Skip to content
This repository was archived by the owner on Nov 18, 2020. It is now read-only.

Introduces listener check commands #300

Merged
merged 4 commits into from
Jan 24, 2019
Merged

Introduces listener check commands #300

merged 4 commits into from
Jan 24, 2019

Conversation

michaelklishin
Copy link
Contributor

@michaelklishin michaelklishin commented Jan 23, 2019
edited
Loading

Part of #292, per discussion with @gerhard.

To QA:

  1. Start a node for running the tests
  2. gmake
  3. for i in 5672 25672 61613 123123 15672; do ./escript/rabbitmq-diagnostics -q check_port_listener $i; echo $?; done
  4. for i in amqp stomp cli clustering amqp091 amqp1.0 lolz; do ./escript/rabbitmq-diagnostics -q check_protocol_listener $i; echo $?; done

@michaelklishin michaelklishin mentioned this pull request Jan 23, 2019
Closed
12 tasks
lukebakken
lukebakken approved these changes Jan 23, 2019
View reviewed changes
Copy link
Contributor

@lukebakken lukebakken left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@michaelklishin
Copy link
Contributor Author

In order to QA the connectivity check command I temporarily injected a bogus listener into the code:

  defp check_connectivity_of(listeners, node_name, timeout) do
    # per listener timeout
    t        = Kernel.trunc(timeout / (length(listeners) + 1))
    bogus = {:listener, :rabbit@mercurio, :lolz, 'mercurio', {0, 0, 0, 0, 0, 0, 0, 0},
                     7761613, [backlog: 128, nodelay: true]}
    failures = Enum.reject([bogus | listeners],
                fn l -> check_listener_connectivity(listener_map(l), node_name, t) end)
    case failures do
      [] -> {true, listeners}
      fs -> {false, fs}
    end
  end

iptables and friends can also work, of course.

@lukebakken
Copy link
Contributor

👍

(21.2.3)lbakken@shostakovich ~/development/rabbitmq/rabbitmq-cli (rabbitmq-cli-292-listener-checks=)
$ sudo nft add chain inet filter rabbit { type filter hook input priority 1 \; policy accept \; }
(21.2.3)lbakken@shostakovich ~/development/rabbitmq/rabbitmq-cli (rabbitmq-cli-292-listener-checks=)
$ sudo nft add rule inet filter rabbit tcp dport 61613 drop
(21.2.3)lbakken@shostakovich ~/development/rabbitmq/rabbitmq-cli (rabbitmq-cli-292-listener-checks=)
$ sudo nft list table inet filter
table inet filter {
        chain input {
                type filter hook input priority 0; policy accept;
                iif "lo" accept
                tcp dport ssh ct state new accept
                ct state established,related accept
                ip6 nexthdr ipv6-icmp icmpv6 type { nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept
                counter packets 0 bytes 0 drop
        }

        chain rabbit {
                type filter hook input priority 1; policy accept;
                tcp dport 61613 drop
        }
}
(21.2.3)lbakken@shostakovich ~/development/rabbitmq/rabbitmq-cli (rabbitmq-cli-292-listener-checks=)
$ ./escript/rabbitmq-diagnostics check_port_connectivity
Testing TCP connections to all active listeners on node rabbit@localhost ...
Error:
Connection to ports of the following listeners on node rabbit@localhost failed: 
Interface: [::], port: 61613, protocol: stomp, purpose: MQTT

@michaelklishin
Copy link
Contributor Author

Ugh, 61613, protocol: stomp, purpose: MQTT seems wrong ;) Looking into it.

@michaelklishin michaelklishin merged commit 30cebc5 into master Jan 24, 2019
@michaelklishin michaelklishin deleted the rabbitmq-cli-292-listener-checks branch January 24, 2019 11:04
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lukebakken lukebakken lukebakken approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@michaelklishin @lukebakken