Configure fixed ports for device servers from Astor/Jive/Starter
|
|
|
|---|---|
|
Dear all, is there a way to configure device servers to run using fixed ports (or at least a restricted number of ports) both for ORB and zmq events by using Tango tools (Astor/Jive/Starter)? I'm deploying Tango devices in a cluster and I experiences firewall problems across nodes and to/from the Tango DB host. System administrator is reluctant to open such a wide range of ports for Tango services. I know that from command line you can run with fixed ORB endpoints: myserver myinstance_name -ORBendPoint giop:tcp::<port number> and that zmq is using a random port from the ephemeral range (32768-61000) for event channels (heartbeat/attr events). Is there a way to set or restrict that ports from the administration tools? Thanks, Simone
****************************************************************
Simone Riggi INAF, Osservatorio Astrofisico di Catania Via S. Sofia 78 95123, Catania - Italy phone: +39 095 7332 extension 282 e-mail: simone.riggi@gmail.com, sriggi@oact.inaf.it skype: simone.riggi **************************************************************** |
|
|
|
|---|---|
|
Hi Simone, omniORB configuration relies on a system wide config file, named omniORB.cfg, located in /etc (see the attached file as an example). Amongst many parameters you can specify the endPoint in the form: endPoint = giop:tcp:<ip>:<port> We use this setup to limit the number of interfaces, e.g. subnets, the ORB is listening to on hosts with multiple network adapters. Moreover, because of a bug, TANGO 8 ignores the omniORB.cgf config file and the relevant env variable has to be specified as a workaround, limited to the Starter Ciao, Lorenzo
Attachments:
 31Kb
|
|
|
|
|---|---|
|
Hi Simone, I like the idea of being able to specify the port addresses for servers behind firewalls. As you state this is possible for the synchronous calls using the features of CORBA but not for events using ZMQ. We will study how to add this as a feature in the future. I cannot promise when however. Could you make a feature request? Andy |
|
|
|
|---|---|
|
|
Thanks Andy & Lorenzo. I will try the ORB config. From ORB documentation it seems I can do the following giop:tcp::X-Y to restrict port range from X to Y. Andy: do I make a feature request on the Tango 10 open discussion? Thanks, Simone
****************************************************************
Simone Riggi INAF, Osservatorio Astrofisico di Catania Via S. Sofia 78 95123, Catania - Italy phone: +39 095 7332 extension 282 e-mail: simone.riggi@gmail.com, sriggi@oact.inaf.it skype: simone.riggi **************************************************************** |
|
|
|
|---|---|
|
|
HI, I am very interested in the discussions, I would like to run Tango devices in docker containers (under K8S), my first problem is that they can communicate with the outside, some Tango clients will directly run under Windows. My question: Is the ability to specify ZMQ ports when starting a device now covered, or being resolved? |
|
|
|
|---|---|
|
Gaëtan Hi Gaëtan, Something has been done in cppTango 9.3.5 to give the possibility to configure the ZMQ ports used by your device server manually, using TANGO_ZMQ_EVENT_PORT and TANGO_ZMQ_HEARTBEAT_PORT environment variables. Here is the related issue: https://gitlab.com/tango-controls/cppTango/-/issues/880 and the associated merge request: https://gitlab.com/tango-controls/cppTango/-/merge_requests/893 But it seems there is still an unresolved issue in some situations: see https://gitlab.com/tango-controls/cppTango/-/issues/915 Hoping this helps, Reynald
Rosenberg's Law: Software is easy to make, except when you want it to do something new.
Corollary: The only software that's worth making is software that does something new. |
|
|
|
|---|---|
|
|
Thanks a lot Reynald, This should answer my problem. |