You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by mc...@apache.org on 2020/07/07 09:31:36 UTC
[cassandra] branch trunk updated: FBUtilities.getJustLocalAddress
falls back to lo ip on misconfigured nodes
This is an automated email from the ASF dual-hosted git repository.
mck pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/trunk by this push:
new 4654ef0 FBUtilities.getJustLocalAddress falls back to lo ip on misconfigured nodes
4654ef0 is described below
commit 4654ef09c1d3736e0b50e8d5756664cbf9e4ca84
Author: Bereng <be...@gmail.com>
AuthorDate: Thu Jul 2 17:44:22 2020 +0200
FBUtilities.getJustLocalAddress falls back to lo ip on misconfigured nodes
patch by Berenguer Blasi; reviewed by Robert Stupp, Mick Semb Wever for CASSANDRA-15901
---
CHANGES.txt | 1 +
conf/cassandra.yaml | 3 ++-
.../org/apache/cassandra/utils/FBUtilities.java | 29 ++++++++++++++++------
.../org/apache/cassandra/utils/JMXServerUtils.java | 12 +++++++--
.../org/apache/cassandra/auth/jmx/JMXAuthTest.java | 2 +-
5 files changed, 35 insertions(+), 12 deletions(-)
diff --git a/CHANGES.txt b/CHANGES.txt
index c3fdf4f..76cd271 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
4.0-alpha5
+ * FBUtilities.getJustLocalAddress falls back to lo ip on misconfigured nodes (CASSANDRA-15901)
* Close channel and reduce buffer allocation during entire sstable streaming with SSL (CASSANDRA-15900)
* Prune expired messages less frequently in internode messaging (CASSANDRA-15700)
* Fix Ec2Snitch handling of legacy mode for dc names matching both formats, eg "us-west-2" (CASSANDRA-15878)
diff --git a/conf/cassandra.yaml b/conf/cassandra.yaml
index 0778628..80dbf38 100644
--- a/conf/cassandra.yaml
+++ b/conf/cassandra.yaml
@@ -630,7 +630,8 @@ ssl_storage_port: 7001
# Leaving it blank leaves it up to InetAddress.getLocalHost(). This
# will always do the Right Thing _if_ the node is properly configured
# (hostname, name resolution, etc), and the Right Thing is to use the
-# address associated with the hostname (it might not be).
+# address associated with the hostname (it might not be). If unresolvable
+# it will fall back to InetAddress.getLoopbackAddress(), which is wrong for production systems.
#
# Setting listen_address to 0.0.0.0 is always wrong.
#
diff --git a/src/java/org/apache/cassandra/utils/FBUtilities.java b/src/java/org/apache/cassandra/utils/FBUtilities.java
index 6db50a4..8e000d5 100644
--- a/src/java/org/apache/cassandra/utils/FBUtilities.java
+++ b/src/java/org/apache/cassandra/utils/FBUtilities.java
@@ -130,16 +130,29 @@ public class FBUtilities
public static InetAddress getJustLocalAddress()
{
if (localInetAddress == null)
- try
- {
- localInetAddress = DatabaseDescriptor.getListenAddress() == null
- ? InetAddress.getLocalHost()
- : DatabaseDescriptor.getListenAddress();
- }
- catch (UnknownHostException e)
+ {
+ if (DatabaseDescriptor.getListenAddress() == null)
{
- throw new RuntimeException(e);
+ try
+ {
+ localInetAddress = InetAddress.getLocalHost();
+ logger.info("InetAddress.getLocalHost() was used to resolve listen_address to {}, double check this is "
+ + "correct. Please check your node's config and set the listen_address in cassandra.yaml accordingly if applicable.",
+ localInetAddress);
+ }
+ catch(UnknownHostException e)
+ {
+ logger.info("InetAddress.getLocalHost() could not resolve the address for the hostname ({}), please "
+ + "check your node's config and set the listen_address in cassandra.yaml. Falling back to {}",
+ e,
+ InetAddress.getLoopbackAddress());
+ // CASSANDRA-15901 fallback for misconfigured nodes
+ localInetAddress = InetAddress.getLoopbackAddress();
+ }
}
+ else
+ localInetAddress = DatabaseDescriptor.getListenAddress();
+ }
return localInetAddress;
}
diff --git a/src/java/org/apache/cassandra/utils/JMXServerUtils.java b/src/java/org/apache/cassandra/utils/JMXServerUtils.java
index 12036f9..1f79a33 100644
--- a/src/java/org/apache/cassandra/utils/JMXServerUtils.java
+++ b/src/java/org/apache/cassandra/utils/JMXServerUtils.java
@@ -47,6 +47,7 @@ import javax.rmi.ssl.SslRMIClientSocketFactory;
import javax.rmi.ssl.SslRMIServerSocketFactory;
import javax.security.auth.Subject;
+import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableMap;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
@@ -63,7 +64,8 @@ public class JMXServerUtils
* inaccessable.
*/
@SuppressWarnings("resource")
- public static JMXConnectorServer createJMXServer(int port, boolean local)
+ @VisibleForTesting
+ public static JMXConnectorServer createJMXServer(int port, String hostname, boolean local)
throws IOException
{
Map<String, Object> env = new HashMap<>();
@@ -120,7 +122,7 @@ public class JMXServerUtils
(RMIClientSocketFactory) env.get(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE),
(RMIServerSocketFactory) env.get(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE),
env);
- JMXServiceURL serviceURL = new JMXServiceURL("rmi", null, rmiPort);
+ JMXServiceURL serviceURL = new JMXServiceURL("rmi", hostname, rmiPort);
RMIConnectorServer jmxServer = new RMIConnectorServer(serviceURL, env, server, ManagementFactory.getPlatformMBeanServer());
// If a custom authz proxy was created, attach it to the server now.
@@ -133,6 +135,12 @@ public class JMXServerUtils
return jmxServer;
}
+ @SuppressWarnings("resource")
+ public static JMXConnectorServer createJMXServer(int port, boolean local) throws IOException
+ {
+ return createJMXServer(port, null, local);
+ }
+
private static Map<String, Object> configureJmxAuthentication()
{
Map<String, Object> env = new HashMap<>();
diff --git a/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java b/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java
index 10c871b..3bc28a9 100644
--- a/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java
+++ b/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java
@@ -90,7 +90,7 @@ public class JMXAuthTest extends CQLTester
System.setProperty("java.security.auth.login.config", config);
System.setProperty("cassandra.jmx.remote.login.config", "TestLogin");
System.setProperty("cassandra.jmx.authorizer", NoSuperUserAuthorizationProxy.class.getName());
- jmxServer = JMXServerUtils.createJMXServer(9999, true);
+ jmxServer = JMXServerUtils.createJMXServer(9999, "localhost", true);
jmxServer.start();
JMXServiceURL jmxUrl = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://localhost:9999/jmxrmi");
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org