Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 2. Configuring Data Grid Server Networking
Data Grid servers let you configure interfaces and ports to make endpoints available across your network.
By default, Data Grid servers multiplex endpoints to a single TCP/IP port and automatically detect protocols of inbound client requests.
2.1. Server Interfaces
Data Grid servers can use different strategies for binding to IP addresses.
2.1.1. Address Strategy
Uses an inet-address strategy that maps a single public interface to the IPv4 loopback address (127.0.0.1).
<interfaces>
<interface name="public">
<inet-address value="${infinispan.bind.address:127.0.0.1}"/>
</interface>
</interfaces>
You can use the CLI -b argument or the infinispan.bind.address property to select a specific address from the command-line. See Changing the Default Bind Address.
2.1.2. Loopback Strategy
Selects a loopback address.
-
IPv4 the address block
127.0.0.0/8is reserved for loopback addresses. -
IPv6 the address block
::1is the only loopback address.
<interfaces>
<interface name="public">
<loopback/>
</interface>
</interfaces>2.1.3. Non-Loopback Strategy
Selects a non-loopback address.
<interfaces>
<interface name="public">
<non-loopback/>
</interface>
</interfaces>2.1.4. Network Address Strategy
Selects networks based on IP address.
<interfaces>
<interface name="public">
<inet-address value="10.1.2.3"/>
</interface>
</interfaces>2.1.5. Any Address Strategy
Selects the INADDR_ANY wildcard address. As a result Data Grid servers listen on all interfaces.
<interfaces>
<interface name="public">
<any-address/>
</interface>
</interfaces>2.1.6. Link Local Strategy
Selects a link-local IP address.
-
IPv4 the address block
169.254.0.0/16(169.254.0.0 – 169.254.255.255) is reserved for link-local addressing. -
IPv6 the address block
fe80::/10is reserved for link-local unicast addressing.
<interfaces>
<interface name="public">
<inet-address value="10.1.2.3"/>
</interface>
</interfaces>2.1.7. Site Local Strategy
Selects a site-local (private) IP address.
-
IPv4 the address blocks
10.0.0.0/8,172.16.0.0/12, and192.168.0.0/16are reserved for site-local addressing. -
IPv6 the address block
fc00::/7is reserved for site-local unicast addressing.
<interfaces>
<interface name="public">
<inet-address value="10.1.2.3"/>
</interface>
</interfaces>2.1.8. Match Host Strategy
Resolves the host name and selects one of the IP addresses that is assigned to any network interface.
Data Grid servers enumerate all available operating system interfaces to locate IP addresses resolved from the host name in your configuration.
<interfaces>
<interface name="public">
<match-host value="my_host_name"/>
</interface>
</interfaces>2.1.9. Match Interface Strategy
Selects an IP address assigned to a network interface that matches a regular expression.
Data Grid servers enumerate all available operating system interfaces to locate the interface name in your configuration.
Use regular expressions with this strategy for additional flexibility.
<interfaces>
<interface name="public">
<match-interface value="eth0"/>
</interface>
</interfaces>2.1.10. Match Address Strategy
Similar to inet-address but selects an IP address using a regular expression.
Data Grid servers enumerate all available operating system interfaces to locate the IP address in your configuration.
Use regular expressions with this strategy for additional flexibility.
<interfaces>
<interface name="public">
<match-address value="132\..*"/>
</interface>
</interfaces>2.1.11. Fallback Strategy
Interface configurations can include multiple strategies. Data Grid servers try each strategy in the declared order.
For example, with the following configuration, Data Grid servers first attempt to match a host, then an IP address, and then fall back to the INADDR_ANY wildcard address:
<interfaces>
<interface name="public">
<match-host value="my_host_name"/>
<match-address value="132\..*"/>
<any-address/>
</interface>
</interfaces>2.1.12. Changing the Default Bind Address for Data Grid Servers
You can use the server -b switch or the infinispan.bind.address system property to bind to a different address.
For example, bind the public interface to 127.0.0.2 as follows:
- Linux
$ bin/server.sh -b 127.0.0.2
- Windows
bin\server.bat -b 127.0.0.2
2.2. Socket Bindings
Socket bindings map endpoint connectors to server interfaces and ports.
By default, Data Grid servers provide the following socket bindings:
<socket-bindings default-interface="public" port-offset="${infinispan.socket.binding.port-offset:0}">
<socket-binding name="default" port="${infinispan.bind.port:11222}"/>
<socket-binding name="memcached" port="11221"/>
</socket-bindings>-
socket-bindingsdeclares the default interface and port offset. -
defaultbinds to hotrod and rest connectors to the default port11222. memcachedbinds the memcached connector to port11221.NoteThe memcached endpoint is disabled by default.
To override the default interface for socket-binding declarations, specify the interface attribute.
For example, you add an interface declaration named "private":
<interfaces>
...
<interface name="private">
<inet-address value="10.1.2.3"/>
</interface>
</interfaces>
You can then specify interface="private" in a socket-binding declaration to bind to the private IP address, as follows:
<socket-bindings default-interface="public" port-offset="${infinispan.socket.binding.port-offset:0}">
...
<socket-binding name="private_binding" interface="private" port="1234"/>
</socket-bindings>2.2.1. Specifying Port Offsets
Configure port offsets with Data Grid servers when running multiple instances on the same host. The default port offset is 0.
Use the -o switch with the Data Grid CLI or the infinispan.socket.binding.port-offset system property to set port offsets.
For example, start a server instance with an offset of 100 as follows. With the default configuration, this results in the Data Grid server listening on port 11322.
- Linux
$ bin/server.sh -o 100
- Windows
bin\server.bat -o 100
2.3. Data Grid Protocol Handling
Data Grid servers use a router connector to expose multiple protocols over the same TCP port, 11222. Using a single port for multiple protocols simplifies configuration and management and increases security by reducing the attack surface for unauthorized users.
Data Grid servers handle HTTP/1.1, HTTP/2, and Hot Rod protocol requests via port 11222 as follows:
- HTTP/1.1 upgrade headers
-
Client requests can include the
HTTP/1.1 upgradeheader field to initiate HTTP/1.1 connections with Data Grid servers. Client applications can then send theUpgrade: protocolheader field, whereprotocolis a Data Grid server endpoint. - Application-Layer Protocol Negotiation (ALPN)/Transport Layer Security (TLS)
- Client applications specify Server Name Indication (SNI) mappings for Data Grid server endpoints to negotiate protocols in a secure manner.
- Automatic Hot Rod detection
- Client requests that include Hot Rod headers automatically route to Hot Rod endpoints if the single port router configuration includes Hot Rod.
2.3.1. Configuring Clients for ALPN
Configure clients to provide ALPN messages for protocol negotiation during TLS handshakes with Data Grid servers.
Prerequisites
- Enable Data Grid server endpoints with encryption.
Procedure
Provide your client application with the appropriate libraries to handle ALPN/TLS exchanges with Data Grid servers.
NoteData Grid uses Wildfly OpenSSL bindings for Java.
- Configure clients with trust stores as appropriate.
Programmatically
ConfigurationBuilder builder = new ConfigurationBuilder()
.addServers("127.0.0.1:11222");
builder.security().ssl().enable()
.trustStoreFileName("truststore.pkcs12")
.trustStorePassword(DEFAULT_TRUSTSTORE_PASSWORD.toCharArray());
RemoteCacheManager remoteCacheManager = new RemoteCacheManager(builder.build());
RemoteCache<String, String> cache = remoteCacheManager.getCache("default"");
Hot Rod client properties
infinispan.client.hotrod.server_list = 127.0.0.1:11222 infinispan.client.hotrod.use_ssl = true infinispan.client.hotrod.trust_store_file_name = truststore.pkcs12 infinispan.client.hotrod.trust_store_password = trust_store_password
