Bug #19095
closed
port 8080 is needed by candlepin for one-time initialization
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1425926
Description of problem: Candlepin requires a single API call to port 8080 during initialization. This can be tricky to allow for users with firewall rules that restrict localhost traffic.
Version-Release number of selected component (if applicable): 6.2.7
Candlepin requires access to port 8080 on localhost for the installation to succeed. We can add a firewall rule for this in the docs, but it is a one-time thing that only needs to be enabled during install, and can then be disabled.
Additionally, the firewall rule would have to be crafted to not allow access from other hosts. The server.xml default will bind it to 0.0.0.0 instead of 127.0.0.1. Once the installation is complete, users have to remember to disable 8080 on localhost again.
Ideally, the initialization could occur without this one-time call to this port. Then we could just remove the 8080 listener entirely.
Updated by Stephen Benjamin about 7 years ago
- Subject changed from port 8080 is needed by candlepin for one-time initialization to port 8080 is needed by candlepin for one-time initialization
- translation missing: en.field_release set to 114
Updated by Ewoud Kohl van Wijngaarden about 5 years ago
- Status changed from New to Closed
- Assignee set to Eric Helms
- Pull request https://github.com/theforeman/puppet-candlepin/pull/113 added
- Fixed in Releases Katello 3.11.1 added
Since commit:e9667efe3684057b93ec834d104b6eb20115a7b1 we no longer listen on 8080.
Updated by Jonathon Turel about 5 years ago
- Target version changed from Katello Backlog to Katello 3.11.0
Updated by Jonathon Turel about 5 years ago
- Fixed in Releases Katello 3.11.0 added
- Fixed in Releases deleted (
Katello 3.11.1)