Allow binding to multiple addresses. #13954
Conversation
For consistency and simplicity this means that es.network.host/bind_host/publish_host can all take arrays.
Yes, we are still limited to a single publish host, and only the "best" address from publish_host will be used,
I do not change that, but its alread the case today (even by default: _local_ !), and its just an internal
limitation we can later fix. Instead we just continue with the same logic of "magic selection of publish host",
and users can always be explicit, and weare just clear to the user about what is happening.
I did it this way, because network stuff is already overwhelmed, and i mean really overwhelmed with settings.
We need to make this easy on the user to do the right thing and not make that worse.
Examples:
bin/elasticsearch # defaults
```
[elasticsearch] [2015-10-06 01:15:28,671][WARN ][common.network ] [Todd Arliss] publish host: [_local_] resolves to multiple addresses, auto-selecting {127.0.0.1} as single publish address
[elasticsearch] [2015-10-06 01:15:28,672][INFO ][transport ] [Todd Arliss] publish_address {127.0.0.1:9300}, bound_addresses {[fe80::1]:9300}, {[::1]:9300}, {127.0.0.1:9300}
```
bin/elasticsearch -Des.network.host=_lo0_,_en0_ # multiple interfaces
```
[2015-10-06 01:17:08,970][WARN ][common.network ] [Torso] publish host: [_lo0_, _en0_] resolves to multiple addresses, auto-selecting {192.168.0.19} as single publish address
[2015-10-06 01:17:08,972][INFO ][transport ] [Torso] publish_address {192.168.0.19:9300}, bound_addresses {[fe80::1]:9300}, {[::1]:9300}, {127.0.0.1:9300}, {[fe80::3e15:c2ff:fee5:d26c]:9300}, {192.168.0.19:9300}
```
bin/elasticsearch -Des.network.host=192.168.0.19,_local_ -Des.network.publish_host=192.168.0.19 # being explicit
```
[2015-10-06 01:19:28,603][INFO ][transport ] [Thunderbird] publish_address {192.168.0.19:9300}, bound_addresses {[fe80::1]:9300}, {[::1]:9300}, {127.0.0.1:9300}, {192.168.0.19:9300}
```
Closes elastic#13592
clintongormley
added
>enhancement
:Distributed Coordination/Network
* Deprecate _non_loopback_. This is far too arbitrary * Fix _local_ to mean loopback addresses, not addresses on loopback interfaces. This removes the confusion of e.g. binding to link-local addresses on the mac for example. * Remove internal use of _non_loopback_, instead just "expand wildcard addresses" * Add _site_ and _global_ scopes as counterparts to _local_. This means users can configure networking by address(es), interface(es), or scope (local, private, public), or any combination thereof.
|
I pushed another commit that fixes the I added e.g. stuff like I am hoping this is enough to prevent confusing options in issues such as #13612 and #13972 If we need to fix this for 2.0 in order to fix those issues, then fine, lets do things right. But our network configuration needs to be easy and make logical sense :) |
Nice!
I'm +1 on getting this back to 2.1. I'd love to get it into 2.0.1 when that comes around too. |
| if (bindHost == null) { | ||
| bindHost = DEFAULT_NETWORK_HOST; | ||
| if (bindHosts == null) { | ||
| bindHosts = new String[] { DEFAULT_NETWORK_HOST }; |
There was a problem hiding this comment.
Should it become DEFAULT_NETWORK_HOSTS?
There was a problem hiding this comment.
our default is a single host specification: _local_. One point of this change is that you can use multiple: e.g. _local_,12.1.4.2,foo.bar.com
There was a problem hiding this comment.
Yeah - I suppose that is fine reasoning.
|
@nik9000 and for the record i don't really want to rush this stuff in. I just mention that in response to things like #13972 which are set for 2.0 Maybe it is those that need to be reconsidered instead as far as versioning? I am heavily concerned about being able to fix this stuff, I don't want to hear whimpering and whining about how fixing it in 2.2 is "breaking bwc", and i also don't want 2.0 to go out with massive security problems: I am doing everything I can to prevent that. |
|
@rmuir There is IMO absolutely no rush to fix #13969 #13970 and #13972 although I marked them initially for 2.0.0. Just because people can use So if there is any security concern, let's move those issues to a later version. It's only a nice to have I think. |
|
OK I just feel like i missed something bigtime: some discussion that we are reverting the "bind-to-localhost" default in terms of ease of use. This should really be discussed in more detail and planned more thoroughly. I saw a bunch of 2.0 issues come up suddenly and just got super worried about it. On the other hand binding to localhost only as a default always, its very safe and easy to understand. |
If we're concerned about breaking backwards compatibility we can make those network addresses either strings or arrays. That seems simple enough and might be worth doing anyway.
Yeah. I think it'd be nice to have some "this is how you make a real cluster" docs somewhere for users who want a helping hand going from playing around on one box to multiple boxes. |
But not as part of this PR. That'd be silly. |
|
I'm removing 2.2 and will just remove the garbage like |
Conflicts: core/src/main/java/org/elasticsearch/common/network/NetworkService.java
|
I pushed additional commits with the cleanups I wanted to do. I think this is good for master. if we want to backport it (e.g. to 2.2) then we should deprecate+warn about the heuristicy |
|
I'm not going to maintain this branch, its too much work |
|
I looked through it and it LGTM I am sorry I missed the last pings 8 days ago, can you merge it when it's up-to-date? |
|
i resynced this to master. |
|
LGTM too |
|
LGTM thanks rob |
* Allow for multiple host specifications (e.g. _en0_,192.168.1.2,_site_). * Add _site_ and _global_ scopes as counterparts to _local_. * Warn on heuristic selection of publish address. * Remove the arbitrary _non_loopback_ setting. Closes #13954 Conflicts: docs/reference/migration/migrate_3_0.asciidoc plugins/cloud-gce/src/test/java/org/elasticsearch/discovery/gce/GceNetworkTests.java
For consistency and simplicity this means that es.network.host/bind_host/publish_host can all take arrays.
Yes, we are still limited to a single publish host, and only the "best" address from publish_host will be used, I do not change that, but its already the case today (even by default!:
_local_), and its just an internal limitation we can later fix. Instead we just continue with the same logic of "magic selection of publish host", and users can always be explicit, and we are just clear to the user about what is happening.I did it this way, because network stuff is already overwhelmed, and i mean really overwhelmed with settings. We need to make this easy on the user to do the right thing and not make that worse.
Examples:
bin/elasticsearch# defaultsbin/elasticsearch -Des.network.host=_lo0_,_en0_# multiple interfacesbin/elasticsearch -Des.network.host=192.168.0.19,_local_ -Des.network.publish_host=192.168.0.19# being explicitCloses #13592