ConfD User Community

Unable to connect to ConfD using econfd_cdb:connect/1: {error,econnrefused}


#1

How do I subscribe to CDB for the ConfD server running on a different host? When I try to connect using econfd_cdb:connect/1 function I am getting an error stating as {error,econnrefused}. Why is the connection being refused?

My setup:

ConfD server is running on IP 192.168.21.24
From a system running on IP 192.168.21.25, I am trying to connect to CDB by calling the function econfd_cdb: connect({192.168.21.24}) but I am getting a return value {error,econnrefused}.

What am i doing wrong here?


#2

By default, confd opens the management port (4565, or ?CONFD_PORT) only to localhost connections. You have following options:

  • run your erlang code directly on the target system (192.168.21.24)
  • tunnel the port 4565 from the target system to 192.168.21.25 somehow, e.g. using ssh
  • configure confd to accept other connections too - see /confdConfig/confdIpcAddress/ip and confdConfig/confdIpcExtraListenIp in confd.conf (“man confd.conf”).

Note that the last option is the most convenient for experiments and development, but you may not want to use it in a production settings.


#3

I have tried this and it is working absolutely fine and also found it very much convenient. However, I want to know why is it not good to use in production settings?


#4

The IPC communication is not authenticated (default) or encrypted, it is done over TCP sockets. See ConfD UG chapter “Restricting access to the IPC port”.


#5

Oh, I see. And yes I will.

Thank you!


#6

You might want to check this App Note as well, to have an idea on what would be involved, or the security concerns…

Nabil


#7

Sure I will. Thank you.