问题
I have this ports configured in my 3 virtual machines running Zookeeper and ActiveMQ.
root@mom3:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
2881 ALLOW IN Anywhere
2888 ALLOW IN Anywhere
3888 ALLOW IN Anywhere
61616 ALLOW IN Anywhere
61617 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)
2881 (v6) ALLOW IN Anywhere (v6)
2888 (v6) ALLOW IN Anywhere (v6)
3888 (v6) ALLOW IN Anywhere (v6)
61616 (v6) ALLOW IN Anywhere (v6)
61617 (v6) ALLOW IN Anywhere (v6)
When I tried to start ActiveMQ, it gets a random port to use it:
INFO | Master started: tcp://mom1.company.com:37649
WARN | Store update waiting on 1 replica(s) to catch up to log position 0.
WARN | Store update waiting on 1 replica(s) to catch up to log position 0.
WARN | Store update waiting on 1 replica(s) to catch up to log position 0.
But when I disable my firewall, ActiveMQ start normally.
How can I use the same port every time, in order to create a new rule in my firewall ?
EDIT
Based on @Daniel's suggestion this is my configuration for activemq.xml file.
<persistenceAdapter>
<replicatedLevelDB
directory="${activemq.data}/leveldb"
replicas="3"
bind="tcp://0.0.0.0:0:61616"
zkAddress="mom1.company.com:2881,mom2.company.com:2881,mom3.company.com:2881"
zkPassword="password"
zkPath="/activemq/leveldb-stores"
hostname="mom3.company"
/>
</persistenceAdapter>
...
<transportConnectors>
<!-- DOS protection, limit concurrent connections to 1000 and frame size to 100MB -->
<transportConnector name="openwire" uri="tcp://0.0.0.0:61616?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="amqp" uri="amqp://0.0.0.0:5672?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="stomp" uri="stomp://0.0.0.0:61613?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="mqtt" uri="mqtt://0.0.0.0:1883?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="ws" uri="ws://0.0.0.0:61614?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="ssl" uri="ssl://0.0.0.0:61617?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
</transportConnectors>
回答1:
Since you are writting about a zookeeper and I vaguelly rememeber this log line from when I was working with a master/slave replicated levelDB Setup I'll go ahead and assume you are also using one. If this is indeed the case then the port you are seeing there is the "bind" port the master starts up for clients to attach themselves to and start replicating data. This port can easily be configured in your brokers XML configuration using the bind parameter in the replicatedLevelDB section, for example
<broker brokerName="broker" ... >
...
<persistenceAdapter>
<replicatedLevelDB
directory="activemq-data"
replicas="3"
bind="tcp://0.0.0.0:<myDesiredPort>"
zkAddress="zoo1.example.org:2181,zoo2.example.org:2181,zoo3.example.org:2181"
zkPassword="password"
zkPath="/activemq/leveldb-stores"
hostname="broker1.example.org"
/>
</persistenceAdapter>
...
</broker>
will then always use "myDesiredPort" for the bind port. Since normally 61619 is the default port when this parameter is not set at all you probably already have this element configured right now, however with bind="tcp://0.0.0.0:0" which dynamically choses one. For more explanation and a full list of available parameters for the replicated levelDB see the documentation
Hope this solves your Problem, if this is however not your setup please add your Broker configuration to your question this will make it easier to find the actual culprit without guessing.
来源:https://stackoverflow.com/questions/36007711/how-to-use-firewall-with-activemq