How to set JGroups ports for protocols in EAP 7.1 ?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 7.1+
Issue
- I need to configure
IPTABLES
or aFirewall
for an EAP cluster, what are the required JGroups ports ? - I see a
WARN
message if aha
profile is started in EAP 7.1, if the JGroups subsystem is configured like we have in EAP6 as below :
WFLYCTL0028: Attribute 'socket-binding' in the resource at address '/subsystem=jgroups/stack=udp/protocol=FD_SOCK' is deprecated, and may be removed in future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
- Legacy versions configure the FD_SOCK protocol ports by a socket-binding like followed, but this is not working with EAP 7.1
<protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/>
...
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
...
<socket-binding name="jgroups-udp-fd" interface="private" port="54200"/>
Resolution
- All protocols will bind to the same interface as the transport. Ports are selected randomly.
- To have fixed ports properties can be set to use a specific range as below :
<protocol type="FD_SOCK">
<property name="client_bind_port">50100</property>
<property name="start_port">50000</property>
<property name="port_range">0</property>
</protocol>
- That means the above config uses
50100
to listen to socket connections from remote nodes and50000
to establish connections to remote nodes. - If you have multiple instances at the same machine you need to have a
port_range > 0
to allow it, the range is0
by default. - Note that client_bind_port is rarely configured. It is only needed if a firewall filters based on client IP, which is not a widely used firewall configuration.
Root Cause
- There are no longer socket-bindings needed for the
FD_SOCK
protocol. The ports are selected randomly and the former socket-binding was only used to choose the interface.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments