How to bind to a specific IP address when using https for APM EM webserver and webview ?
search cancel

How to bind to a specific IP address when using https for APM EM webserver and webview ?

book

Article ID: 143360

calendar_today

Updated On: 08-20-2024

Products

DX Application Performance Management CA Application Performance Management (APM / Wily / Introscope)

Issue/Introduction

The documentation for Enterprise Manager communications states the following for property introscope.enterprisemanager.ipaddress

"Binds all Enterprise Manager communication channels, including the embedded Web server, to a specific local IP address."

However this does not appear to be true if secure communications are enabled for the in built web server using the property introscope.enterprisemanager.webserver.jetty.configurationFile

If there are two Enterprise Managers running on the same system and each should bin to it's own NIC. When using the default http web server this works well by setting the introscope.enterprisemanager.ipaddress for each EM as can be seen by the netstat output when both are started

tcp6       0      0 10.167.67.226:8081      :::*                    LISTEN
tcp6       0      0 10.167.67.42:8081       :::*                    LISTEN

However when the jetty files are enabled by setting the introscope.enterprisemanager.webserver.jetty.configurationFile property the EM binds to the local host as the netstat output shows

tcp6       0      0 :::8444                 :::*                    LISTEN      

and consequently only one EM will start the second fails with the following error


 [INFO] [main] [Manager.EMWebServer] EM webapps bind address: 10.167.67.42
 [INFO] [main] [Manager.EMWebServer] EM webapps port: 8081
 [INFO] [main] [Manager.EMWebServer] EM max server threads: 100
 [INFO] [main] [Manager.EMWebServer] EM webapps directory: /server/hrs/apm/test/test1/app/introscope_em_new/webapps
 [INFO] [main] [Manager.EMWebServer] EM webapps checks for new webapps every 60 seconds
 [INFO] [main] [Manager.EMWebServer] Fail to start the EM if the web server port is in use :false
 [INFO] [main] [Manager.EMWebServer] Configuring the Jetty web server from configuration file: /server/hrs/apm/test/test1/app/introscope_em_new/./config/em-jetty-config.xml
 [INFO] [main] [Manager.EMWebServer] EM[ServerConnector@<host>{SSL,[ssl, http/1.1]}{0.0.0.0:8444}] Request Header Size is :8192
[ERROR] [main] [Manager.EMWebServer] The web server was unable to bind to a port.  This could be caused by another EM process binding to the same port.  Exception: Address already in use
CET [ERROR] [main] [Manager.EMWebServer] EM Web Server did not start.  Port already in use:  8081  To change the Web Server port, modify the EM property: introscope.enterprisemanager.webserver.port
java.net.BindException: Address already in use

NOTE also that the message reported references the wrong port number - it is actually failing because 0.0.0.0:8444 is already used by the first Enterprise Manager the message uses the webapps port which is not relevant when the jetty config file is enabled.

Environment

APM 10.x

Resolution

To enable specific IP binding a new parameter needs to be added to the jetty config file (em-jetty-config.xml for Enterprise Manager, webview-jetty-config.xml for WebView) in the connector definition

<Set name="host">ip_addr_here</Set>

e.g
.....
        </Arg>
        <Set name="port">8444</Set>
        <Set name="host">10.167.67.42</Set>
        <Set name="idleTimeout">300000</Set>
      </New>
    </Arg>
.....


Then the webserver will bind correctly as shown in the netstat output

tcp6       0      0 10.167.67.42:8444       :::*                    LISTEN
tcp6       0      0 10.167.67.74:8444       :::*                    LISTEN


NOTE that if upgrading to 10.7 SP3 from an earlier 10.7 release then the host setting will be lost and needs to be reapplied

Additional Information

Powered by Wolken Software