Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Hazelcast nodes do not auto-detect across DMZ

SA-10812

Summary



When starting multiple nodes, some in DMZ, some in non-DMZ, the hazelcast auto-discovery mechanism does not work as expected. This is due to network communication port restrictions. 

Error Messages



Not Applicable

Steps to Reproduce



Start up PRPC nodes in both the DMZ and non-DMZ to observe the issue.

Root Cause



In this type of environment, where there are nodes both inside and outside the firewall, it is not possible to auto-discover hazelcast members. Due to the presence of the firewall, communication between the nodes is explicitly forbidden.

Resolution



This issue is resolved by making the following change to the operating environment:

Ports must be open in the firewall to explicitly allow communication using hazelcast between all the nodes in the hazelcast cluster. This is analagous to the port that must be opened for database activity in this configuration.

Once the network configuration is in place to allow the various nodes to access each other using the specific set or ports, the IPs and ports to use must be configured for Pega 7. This is achieved using the following settings in the prconfig file for each node. (Note that these values are site dependant and are as examples only)


<!-- hazelcast -->
<env name="cluster/hazelcast/ports" value="5701-5750" />  <!-- available ports that have access across the firewall for use by our cluster -->
<env name="cluster/hazelcast/interface" value="xx.x.xxx.xx"/> <!-- The IP address that I will listen to -->
<env name="cluster/hazelcast/members" value="xx.x.xxx.*/> <!-- optional list of IPs for other members in our cluster - can be a range or comma separated -->

Published June 18, 2015 - Updated October 8, 2020

Was this useful?

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us