Red Hat Training

A Red Hat training course is available for Red Hat Fuse

1.4. Port Configuration

This section describes how to configure, map, and assign ports when you want to connect to the JBoss Fuse application.

1.4.1. Choosing SSL or Non-SSL Ports

When you deploy your JBoss Fuse application you can choose to use an SSL connection or non-SSL connection.
SSL connection
This connection uses static predefined ports to connect to the JBoss Fuse application. SSL connections are slower than non-SSL connections due to processing overhead at run-time, but you can determine the port number to use at run-time when you first install the application.
Non-SSL connection
This connection uses a dynamic port number that OpenShift Enterprise allocates based on the available ports when you install the JBoss Fuse application. After you install the application, you must determine which port numbers the clients need to use to connect to the application.

Configuring an SSL connection

  1. In the ActiveMQ JMS client, specify the SSL port number in the ActiveMQConnectionFactory property. By default, the following port numbers are available for SSL connections:
    Openwire
    2303
    STOMP
    2304
    AMQP 1.0
    2305
    MQTT 3.1
    2306
  2. Copy the contents of the self-signed public server certificate to a file named server.crt and store the file in your local machine. You can access the certificate with the URL that appears when you first install the JBoss Fuse application, or from the default profile directory in the Wiki tab of the Fuse Management Console.
  3. Run the following command to create a Java keystore that imports the certificate: 
    $ keytool -importcert -keystore my.jks -storepass password \
    -file server.crt -noprompt
  4. Configure the JVM to use the keystore when the client connects to the application: 
    $ java -Djavax.net.ssl.trustStore=my.jks ...

Configuring a non-SSL connection

  1. After you install the JBoss Fuse cartridge, run one of the following commands: 
    $echo    ${OPENSHIFT_FUSE_OPENWIRE_PROXY_PORT}
$echo    ${OPENSHIFT_FUSE_MQTT_PROXY_PORT}
$echo    ${OPENSHIFT_FUSE_AMQP_PROXY_PORT}
$echo    ${OPENSHIFT_FUSE_STOMP_PROXY_PORT}
  2. Specify the port number that the broker returns in the connection URL. For example: 
    tcp://amq-demo.openshift.example.com:63373

1.4.2. Port Binding

Some Camel components and CXF endpoints must bind to specific ports to enable client connections. When you configure the JBoss Fuse cartridge you must bind components such as camel-netty to these ports.
You can use the following system properties variables to bind components to private ports:
  • app1.port
  • app2.port
  • app3.port
Note
If you deploy an ActiveMQ container, the app1.port system property is reserved for the container.
You specify the port system property in the connection properties with the following format: 
${bind.address}:${system_property}
To bind a component to a public port, you use the following connection address format: 
${publichostname}:${app1.public.port}

1.4.3. Public Port Mapping

The JBoss Fuse cartridge includes the PublicPortMapper tool that translates private ports in CXF endpoint addresses to public ports. This tool ensures that users can connect to the JBoss Fuse application from outside the OpenShift Enterprise domain without exposing the private ports that CXF requires to run.
The following CXF components use the PublicPortMapper tool:
io.fabric8.cxf.registry.FabricCxfRegistrationHandler
This handler uses the PublicPortMapper tool to translate CXF endpoint addresses. The tool maps the port for each endpoint based on the address property of the jaxws:server element: 
<jaxws:server id="service1" serviceClass="io.fabric8.demo.cxf.Hello"
          address="http://$[bind.address]:$[app1.port]/server/server1">
The following example shows the source address of a CXF endpoint: 
http://127.2.123.129:3001/server/server1
The following example shows the translated external URL: 
http://app-domain.openshift.com:47106/server/server1
The tool writes the translated address to one of the following ZooKeeper paths:
  • /fabric/registry/clusters/apis/rest/{name}/{version}/{container}
  • /fabric/registry/clusters/apis/ws/{name}/{version}/{container}
io.fabric8.cxf.FabricLoadBalancerFeature
This feature uses the PublicPortMapper tool to translate the addresses of all endpoints in the cluster. The tool maps the ports based on the list of addresses in the group array property of the feature.
Each time the jaxws:server component starts, the io.fabric8.cxf.FabricServerListener service retrieves the addresses from all active endpoints and stores the addresses in the group property. The feature then invokes the PublicPortMapper tool to translate the addresses to external connection URLs.
The tool writes the addresses to the following ZooKeeper path: 
/fabric/cxf/endpoints/<path-configured-for-FabricLoadBalancerFeature>
io.fabric8.camel.FabricPublisherEndpoint
This endpoint uses the PublicPortMapper tool to translate the address of the listener based on the from uri property of the io.fabric8.camel.FabricComponent route.
The following example shows the source address of a Jetty listener: 
<from uri="fabric-camel:cluster:jetty:http://0.0.0.0:[[port]]/fabric"/>
The tool writes the translated address to the following ZooKeeper path: 
/fabric/clusters/fabric/registry/camel/endpoints/cluster/<cluster_instance_number>
The following example shows the translated address: 
http://fuse0-test.openshift.example.com:40257/fabric