summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
authorMichele Baldessari <michele@acksyn.org>2016-07-22 08:40:25 +0200
committerMichele Baldessari <michele@acksyn.org>2016-09-16 18:19:04 +0200
commita1dcc16f3addd43c229553706b2ba080cde7ea31 (patch)
tree0c54ac72d8dbae94ef61377c8a59d5b26f2d2bb7 /puppet
parent89f9a3f2e0274169f305a503f642867ef14244e1 (diff)
Move rabbit's clustering port away from the ephemeral port range
Currently RabbitMQ cluster uses a predefined port 35672 for clustering. This port belongs to so-called ephemeral ports range. Ephemeral ports are the ports kernel assings to application if it doesn't specify which port to open. So there is a small chance that this application being started before RabbitMQ itself could grab this port. While rather unlikely we did see this happen. Selinux change should already be in place. On my Centos 7 we have: rabbitmq_port_t tcp 25672 corenet_tcp_bind_rabbitmq_port(rabbitmq_t) corenet_tcp_connect_rabbitmq_port(rabbitmq_t) First noted via: https://bugzilla.redhat.com/show_bug.cgi?id=1357522 Closes-Bug: #1623818 Depends-On: I0bcd0d063a7a766483426fdd5ea81cbe1dfaa348 Change-Id: I995bd96c2a17614e954ea5bbae4d58998ef420dc
Diffstat (limited to 'puppet')
-rw-r--r--puppet/services/rabbitmq.yaml6
1 files changed, 3 insertions, 3 deletions
diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index a0669dcd..e4a16e86 100644
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -58,7 +58,7 @@ outputs:
dport:
- 4369
- 5672
- - 35672
+ - 25672
rabbitmq::delete_guest_user: false
rabbitmq::wipe_db_on_cookie_change: true
rabbitmq::port: '5672'
@@ -68,8 +68,8 @@ outputs:
RABBITMQ_NODENAME: "rabbit@%{::hostname}"
RABBITMQ_SERVER_ERL_ARGS: '"+K true +A30 +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
rabbitmq_kernel_variables:
- inet_dist_listen_min: '35672'
- inet_dist_listen_max: '35672'
+ inet_dist_listen_min: '25672'
+ inet_dist_listen_max: '25672'
rabbitmq_config_variables:
tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]'
cluster_partition_handling: 'pause_minority'