-
1. Re: RHQ over Internet
mazz Sep 1, 2011 4:08 PM (in response to jmfaerman)As long as you have a route to those boxes, you should be OK. If you want the traffic between server and agents to be over the public internet, it is strongly advised that you use comm security between the agents and servers:
http://rhq-project.org/display/JOPR2/Securing+Communications
If you have firewall issues, read about how to setup RHQ with NAT:
-
2. Re: RHQ over Internet
jmfaerman Sep 1, 2011 4:12 PM (in response to mazz)Thanks Mazz
The problem is that the route is one-way. The agent can start a connection to the server, but the server will not be able to connect to the firewalled, NAT'ed agents, is that OK?
-
3. Re: RHQ over Internet
mazz Sep 1, 2011 4:23 PM (in response to jmfaerman)OK, that is a problem. Today we don't support uni-directional deployments. RHQ requires a bi-directional network today. We had discussions in the past on this, about how we could design and implement something to support it. It hasn't gone past the discussion stage.
http://rhq-project.org/display/RHQ/Design-Agent-to-Server+Unidirectional+Communications
-
4. Re: RHQ over Internet
jmfaerman Sep 1, 2011 4:52 PM (in response to mazz)I guess that the problems listed that are external to RHQ can be solved with JMS.
Do you think it would be viable to adapt the agent - server communication using JMS instead of RPC or it would be a major rewrite of the agent?
-
5. Re: RHQ over Internet
mazz Sep 1, 2011 4:58 PM (in response to jmfaerman)That would be a massive refactor - which is why we didn't get past the discussion stage yet. We were thinking about ripping out what we have and using HornetQ instead. That wiki link I posted earlier explains the issues we have to be careful to work around.
-
6. Re: RHQ over Internet
jmfaerman Sep 2, 2011 9:41 AM (in response to mazz)That is what i thought... Mazz, you were really helpfull, thanks a lot.
If i sell the solution i have in mind, then i will be able to develop this idea