问题
Can someone give me more then one possibility to how to connect two Erlang nodes. I know one way using erlang:set_cookie/2 and curious if there is another way.
回答1:
1. Use -setcookie.
You can also use -setcookie when erlang execute,
In first terminal of my local machine,
hyun@hyun-VirtualBox:~$ erl -sname a -setcookie guitar
Erlang/OTP 18 [erts-7.0] [source] [64-bit] [async-threads:10] [hipe] [kernel-poll:false]
And second terminal of my local machine,
hyun@hyun-VirtualBox:~$ erl -sname b -setcookie guitar
Erlang/OTP 18 [erts-7.0] [source] [64-bit] [async-threads:10] [hipe] [kernel-poll:false]
Lastly, in first terminal,
Eshell V7.0 (abort with ^G)
(a@hyun-VirtualBox)1> net_adm:ping('b@hyun-VirtualBox').
pong
2. Copy $HOME/.erlang.cookie
you can just copy $HOME/.erlang.cookie to other remote pc for sharing same cookie value.
Also, you have to think about security.
getting_started
An Erlang node is completely unprotected when running erlang:set_cookie(node(), nocookie). This can sometimes be appropriate for systems that are not normally networked, or for systems which are run for maintenance purposes only. Refer to auth(3) for details on the security system.
回答2:
According to "Erlang Security 101" by NCC Group (https://www.nccgroup.trust/globalassets/our-research/uk/whitepapers/2014/erlang_security_101_v1-0.pdf), you should not use -setcookie, as other users of the server will be able to see the cookie using ps ax | grep erl. For example, from a terminal on my local computer:
zed@blargh:~$ erl -setcookie abc -sname e1
Erlang R16B03-1 (erts-5.10.4) [source] [64-bit] [smp:4:4] [async-threads:10] [hipe] [kernel-poll:false]
Eshell V5.10.4 (abort with ^G)
(e1@blargh)1>
And then from a second terminal, as a different user:
eks@blargh:~$ ps ax | grep erl
2035 pts/7 Sl+ 0:00 /usr/lib/erlang/erts-5.10.4/bin/beam.smp -- -root /usr/lib/erlang -progname erl -- -home /home/zed -- -setcookie abc -sname e1
2065 pts/8 S+ 0:00 grep --color=auto erl
9841 ? S 0:00 /usr/lib/erlang/erts-5.10.4/bin/epmd -daemon
And you can clearly see the cookie in the output of ps. Having the cookie allows a third party to join the erlang cluster. You should instead use the cookie file method, with restrictive permissions on the file.
回答3:
You should set cookies (in console as you written or on erl execute) Also, if you set shortname (sname) second node should be running with shortname If you set nodename, second node also may run with -name
Works:
erl -name obsrv@127.0.0.1 -setcookie democookie
erl -name n2@127.0.0.1 -setcookie democookie
Do not work:
erl -name obsrv@127.0.0.1 -setcookie democookie
erl -name n2 -setcookie democookie
If nodes run on different machines, check port it open 40293 or set port(and set min, max) when erl executing
erl \
-kernel inet_dist_listen_min 40293\
-setcookie democookie\
-name erl_node_1
来源:https://stackoverflow.com/questions/41051522/how-to-connect-two-erlang-nodes