Reputation: 1306
What is the list of Ignite Communication ephemeral port range?
We have an active firewall on machines and Multiple Ignite Servers to increase availability but at the same time we can't keep open all the ports. I have read multiple blogs and email on apache-ignite-users[1] to find out what ports are used between ignites nodes to establish and keepalive connections.
My Ignite Spring config
@Bean
public Ignite igniteInstance(JdbcIpFinderDialect ipFinderDialect, DataSource dataSource) {
IgniteConfiguration cfg = new IgniteConfiguration();
cfg.setGridLogger(new Slf4jLogger());
cfg.setMetricsLogFrequency(0);
TcpDiscoverySpi discoSpi = new TcpDiscoverySpi()
.setIpFinder(new TcpDiscoveryJdbcIpFinder(ipFinderDialect).setDataSource(dataSource)
.setInitSchema(initialiseIgniteSchema))
.setLocalPort(51000)
.setLocalPortRange(100);
cfg.setDiscoverySpi(discoSpi);
cfg.setCacheConfiguration(cacheConfigurations.toArray(new CacheConfiguration[0]));
cfg.setFailureHandler(igniteFailureHandler);
return Ignition.start(cfg);
}
this way I am specifying the discovery port[51000] and range[100] but when I run the netstat to see the connection on both the nodes but did notice the random ephemeral port range, what are these ports [20353],[59856] and is there a configurable option that I am missing to set the range?
[user@machine ~]$ netstat -aon | grep 51000 | grep ES
| header | h2 | h2 | h2 | |||
|---|---|---|---|---|---|---|
| tcp | 0 | 0 | XXX.XXX.XXX.host1:51000 | 0.0.0.0:* | LISTEN | off (0.00/0/0) |
| tcp | 0 | 0 | XXX.XXX.XXX.host1:59856 | XXX.XXX.XXX.host2:51000 | ESTABLISHED | off (0.00/0/0) |
| tcp | 0 | 0 | XXX.XXX.XXX.host1:51000 | XXX.XXX.XXX.host2:20352 | ESTABLISHED | keepalive (6007.95/0/0) |
tl;dr
- I have 2 ignite server in the system which shares a cache
- Due to Security implementation we have to close all the port unless used
- Ignite server establishes a connection over a random ephemeral port range
- Is there a way to restrict this range?
Upvotes: 0
Views: 197
Answers (1)
Reputation: 52565
You can change the port that Ignite uses to listen on. You've already changed the Discovery port. As a minimum, you'd also need to change the Communication SPI port (47100 by default) and possibly disable JMX (start with the -nojmx flag).
Using the default implementation, there's no way to configure the port of outgoing connections. That's a pretty unusual requirement. You could build your own Discovery SPI that binds to a specific port rather than zero -- that would require building on the default implementation and overriding the TcpDiscoverySpi#createSocket() method.
Upvotes: 1
Related Questions
- What is the range of ephemeral ports on mac?
- Configuring Apache Ignite with Spring Boot
- How to change default local discovery port for Apache Ignite?
- How to open the bare minimum number of ports for Ignite when only using a simple distributed cache?
- Apache Ignite - setting IP and Port on EC2
- Ports required for Apache Ignite Cluster
- Will apache Ignite identify the current host and port of webservice it is used in by itself?
- Which ports does Ignite Server listens to
- which ports should be exposed in a docker container for apache ignite?
- Why does a the ignite client open a port?