I'm conducting an experiment with load-balancing SSH sessions (so TCP port 22) to multiple servers through Stingray. I've configured up a Traffic IP, but when I try and start the virtual server on it, it complains with:
address: Failed to bind to any local address
port: Failed to bind to x.x.1.25:22 (Address already in use)
If I try to SSH to that Traffic IP Group, I get presented with the Stingray SSH login!
Is there a way to prevent Stingray from binding SSH to IPs other than the management ones we want to use for administering it?
If you tell Stingray to restrict management to a single IP, then yes. Unfortunately this is set during initial configuration and can't be changed through the UI. The easiest way to change it would be to execute: /opt/zeus/zxtm/configure and chose option 2 to "perform the post-install configuration again". When asked if you want to restrict management to one IP, say (Y)es. Caution: Your STM will be restarted during this procedure.
You can also set it using the REST API, but not until the next release of Stingray. Doing it in 9.3 and below may break cluster communication.
An alternative work around would be to change the port the SSH daemon is listening on or disable it completely. You can find those settings under System -> Securty -> SSH Server
In our config to load balance SSH, we used "Generic Streaming" as the internal protocol. So far it has worked very well.