Suggest running epmd-less

[josevalim]

• I acknowledge my contribution to the website does not assert comparative or superlative differences of one product, project, company or individual over another.

[maennchen]

@josevalim Thanks for the addition. Where is the behaviour described for rebar3? I was not able to find that.

[maennchen]

@josevalim I’m also not sure if we should include this.

The reason for that is that most users that have EPMD public also have some distribution ports public. If they disable EPMD without doing something about distribution, they will only have obscured access.

If they implement any of the other options listed, they will have actually fixed the issue.

If we do include it, we have to make it very clear that distribution itself is still as it was before and needs to be protected as well.

[tsloughter]

Slight change needed. Rebar3 does not enable this by "default". We enable it if the environment variarble ERL_DIST_PORT is set. Wanted to say that before this was merged but before I got a chance to try to phrase that into the PR as a suggestion.

[tsloughter]

Suggested change

- **Enable epmd-less mode in your releases**: Both Erlang and Elixir tooling allows you to use the Erlang Distribution without exposing EPMD. Rebar3 enables this option by default. In Elixir, [it is part of your generated release configuration](https://hexdocs.pm/mix/Mix.Tasks.Release.html#module-epmd-less-deployment).

- **Enable epmd-less mode in your releases**: Both Erlang and Elixir tooling allows you to use the Erlang Distribution without EPMD. Rebar3 releases run with a port number set through the environment variable `ERL_DIST_PORT` at runtime will enable this automatically. In Elixir, [it is part of your generated release configuration](https://hexdocs.pm/mix/Mix.Tasks.Release.html#module-epmd-less-deployment).

[tsloughter]

Could also mention https://www.erlang.org/news/140#improvements-and-new-features or the docs.

[tsloughter]

I'd also suggest rephrasing the beginning too... but not sure how yet. the issue with epmd-less mode is it sounds both like you are referencing the project that is now no longer needed (https://github.com/tsloughter/epmdless) or that there is some mode while its a set of arguments to the VM startup, one of which is to not boot EPMD if its not running and another to set the port.

But shrug it may be fine and only confusing to me because I have other context in my head people won't.

[josevalim]

I agree with all points, except the epmdless project bit. I think that's only you @tsloughter :D

[tsloughter]

Hah. Maybe. I've definitely seen it mentioned on Elixir slack at times by people who still think it is the way to get this done. There are a couple old blog posts still that will pop up when searching for this kind of stuff that lead the user down the old path of getting this done, in particular https://www.erlang-solutions.com/blog/erlang-and-elixir-distribution-without-epmd/

[tsloughter]

That Erlang Solutions post being about epmdless specifically I mean.

[josevalim]

Good points. I will ping the ESL team to see if they can add a note, for example. We can also change this to something a bit less ambiguous too, no problem.

[michalmuskala]

FWIW the linked documentation recommends the erl_epmd_port flag, but it has been deprecated in OTP 27 in favour of kernel app flag https://www.erlang.org/doc/deprecations.html#erl-flags

[tsloughter]

Argh, now I need to update so much stuff.