I deployed application on Google Compute Engine. My VM has an internal IP and an external IP.
I am running my application with Jolokia:
java -javaagent:jolokia-jvm-1.6.0-agent.jar=host=0.0.0.0 -jar openmzn-processor-0.0.1-SNAPSHOT.jar
I> No access restrictor found, access to any MBean is allowed
Jolokia: Agent started with URL http://xxx.xxx.xxx.xxx(internal IP):8778/jolokia
....
I loaded hawtio server and tried connecting jolokia server.
Connection Information on QHawtio Console.
- Name: XXXX
- Scheme: http
- Host: External IP
- Port: 8778
- Path: /jolokia
When I tested connection, howtio application cannot access to jolokia.
How can I access jolokia application from my hawtio console?
Hawtio console has two type connection that is remote and discovery. Remote connection need to configure server information. In this case, I think that hawtio doesn't know internal ip address. Another connection is discovery. This connection find jolokia server automatically. First step, your interanl server information have to be identified through discovery function. And connection information by using discovery is shown on remote connection tab.
Related
I successfully created a Compute Engine VM instance, and installed MySQL on it using this guide:
https://cloud.google.com/solutions/setup-mysql
Now I want to connect to it from App Engine and from my home too if possible.
Using this guide: https://cloud.google.com/appengine/docs/standard/python/connecting-vpc
I created the connector, giving it the suggested 10.x.x.x/28 IP address.
In my app engine's app.yaml I inserted:
vpc_access_connector:
name: projects/xxxxxxxxxx/locations/europe-west3/conectors/xxxxxx
The VM instance shows an internal IP of 10.x.x.x and an external IP of 34.x.x.x
I am trying to connect from PHP using this line:
new mysqli($servername, $username, $password, $dbname, 3306, null);
but I get different errors.
When connecting to 34.x.x.x from my home:
mysqli::__construct(): (HY000/2002): No connection could be made because the target machine actively refused it.
(I even created a Firewall rule to allow all traffic from my home IP)
When connecting to10.x.x.x from app engine:
2002: Connection timed out
When connecting to 10.x.x.x from app engine:
2002: Connection refused
How can I make a connection?
My first guess is that the service inside the instance is not up and running, check if the service of MySQL is running and listening, you can try this by doing a nmap test vs. the public IP of your MySQL VM instance nmap 34.0.0.0. You should see something like this (if you are using the standard port):
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3306/tcp open mysql
Remember that there are two firewalls you need to take care of on GCP, (VPC firewall & OS firewall). So if you are not able to see this port start the SQL service by connecting into your VM instance and typing sudo systemctl start mysql, now run again nmap 34.0.0.0 and you should see the service.
To connect from App Engine to MySQL on Compute Engine VM instance just follow this other guide .
To connect from your home It will be better for you to connect to the instance via SSH and then to access your database, or you can keep connecting by a VPN to access it with the internal IP address if you need to connect directly to the socket, just take care to avoid hitting the limitations or missing something like IAM roles and permission needed for this connection.
I have started an AWS EC2 (UBUNTU 18 AMI) instance running three apps:
Web server on port 80
REST API on port 8786
DB on port X
I am able to
SSH into the instance
Reach the website via browser on port 80.
Reach the REST API from within the SSH session.
I am unable to
Reach the REST API via AJAX from the browser (tried postman as well).
I have
Configured the Security Group to receive inbound connections from all sources on 8786
verified that iptable is not loaded
Tried reaching the website from a mobile network - to no avail.
Swapped the ports between the Web Server and the REST API - which resulted in being able to access the API via the browser and postman.
Verified that the API is bound to 0.0.0.0 - not to localhost.
This smells like an EC2 issue, but I have no idea what to do.
Help would be much appreaciated.
As it turns out, 8786 is a reserved port, and should not be used. Issues were resolved when I changed to 8080, which I should have done in the very beginning.
I have a webapp that I run on port 8000. So i start it with the command:
> smtweb
Performing system checks...
System check identified no issues (0 silenced).
October 12, 2017 - 11:25:27
Django version 1.8.18, using settings None
Starting development server at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
Then I try to access the webapp as follows through the public elastic IP that I've associated with the running instance:
http://34.XXX.XXX.XXX:8000/
(I've omitted parts of the IP for my own safety, through XXX)
However, Chrome throws the following error:
34.XXX.XXX.XXX refused the connection.
ERR_CONNECTION_REFUSED
So the connection is refused, even tough I've associated the machine with a security group that has the following rule:
Type: Custom TCP Rule
Protocol: TCP
Port Range: 8000
Source: 0.0.0.0/0
Now, I'm not sure if I have to configure something more in the AWS Tools. It seems that I've done everything there. What I'm asking myself is:
Does the app have some restrictions by itself?
I have an Ubuntu image: Do I have to adjust some more firewall settings there?
Do you have an idea what I could try next?
ERR_CONNECTION_REFUSED means that there is no port open and NOT that the port is blocked by a security group rule. The TCP/IP stack has rejected the connection request.
Double check that you really have port 8000 configured for the interface that you are assigning the EIP.
Try to access your app from the same machine using the destination IP of both the local IP address and EIP.
If the local IP works and the EIP does not, check your network configuration. Your web app might not be binding to the interface assigned to the EIP and might still be configured for the old public IP address or not configured at all.
If both IP addresses work, then the problem is most likely not with your web application. Look at iprules, firewalls, etc. running on your local machine.
I have two servers on EC2. One hosting my php application and other hosting my redis server. I am managing my php session and data on redis server. So on my php server I gave the ip:port as session save path and got the error FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught exception 'RedisException' with message 'Connection closed'
So I search on the web and came to know that I need to open port 6379 on my redis instance for inbound traffic. I opened it by setting a custom TCP setting in AWS security group but still the port is coming closed to outside world. But I am able to listen to the port on redis server itself. Am i Missing anything in the process? Do I need to make any other change somewhere. Please guide me on this. I am very much new to AWS management
On Instance 1: I am using php-fpm, nginx and phpredis
On Instance 2: Using Redis
I want to monitor my ESB using Jconsole and JMX. I can connect to JMX server from the localhost but for connecting from remote machine to my esb I can establish the connection.
I use WSO2 ESB 4.6 and this my JMX configuration in carbon.xml file.
<JMX>
<!--The port RMI registry is exposed-->
<RMIRegistryPort>9999</RMIRegistryPort>
<!--The port RMI server should be exposed-->
<RMIServerPort>11111</RMIServerPort>
</JMX>
I found the problem, my rmi service was running on the host ip which was "127.0.0.1". To connect remotely to the jvm I had to bind the external ip to the hostname. To do this in unix systems use command hostname to get the name of the hostname. Then check the ip that is assigned to the hostname, to find out this use ping $(hostname) you will see that system is pinging the hosname's ip.
If your host ip was the default 127.0.0.1 and you wanted to change it, just edit the file /etc/hosts as superuser. After rebooting the rmi service, you can reach it from the remote machine.
Have a look at wso2carbon.log, you will find an entry like INFO {org.wso2.carbon.core.init.JMXServerManager} - JMX Service URL : service:jmx:rmi://localhost:11111/jndi/rmi://localhost:9999/jmxrmi {org.wso2.carbon.core.init.JMXServerManager}
Use given URL to connect to the carbon server from a remote JMX client (JVisualVM for example) and don't forget to define security credentials (default Username / Password is admin / admin)