I would like to start a Meteor application in an infrastructure that have security restrictions applied to network interfaces.
Process must start binding to specific network interfaces, it’s not possible to bind as - example : TCP *:26758
When Meteor stack is online and running, two node processes can be found. The second process is triggered when connection to Mongo is successfully established:
$ ps -ef |grep -E "node|mongo" |grep -v grep
meteor 13128 5668 9 14:52 pts/0 00:00:07 /home/meteor/.meteor/packages/meteor-tool/.1.1.3.1a15mwv++os.linux.x86_64+web.browser+web.cordova/mt-os.linux.x86_64/dev_bundle/bin/node /home/meteor/.meteor/packages/meteor-tool/.1.1.3.1a15mwv++os.linux.x86_64+web.browser+web.cordova/mt-os.linux.x86_64/tools/main.js --port 192.168.0.107:8080
meteor 13149 13128 3 14:52 pts/0 00:00:02 /home/meteor/.meteor/packages/meteor-tool/.1.1.3.1a15mwv++os.linux.x86_64+web.browser+web.cordova/mt-os.linux.x86_64/dev_bundle/mongodb/bin/mongod --bind_ip 127.0.0.1 --smallfiles --port 8081 --dbpath /home/meteor/apps/z1j-prod/.meteor/local/db --oplogSize 8 --replSet meteor
meteor 13205 13128 1 14:52 pts/0 00:00:01 /home/meteor/.meteor/packages/meteor-tool/.1.1.3.1a15mwv++os.linux.x86_64+web.browser+web.cordova/mt-os.linux.x86_64/dev_bundle/bin/node /home/meteor/apps/z1j-prod/.meteor/local/build/main.js
I’m able to force interface bind for the first node process (pid 13128), but the second node process (pid 13205) starts listening in all interfaces:
lsof |grep meteor |grep LISTEN |grep node
node 13128 meteor 13u IPv4 244552 0t0 TCP oel70.node.com:webcache (LISTEN)
SignalSen 13128 13141 meteor 13u IPv4 244552 0t0 TCP oel70.node.com:webcache (LISTEN)
node 13128 13143 meteor 13u IPv4 244552 0t0 TCP oel70.node.com:webcache (LISTEN)
node 13128 13144 meteor 13u IPv4 244552 0t0 TCP oel70.node.com:webcache (LISTEN)
node 13128 13145 meteor 13u IPv4 244552 0t0 TCP oel70.node.com:webcache (LISTEN)
node 13128 13146 meteor 13u IPv4 244552 0t0 TCP oel70.node.com:webcache (LISTEN)
node 13128 13206 meteor 13u IPv4 244552 0t0 TCP oel70.node.com:webcache (LISTEN)
node 13205 meteor 11u IPv4 244597 0t0 TCP localhost:36099 (LISTEN)
node 13205 meteor 25u IPv4 244618 0t0 TCP *:26758 (LISTEN)
node 13205 13209 meteor 11u IPv4 244597 0t0 TCP localhost:36099 (LISTEN)
node 13205 13209 meteor 25u IPv4 244618 0t0 TCP *:26758 (LISTEN)
node 13205 13210 meteor 11u IPv4 244597 0t0 TCP localhost:36099 (LISTEN)
node 13205 13210 meteor 25u IPv4 244618 0t0 TCP *:26758 (LISTEN)
node 13205 13211 meteor 11u IPv4 244597 0t0 TCP localhost:36099 (LISTEN)
node 13205 13211 meteor 25u IPv4 244618 0t0 TCP *:26758 (LISTEN)
node 13205 13212 meteor 11u IPv4 244597 0t0 TCP localhost:36099 (LISTEN)
node 13205 13212 meteor 25u IPv4 244618 0t0 TCP *:26758 (LISTEN)
I start meteor with the following command: meteor --port 192.168.0.107:8080
This behavior it’s the same using meteor’s mongo instance or if using an external mongo instance
(export MONGO_URL=mongodb://mean.node.com:27017/meteor)
I’m using Meteor 1.1.0.2
Is possible to force interface binding for the second node process ??
Thanks