I'm experimenting with CF in my local bosh-lite setup.
The apps that I deploy into if work well. I am now trying to follow the steps here
https://github.com/cf-platform-eng/cf-community-workshop/blob/master/demos/service-broker-lab.adoc
to try out the custom service broker setup.
The https://github.com/mstine/haash-broker application starts and is running fine:
$ cf apps
name requested state instances memory disk urls
haash-broker started 1/1 768M 1G haash-broker.vbox.mojito, haash-broker.192.168.50.6.xip.io
I can access it from my host machine browser well:
http://haash-broker.192.168.50.6.xip.io/v2/catalog
But when I execute the
cf create-service-broker haash-broker warreng natedogg http://haash-broker.192.168.50.6.xip.io
I get
$ cf create-service-broker haash-broker warreng natedogg http://haash-broker.192.168.50.6.xip.io
Creating service broker haash-broker as admin...
FAILED
Server error, status code: 502, error code: 10001, message: The service broker could not be reached: http://haash-broker.192.168.50.6.xip.io/v2/catalog
When I log in into the CC VM:
$ bosh -e vbox -f cf ssh api/eb4cec99-bab1-4513-a980-fb92775ac2d8
I can ping the hostname:
api/eb4cec99-bab1-4513-a980-fb92775ac2d8:~$ sudo ping haash-broker.192.168.50.6.xip.io
PING haash-broker.192.168.50.6.xip.io (192.168.50.6) 56(84) bytes of data.
64 bytes from 192.168.50.6: icmp_seq=1 ttl=64 time=0.080 ms
But wget connection gets refused:
api/eb4cec99-bab1-4513-a980-fb92775ac2d8:~$ wget http://warreng:natedogg#haash-broker.192.168.50.6.xip.io/v2/catalog
--2018-04-06 04:19:05-- http://warreng:*password*#haash-broker.192.168.50.6.xip.io/v2/catalog
Resolving haash-broker.192.168.50.6.xip.io (haash-broker.192.168.50.6.xip.io)... 192.168.50.6
Connecting to haash-broker.192.168.50.6.xip.io (haash-broker.192.168.50.6.xip.io)|192.168.50.6|:80... failed: Connection refused.
The firewall permits everything on that VM (sudo iptables -L).
The hostname gets resolved properly. The ping works and the 80 port is open on the target IP, since I can reach it from my host browser.
How can that be that the wget doesn't work in such situation?
This also seems to be the reason for me failing to create a service broker cf create-service-broker
UPDATE
I've managed to to execute the cf create-service-broker command with URL of an nginx reverse proxy running outside of my bosh-lite environment. The proxy redirects to the same initial URL http://haash-broker.192.168.50.6.xip.io
and the command succeeds in this way.
But the subsequent
cf create-service-broker haash-broker warreng natedogg http://haash-broker.192.168.50.1.xip.io:9999
cf enable-service-access haash
cf create-service HaaSh basic my-hash
(where haash-broker.192.168.50.1.xip.io:9999 is my nginx proxy) fails with
Server error, status code: 502, error code: 10001, message: The service broker rejected the request to http://haash-broker.192.168.50.1.xip.io:9999/v2/service_instances/4ef19154-d238-4cb3-8003-803fba53af3f?accepts_incomplete=true. Status Code: 400 Bad Request, Body: {"timestamp":1523008856993,"error":"Bad Request","status":400,"message":""}
I can see in both nginx and broker app logs that the the request reaches the broker and it answers with 400.
Debugging now why.
Can you post the result of --server-response option used with wget? Also what happens when you try to curl the broker?
Broker requires credentials, but it is interesting if it responds with 401 or 500 on the first request that wget makes without credentials.
Related
When trying to connect to tensorboard logs on a remote server and entering the address http://localhost:16006/ in chrome and firefox I get this message in the command line "channel 3: open failed: connect failed: Connection refused" multiple times and this message on the browser, "The Connection was Reset".
I ssh into the server like this: ssh -L 16006:127.0.0.1:6006 username#machine and then go one level up the log folder and write: tensorboard --logdir logs --port 16006
I tired:
tensorboard --logdir logs --port 16006 --bind-all
and also
tensorboard --logdir logs --host localhost, also
tensorboard --logdir logs --host 127.0.0.1
None of the above has wroked. I tried running the line above from another environment which didn't help. I went to the office and tried connecting to the logs from the server machine directly and it worked.
It used to work before when accessing remotely. Do you know what the problem is? any hint would be immensely appreciated.
I am having the same problem, but I think you should designate --port 6006 since it looks like you are forwarding remote port 6006 to the local port 16006.
Even so, since 6006 is the default port, the other commands should have worked, but you would have to go to http://127.0.0.1:16006 on your local machine, rather than the link it provides.
Some more in depth explanations can be found here how to run tensorboard on a remote server and how to see tensorboard over ssh
Even following this advice though I am still getting a 'channel 3: open failed: connect failed: Connection failed' error
I'm trying to run a storybook server on AWS Cloud9 but the URL it gives doesn't load anything.
I'm starting the server with
start-storybook -h $HOST -p $PORT --ci
This runs through without error and gives me a "server started" message with a URL. But that URL doesn't connect to anything.
I do notice that the URL isn't secure, and I can imagine AWS having issue with that. There is an --https option on the start-storybook command, but it requires SSL information that I don't know how to source.
Anyone know how this I can get this working?
C9 only opens port 8080, 8081, 8082. So your server should be listening on one of three. Try:
start-storybook -p 8080 s public
I've been having issue reaching containers from within codebuild. I have an exposed GraphQL service with a downstream auth service and a postgresql database all started through Docker Compose. Running them and testing them works fine locally, however I cannot get the right comination of host names in codebuild.
It looks like my test is able to run if I hit the GraphQL endpoint at 0.0.0.0:8000 however once my GraphQL container attempts to reach the downstream service I will get a connection refused. I've tried reaching the auth service from inside the GraphQL service at auth:8001, 0.0.0.0:8001, with port 8001 exposed, and by setting up a briged network. I am always getting a connection refused error.
I've attached part of my codebuild logs.
Any ideas what I might be missing?
Container 2018/08/28 05:37:17 Running command docker ps CONTAINER ID
IMAGE COMMAND CREATED STATUS PORTS NAMES 6c4ab1fdc980
docker-compose_graphql "app" 1 second ago Up Less than a second
0.0.0.0:8000->8000/tcp docker-compose_graphql_1 5c665f5f812d docker-compose_auth "/bin/sh -c app" 2 seconds ago Up Less than a
second 0.0.0.0:8001->8001/tcp docker-compose_auth_1 b28148784c04
postgres:10.4 "docker-entrypoint..." 2 seconds ago Up 1 second
0.0.0.0:5432->5432/tcp docker-compose_psql_1
Container 2018/08/28 05:37:17 Running command go test ; cd ../..
Register panic: [{"message":"rpc error: code = Unavailable desc = all
SubConns are in TransientFailure, latest connection error: connection
error: desc = \"transport: Error while dialing dial tcp 0.0.0.0:8001:
connect: connection refused\"","path":
From the "host" machine my exposed GraphQL service could only be reached using the IP address 0.0.0.0. The internal networking was set up correctly and each service could be reached at <NAME>:<PORT> as expected, however, upon error the IP address would be shown (172.27.0.1) instead of the host name.
My problem was that all internal connections were not yet ready, leading to the "connection refused" error. The command sleep 5 after docker-compose up gave my services time to fully initialize before testing.
How to add self-signed certificate to Cloud Foundry (PCFDev), so I would be able to deploy with Docker Image from private Docker Registry?
For this example I'm using PCFDev:
user#work:(0):~/Documents/$ cf push app-ui -o nexus-dev/app/app-ui:latest
Creating app app-ui in org pcfdev-org / space pcfdev-space as user...
OK
Creating route app-ui.local.pcfdev.io...
OK
Binding app-ui.local.pcfdev.io to app-ui...
OK
Starting app app-ui in org pcfdev-org / space pcfdev-space as user...
Creating container
Successfully created container
Staging...
Staging process started ...
Failed to talk to docker registry: Get https://nexus-dev/v2/: x509: certificate signed by unknown authority
Failed getting docker image by tag: Error parsing HTTP response: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"whit
e\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.10.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n"
Staging process failed: Exit trace for group:
builder exited with error: failed to fetch metadata from [app/app-ui] with tag [latest] and insecure registries [] due to Error parsing HTTP response: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>
400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.10.0
(Ubuntu)</center>\r\n</body>\r\n</html>\r\n"
Exit status 2
Staging Failed: Exited with status 2
Destroying container
Successfully destroyed container
FAILED
Error restarting application: StagingError
TIP: use 'cf logs app-ui --recent' for more information
You can start pcfdev with -r option,
e.g.
cf dev start -r host.pcfdev.io:5000
from Insecure Docker Registries
I am experiencing issues with the latest bosh-lite virtual box machine. See here.
I have just downloaded the Vagrantfile and done a
vagrant up
Then a:
cf login -u admin -a 192.168.50.4 -p admin
But it give me a:
API endpoint: 192.168.50.4
FAILED
connection refused
Can anyone please help?
Get address of haproxy by logging to it (bosh ssh, then ifconfig). Use address of haproxy as api endpoint.