Bug 1498964 - OpenDaylight does not support binding websocket server to specific IP
Summary: OpenDaylight does not support binding websocket server to specific IP
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: opendaylight
Version: 12.0 (Pike)
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: beta
: 13.0 (Queens)
Assignee: Josh Hershberg
QA Contact: Itzik Brown
URL:
Whiteboard:
: 1506100 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-10-05 16:15 UTC by Tim Rozet
Modified: 2018-10-29 11:48 UTC (History)
5 users (show)

Fixed In Version: opendaylight-8.0.0-1.el7ost
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
N/A
Last Closed: 2018-06-27 13:37:30 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
OpenDaylight Bug 9256 0 None None None 2017-10-05 16:22:26 UTC
OpenDaylight gerrit 64602 0 None None None 2017-11-27 14:18:22 UTC
Red Hat Product Errata RHEA-2018:2086 0 None None None 2018-06-27 13:38:54 UTC

Description Tim Rozet 2017-10-05 16:15:48 UTC
Description of problem:
ODL will listen on 0.0.0.0 for websocket connections (port 8185) and there is no way to configure an IP for it to bind to.  This is unsafe and also doesn't allow haproxy to bind to the port for the ODL VIP.

Version-Release number of selected component (if applicable):
Carbon and later

The only workaround is to disable port status and websocket in networking-odl until this is fixed.

Comment 1 Tim Rozet 2017-10-10 13:41:57 UTC
Disabling port status until this bug is fixed:
https://review.openstack.org/#/c/510878/1

Comment 2 Janki 2017-11-02 09:24:23 UTC
*** Bug 1506100 has been marked as a duplicate of this bug. ***

Comment 7 Itzik Brown 2018-03-18 13:20:48 UTC
Verified with:
opendaylight-8.0.0-2.el7ost.noarch.rpm 

ODL container has the following configuration file:
/opt/opendaylight/etc/org.opendaylight.restconf.cfg:websocket-address=172.17.1.22

The controller listens on specific address and not on 0.0.0.0

Comment 13 errata-xmlrpc 2018-06-27 13:37:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:2086

Comment 15 Josh Hershberg 2018-10-29 11:48:44 UTC
I do not believe this requires documentation as triple-o configures this without user interaction of any kind.


Note You need to log in before you can comment on or make changes to this bug.