How to bind to a specific IP address when using https for EM webserver and webview ?
Article ID: 143360
Updated On:
Products
Issue/Introduction
The documentation for Enterprise Manager communications
states the following for property introscope.enterprisemanager.ipaddress
"Binds all Enterprise Manager communication channels, including the embedded Web server, to a specific local IP address."
However this does not appear to be true if secure communications are enabled for the in built web server using the property introscope.enterprisemanager.webserver.jetty.configurationFile
If there are two Enterprise Managers running on the same system and each should bin to it's own NIC. When using the default http web server this works well by setting the introscope.enterprisemanager.ipaddress for each EM as can be seen by the netstat output when both are started
tcp6 0 0 10.167.67.226:8081 :::* LISTEN
tcp6 0 0 10.167.67.42:8081 :::* LISTEN
However when the jetty files are enabled by setting the introscope.enterprisemanager.webserver.jetty.configurationFile property the EM binds to the local host as teh netstat output shows
tcp6 0 0 :::8444 :::* LISTEN
and consequently only one EM will start the second fails with the following error
1/03/20 03:52:48.140 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps bind address: 10.167.67.42
1/03/20 03:52:48.140 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps port: 8081
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] EM max server threads: 100
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps directory: /server/hrs/apm/test/test1/app/introscope_em_new/webapps
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] EM webapps checks for new webapps every 60 seconds
1/03/20 03:52:48.141 PM CET [INFO] [main] [Manager.EMWebServer] Fail to start the EM if the web server port is in use :false
1/03/20 03:52:48.152 PM CET [INFO] [main] [Manager.EMWebServer] Configuring the Jetty web server from configuration file: /server/hrs/apm/test/test1/app/introscope_em_new/./config/em-jetty-config.xml
1/03/20 03:52:48.254 PM CET [INFO] [main] [Manager.EMWebServer] EM[[email protected]{SSL,[ssl, http/1.1]}{0.0.0.0:8444}] Request Header Size is :8192
1/03/20 03:52:48.274 PM CET [ERROR] [main] [Manager.EMWebServer] The web server was unable to bind to a port. This could be caused by another EM process binding to the same port. Exception: Address already in use
1/03/20 03:52:48.275 PM CET [ERROR] [main] [Manager.EMWebServer] EM Web Server did not start. Port already in use: 8081 To change the Web Server port, modify the EM property: introscope.enterprisemanager.webserver.port
java.net.BindException: Address already in use
NOTE also that the message reported references the wrong port number - it is actually failing because 0.0.0.0:8444 is already used by the first Enterprise Manager the message uses the webapps port which is not relevant when the jetty config file is enabled.
Environment
Release : 10.7.0
Component : APM
Resolution
To enable specific IP binding a new parameter needs to be added to the jetty config file (em-jetty-config.xml for Enterprise Manager, webview-jetty-config.xml for WebView) in the connector definition
<Set name="host">ip_addr_here</Set>
e.g
.....
</Arg>
<Set name="port">8444</Set>
<Set name="host">10.167.67.42</Set>
<Set name="idleTimeout">300000</Set>
</New>
</Arg>
.....
Then the webserver will bind correctly as shown in the netstat output
tcp6 0 0 10.167.67.42:8444 :::* LISTEN
tcp6 0 0 10.167.67.74:8444 :::* LISTEN
NOTE that if upgrading to 10.7 SP3 from an earlier 10.7 release then the host setting will be lost and needs to be reapplied
Feedback
