Loading...

Type: Bug
Resolution: Unresolved
Priority: Blocker
Component/s: IIOP
Labels:
None

Steps to Reproduce:
Hide

Step 1

Start an AWS EC2 instance using Red Hat JBoss EAP official AMI RHEL-7-JBEAP-7.4.0_HVM_GA-20210909-x86_64-0-Access2-GP2

Step 2

Configure JBoss EAP on the EC2 instance with the following script (please note you need AWS credentials: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY):

AWS_ACCESS_KEY_ID='YOUR AWS ACCESS KEY ID' AWS_SECRET_ACCESS_KEY='YOUR AWS SECRET ACCESS KEY' S3_PING_BUCKET=$S3_PING_BUCKET EAP_PROFILE=standalone-ec2-full-ha.xml JBOSS_HOME=/opt/rh/eap7/root/usr/share/wildfly INTERNAL_IP_ADDRESS=$(ip addr show | grep eth0 -A 2 | head -n 3 | tail -n 1 | awk '{ print $2 }' | sed "s-/24--g" | cut -d'/' -f1) NODE_NAME=$INTERNAL_IP_ADDRESS SERVICE_CONF_FILE=/etc/opt/rh/eap7/wildfly/eap7-standalone.conf EAP_PROFILE_PATH=$JBOSS_HOME/standalone/configuration/$EAP_PROFILE # Configure JBoss EAP to use the ec2-ha profile cp $JBOSS_HOME/docs/examples/configs/$EAP_PROFILE $EAP_PROFILE_PATH chown jboss $EAP_PROFILE_PATH chgrp jboss $EAP_PROFILE_PATH chmod --reference=$JBOSS_HOME/standalone/configuration/standalone.xml $EAP_PROFILE_PATH # add managent user $JBOSS_HOME/bin/add-user.sh --user admin --password admin # node name config sed -i 's/$.*subsystem xmlns="urn:jboss:domain:undertow[^"]*"$$.*$/\1 instance-id="${jboss.jvmRoute}"\2/' $EAP_PROFILE_PATH # use tcp stack for clustering (using udp the cluster doens't get constituited) sed -i 's/$.*channel name\="ee" stack\=$"udp"$.*$/\1"tcp"\2/' $EAP_PROFILE_PATH # https://access.redhat.com/solutions/2759881 sudo sed -i 's/$.*$<cluster password="[^"]*"\/>$.*$/\1<cluster password="admin" user="admin1234"\/>\2/' $EAP_PROFILE_PATH # eap7-standalone.conf echo "WILDFLY_SERVER_CONFIG=$EAP_PROFILE" >> $SERVICE_CONF_FILE echo "WILDFLY_BIND=$INTERNAL_IP_ADDRESS" >> $SERVICE_CONF_FILE # node echo "JAVA_OPTS=\"$JAVA_OPTS -Djboss.jgroups.s3_ping.access_key='$AWS_ACCESS_KEY_ID' -Djboss.jgroups.s3_ping.secret_access_key='$AWS_SECRET_ACCESS_KEY' -Djboss.jgroups.s3_ping.bucket='$S3_PING_BUCKET' -Djboss.jvmRoute=$NODE_NAME -Djboss.bind.address=$INTERNAL_IP_ADDRESS -Djboss.bind.address.private=$INTERNAL_IP_ADDRESS -Djboss.bind.address.management=$INTERNAL_IP_ADDRESS -Djboss.bind.address.unsecure=$INTERNAL_IP_ADDRESS\"" >> $JBOSS_HOME/bin/standalone.conf echo "" >> $JBOSS_HOME/bin/standalone.conf systemctl enable eap7-standalone systemctl start eap7-standalone sed -i 's/.*ClientAliveInterval.*/ClientAliveInterval 30/' /etc/ssh/sshd_config systemctl restart sshd

Step 3

deploy the sample server application attached `iiop-server.jar`

Step 4

invoke an EJB using the attached `iiop-client.jar` (use Java 8): e.g.

java -jar iiop-client.jar <EC2_EXTERNAL_IP>

Notes

please note that if you repeat the invocation from a node inside AWS, everything works

please note that if you use an OpenStack VM which just has a single IP which is routable outside OpenStack, everything works

port "<socket-binding name="iiop" interface="unsecure" port="3528"/>" is open on the EC2 instance; if I try and connect and send some invalid command from my laptop:

$ telnet 18.205.26.144 3528 Trying 18.205.26.144... Connected to 18.205.26.144. Escape character is '^]'. TEST Connection closed by foreign host.

in the server.log file you see:

2022-02-07 08:31:17,988 WARNING [javax.enterprise.resource.corba._DEFAULT_.rpc.transport] (SelectorThread) "IOP00410215: (COMM_FAILURE) Read of full message failed : bytes requested = 12 bytes read = 6 max wait time = 300 total time spent waiting = 364": org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 215 completed: No at com.sun.corba.se.impl.logging.ORBUtilSystemException.transportReadTimeoutExceeded(ORBUtilSystemException.java:2600) at com.sun.corba.se.impl.logging.ORBUtilSystemException.transportReadTimeoutExceeded(ORBUtilSystemException.java:2626) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.readFully(SocketOrChannelConnectionImpl.java:649) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:542) at com.sun.corba.se.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:130) at com.sun.corba.se.impl.transport.CorbaContactInfoBase.createMessageMediator(CorbaContactInfoBase.java:168) at com.sun.corba.se.impl.transport.SocketOrChannelAcceptorImpl.createMessageMediator(SocketOrChannelAcceptorImpl.java:525) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:335) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.handleEvent(SocketOrChannelConnectionImpl.java:1148) at com.sun.corba.se.impl.transport.SelectorImpl.run(SelectorImpl.java:331)

also other commonly used ports such as 8080 and 9990 are open
Show
Step 1 Start an AWS EC2 instance using Red Hat JBoss EAP official AMI RHEL-7- JBEAP-7 .4.0_HVM_GA-20210909-x86_64-0-Access2-GP2 Step 2 Configure JBoss EAP on the EC2 instance with the following script (please note you need AWS credentials: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY): AWS_ACCESS_KEY_ID='YOUR AWS ACCESS KEY ID' AWS_SECRET_ACCESS_KEY='YOUR AWS SECRET ACCESS KEY' S3_PING_BUCKET=$S3_PING_BUCKET EAP_PROFILE=standalone-ec2-full-ha.xml JBOSS_HOME=/opt/rh/eap7/root/usr/share/wildfly INTERNAL_IP_ADDRESS=$(ip addr show | grep eth0 -A 2 | head -n 3 | tail -n 1 | awk '{ print $2 }' | sed "s-/24--g" | cut -d'/' -f1) NODE_NAME=$INTERNAL_IP_ADDRESS SERVICE_CONF_FILE=/etc/opt/rh/eap7/wildfly/eap7-standalone.conf EAP_PROFILE_PATH=$JBOSS_HOME/standalone/configuration/$EAP_PROFILE # Configure JBoss EAP to use the ec2-ha profile cp $JBOSS_HOME/docs/examples/configs/$EAP_PROFILE $EAP_PROFILE_PATH chown jboss $EAP_PROFILE_PATH chgrp jboss $EAP_PROFILE_PATH chmod --reference=$JBOSS_HOME/standalone/configuration/standalone.xml $EAP_PROFILE_PATH # add managent user $JBOSS_HOME/bin/add-user.sh --user admin --password admin # node name config sed -i 's/$.*subsystem xmlns="urn:jboss:domain:undertow[^"]*"$$.*$/\1 instance-id="${jboss.jvmRoute}"\2/' $EAP_PROFILE_PATH # use tcp stack for clustering (using udp the cluster doens't get constituited) sed -i 's/$.*channel name\="ee" stack\=$"udp"$.*$/\1"tcp"\2/' $EAP_PROFILE_PATH # https://access.redhat.com/solutions/2759881 sudo sed -i 's/$.*$<cluster password="[^"]*"\/>$.*$/\1<cluster password="admin" user="admin1234"\/>\2/' $EAP_PROFILE_PATH # eap7-standalone.conf echo "WILDFLY_SERVER_CONFIG=$EAP_PROFILE" >> $SERVICE_CONF_FILE echo "WILDFLY_BIND=$INTERNAL_IP_ADDRESS" >> $SERVICE_CONF_FILE # node echo "JAVA_OPTS=\"$JAVA_OPTS -Djboss.jgroups.s3_ping.access_key='$AWS_ACCESS_KEY_ID' -Djboss.jgroups.s3_ping.secret_access_key='$AWS_SECRET_ACCESS_KEY' -Djboss.jgroups.s3_ping.bucket='$S3_PING_BUCKET' -Djboss.jvmRoute=$NODE_NAME -Djboss.bind.address=$INTERNAL_IP_ADDRESS -Djboss.bind.address.private=$INTERNAL_IP_ADDRESS -Djboss.bind.address.management=$INTERNAL_IP_ADDRESS -Djboss.bind.address.unsecure=$INTERNAL_IP_ADDRESS\"" >> $JBOSS_HOME/bin/standalone.conf echo "" >> $JBOSS_HOME/bin/standalone.conf systemctl enable eap7-standalone systemctl start eap7-standalone sed -i 's/.*ClientAliveInterval.*/ClientAliveInterval 30/' /etc/ssh/sshd_config systemctl restart sshd Step 3 deploy the sample server application attached `iiop-server.jar` Step 4 invoke an EJB using the attached `iiop-client.jar` (use Java 8): e.g. java -jar iiop-client.jar <EC2_EXTERNAL_IP> Notes please note that if you repeat the invocation from a node inside AWS, everything works please note that if you use an OpenStack VM which just has a single IP which is routable outside OpenStack, everything works port " <socket-binding name="iiop" interface="unsecure" port="3528"/> " is open on the EC2 instance; if I try and connect and send some invalid command from my laptop: $ telnet 18.205.26.144 3528 Trying 18.205.26.144... Connected to 18.205.26.144. Escape character is '^]'. TEST Connection closed by foreign host. in the server.log file you see: 2022-02-07 08:31:17,988 WARNING [javax.enterprise.resource.corba._DEFAULT_.rpc.transport] (SelectorThread) "IOP00410215: (COMM_FAILURE) Read of full message failed : bytes requested = 12 bytes read = 6 max wait time = 300 total time spent waiting = 364": org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 215 completed: No at com.sun.corba.se.impl.logging.ORBUtilSystemException.transportReadTimeoutExceeded(ORBUtilSystemException.java:2600) at com.sun.corba.se.impl.logging.ORBUtilSystemException.transportReadTimeoutExceeded(ORBUtilSystemException.java:2626) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.readFully(SocketOrChannelConnectionImpl.java:649) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:542) at com.sun.corba.se.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:130) at com.sun.corba.se.impl.transport.CorbaContactInfoBase.createMessageMediator(CorbaContactInfoBase.java:168) at com.sun.corba.se.impl.transport.SocketOrChannelAcceptorImpl.createMessageMediator(SocketOrChannelAcceptorImpl.java:525) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:335) at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.handleEvent(SocketOrChannelConnectionImpl.java:1148) at com.sun.corba.se.impl.transport.SelectorImpl.run(SelectorImpl.java:331) also other commonly used ports such as 8080 and 9990 are open

IIOP Invocation from a node outside AWS towards a node inside AWS built using using Red Hat JBoss EAP official AMI RHEL-7-JBEAP-7.4.0_HVM_GA-20210909-x86_64-0-Access2-GP2 fails:

Feb 04, 2022 2:48:01 PM com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl <init>
WARNING: "IOP00410201: (COMM_FAILURE) Connection failure: socketType: IIOP_CLEAR_TEXT; hostname: 172.31.84.206; port: 3528"
org.omg.CORBA.COMM_FAILURE:   vmcid: SUN  minor code: 201  completed: No
        at com.sun.corba.se.impl.logging.ORBUtilSystemException.connectFailure(ORBUtilSystemException.java:2200)
        at com.sun.corba.se.impl.logging.ORBUtilSystemException.connectFailure(ORBUtilSystemException.java:2221)
        at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.<init>(SocketOrChannelConnectionImpl.java:223)
        at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.<init>(SocketOrChannelConnectionImpl.java:236)
        at com.sun.corba.se.impl.transport.SocketOrChannelContactInfoImpl.createConnection(SocketOrChannelContactInfoImpl.java:119)
        at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.beginRequest(CorbaClientRequestDispatcherImpl.java:187)
        at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.request(CorbaClientDelegateImpl.java:137)
        at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.is_a(CorbaClientDelegateImpl.java:229)
        at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.is_a(CorbaClientDelegateImpl.java:239)
        at org.omg.CORBA.portable.ObjectImpl._is_a(ObjectImpl.java:130)
        at org.omg.CosNaming.NamingContextHelper.narrow(NamingContextHelper.java:69)
        at com.sun.jndi.cosnaming.CNCtx.setOrbAndRootContext(CNCtx.java:396)
        at com.sun.jndi.cosnaming.CNCtx.initOrbAndRootContext(CNCtx.java:262)
        at com.sun.jndi.cosnaming.CNCtx.<init>(CNCtx.java:120)
        at com.sun.jndi.cosnaming.CNCtxFactory.getInitialContext(CNCtxFactory.java:49)
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:694)
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
        at javax.naming.InitialContext.init(InitialContext.java:244)
        at javax.naming.InitialContext.<init>(InitialContext.java:216)
        at org.jboss.as.test.iiop.IIOPClient.namingInvocation(IIOPClient.java:30)
        at org.jboss.as.test.iiop.IIOPClient.main(IIOPClient.java:22)
Caused by: java.net.ConnectException: Connection timed out
        at sun.nio.ch.Net.connect0(Native Method)
        at sun.nio.ch.Net.connect(Net.java:459)
        at sun.nio.ch.Net.connect(Net.java:451)
        at sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:646)
        at java.nio.channels.SocketChannel.open(SocketChannel.java:189)
        at com.sun.corba.se.impl.transport.DefaultSocketFactoryImpl.createSocket(DefaultSocketFactoryImpl.java:95)
        at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.<init>(SocketOrChannelConnectionImpl.java:207)
        ... 18 more

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

iiop-client.jar
12.38 MB
2022/02/04 2:12 PM
iiop-server.jar
7 kB
2022/02/04 2:12 PM

Details

Step 1

Step 2

Step 3

Step 4

Notes

Description

Attachments

Attachments

Activity

People

Dates