[jboss-jira] [JBoss JIRA] (WFCORE-4763) interface "any" tag not working as expected
Yann Le Tallec (Jira)
issues at jboss.org
Wed Nov 27 10:12:00 EST 2019
[ https://issues.jboss.org/browse/WFCORE-4763?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13818536#comment-13818536 ]
Yann Le Tallec edited comment on WFCORE-4763 at 11/27/19 10:11 AM:
-------------------------------------------------------------------
Thank you for your comment.
The doc says "Attribute indicating that part of the selection criteria for choosing an IP address for this interface should be that *the IP address meets at least one of a nested set of criteria, but not necessarily all of the nested criteria*." So it seems to me that connections from any of the addresses inside any should be accepted.
In the end my goal is simple: I want the management interface to be accessible from localhost and the local network. So I tried:
<any>
<inet-address value="127.0.0.1">
<subnet-match value="10.20.0.0/16">
</any>
but that doesn't work as explained in the issue.
If you have a workaround I'm happy to try it.
was (Author: assylias):
Thank you for your comment.
The doc says "Attribute indicating that part of the selection criteria for choosing an IP address for this interface should be that ***the IP address meets at least one of a nested set of criteria, but not necessarily all of the nested criteria***." So it seems to me that connections from any of the addresses inside any should be accepted.
In the end my goal is simple: I want the management interface to be accessible from localhost and the local network. So I tried:
<any>
<inet-address value="127.0.0.1">
<subnet-match value="10.20.0.0/16">
</any>
but that doesn't work as explained in the issue.
If you have a workaround I'm happy to try it.
> interface "any" tag not working as expected
> -------------------------------------------
>
> Key: WFCORE-4763
> URL: https://issues.jboss.org/browse/WFCORE-4763
> Project: WildFly Core
> Issue Type: Bug
> Components: Management
> Environment: Ubuntu 18.02
> Reporter: Yann Le Tallec
> Priority: Major
>
> The {{<any>}} tag in the {{interface}} configuration of {{standalone.xml}} should accept any connection that matches ANY of the provided rules. This is not the case as demonstrated by the example below.
> This configuration allows to run {{jboss-cli.sh -c}} from the machine where wildfly is running as expected:
> {code:xml}
> <interfaces>
> <interface name="management">
> <any>
> <inet-address value="127.0.0.1"/>
> </any>
> </interface>
> </interfaces>
> {code}
> But if I add another (VALID) IP address inside the any tag, I can't connect any more:
> {code:xml}
> <interfaces>
> <interface name="management">
> <any>
> <inet-address value="127.0.0.1"/>
> <inet-address value="10.20.230.26"/>
> </any>
> </interface>
> </interfaces>
> {code}
> With the latter configuration, {{connect}} fails with the following error:
> {noformat}
> >The controller is not available at localhost:9990: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed: WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed: Connection refused
> {noformat}
> Note: to easily reproduce the problem from the cli, starting from a fresh standalone install:
> {code:bash}
> connect
> /interface=management:undefine-attribute(name=inet-address)
> /interface=management:undefine-attribute(name=any)
> /interface=management:write-attribute(name=any,value={inet-address=[127.0.0.1]})
> reload
> /interface=management:write-attribute(name=any,value={inet-address=[127.0.0.1,10.20.230.26]})
> reload
> {code}
> Notes:
> - 10.20.230.26 must be a reachable IP - if I use a random one I can connect normally.
> - if I use {{subnet-match}} I get the same issue
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list