017-10-05 16:15:48 UTC
Description of problem:
ODL will listen on 0.0.0.0 for websocket connections (port 8185) and there is no way to configure an IP for it to bind to.  This is unsafe and also doesn't allow haproxy to bind to the port for the ODL VIP.

Version-Release number of selected component (if applicable):
Carbon and later

The only workaround is to disable port status and websocket in networking-odl until this is fixed.

Comment 1 Tim Rozet 2017-10-10 13:41:57 UTC
Disabling port status until this bug is fixed:
https://review.openstack.org/#/c/510878/1

Comment 2 Janki 2017-11-02 09:24:23 UTC
*** Bug 1506100 has been marked as a duplicate of this bug. ***

Comment 7 Itzik Brown 2018-03-18 13:20:48 UTC
Verified with:
opendaylight-8.0.0-2.el7ost.noarch.rpm 

ODL container has the following configuration file:
/opt/opendaylight/etc/org.opendaylight.restconf.cfg:websocket-address=172.17.1.22

The controller listens on specific address and not on 0.0.0.0

Comment 13 errata-xmlrpc 2018-06-27 13:37:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:2086

Comment 15 Josh Hershberg 2018-10-29 11:48:44 UTC
I do not believe this requires documentation as triple-o configures this without user interaction of any kind.