[wildfly-dev] HTTP Upgrade Options (Re: 8.0.0.Alpha3 Released!)
Jason Greene
jason.greene at redhat.com
Thu Jul 18 13:40:47 EDT 2013
On Jul 18, 2013, at 7:51 AM, Bill Burke <bburke at redhat.com> wrote:
>
>
> On 7/18/2013 1:06 AM, Jason Greene wrote:
>> • EJB invocations now use HTTP upgrade over port 8080
>
> Very cool! Every remoting protocol headed this way?! That's awesome!
Yes thats the plan. Although maybe you and others could share your opinion on something. We have been looking as a goal to create two profiles:
1. Two ports - 8080 (application = servlet, ejb, remote jndi, jms)
9990 (management = native management, HTTP/JSON managmeent, web console, JMX)
2. One port - 8080 (all of the above)
AJP & IIOP can't be multiplexed and would be disabled by default. Using SSL would either add or replace the above ports.
So the big question is which configuration is the better default. Administrators like the 2 port because its easy to separate access. For example, today when you start wildfly with -b 0.0.0.0 or whatever, it only affects the application ports and not the management port. It's also easy to firewall. One port is in big demand for massive hosting environments like openshift. Going to one port would probably mean we would need to add some ip pattern restriction features to standalone.xml, but I'm not sure this is a good substitute because administrators won't be familiar with it, but they already know how to use iptables and -b.
Any thoughts?
--
Jason T. Greene
WildFly Lead / JBoss EAP Platform Architect
JBoss, a division of Red Hat
More information about the wildfly-dev
mailing list