[wildfly-dev] HTTP Upgrade Options (Re: 8.0.0.Alpha3 Released!)

Andrig Miller anmiller at redhat.com
Thu Jul 18 13:51:06 EDT 2013 


----- Original Message -----
> From: "Jason Greene" <jason.greene at redhat.com>
> To: "Bill Burke" <bburke at redhat.com>
> Cc: wildfly-dev at lists.jboss.org
> Sent: Thursday, July 18, 2013 11:40:47 AM
> Subject: [wildfly-dev] HTTP Upgrade Options (Re:  8.0.0.Alpha3 Released!)
> 
> 
> On Jul 18, 2013, at 7:51 AM, Bill Burke <bburke at redhat.com> wrote:
> 
> > 
> > 
> > On 7/18/2013 1:06 AM, Jason Greene wrote:
> >>   • EJB invocations now use HTTP upgrade over port 8080
> > 
> > Very cool!  Every remoting protocol headed this way?!  That's
> > awesome!
> 
> 
> Yes thats the plan. Although maybe you and others could share your
> opinion on something. We have been looking as a goal to create two
> profiles:
> 
> 1. Two ports - 8080 (application = servlet, ejb, remote jndi, jms)
>                9990 (management  = native management, HTTP/JSON
>                managmeent, web console, JMX)
> 2. One port - 8080 (all of the above)
> 
> AJP & IIOP can't be multiplexed and would be disabled by default.
> Using SSL would either add or replace the above ports.
> 
> So the big question is which configuration is the better default.
> Administrators like the 2 port because its easy to separate access.
> For example, today when you start wildfly with -b 0.0.0.0 or
> whatever, it only affects the application ports and not the
> management port. It's also easy to firewall. One port is in big
> demand for massive hosting environments like openshift. Going to one
> port would probably mean we would need to add some ip pattern
> restriction features to standalone.xml, but I'm not sure this is a
> good substitute because administrators won't be familiar with it,
> but they already know how to use iptables and -b.
> 
> Any thoughts?
> 

One port is interesting in that it becomes like Weblogic.  The management aspect would still require separate authentication anyway (management user vs. application user), so I'm not that sure that the management port being separate is really a big win for administrators.

What could be interesting is see if we can run a community poll, through the Andiamo community site.  If we promote to poll through all our blogs, maybe we can get some good community feedback?

Andy

> 
> --
> Jason T. Greene
> WildFly Lead / JBoss EAP Platform Architect
> JBoss, a division of Red Hat
> 
> 
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>

More information about the wildfly-dev mailing list