EOS micro http vs XrdHttp same port conflict in 4.8.78

Site Administrators
1

Hi,

I’m running EOS 4.8.62 and I’m planning an upgrade to 4.8.78.
The current setup has the (http) config setup basically according: HTTP(XrdHttp) and XRootD TPC with delegated credentials — EOS CITRINE documentation

[root@test-eos-mgm-2 ~]# grep -C3 8443 /etc/sysconfig/eos_env
#-------------------------------------------------------------------------------
# HTTP server ports

# port 8443,9000 for the good better HTTP(s), 8000/8001 is default
# MGM - set to 0 to disable HTTP
EOS_MGM_HTTP_PORT=8443

######################################################
[root@test-eos-mgm-2 ~]# grep XrdHttp /etc/xrd.cf.mgm
xrd.protocol XrdHttp:8443 /usr/lib64/libXrdHttp-4.so
# Load the XrdHttpVOMS security extractor plugin that is able to deal with
http.secxtractor libXrdHttpVOMS.so
http.exthandler xrdtpc /usr/lib64/libXrdHttpTPC-4.so

We’re running this config in production, and it’s working ok. However, on 4.8.78 we get a crash loop on startup, as micro http and xrdhttp try to bind to the same port (and fail hard).

=====> xrd.protocol XrdHttp:8443 /usr/lib64/libXrdHttp-4.so
220223 10:42:37 time=1645609357.298229 func=Run                      level=INFO  logid=static.............................. unit=mgm@test-eos-mgm-2.vbc.ac.at:1094 tid=00007f3cc4fe9700 source=HttpServer:157                 tident= sec=(null) uid=99 gid=99 name=- geo="" msg="start of micro httpd succeeded [port=8443]"
220223 10:42:51 101217 XrdOpen: Unable to bind socket to port 8443; address already in use
=====> xrd.protocol XrdHttp:8443 /usr/lib64/libXrdHttp-4.so
220223 10:42:59 time=1645609379.520759 func=Run                      level=INFO  logid=static.............................. unit=mgm@test-eos-mgm-2.vbc.ac.at:1094 tid=00007f1f54be9700 source=HttpServer:157                 tident= sec=(null) uid=99 gid=99 name=- geo="" msg="start of micro httpd succeeded [port=8443]"
220223 10:43:13 101696 XrdOpen: Unable to bind socket to port 8443; address already in use

I’m aware of HTTP access — EOS CITRINE documentation but assumed this was the “old style” setup. I don’t have eos-nginx installed or use any proxy in front of EOS.

When I disable the config in sysconfig:

[root@test-eos-mgm-1 ~]# grep -C3 EOS_MGM_HTTP_PORT /etc/sysconfig/eos_env

# port 8443,9000 for the good better HTTP(s), 8000/8001 is default
# MGM - set to 0 to disable HTTP
EOS_MGM_HTTP_PORT=0

Then I can crash the eos MGM with a single https request to the / URL of the mgm.

When I set the 2 config items to different ports, i.e. (micro http) 8444 and (xrdhttp) 8445 then I’ll end up with a redirect from an 8445 → 8444 - I’m not sure if this is intentional.

Note: in the FST config, we have the same “identical” port setup, however there the service seems to be starting up correctly

[root@test-eos-fst-2 ~]# grep -i http /etc/xrd.cf.fst
# Configuration for XrdHttp http(s) service on port 11000
# Enable the XrdHttp plugin and listen on port 9001 for connections
xrd.protocol XrdHttp:9001 /usr/lib64/libXrdHttp.so

[root@test-eos-fst-2 ~]# cat /etc/sysconfig/eos_env | grep HTTP
[...]
# FST - set to 0 to disable HTTP
EOS_FST_HTTP_PORT=9001

Our service is registered as with the Experiments as Webdav endpoint with port 8443 (currently also the only mgm HTTP port reachable externally)

I’m currently unclear, on how to set this up correctly in the latest version, please advise.

Best,
Erich

2

Hi Erich,

If you set EOS_MGM_HTTP_PORT=8000 then everything should work - you will have the old libmicrohttpd running on 8000 (which is unused in your case) and XrdHttp running on 8443. If you set this value to 0 then the internal HttpServer is not crated at all and the XrdHttp does need it to work properly. All this will be soon cleaned up in the EOS 5 version.

Cheers,
Elvin

3

Hi Elvin,

Thanks for the clarification. It does indeed. For the future reader: it’s also highly recommended to test this with the proper tooling, i.e. gfal-copy or gfal-ls and not with the browser or curl, to reduce confusion.

Thanks again,
Best
Erich