[jira] [Closed] (TS-767) Make the cluster interface configurable

Tue, 04 Nov 2014 09:40:40 -0800 

     [ 
https://issues.apache.org/jira/browse/TS-767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Susan Hinrichs closed TS-767.
-----------------------------
       Resolution: Duplicate
    Fix Version/s:     (was: sometime)

Already addressed by Http proxy port issues.

> Make the cluster interface configurable
> ---------------------------------------
>
>                 Key: TS-767
>                 URL: https://issues.apache.org/jira/browse/TS-767
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: Configuration, Network
>    Affects Versions: 2.1.8
>            Reporter: Arno Toell
>            Priority: Minor
>
> I consider the way how Traffic Server opens listening ports dangerous, or at 
> least more risky than necessary. Currently ATS allows to configure port 
> numbers for the related services, but not the listening interface. Instead it 
> binds to 0.0.0.0. Therefore I'd like to suggest 
> * -Allow the user to specify a listening interface, don't assume 0.0.0.0 
> suits for all setups.-
> * -Disable the "autoconfiguration port" (i.e. 8083 by default) unless 
> proxy.local.cluster.type is set to enable clustering (!= 3). I think 
> _traffic_shell_ and eventually _traffic_line_ use this port to configure ATS 
> locally. If so it should be bound to the loop back at least or using Unix 
> Domain Sockets or whatever local socket method you prefer.-
> * Disable the "reliable service port" (i.e. 8088 by default) unless 
> proxy.local.cluster.type enables clustering. Similar to the 
> "autoconfiguration port". If _traffic_cop_ (or something else on the local 
> machine) is using this port, the same suggestions apply as above. 
> * -The "internal communication port" (8084) should not open a public socket 
> at all. Instead use Unix Domain Sockets or something similar.-
> n.b. striked through issues are obsolete or tracked in TS-765. For the 
> remaining issue is worth to be added the comment from TS-765:
> 8088 is no problem anymore until clustering is enabled, so there is only the 
> TS-766 improvement left there. However if enabled, I think it is still fairly 
> useful to allow the user to bind to a specific IP. Say, you run a public 
> facing proxy in cluster mode where you want to communicate in between on 
> private IPs between cluster peers.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to