Created attachment 940190 [details] screenshot When running JON inside a Docker container I want to be able to set the server endpoint to a public IP and port that is accessible from the outside world. rhq-server.properties: rhq.communications.connector.bind-address=10.16.23.108 rhq.communications.connector.bind-port=49245 The UI (Admin -> Topology -> Servers) still shows port 7080 Version-Release number of selected component (if applicable): 3.3 ER03 How reproducible: 100% Document URL: Section Number and Name: Describe the issue: Suggestions for improvement: Additional information: Description of problem: Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
This is expected behavior. If the server is using the transport "servlet" or "sslservlet" (and from your screenshot of rhq-server.properties, you are using "servlet), that means agent communication is going to "piggyback" over the Tomcat connector (that is, the same connector that browsers (the JON GUI) use to communicate to the server - its the normal web connector port - i.e. the http or https port). This means "rhq.communications.connector.bind-port" is ignored/bypassed since its the Tomcat connector port that is used to send messages from agent to server. By default, the Tomcat connector port is 7080 (servlet) or 7443 (sslservlet). Since this wasn't explicitly spelled out in the RHQ docs, I added this information to this wiki page: https://docs.jboss.org/author/display/RHQ/Communications+Configuration#CommunicationsConfiguration-RHQServerCommunicationsServices I'm not closing this, but rather changing its Component to "Documentation" so that blurb can be added to the appropriate place in the JON docs. Lowering its severity to medium since this is working as intended. If you want to change the port, you'd just change the Tomcat connector port or just use 7080 (7443 for secure comm). Alternatively, you could use the (albeit not officially supported) "socket" or "sslsocket" transport. If you do this, you might still have to edit the port in the GUI (Administration>Servers) since I'm not sure if we even look at rhq.communications.connector.bind-port to determine the port used for the public endpoint of the server. "socket" and "sslsocket" is not officially supported by the JON Server endpoint, which is why I think it might not be looked at.
I want the ability set both public endpoint ADDRESS and PORT. In a Docker NAT environment or when running JON behind a firewall we want JON endpoint listener to bind to <local ip>:7080 yet advertise to the outside world a different IP and PORT.
Created attachment 943520 [details] networking diagram
there is now two new settings in rhq-server.properties: rhq.autoinstall.public-endpoint-port rhq.autoinstall.public-endpoint-secure-port By default, they are blank, just like the public-endpoint-address is. But if you set them, they will be used to populate the RHQ_SERVER table which means these are the ports the agent will use when they attempt to connect to the server (i.e. these will get in the agent failover lists). git commit to master: commit 17ac3cc3b4eaf1922661a0e79025c4ff8b107812 Author: John Mazzitelli <mazz> Date: Thu Oct 2 15:46:36 2014 -0400 BZ 1145338 - to support NAT environments, allow server to be configured with a public port/secureport
cherry picked to 3.3 branch by stefan. commit 46a3c7e120b33197666feb170b5293046354b98f
Would you still be able to update these values on JON UI (Administration -> Topology -> Servers) as before?
(In reply to Viet Nguyen from comment #7) > Would you still be able to update these values on JON UI (Administration -> > Topology -> Servers) as before? Yes, that does not change. You'll notice these settings are prefixed with "rhq.autoinstall" - these are only used/take effect by the installer. Once installed, you can go in the UI and change them again if you want, but those rhq.autoinstall .properties settings aren't used anymore (because you only run the installer once)
*** Bug 1100482 has been marked as a duplicate of this bug. ***
Moving to ON_QA as available to test with the latest brew build: https://brewweb.devel.redhat.com//buildinfo?buildID=394734
# VERIFIED having NAT configured (through iptables and IP forwarding on) I was able to connect to the 11011 and register the agent properly. One need just to specify the property specified in: rhq.autoinstall.public-endpoint-port=11011 for example. version === 09:07:48,340 INFO [SystemInfoManager] (http-/0.0.0.0:7080-7) SystemInformation: ******** ACTIVE_DRIFT_PLUGIN: [drift-jpa] AGENT_MAX_QUIET_TIME_ALLOWED: [300000] ALERT_PURGE: [2678400000] AS config dir: [/opt/jon-server-3.3.0.GA/jbossas/standalone/configuration] AS product name: [EAP] AS product version: [6.3.0.GA] AS version: [7.4.0.Final-redhat-19] AVAILABILITY_PURGE: [31536000000] Agent celeno.idmqe.lab.eng.bos.redhat.com: [Agent[id=10001,name=celeno.idmqe.lab.eng.bos.redhat.com,address=10.16.96.69,port=16163,remote-endpoint=socket://10.16.96.69:16163/?rhq.communications.connector.rhqtype=agent&numAcceptThreads=1&maxPoolSize=303&clientMaxPoolSize=304&socketTimeout=60000&enableTcpNoDelay=true&backlog=200,last-availability-ping=null,last-availability-report=null]] Agent gk-320agent.bc.jonqe.lab.eng.bos.redhat.com: [Agent[id=10011,name=gk-320agent.bc.jonqe.lab.eng.bos.redhat.com,address=10.16.23.175,port=16163,remote-endpoint=socket://10.16.23.175:16163/?rhq.communications.connector.rhqtype=agent&numAcceptThreads=1&maxPoolSize=303&clientMaxPoolSize=304&socketTimeout=60000&enableTcpNoDelay=true&backlog=200,last-availability-ping=1416492437268,last-availability-report=1416492322091]] AlertCount: [0] AlertDefinitionCount: [4] BuildNumber: [4f16df3:e347f77] CAM_BASELINE_DATASET: [604800000] CAM_BASELINE_FREQUENCY: [259200000] CAM_BASE_URL: [http://celeno.idmqe.lab.eng.bos.redhat.com:7080/] CAM_DATA_MAINTENANCE: [3600000] CAM_DATA_PURGE_1D: [31536000000] CAM_DATA_PURGE_1H: [1209600000] CAM_DATA_PURGE_6H: [2678400000] CAM_GUIDE_ENABLED: [true] CAM_HELP_PASSWORD: [- non null -] CAM_HELP_USER: [web] CAM_JAAS_PROVIDER: [false] CAM_LDAP_BASE_DN: [o=JBoss,c=US] CAM_LDAP_BIND_DN: [] CAM_LDAP_BIND_PW: [- non null -] CAM_LDAP_FILTER: [] CAM_LDAP_FOLLOW_REFERRALS: [false] CAM_LDAP_LOGIN_PROPERTY: [cn] CAM_LDAP_NAMING_FACTORY_INITIAL: [com.sun.jndi.ldap.LdapCtxFactory] CAM_LDAP_NAMING_PROVIDER_URL: [ldap://localhost/] CAM_LDAP_PROTOCOL: [false] CAM_RT_COLLECT_IP_ADDRS: [true] CAM_SYSLOG_ACTIONS_ENABLED: [false] DATABASE_CONNECTION_URL: [jdbc:postgresql://127.0.0.1:5432/rhq?loginTimeout=0&socketTimeout=0&prepareThreshold=5&unknownLength=2147483647&loglevel=0&tcpkeepalive=false&binaryTransfer=true] DATABASE_DRIVER_NAME: [PostgreSQL Native Driver] DATABASE_DRIVER_VERSION: [PostgreSQL 9.2 JDBC4 (build 1002)] DATABASE_PRODUCT_NAME: [PostgreSQL] DATABASE_PRODUCT_VERSION: [8.4.18] DATA_REINDEX_NIGHTLY: [false] DB_SCHEMA_VERSION: [2.161] DRIFT_FILE_PURGE: [2678400000] ENABLE_AGENT_AUTO_UPDATE: [true] ENABLE_LOGIN_WITHOUT_ROLES: [true] EVENT_PURGE: [1209600000] FullName: [JBoss Operations Network] Name: [JBoss ON] OPERATION_HISTORY_PURGE: [0] PlatformCount: [1] RESOURCE_GENERIC_PROPERTIES_UPGRADE: [false] RHQ_SESSION_TIMEOUT: [3600000] RT_DATA_PURGE: [2678400000] SERVER_HOME_DIR: [/opt/jon-server-3.3.0.GA/jbossas/standalone] SERVER_IDENTITY: [celeno.idmqe.lab.eng.bos.redhat.com] SERVER_INSTALL_DIR: [/opt/jon-server-3.3.0.GA] SERVER_LOCAL_TIME: [20 November 2014 09:07:47 o'clock EST] SERVER_TIMEZONE: [Eastern Standard Time] SERVER_VERSION: [4.12.0.JON330GA] SchedulesPerMinute: [3] ServerCount: [2] ServiceCount: [25] Storage_Node celeno.idmqe.lab.eng.bos.redhat.com: [storageNode.addresss=celeno.idmqe.lab.eng.bos.redhat.com, hostname=celeno.idmqe.lab.eng.bos.redhat.com, beginTime=1416463668270, beginTime=1416463668270, unackAlerts=0, heapUsed=null, heapPercentageUsed=null, load=null, dataUsedPercentage=null, dataDiskUsed=null, tokens=null, actuallyOwns=null] TRAIT_PURGE: [31536000000] Version: [3.3.0.GA] ******** ===