You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@karaf.apache.org by peterg <pe...@gmail.com> on 2012/09/06 15:51:45 UTC

Re: Possible to start Karaf without opening any ports?

Okay, for what it's worth I'll respond to my own post:
(NOTE: all of these settings apply to Karaf 2.2.9 -- they may not apply for
the 3.x branch)

This is how to suppress the ports:

 - Disable the shutdown port:
     Set karaf.shutdown.port=-1 in etc/custom.properties or
etc/config.properties

- Disable ssh port (8101):
     Set the karaf.startRemoteShell system property to false
     (Merely removing the ssh feature from featuresBoot doesn't work, since
the ssh server is 
      included as a startup bundle).

- Disable Karaf's JMX management RMI ports (1099, 44444):
    Uninstall the management bundle:
org.apache.karaf.management.server-2.2.9
    either at runtime (for instance, from the console) or comment out its
entry in etc/startup.properties.
    (Merely removing the configuration feature from featuresBoot doesn't
work, since the management
     server is included as a startup bundle).

- Disable JMX port:
    Remove -Dcom.sun.management.jmxremote from bin/karaf


best regards, Peter



--
View this message in context: http://karaf.922171.n3.nabble.com/Possible-to-start-Karaf-without-opening-any-ports-tp4025808p4025959.html
Sent from the Karaf - User mailing list archive at Nabble.com.

Re: Possible to start Karaf without opening any ports?

Posted by "peter.gardfjall.work" <pe...@gmail.com>.

Hi Andreas,

I could do that. I just need some pointers on where to add the content.
However, I'm not sure if all of it qualifies for the user manual.
Particularly due to the "hackish" disabling of JMX management ports.
In my case, I either needed to uninstall the 
org.apache.karaf.management.server-2.2.9 bundle after the framework had 
finished booting up or set the rmiRegistryPort and rmiServerPort ports 
to -1 in etc/org.apache.karaf.management.cfg (which produces an error 
message on the console).
There doesn't seem to be a clean way to disable JMX management ports 
(such as by disabling the management feature).
Would that be useful?

Furthermore, I looked at the version 3.x branch which is much more 
restrictive with respect to opening ports.
By default, it only opens the shutdown port and the JMX port. So, to 
disable them just
set karaf.shutdown.port=-1 in etc/custom.properties or etc/config.properties
and
   remove -Dcom.sun.management.jmxremote from bin/karaf

best regards, Peter

On 09/11/2012 11:57 AM, Andreas Pieber wrote:
> Hey Peter,
>
> Thank you very much for the update; would you mind include your
> findings as a patch into the manual?
>
> Thank you very much and kind regards,
> Andreas
>
> On Thu, Sep 6, 2012 at 3:51 PM, peterg<pe...@gmail.com>  wrote:
>> Okay, for what it's worth I'll respond to my own post:
>> (NOTE: all of these settings apply to Karaf 2.2.9 -- they may not apply for
>> the 3.x branch)
>>
>> This is how to suppress the ports:
>>
>>   - Disable the shutdown port:
>>       Set karaf.shutdown.port=-1 in etc/custom.properties or
>> etc/config.properties
>>
>> - Disable ssh port (8101):
>>       Set the karaf.startRemoteShell system property to false
>>       (Merely removing the ssh feature from featuresBoot doesn't work, since
>> the ssh server is
>>        included as a startup bundle).
>>
>> - Disable Karaf's JMX management RMI ports (1099, 44444):
>>      Uninstall the management bundle:
>> org.apache.karaf.management.server-2.2.9
>>      either at runtime (for instance, from the console) or comment out its
>> entry in etc/startup.properties.
>>      (Merely removing the configuration feature from featuresBoot doesn't
>> work, since the management
>>       server is included as a startup bundle).
>>
>> - Disable JMX port:
>>      Remove -Dcom.sun.management.jmxremote from bin/karaf
>>
>>
>> best regards, Peter
>>
>>
>>
>> --
>> View this message in context: http://karaf.922171.n3.nabble.com/Possible-to-start-Karaf-without-opening-any-ports-tp4025808p4025959.html
>> Sent from the Karaf - User mailing list archive at Nabble.com.

Re: Possible to start Karaf without opening any ports?

Posted by Andreas Pieber <an...@gmail.com>.

Hey Peter,

Thank you very much for the update; would you mind include your
findings as a patch into the manual?

Thank you very much and kind regards,
Andreas

On Thu, Sep 6, 2012 at 3:51 PM, peterg <pe...@gmail.com> wrote:
> Okay, for what it's worth I'll respond to my own post:
> (NOTE: all of these settings apply to Karaf 2.2.9 -- they may not apply for
> the 3.x branch)
>
> This is how to suppress the ports:
>
>  - Disable the shutdown port:
>      Set karaf.shutdown.port=-1 in etc/custom.properties or
> etc/config.properties
>
> - Disable ssh port (8101):
>      Set the karaf.startRemoteShell system property to false
>      (Merely removing the ssh feature from featuresBoot doesn't work, since
> the ssh server is
>       included as a startup bundle).
>
> - Disable Karaf's JMX management RMI ports (1099, 44444):
>     Uninstall the management bundle:
> org.apache.karaf.management.server-2.2.9
>     either at runtime (for instance, from the console) or comment out its
> entry in etc/startup.properties.
>     (Merely removing the configuration feature from featuresBoot doesn't
> work, since the management
>      server is included as a startup bundle).
>
> - Disable JMX port:
>     Remove -Dcom.sun.management.jmxremote from bin/karaf
>
>
> best regards, Peter
>
>
>
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Possible-to-start-Karaf-without-opening-any-ports-tp4025808p4025959.html
> Sent from the Karaf - User mailing list archive at Nabble.com.