Bug 536151 (RHQ-532)
| Summary: | Enable socket based transports to listen on more than one network interface | ||
|---|---|---|---|
| Product: | [Other] RHQ Project | Reporter: | Charles Crouch <ccrouch> |
| Component: | No Component | Assignee: | RHQ Project Maintainer <rhq-maint> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 1.0 | CC: | asantos, ccrouch, cwelton, hbrock, jshaughn |
| Target Milestone: | --- | Keywords: | Improvement |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| URL: | http://jira.rhq-project.org/browse/RHQ-532 | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-05-13 17:26:50 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Charles, besides updating the docs, I'd also add a comment in rhq-server.properties. charles, yup, multiple homes supported through single-line syntax: http://www.jboss.org/jbossremoting/docs/guide/2.4/html/ch05.html#d0e1124 This bug was previously known as http://jira.rhq-project.org/browse/RHQ-532 The link from 2008-07-19 is stale. Here is an updated link -- http://docs.jboss.org/jbossremoting/2.5.2.SP3/html_single/#d0e1476 Note: we're currently using 2.2.2.SP8, and the documentation link above explains that the multi-home option was only introduced in 2.4.x, so we would have to upgrade our remoting version in order to take advantage of this functionality. |
At the moment if you have the following in rhq-server.properties (only the transport is different from the defaults) # Container configuration jboss.bind.address=0.0.0.0 # RHQ Server's remote endpoint for agents to talk to rhq.communications.connector.transport=sslsocket rhq.communications.connector.bind-address=${jboss.bind.address} then it appears that JBoss Remoting will still only bind to one interface, rather than all of them (0.0.0.0). In my testing I was trying to connect to 127.0.0.1 but Remoting was using a NAT assigned ip. Which interface it uses can be seen by turning on debug logging. This should only be a problem for JBoss Remoting managed transports such as socket/sslsocket since things like sslservlet and servlet rely on Tomcat to handle the interface binding. Next steps 1) Update the security documentation to reflect that you shouldnt use 0.0.0.0 as your connector bind-address if you're using sslsocket/socket. 2) Investigate whether Remoting 2.4 addresses this issue. From the release notes it looks like it does: "JBossRemoting 2.4.0.GA is an incremental release, with dozens of bug fixes and several new features: * servers can be bound to multiple IP addresses "