[mod_cluster-issues] [JBoss JIRA] (MODCLUSTER-531) Eliminate automagic

Radoslav Husar (JIRA) issues at jboss.org
Thu Nov 16 06:25:00 EST 2017 

     [ https://issues.jboss.org/browse/MODCLUSTER-531?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Radoslav Husar updated MODCLUSTER-531:
--------------------------------------
    Description: 
I am proposing we abandon automagic as much as possible.

h1. Problem

The main idea for automagic is to make deployment simple and easy to migrate/transfer and provide great user experience out of box. Unfortunately, this IMHO often backfires quite significantly resulting in configurations that are:
# insecure (listening on all interfaces, allow from all, default security key "changeme!")
# difficult to debug (not clear what is the actual configuration)
# unstable installations (seemingly unrelated aspects like adding an interface or connector break the previously working configuration)

h1. Areas

There are several areas where automagic happens.

h5. Advertised address of the proxy

There were multiple bugs in the past, where 0.0.0.0 would be sent in the advertise mesages, now if its not explcit in the VirtualHost or passed in to ServerAdvertise, it automagically picks a non-local interface. Such configurations should be disallowed.

h5. Advertise interfaces - Java

-The interfaces are not explicit and advertise messages could be sent/received on more interfaces and is subject to interface configuration which can change. This is also problematic when trying to move to DatagramChannel interface, which requires interfaces to be defined explicitly (MODCLUSTER-502). We can need to require this explicitly.- DONE

h5. Advertise interfaces - Native

The interfaces are not explicit and advertise messages could be sent/received on more interfaces (see MODCLUSTER-487). 

h5. Connector address

If bound to any-address, the address is inferred from the proxy connection as the local address. This is solved in the default WildFly configuration as its explicitly bound to a interface.

h5. Connector selection

-This is solved in WildFly where selection is explicit. In tomcat this causes problems like MODCLUSTER-457 when WS requires http yet ajp is automatically selected by default. We can make this explicit.- DONE 

h5. Route generation

Remove setJvmRoute from the SPI with MODCLUSTER-634.






  was:
I am proposing we abandon automagic as much as possible.

h1. Problem

The main idea for automagic is to make deployment simple and easy to migrate/transfer and provide great user experience out of box. Unfortunately, this IMHO often backfires quite significantly resulting in configurations that are:
# insecure (listening on all interfaces, allow from all, default security key "changeme!")
# difficult to debug (not clear what is the actual configuration)
# unstable installations (seemingly unrelated aspects like adding an interface or connector break the previously working configuration)

h1. Areas

There are several areas where automagic happens.

h5. Advertised address of the proxy

There were multiple bugs in the past, where 0.0.0.0 would be sent in the advertise mesages, now if its not explcit in the VirtualHost or passed in to ServerAdvertise, it automagically picks a non-local interface. Such configurations should be disallowed.

h5. Advertise interfaces - Java

-The interfaces are not explicit and advertise messages could be sent/received on more interfaces and is subject to interface configuration which can change. This is also problematic when trying to move to DatagramChannel interface, which requires interfaces to be defined explicitly (MODCLUSTER-502). We can need to require this explicitly.- DONE

h5. Advertise interfaces - Native

The interfaces are not explicit and advertise messages could be sent/received on more interfaces (see MODCLUSTER-487). 

h5. Connector address

If bound to any-address, the address is inferred from the proxy connection as the local address. This is solved in the default WildFly configuration as its explicitly bound to a interface.

h5. Connector selection

-This is solved in WildFly where selection is explicit. In tomcat this causes problems like MODCLUSTER-457 when WS requires http yet ajp is automatically selected by default. We can make this explicit.- DONE 

h5. Route generation

Remove setJvmRoute from the SPI.








> Eliminate automagic
> -------------------
>
>                 Key: MODCLUSTER-531
>                 URL: https://issues.jboss.org/browse/MODCLUSTER-531
>             Project: mod_cluster
>          Issue Type: Feature Request
>          Components: Core & Container Integration (Java), Documentation & Demos, Native (httpd modules)
>    Affects Versions: 1.2.0.Final, 1.3.0.Final
>            Reporter: Radoslav Husar
>            Assignee: Radoslav Husar
>            Priority: Blocker
>             Fix For: 1.4.0.Alpha1, 2.0.0.Alpha1
>
>
> I am proposing we abandon automagic as much as possible.
> h1. Problem
> The main idea for automagic is to make deployment simple and easy to migrate/transfer and provide great user experience out of box. Unfortunately, this IMHO often backfires quite significantly resulting in configurations that are:
> # insecure (listening on all interfaces, allow from all, default security key "changeme!")
> # difficult to debug (not clear what is the actual configuration)
> # unstable installations (seemingly unrelated aspects like adding an interface or connector break the previously working configuration)
> h1. Areas
> There are several areas where automagic happens.
> h5. Advertised address of the proxy
> There were multiple bugs in the past, where 0.0.0.0 would be sent in the advertise mesages, now if its not explcit in the VirtualHost or passed in to ServerAdvertise, it automagically picks a non-local interface. Such configurations should be disallowed.
> h5. Advertise interfaces - Java
> -The interfaces are not explicit and advertise messages could be sent/received on more interfaces and is subject to interface configuration which can change. This is also problematic when trying to move to DatagramChannel interface, which requires interfaces to be defined explicitly (MODCLUSTER-502). We can need to require this explicitly.- DONE
> h5. Advertise interfaces - Native
> The interfaces are not explicit and advertise messages could be sent/received on more interfaces (see MODCLUSTER-487). 
> h5. Connector address
> If bound to any-address, the address is inferred from the proxy connection as the local address. This is solved in the default WildFly configuration as its explicitly bound to a interface.
> h5. Connector selection
> -This is solved in WildFly where selection is explicit. In tomcat this causes problems like MODCLUSTER-457 when WS requires http yet ajp is automatically selected by default. We can make this explicit.- DONE 
> h5. Route generation
> Remove setJvmRoute from the SPI with MODCLUSTER-634.



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the mod_cluster-issues mailing list