Error while creating/starting database in a 3-node Vertica cluster - amazon-web-services

I am using Vertica community edition 7.2.3 and am setting up a 3-node cluster on AWS VPC.
My install_vertica script runs fine. While creating the database, the node from where i am issuing the command via adminTools comes up but rest of the two nodes stay down.
Node Status: v_mpp_test_node0001: (DOWN) v_mpp_test_node0002: (UP) v_mpp_test_node0003: (DOWN)
All the requisite ports as per 'my.vertica.com/docs/Ecosystem/Amazon/HP_Vertica_7.1.x_Vertica_AWS.pdf' are open.
There exists an password less ssh between the 3-servers.
following is the netstat output:
[root#ip-10-0-3-xxx ec2-user]# netstat -an | egrep 'tcp|udp'
tcp 0 0 10.0.2.185:4803 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5444 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:36582 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5433 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5434 0.0.0.0:* LISTEN
tcp 0 0 10.0.2.185:22 10.0.200.5:53124 ESTABLISHED
tcp 0 0 10.0.2.185:5434 10.0.2.185:36504 ESTABLISHED
tcp 0 0 10.0.2.185:36504 10.0.2.185:5434 ESTABLISHED
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:631 :::* LISTEN
tcp 0 0 :::5433 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:631 0.0.0.0:*
udp 0 0 10.0.2.185:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
udp 0 0 0.0.0.0:33666 0.0.0.0:*
udp 0 0 0.0.0.0:935 0.0.0.0:*
udp 0 0 10.0.2.185:5433 0.0.0.0:*
udp 0 0 10.0.2.185:4803 0.0.0.0:*
udp 0 0 10.0.2.185:4804 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:42327 0.0.0.0:*
udp 0 0 :::111 :::*
udp 0 0 fe80::8bf:7fff:fe9f:bd1b:123 :::*
udp 0 0 ::1:123 :::*
udp 0 0 :::123 :::*
udp 0 0 :::935 :::*
[root#ip-10-0-2-185 ec2-user]# nc -vz -u 10.0.2.186 4803
Connection to 10.0.2.186 4803 port [udp/notateit-disc] succeeded!
[root#ip-10-0-2-185 ec2-user]# nc -vz -u 10.0.2.184 4803
Connection to 10.0.2.184 4803 port [udp/notateit-disc] succeeded!
But i am getting following error while running vnetpref
[dbadmin#ip-10-0-2-184 ~]$/opt/vertica/bin/vnetperf
2016-08-02_13:10:28,619 ERROR: [Connector Thread 10.0.2.186 0x7fe59578e700] Couldn't connect to 10.0.2.186 (family 2, attempt 0): Connection timed out; errno=110 (Connection timed out)
2016-08-02_13:10:28,619 ERROR: [Connector Thread 10.0.2.185 0x7fe59618f700] Couldn't connect to 10.0.2.185 (family 2, attempt 0): Connection timed out; errno=110 (Connection timed out)
2016-08-02_13:11:32,619 ERROR: [Connector Thread 10.0.2.186 0x7fe59578e700] Couldn't connect to 10.0.2.186 (family 2, attempt 1): Connection timed out; errno=110 (Connection timed out)
2016-08-02_13:11:32,619 ERROR: [Connector Thread 10.0.2.185 0x7fe59618f700] Couldn't connect to 10.0.2.185 (family 2, attempt 1): Connection timed out; errno=110 (Connection timed out)
2016-08-02_13:12:36,619 ERROR: [Connector Thread 10.0.2.186 0x7fe59578e700] Couldn't connect to 10.0.2.186 (family 2, attempt 2): Connection timed out; errno=110 (Connection timed out)
2016-08-02_13:12:36,619 ERROR: [Connector Thread 10.0.2.185 0x7fe59618f700] Couldn't connect to 10.0.2.185 (family 2, attempt 2): Connection timed out; errno=110 (Connection timed out)
2016-08-02_13:12:37,619 ERROR: [Connector Thread 10.0.2.186 0x7fe59578e700] Could not find anything to connect to for 10.0.2.186; errno=110 (Connection timed out)
2016-08-02_13:12:37,619 ERROR: [Connector Thread 10.0.2.185 0x7fe59618f700] Could not find anything to connect to for 10.0.2.185; errno=110 (Connection timed out)
2016-08-02_13:12:37,619 ERROR: [main 0x7fe596b92720] Caught error: Unable to connect to host 10.0.2.185:14159
Unable to connect to host 10.0.2.186:14159; errno=0 (Success)
Do i also have to open port 14159 specifically? What could be the issue?
Please do let me know if any specific log is required.


Yes the service needs to have port 14159 open to the calling instance. Have you tried that?

Related

Kafka custom logging handler makes django app unlisten on port

I have a django app and I need to send my logs to the kafka server. So I implemented a custom handler as below:
import logging
from kafka import KafkaProducer
class KafkaHandler(logging.Handler):
def __init__(self, hosts=['DEFAULT_KAFKA_HOST:DEFAULT_KAFKA_PORT'], topic='DEFAULT_KAFKA_TOPIC'):
logging.Handler.__init__(self)
self.producer = KafkaProducer(
bootstrap_servers=hosts,
security_protocol='SASL_SSL',
sasl_mechanism='SCRAM-SHA-512',
sasl_plain_username='KAFKA_USER',
sasl_plain_password='KAFKA_PASSWORD',
value_serializer=lambda v: json.dumps(v).encode('utf-8'),
linger_ms=10)
self.topic = topic
The problem here is that when I run the django app via python manage.py runserver in my local app runs without any trouble but my localhost doesn't listen on the specific port.
output of netstat -tulpn:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::80 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
udp 0 0 127.0.0.53:53 0.0.0.0:* -
udp 0 0 0.0.0.0:631 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp 0 0 0.0.0.0:54922 0.0.0.0:* -
udp6 0 0 :::58148 :::* -
udp6 0 0 :::5353 :::* -
But after I comment out the producer initialization everything works as expected and django app starts to listen. netstat -tulpn:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 11477/python
tcp6 0 0 :::80 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
udp 0 0 127.0.0.53:53 0.0.0.0:* -
udp 0 0 0.0.0.0:631 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp 0 0 0.0.0.0:54922 0.0.0.0:* -
udp6 0 0 :::58148 :::* -
udp6 0 0 :::5353 :::* -

Try to use an alternative server. Django with Gunicorn solved the problem in my similar case.

NLB Target Group and Healthcheck Failing

I am wanting to create a vpc endpoint service in order to provide a way for our internal apps to bypass our SSO page when calling JIRA.
Following this documentation: https://docs.amazonaws.cn/en_us/vpc/latest/privatelink/endpoint-service-overview.html
I create:
NLB on Internal scheme (with Listener TLS on port 443)
Target Group (TLS port 443)
Health Check (TCP 443)
Endpoint Service
My api node is listening on following ports:
root#ip-10-xx-xx-xx bin]# netstat -ltpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2632/rpcbind
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 21588/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4070/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3180/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 21588/nginx: master
tcp6 0 0 :::40011 :::* LISTEN 21438/java
tcp6 0 0 :::111 :::* LISTEN 2632/rpcbind
tcp6 0 0 :::8080 :::* LISTEN 21438/java
tcp6 0 0 :::80 :::* LISTEN 21588/nginx: master
tcp6 0 0 :::22 :::* LISTEN 4070/sshd
tcp6 0 0 :::9080 :::* LISTEN 21438/java
tcp6 0 0 :::40001 :::* LISTEN 21438/java
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 21438/java
My Target Instance and Healthcheck are constantly failing.
I have rebuilt the NLB/Target groups many times, trying TLS and TCP listener - but nothing seems to work.
What am I missing?

AWS EC2 Instance not showing access to Port 8000

I have setup an AWS EC2 Instance (g4dn.2xlarge). I wanted to setup a flask app on the same and run it using gunicorn and nginx on port 8000. Following all steps listed on multiple sites I did the following:
Updated Inbound Rules on my security group to allow HTTP:
Screenshot of Inbound Rules
Checked Outbound Rules:
Screenshot of Outbound Rules
Connected to the VM using SSH and ran sudo netstat -tulpn | grep LISTEN.
The output was:
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
786/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1058/sshd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 592/rpcbind
tcp6 0 0 :::22 :::* LISTEN 1058/sshd
tcp6 0 0 :::111 :::* LISTEN 592/rpcbind
tcp6 0 0 127.0.0.1:9200 :::* LISTEN 966/java
tcp6 0 0 ::1:9200 :::* LISTEN 966/java
tcp6 0 0 127.0.0.1:9300 :::* LISTEN 966/java
tcp6 0 0 ::1:9300 :::* LISTEN 966/java
Why is the system not showing port 8000 as available. I even ran grep 8000 and it gave no results. What should I do?

You can change the flask app port in app.py file
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000)
configure your web server (ex: nginx or apache) to proxy queries to flask port.

Why my EC2 site can’t be reached from browser?

I launched EC2 instance,set security group
I can ssh into my instance,update and install Apache aserver. Anyway I can not access it from Chrome browser.
This site can’t be reached
Nor from firefox
Firefox can’t establish a connection to the server at 3.123.456.125.
netstat
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
tcp6 0 0 :::445 :::* LISTEN -
tcp6 0 0 :::139 :::* LISTEN -
udp 0 0 127.0.0.53:53 0.0.0.0:* -
udp 0 0 0.0.0.0:68 0.0.0.0:* -
udp 0 0 192.168.0.255:137 0.0.0.0:* -
udp 0 0 192.168.0.12:137 0.0.0.0:* -
udp 0 0 0.0.0.0:137 0.0.0.0:* -
udp 0 0 192.168.0.255:138 0.0.0.0:* -
udp 0 0 192.168.0.12:138 0.0.0.0:* -
udp 0 0 0.0.0.0:138 0.0.0.0:* -
udp 0 0 0.0.0.0:631 0.0.0.0:* -
udp 0 0 224.0.0.251:5353 0.0.0.0:* 3734/chrome --type=
udp 0 0 224.0.0.251:5353 0.0.0.0:* 3695/chrome
udp 0 0 224.0.0.251:5353 0.0.0.0:* 3734/chrome --type=
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp 0 0 0.0.0.0:38227 0.0.0.0:* -
udp6 0 0 :::60592 :::* -
udp6 0 0 :::5353 :::* -
On which port? On host or on EC2?
netstat -ant | awk '$6 == "LISTEN" && $4 ~ /\.80$/' | wc -l
0
No webserver on port 80.
Why?
I got this when I ssh to my EC2
__| __|_ )
_| ( / Amazon Linux 2 AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-2/
3 package(s) needed for security, out of 24 available
Run "sudo yum update" to apply all updates.
[ec2-user#ip-172-31-24-192 ~]$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:ae:75:dd:e9:d8 brd ff:ff:ff:ff:ff:ff
inet 172.31.24.192/20 brd 172.31.31.255 scope global dynamic eth0
valid_lft 3149sec preferred_lft 3149sec
inet6 fe80::ae:75ff:fedd:e9d8/64 scope link
valid_lft forever preferred_lft forever

The problem is that by opening port 80 in security groups does not create a process in my EC2 instance listening on that port. That's why Apache is required(to listen port 80).
First step
sudo su
Then
[ec2-user#ip-172-31-33-157 ~]$ yum update -y
[root#ip-172-31-33-157 ec2-user]# yum install -y httpd.x86_64
[root#ip-172-31-33-157 ec2-user]# service httpd start
Now we can check
[root#ip-172-31-33-157 ec2-user]# service httpd status
Redirecting to /bin/systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since суб 2020-01-18 12:57:23 UTC; 6s ago
Docs: man:httpd.service(8)
Main PID: 21386 (httpd)
Status: "Processing requests..."
CGroup: /system.slice/httpd.service
├─21386 /usr/sbin/httpd -DFOREGROUND
├─21387 /usr/sbin/httpd -DFOREGROUND
├─21388 /usr/sbin/httpd -DFOREGROUND
├─21389 /usr/sbin/httpd -DFOREGROUND
├─21390 /usr/sbin/httpd -DFOREGROUND
└─21391 /usr/sbin/httpd -DFOREGROUND
Works perfect.

Lighttpd - Cannot start, can't bind port, permission denied

I have installed Lighttpd in parallel with Apache (using port 80). But starting lighttpd gives me an error
Starting lighttpd: 2013-04-05 15:56:17: (network.c.379) can't bind to port: 81 Permission denied
Changes I made in lighttpd.conf:
server.port = 81
server.use-ipv6 = "disable"
What am I missing here? I am using CentOS 6.3
netstat -ltp result:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:smux *:* LISTEN 1947/snmpd
tcp 0 0 *:mysql *:* LISTEN 15673/mysqld
tcp 0 0 *:57071 *:* LISTEN 1683/rpc.statd
tcp 0 0 *:sunrpc *:* LISTEN 1665/rpcbind
tcp 0 0 *:ndmp *:* LISTEN 2473/perl
tcp 0 0 *:ssh *:* LISTEN 1959/sshd
tcp 0 0 localhost:ipp *:* LISTEN 1829/cupsd
tcp 0 0 localhost:smtp *:* LISTEN 2362/master
tcp 0 0 *:sunrpc *:* LISTEN 1665/rpcbind
tcp 0 0 *:http *:* LISTEN 15422/httpd
tcp 0 0 *:45684 *:* LISTEN 1683/rpc.statd
tcp 0 0 *:ssh *:* LISTEN 1959/sshd
tcp 0 0 localhost:ipp *:* LISTEN 1829/cupsd
tcp 0 0 localhost:smtp *:* LISTEN 2362/master
tcp 0 0 *:6556 *:* LISTEN 1967/xinetd

I have found this reference and solves my problem. The issue was due to SELinux blocking lighttpd in using port 81.
[updated link] https://www.visibilityspots.com/selinux.html