How to bind to a specific IP address when using https for EM webserver and webview ?

book

Article ID: 143360

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management (APM / Wily / Introscope) INTROSCOPE DX Application Performance Management

Issue/Introduction

The documentation for Enterprise Manager communications

states the following for property introscope.enterprisemanager.ipaddress
"Binds all Enterprise Manager communication channels, including the embedded Web server, to a specific local IP address."

However this does not appear to be true if secure communications are enabled for the in built web server using the property introscope.enterprisemanager.webserver.jetty.configurationFile

If there are two Enterprise Managers running on the same system and each should bin to it's own NIC. When using the default http web server this works well by setting the introscope.enterprisemanager.ipaddress for each EM as can be seen by the netstat output when both are started

tcp6       0      0 10.167.67.226:8081      :::*                    LISTEN
tcp6       0      0 10.167.67.42:8081       :::*                    LISTEN

However when the jetty files are enabled by setting the introscope.enterprisemanager.webserver.jetty.configurationFile property the EM binds to the local host as teh netstat output shows

tcp6       0      0 :::8444                 :::*                    LISTEN      

and consequently only one EM will start the second fails with the following error


1/03/20 03:52:48.140 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps bind address: 10.167.67.42
1/03/20 03:52:48.140 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps port: 8081
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] EM max server threads: 100
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps directory: /server/hrs/apm/test/test1/app/introscope_em_new/webapps
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps checks for new webapps every 60 seconds
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] Fail to start the EM if the web server port is in use :false
1/03/20 03:52:48.152 PM CET [INFO] [main] [Manager.EMWebServer] Configuring the Jetty web server from configuration file: /server/hrs/apm/test/test1/app/introscope_em_new/./config/em-jetty-config.xml
1/03/20 03:52:48.254 PM CET [INFO] [main] [Manager.EMWebServer] EM[[email protected]{SSL,[ssl, http/1.1]}{0.0.0.0:8444}] Request Header Size is :8192
1/03/20 03:52:48.274 PM CET [ERROR] [main] [Manager.EMWebServer] The web server was unable to bind to a port.  This could be caused by another EM process binding to the same port.  Exception: Address already in use
1/03/20 03:52:48.275 PM CET [ERROR] [main] [Manager.EMWebServer] EM Web Server did not start.  Port already in use:  8081  To change the Web Server port, modify the EM property: introscope.enterprisemanager.webserver.port
java.net.BindException: Address already in use

NOTE also that the message reported references the wrong port number - it is actually failing because 0.0.0.0:8444 is already used by the first Enterprise Manager the message uses the webapps port which is not relevant when the jetty config file is enabled.

Environment

Release : 10.7.0

Component : APM 

Resolution

To enable specific IP binding a new parameter needs to be added to the jetty config file (em-jetty-config.xml for Enterprise Manager, webview-jetty-config.xml for WebView) in the connector definition

<Set name="host">ip_addr_here</Set>

e.g
.....
        </Arg>
        <Set name="port">8444</Set>
        <Set name="host">10.167.67.42</Set>
        <Set name="idleTimeout">300000</Set>
      </New>
    </Arg>
.....


Then the webserver will bind correctly as shown in the netstat output

tcp6       0      0 10.167.67.42:8444       :::*                    LISTEN
tcp6       0      0 10.167.67.74:8444       :::*                    LISTEN


NOTE that if upgrading to 10.7 SP3 from an earlier 10.7 release then the host setting will be lost and needs to be reapplied