Well, that's just iptables. There is also Amazon's own fwall (security groups, I
think they call it) which is disabled by default but people can be pretty restrictive
about it. So for this case, we should still be explicit about port numbers.
On 15 Jun 2010, at 13:56, Galder Zamarreno wrote:
Brutal, but effective :)
----- "Bela Ban" <bban(a)redhat.com> wrote:
> for my demo, I did the following:
> iptables -F ; chkconfig --del iptables ; ip6tables -F ; chkconfig
> --del
> ip6tables
>
> This helped (maybe not recommended for production :-))...
>
> Vladimir Blagojevic wrote:
>> Bela worked recently in similar environment. Maybe he can provide
> you with a sample jgroups config that is EC2 friendly.
>> On 2010-06-14, at 12:45 AM, Noel O'Connor wrote:
>>
>>
>>> Hi Galder,
>>> Thanks for this, I'll take a look and fix it. I didn't notice it in
> the logs but I'll check it out.
>>>
>>> cheers
>>> Noel
>>>
>>> On 14/06/2010, at 7:44 AM, galder(a)redhat.com wrote:
>>>
>>>
>>>> Hi Noel,
>>>>
>>>> First of all, thanks a million for writing
>
http://infinispan.blogspot.com/2010/05/infinispan-ec2-demo.html. I
> think the work you did there is excellent.
>>>>
>>>> I had a question for you though. In your jgroups-* files, you use
> FD_SOCK without a start_port which by default binds to random port
> (
http://community.jboss.org/wiki/JGroupsFDSOCK). Given Amazon rules, I
> don't think clustering is working as expected in your case, cos
> without locking this port and opening it in the firewall, you'll see
> WARN messages like this in the logs and the cluster view will not
> form:
>>>>
>>>> 2010-06-13 16:50:54,478 WARN [org.jgroups.protocols.FD_SOCK]
> (OOB-1,infinispan-cluster,ip-10-194-230-242-27003) I
> (ip-10-194-230-242-27003) was suspected by
> domU-12-31-38-00-9C-52-25127; ignoring the SUSPECT message
>>>>
>>>> To get around the issue do the following:
>>>>
>>>> - Lock your FD_SOCK start_port values, i.e. <FD_SOCK
> start_port="9777"/>
>>>> - Open TCP port 9777 in your security group.
>>>>
>>>> I'd suggest you verify your demo expectations bearing in mind this
> information and once you've done so, update the blog post :)
>>>>
>>>> Cheers,
>>>> --
>>>> Galder Zamarreño
>>>> Sr. Software Engineer
>>>> Infinispan, JBoss Cache
>>>>
>>>> _______________________________________________
>>>> infinispan-dev mailing list
>>>> infinispan-dev(a)lists.jboss.org
>>>>
https://lists.jboss.org/mailman/listinfo/infinispan-dev
>>>>
>>> _______________________________________________
>>> infinispan-dev mailing list
>>> infinispan-dev(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/infinispan-dev
>>>
>>
>> --
>> Vladimir Blagojevic
>> JBoss Clustering Team
>> JBoss by Red Hat
>>
>>
>>
>>
>>
>
> --
> Bela Ban
> Lead JGroups / Clustering Team
> JBoss
>
> _______________________________________________
> infinispan-dev mailing list
> infinispan-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/infinispan-dev
_______________________________________________
infinispan-dev mailing list
infinispan-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/infinispan-dev