Hi,
I’m running EOS 4.8.62 and I’m planning an upgrade to 4.8.78.
The current setup has the (http) config setup basically according: HTTP(XrdHttp) and XRootD TPC with delegated credentials — EOS CITRINE documentation
[root@test-eos-mgm-2 ~]# grep -C3 8443 /etc/sysconfig/eos_env
#-------------------------------------------------------------------------------
# HTTP server ports
# port 8443,9000 for the good better HTTP(s), 8000/8001 is default
# MGM - set to 0 to disable HTTP
EOS_MGM_HTTP_PORT=8443
######################################################
[root@test-eos-mgm-2 ~]# grep XrdHttp /etc/xrd.cf.mgm
xrd.protocol XrdHttp:8443 /usr/lib64/libXrdHttp-4.so
# Load the XrdHttpVOMS security extractor plugin that is able to deal with
http.secxtractor libXrdHttpVOMS.so
http.exthandler xrdtpc /usr/lib64/libXrdHttpTPC-4.so
We’re running this config in production, and it’s working ok. However, on 4.8.78 we get a crash loop on startup, as micro http and xrdhttp try to bind to the same port (and fail hard).
=====> xrd.protocol XrdHttp:8443 /usr/lib64/libXrdHttp-4.so
220223 10:42:37 time=1645609357.298229 func=Run level=INFO logid=static.............................. unit=mgm@test-eos-mgm-2.vbc.ac.at:1094 tid=00007f3cc4fe9700 source=HttpServer:157 tident= sec=(null) uid=99 gid=99 name=- geo="" msg="start of micro httpd succeeded [port=8443]"
220223 10:42:51 101217 XrdOpen: Unable to bind socket to port 8443; address already in use
=====> xrd.protocol XrdHttp:8443 /usr/lib64/libXrdHttp-4.so
220223 10:42:59 time=1645609379.520759 func=Run level=INFO logid=static.............................. unit=mgm@test-eos-mgm-2.vbc.ac.at:1094 tid=00007f1f54be9700 source=HttpServer:157 tident= sec=(null) uid=99 gid=99 name=- geo="" msg="start of micro httpd succeeded [port=8443]"
220223 10:43:13 101696 XrdOpen: Unable to bind socket to port 8443; address already in use
I’m aware of HTTP access — EOS CITRINE documentation but assumed this was the “old style” setup. I don’t have eos-nginx installed or use any proxy in front of EOS.
When I disable the config in sysconfig:
[root@test-eos-mgm-1 ~]# grep -C3 EOS_MGM_HTTP_PORT /etc/sysconfig/eos_env
# port 8443,9000 for the good better HTTP(s), 8000/8001 is default
# MGM - set to 0 to disable HTTP
EOS_MGM_HTTP_PORT=0
Then I can crash the eos MGM with a single https request to the / URL of the mgm.
When I set the 2 config items to different ports, i.e. (micro http) 8444 and (xrdhttp) 8445 then I’ll end up with a redirect from an 8445 → 8444 - I’m not sure if this is intentional.
Note: in the FST config, we have the same “identical” port setup, however there the service seems to be starting up correctly
[root@test-eos-fst-2 ~]# grep -i http /etc/xrd.cf.fst
# Configuration for XrdHttp http(s) service on port 11000
# Enable the XrdHttp plugin and listen on port 9001 for connections
xrd.protocol XrdHttp:9001 /usr/lib64/libXrdHttp.so
[root@test-eos-fst-2 ~]# cat /etc/sysconfig/eos_env | grep HTTP
[...]
# FST - set to 0 to disable HTTP
EOS_FST_HTTP_PORT=9001
Our service is registered as with the Experiments as Webdav endpoint with port 8443 (currently also the only mgm HTTP port reachable externally)
I’m currently unclear, on how to set this up correctly in the latest version, please advise.
Best,
Erich