Managing Multicast Address Used By Eucalyptus For Component Group Membership

Follow

Eucalyptus Versions: 3.4.0 - 4.x

Multicast Address Management For Eucalyptus Components

This article covers how to change the mutlicast address that Eucalyptus utilizes for component group membership in non-HA and HA configurations.

By default, the multicast address used for Eucalyptus group membership (228.7.7.3) is in the globally-scoped multicast address range (224.0.1.0 to 238.255.255.255). Customer who run in data centers where multicast communication is not allowed for globally-scoped multicast address range for security reasons, need to change the multicast address to administratively-scoped multicast address range (which is typically recommended [1]). In short, we should recommend that customers use administratively-scoped multicast address range (239.0.0.0/8) [2] in production deployments.

Modifying Multicast Address for Group Membership


As mentioned in the Jira ticket DOC-1116, to change the multicast address for group membership, do the following:


1.  Stop all the components (except for the NC), starting from the CC, (VMware Broker), SC, Walrus, then finally CLC.

2.  On each machine where a Eucalyptus Java component (CLC, Walrus, SC, VMware Broker) is installed, add the following to the CLOUD_OPTS variable in /etc/eucalyptus/eucalyptus.conf:  

CLOUD_OPTS="..-Djgroups.udp.mcast_addr=<new IP>"


3.  Next, on those same machines, edit the /etc/eucalyptus/cloud.d/scripts/setup_membership.groovy file as follows:

String        multicastAddress           = "<new IP>";


4.  Start back up the components, starting from the CLC, Walrus, SC, (VMware Broker), and finally CC.

The Eucalyptus cloud will now use the new multicast address to handle group membership communication.

References

[1] IANA Guidelines for IPv4 Multicast Address Assignments
[2] Cisco - IP Multicast Technology Overview - IP Multicast Addresses

Ticket References

Have more questions? Submit a request

Comments

Powered by Zendesk