Unable to connect to running web service #2240

Open
jpoling-dswrx opened this Issue Dec 16, 2016 · 11 comments

Projects

None yet

3 participants

@jpoling-dswrx

Bug report

My Rundeck detail

  • Rundeck version: 2.7.1-1-GA
  • install type: .deb
  • OS Name/version: Ubuntu 16.04

Expected Behavior

Able to modify configuration file(s) to change the listening address/port.

Actual Behavior

Modifying /etc/rundeck/framework.properties and /etc/rundeck/rundeck-config.properties (according to http://rundeck.org/docs/manual/configure.html) does not work to change listening address/port settings.

How to reproduce Behavior

Stop Service
service rundeckd stop

Change Listening Port to 80
Change port settings in both of the above files to port 80.

(Re)Start Service
service rundeckd start

Ensure Service is Listening on New Port (80)
netstat -ano
...
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State Timer
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN off (0.00/0/0)
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN off (0.00/0/0)
tcp6 0 0 :::22 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::4440 :::* LISTEN off (0.00/0/0)
...

Note that it is still listening on the standard 4440 port, not the newly changed port (80).

@mrala
mrala commented Dec 17, 2016

Are you setting RDECK_HTTP_PORT in /etc/rundeck/profile?

@jpoling-dswrx
jpoling-dswrx commented Dec 19, 2016 edited

No, am I supposed to? Where is that noted in the documentation?

@mrala
mrala commented Jan 13, 2017

You could try setting it and verifying if it works or not. I'm not sure if it's in the documentation.

@jpoling-dswrx

Still doesn't work.

[root@rundeck-vm (:) labadmin]# grep :80 /etc/rundeck/rundeck-config.properties
grails.serverURL=http://0.0.0.0:80
[root@rundeck-vm (:) labadmin]# grep :80 /etc/rundeck/framework.properties
framework.server.port = 80
framework.server.url = http://0.0.0.0:80
[root@rundeck-vm (:) labadmin]# grep :80 /etc/rundeck/profile
RDECK_HTTP_PORT=${RDECK_HTTP_PORT:-80}
[root@rundeck-vm (:) labadmin]# netstat -ano | grep :80
No results.

@mrala
mrala commented Jan 13, 2017

Have you tried setting it to a port > 1024?

@jpoling-dswrx
jpoling-dswrx commented Jan 13, 2017 edited

Yes, still can't connect.

netstat -ano | grep :8080
tcp6 0 0 :::8080 :::* LISTEN off (0.00/0/0)

It never listens on tcp (ipv4) 0.0.0.0, only tcp6 :::, which may be the problem.

@mrala
mrala commented Jan 13, 2017

It looks like it's trying to using port 8080, though.

@jpoling-dswrx

Yes... that is one of the many ports I've tried, to include the default 4440, 80 (it never even starts listening), 8080, 1025, etc.

@jpoling-dswrx
jpoling-dswrx commented Jan 13, 2017 edited

The problem here is that it never starts listening on all interfaces (0.0.0.0) so that I can connect to it. Instead, it only listens on tcp6 :::. When it starts, it should bind to all interfaces (0.0.0.0:<port>) for it to work and be able to connect from another machine, as referenced in the guide here:

https://www.sans.org/reading-room/whitepapers/privilege/introduction-rundeck-secure-script-executions-37162

Yet, it does not. Why, I'm not sure, which is why I'm here hoping to get help to figure that out.

@gschueler
Contributor

Sorry, we should have an explicit section in the Administrator Guide about setting the http/https ports.

(We are also in the midst of correcting the rpm/deb init scripts of some problems, so bear with me)

For 2.7.1, Debian, you would modify /etc/rundeck/profile and set the RDECK_HTTP_PORT variable, or export RDECK_HTTP_PORT in a /etc/sysconfig/rundeckd file. (caveat, this is changing to /etc/default/rundeckd for debian soon)

If you are using RPM install, you would export the RDECK_HTTP_PORT value inside /etc/default/rundeckd.

If you are using the launcher, you would specify -Dserver.http.port=8080 and/or -Dserver.https.port=8443 on the java commandline to set the port.

Note: in Rundeck 2.6 and earlier, for both rpm and debian, you should modify /etc/rundeck/profile to add the same java commandline options to JAVA_OPTS as for the launcher.

If you want to only bind on ipv4 interface, set a java option of -Djava.net.preferIPv4Stack=true

@jpoling-dswrx
jpoling-dswrx commented Jan 13, 2017 edited

Does /etc/rundeck/rundeck-config.properties or /etc/rundeck/framework.properties control or have any effect on anything?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment